| |
| |||||||
Diskussionsforum: Virus in thunderbirdWindows 7 Hier sind ausschließlich fachspezifische Diskussionen erwünscht. Bitte keine Log-Files, Hilferufe oder ähnliches posten. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Bereinigungen von nicht ausgebildeten Usern sind hier untersagt. Wenn du dir einen Virus doer Trojaner eingefangen hast, eröffne ein Thema in den Bereinigungsforen oben. |
 |
17.10.2015, 09:01
| #31 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Virus in thunderbird Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.10.2015, 09:08
| #32 |
 | Virus in thunderbirdFRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015
durchgeführt von Joachim Steffen (Administrator) auf USER1 (17-10-2015 10:03:02)
Gestartet von C:\FRST
Geladene Profile: Joachim Steffen (Verfügbare Profile: Joachim Steffen)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Dropbox, Inc.) C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Google) C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2275944 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Run: [Dropbox Update] => C:\Users\Joachim Steffen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe - Verknüpfung (2).lnk [2015-03-29]
ShortcutTarget: thunderbird.exe - Verknüpfung (2).lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\Joachim Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-08-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{E369D2F9-3444-498F-A27F-61DFCFE7F069}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3882796918-1267182291-717328296-1000 -> {7AB7CA17-D346-4C84-B6C1-2169D411A053} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5852F5ED-8BF4-11D4-A245-0080C6F74284} hxxp://javadl-esd.sun.com/update/1.6.0/jinstall-6-windows-i586.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Joachim Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\buzbd0kw.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-23] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Joachim Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\buzbd0kw.default\Extensions\abs@avira.com [2014-08-15]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Joachim Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\buzbd0kw.default\Extensions\firefox-hotfix@mozilla.org.xpi [2015-01-04]
Chrome:
=======
CHR Profile: C:\Users\Joachim Steffen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browserschutz) - C:\Users\Joachim Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Joachim Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Joachim Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-15]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2014-12-17] (Advanced Micro Devices Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-08-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-24] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-17] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R2 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2015-10-04] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2013-06-18] () [Datei ist nicht signiert]
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
U3 a9zhuccg; C:\Windows\System32\Drivers\a9zhuccg.sys [0 ] (Advanced Micro Devices) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-17 06:33 - 2015-10-17 06:33 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-15 23:33 - 2015-10-15 23:33 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Local\GWX
2015-10-15 06:23 - 2015-10-15 06:23 - 00003432 _____ C:\Windows\System32\Tasks\Avira Browser Safety Updater Task
2015-10-15 03:10 - 2015-09-18 21:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 03:10 - 2015-09-18 21:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 03:10 - 2015-09-18 21:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 03:10 - 2015-09-18 21:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 03:10 - 2015-09-18 21:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 03:10 - 2015-09-18 21:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 03:10 - 2015-09-18 21:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 09:09 - 2015-10-14 09:11 - 00002918 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Joachim_Steffen
2015-10-14 09:08 - 2015-10-14 09:09 - 00000000 ____D C:\ProgramData\ProductData
2015-10-14 09:00 - 2015-10-14 09:00 - 00000000 ____D C:\KVRT_Data
2015-10-14 08:59 - 2015-10-14 08:59 - 00000000 ____D C:\Program Files\TAP-Windows
2015-10-14 07:56 - 2015-10-14 08:32 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-14 06:03 - 2015-09-18 21:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 06:03 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 06:03 - 2015-09-16 06:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 06:03 - 2015-09-16 06:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 06:03 - 2015-09-16 06:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 06:03 - 2015-09-16 06:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 06:03 - 2015-09-16 06:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 06:03 - 2015-09-16 06:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 06:03 - 2015-09-16 06:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 06:03 - 2015-09-16 06:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 06:03 - 2015-09-16 06:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 06:03 - 2015-09-16 06:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 06:03 - 2015-09-16 06:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 06:03 - 2015-09-16 06:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 06:03 - 2015-09-16 06:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 06:03 - 2015-09-16 06:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 06:03 - 2015-09-16 06:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 06:03 - 2015-09-16 06:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 06:03 - 2015-09-16 06:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 06:03 - 2015-09-16 06:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 06:03 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 06:03 - 2015-09-16 05:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 06:03 - 2015-09-16 05:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 06:03 - 2015-09-16 05:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 06:03 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 06:03 - 2015-09-16 05:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 06:03 - 2015-09-16 05:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 06:03 - 2015-09-16 05:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 06:03 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 06:03 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 06:03 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 06:03 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 06:03 - 2015-09-16 05:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 06:03 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 06:03 - 2015-09-16 05:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 06:03 - 2015-09-16 05:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 06:03 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 06:03 - 2015-09-16 05:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 06:03 - 2015-09-16 05:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 06:03 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 06:03 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 06:03 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 06:03 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 06:03 - 2015-09-16 05:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 06:03 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 06:03 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 06:03 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 06:03 - 2015-09-16 05:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 06:03 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 06:03 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 06:03 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 06:03 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 06:03 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 06:03 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 06:03 - 2015-09-16 04:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 06:03 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 06:03 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 06:03 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 06:03 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 06:03 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 06:03 - 2015-09-16 04:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 06:03 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 06:03 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 06:03 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 06:03 - 2015-08-06 20:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 06:03 - 2015-08-06 20:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 06:03 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 06:03 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 06:02 - 2015-10-01 20:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 06:02 - 2015-10-01 20:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 06:02 - 2015-10-01 20:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 06:02 - 2015-10-01 20:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 06:02 - 2015-10-01 20:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 06:02 - 2015-10-01 20:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 06:02 - 2015-10-01 20:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 06:02 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 06:02 - 2015-10-01 19:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 06:02 - 2015-09-29 05:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 06:02 - 2015-09-29 05:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 06:02 - 2015-09-29 05:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 06:02 - 2015-09-29 05:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 06:02 - 2015-09-29 05:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 06:02 - 2015-09-29 05:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 06:02 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 06:02 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 06:02 - 2015-09-29 05:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 06:02 - 2015-09-29 05:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 06:02 - 2015-09-29 05:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 06:02 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 06:02 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 06:02 - 2015-09-29 04:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 06:02 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 06:02 - 2015-09-29 04:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 06:02 - 2015-09-29 04:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 06:02 - 2015-09-29 04:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 06:02 - 2015-09-29 04:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 06:02 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 06:02 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 03:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 06:02 - 2015-09-29 03:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 06:02 - 2015-09-29 03:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 06:02 - 2015-09-29 03:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 06:02 - 2015-09-29 03:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 06:02 - 2015-09-29 03:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 03:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 03:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 03:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 06:02 - 2015-09-25 20:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 06:02 - 2015-09-25 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 06:02 - 2015-09-25 20:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 06:02 - 2015-09-25 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 06:02 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 06:02 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 06:02 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 06:02 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 06:02 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 06:02 - 2015-09-15 20:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 06:02 - 2015-09-15 20:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 06:02 - 2015-09-15 20:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 06:02 - 2015-09-15 20:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 06:02 - 2015-09-15 20:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 06:02 - 2015-09-15 20:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 06:02 - 2015-09-15 20:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 06:02 - 2015-09-15 20:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 06:02 - 2015-09-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 06:02 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 06:02 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 06:02 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 06:02 - 2015-09-15 19:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-14 05:52 - 2015-10-14 05:52 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Roaming\ProductData
2015-10-13 20:50 - 2015-10-13 20:50 - 00002575 _____ C:\Users\Joachim Steffen\Desktop\JRT.txt
2015-10-13 20:42 - 2015-10-13 20:43 - 01798976 _____ (Malwarebytes) C:\Users\Joachim Steffen\Desktop\JRT.exe
2015-10-13 20:23 - 2015-10-13 20:23 - 00001225 _____ C:\Users\Public\Desktop\mbam.txt
2015-10-13 18:48 - 2015-10-13 18:48 - 01682432 _____ C:\Users\Public\Desktop\AdwCleaner_5.013.exe
2015-10-13 18:47 - 2015-10-13 18:47 - 01682432 _____ C:\Users\Joachim Steffen\Downloads\AdwCleaner_5.013.exe
2015-10-13 16:16 - 2015-10-13 16:16 - 00035951 _____ C:\ComboFix.txt
2015-10-13 15:38 - 2015-10-13 16:17 - 00000000 ____D C:\Qoobox
2015-10-13 15:38 - 2015-10-13 16:12 - 00000000 ____D C:\Windows\erdnt
2015-10-13 15:38 - 2015-10-13 15:38 - 05636349 ____R (Swearware) C:\Users\Joachim Steffen\Desktop\ComboFix.exe
2015-10-13 15:38 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-13 15:38 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-13 15:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-13 15:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-13 15:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-13 15:38 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-13 15:38 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-13 15:38 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-13 15:15 - 2015-10-17 10:03 - 00000000 ____D C:\FRST
2015-10-13 14:19 - 2015-10-13 14:19 - 00001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-10-13 14:19 - 2015-10-13 14:19 - 00001209 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-10-05 10:57 - 2015-10-13 14:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-10-04 09:29 - 2015-10-04 09:44 - 00163644 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2015-09-24 04:51 - 2015-09-24 04:52 - 00000000 ____D C:\$Windows.~BT
2015-09-23 11:37 - 2015-08-07 10:28 - 00000436 _____ C:\Users\Joachim Steffen\Desktop\Forge of Empires.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-17 10:02 - 2009-07-14 06:45 - 00031872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-17 10:02 - 2009-07-14 06:45 - 00031872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-17 09:54 - 2015-06-18 04:43 - 00001264 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3882796918-1267182291-717328296-1000UA.job
2015-10-17 09:54 - 2013-06-17 15:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-17 09:21 - 2013-07-15 14:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-17 09:21 - 2013-07-15 14:24 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-17 07:54 - 2013-06-17 15:28 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 07:54 - 2013-06-17 15:28 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 07:54 - 2013-06-17 15:28 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 07:25 - 2013-06-16 18:24 - 01680959 _____ C:\Windows\WindowsUpdate.log
2015-10-17 06:46 - 2015-06-17 04:26 - 00033485 _____ C:\Windows\setupact.log
2015-10-17 06:46 - 2013-06-19 20:23 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Roaming\Dropbox
2015-10-17 06:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-17 06:44 - 2013-11-29 10:43 - 00000000 ____D C:\Users\Joachim Steffen\AppData\LocalLow\Adblock Plus for IE
2015-10-16 11:05 - 2013-06-17 05:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-15 16:23 - 2014-10-15 19:39 - 00002177 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-15 10:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-10-15 06:22 - 2013-06-16 18:51 - 00000000 ____D C:\Program Files (x86)\Avira
2015-10-15 03:12 - 2014-12-10 04:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 03:12 - 2014-05-06 21:48 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-14 09:55 - 2013-08-14 20:47 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 09:42 - 2013-06-21 11:16 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 09:42 - 2013-06-17 06:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 05:50 - 2015-06-19 22:54 - 00007264 _____ C:\Windows\PFRO.log
2015-10-14 05:50 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-13 20:41 - 2013-11-08 17:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-13 20:41 - 2013-06-16 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-13 20:32 - 2013-11-27 13:39 - 00000000 ____D C:\AdwCleaner
2015-10-13 20:20 - 2014-07-02 15:04 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-13 16:17 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-10-13 15:56 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-10-13 15:54 - 2013-07-24 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-13 09:45 - 2014-12-26 05:48 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-13 08:59 - 2014-10-24 07:22 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Roaming\Thunderbird
2015-10-13 08:59 - 2013-06-16 20:04 - 01648846 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-13 08:59 - 2011-04-12 09:43 - 00702964 _____ C:\Windows\system32\perfh007.dat
2015-10-13 08:59 - 2011-04-12 09:43 - 00150604 _____ C:\Windows\system32\perfc007.dat
2015-10-12 22:54 - 2015-06-18 04:43 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3882796918-1267182291-717328296-1000Core.job
2015-10-09 00:05 - 2015-04-04 21:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-09 00:05 - 2015-04-04 21:49 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-07 07:15 - 2013-07-15 14:23 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Local\Google
2015-10-04 09:43 - 2013-06-18 07:28 - 00000415 _____ C:\Users\Joachim Steffen\Documents\ax_files.xml
2015-09-24 15:49 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-24 08:48 - 2013-06-16 18:51 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-24 08:48 - 2013-06-16 18:51 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-09-24 04:51 - 2013-06-16 19:18 - 00000000 ____D C:\Windows\Panther
2015-09-23 11:25 - 2013-06-17 07:48 - 00002002 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2015-09-23 11:23 - 2014-08-25 07:32 - 00000000 ____D C:\Users\Joachim Steffen\Documents\SelfMV
2015-09-23 09:41 - 2013-11-29 10:43 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2015-09-23 09:16 - 2013-07-15 14:24 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-23 09:16 - 2013-07-15 14:24 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-06-18 07:22 - 2013-06-18 07:22 - 0007721 _____ () C:\Users\Joachim Steffen\AppData\Roaming\unins000.dat
2013-06-18 07:22 - 2013-06-18 07:22 - 0725514 _____ () C:\Users\Joachim Steffen\AppData\Roaming\unins000.exe
2014-09-25 16:56 - 2014-09-25 18:00 - 0033193 _____ () C:\Users\Joachim Steffen\AppData\Roaming\UserTile.png
2013-08-02 05:40 - 2013-08-02 05:40 - 0081582 _____ () C:\Users\Joachim Steffen\AppData\Roaming\zulagames.ico
Einige Dateien in TEMP:
====================
C:\Users\Joachim Steffen\AppData\Local\Temp\avgnt.exe
C:\Users\Joachim Steffen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbhhhbk.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-11 06:36
==================== Ende von FRST.txt ============================
|
|
17.10.2015, 13:24
| #33 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus in thunderbird Addition.txt fehlt
__________________
__________________ |
|
17.10.2015, 16:04
| #34 |
| | Virus in thunderbird FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015
durchgeführt von Joachim Steffen (Administrator) auf USER1 (17-10-2015 10:03:02)
Gestartet von C:\FRST
Geladene Profile: Joachim Steffen (Verfügbare Profile: Joachim Steffen)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Dropbox, Inc.) C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Google) C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2275944 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104 2015-07-27] (Samsung)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Run: [Dropbox Update] => C:\Users\Joachim Steffen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe - Verknüpfung (2).lnk [2015-03-29]
ShortcutTarget: thunderbird.exe - Verknüpfung (2).lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\Joachim Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-08-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{E369D2F9-3444-498F-A27F-61DFCFE7F069}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3882796918-1267182291-717328296-1000 -> {7AB7CA17-D346-4C84-B6C1-2169D411A053} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5852F5ED-8BF4-11D4-A245-0080C6F74284} hxxp://javadl-esd.sun.com/update/1.6.0/jinstall-6-windows-i586.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Joachim Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\buzbd0kw.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-23] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Joachim Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\buzbd0kw.default\Extensions\abs@avira.com [2014-08-15]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Joachim Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\buzbd0kw.default\Extensions\firefox-hotfix@mozilla.org.xpi [2015-01-04]
Chrome:
=======
CHR Profile: C:\Users\Joachim Steffen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browserschutz) - C:\Users\Joachim Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Joachim Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Joachim Steffen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-15]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2014-12-17] (Advanced Micro Devices Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-08-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-24] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-17] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R2 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2015-10-04] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2013-06-18] () [Datei ist nicht signiert]
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
U3 a9zhuccg; C:\Windows\System32\Drivers\a9zhuccg.sys [0 ] (Advanced Micro Devices) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-17 06:33 - 2015-10-17 06:33 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-15 23:33 - 2015-10-15 23:33 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Local\GWX
2015-10-15 06:23 - 2015-10-15 06:23 - 00003432 _____ C:\Windows\System32\Tasks\Avira Browser Safety Updater Task
2015-10-15 03:10 - 2015-09-18 21:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 03:10 - 2015-09-18 21:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 03:10 - 2015-09-18 21:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 03:10 - 2015-09-18 21:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 03:10 - 2015-09-18 21:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 03:10 - 2015-09-18 21:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 03:10 - 2015-09-18 21:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 09:09 - 2015-10-14 09:11 - 00002918 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Joachim_Steffen
2015-10-14 09:08 - 2015-10-14 09:09 - 00000000 ____D C:\ProgramData\ProductData
2015-10-14 09:00 - 2015-10-14 09:00 - 00000000 ____D C:\KVRT_Data
2015-10-14 08:59 - 2015-10-14 08:59 - 00000000 ____D C:\Program Files\TAP-Windows
2015-10-14 07:56 - 2015-10-14 08:32 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-14 06:03 - 2015-09-18 21:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 06:03 - 2015-09-18 20:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 06:03 - 2015-09-16 06:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 06:03 - 2015-09-16 06:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 06:03 - 2015-09-16 06:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 06:03 - 2015-09-16 06:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 06:03 - 2015-09-16 06:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 06:03 - 2015-09-16 06:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 06:03 - 2015-09-16 06:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 06:03 - 2015-09-16 06:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 06:03 - 2015-09-16 06:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 06:03 - 2015-09-16 06:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 06:03 - 2015-09-16 06:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 06:03 - 2015-09-16 06:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 06:03 - 2015-09-16 06:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 06:03 - 2015-09-16 06:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 06:03 - 2015-09-16 06:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 06:03 - 2015-09-16 06:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 06:03 - 2015-09-16 06:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 06:03 - 2015-09-16 06:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 06:03 - 2015-09-16 05:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 06:03 - 2015-09-16 05:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 06:03 - 2015-09-16 05:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 06:03 - 2015-09-16 05:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 06:03 - 2015-09-16 05:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 06:03 - 2015-09-16 05:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 06:03 - 2015-09-16 05:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 06:03 - 2015-09-16 05:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 06:03 - 2015-09-16 05:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 06:03 - 2015-09-16 05:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 06:03 - 2015-09-16 05:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 06:03 - 2015-09-16 05:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 06:03 - 2015-09-16 05:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 06:03 - 2015-09-16 05:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 06:03 - 2015-09-16 05:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 06:03 - 2015-09-16 05:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 06:03 - 2015-09-16 05:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 06:03 - 2015-09-16 05:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 06:03 - 2015-09-16 05:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 06:03 - 2015-09-16 05:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 06:03 - 2015-09-16 05:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 06:03 - 2015-09-16 05:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 06:03 - 2015-09-16 05:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 06:03 - 2015-09-16 05:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 06:03 - 2015-09-16 05:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 06:03 - 2015-09-16 05:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 06:03 - 2015-09-16 05:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 06:03 - 2015-09-16 05:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 06:03 - 2015-09-16 05:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 06:03 - 2015-09-16 05:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 06:03 - 2015-09-16 05:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 06:03 - 2015-09-16 05:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 06:03 - 2015-09-16 05:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 06:03 - 2015-09-16 05:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 06:03 - 2015-09-16 04:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 06:03 - 2015-09-16 04:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 06:03 - 2015-09-16 04:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 06:03 - 2015-09-16 04:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 06:03 - 2015-09-16 04:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 06:03 - 2015-09-16 04:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 06:03 - 2015-09-16 04:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 06:03 - 2015-09-16 04:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 06:03 - 2015-09-16 04:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 06:03 - 2015-09-16 04:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 06:03 - 2015-08-06 20:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 06:03 - 2015-08-06 20:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 06:03 - 2015-08-06 19:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 06:03 - 2015-08-06 19:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 06:02 - 2015-10-01 20:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 06:02 - 2015-10-01 20:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 06:02 - 2015-10-01 20:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 06:02 - 2015-10-01 20:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 06:02 - 2015-10-01 20:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 06:02 - 2015-10-01 20:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 06:02 - 2015-10-01 20:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 06:02 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 06:02 - 2015-10-01 19:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 06:02 - 2015-09-29 05:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 06:02 - 2015-09-29 05:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 06:02 - 2015-09-29 05:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 06:02 - 2015-09-29 05:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 06:02 - 2015-09-29 05:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 06:02 - 2015-09-29 05:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 06:02 - 2015-09-29 05:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 06:02 - 2015-09-29 05:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 06:02 - 2015-09-29 05:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 06:02 - 2015-09-29 05:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 06:02 - 2015-09-29 05:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 06:02 - 2015-09-29 05:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 06:02 - 2015-09-29 05:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 05:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 06:02 - 2015-09-29 04:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 06:02 - 2015-09-29 04:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 06:02 - 2015-09-29 04:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 06:02 - 2015-09-29 04:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 06:02 - 2015-09-29 04:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 06:02 - 2015-09-29 04:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 06:02 - 2015-09-29 04:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 06:02 - 2015-09-29 04:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 06:02 - 2015-09-29 04:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 06:02 - 2015-09-29 04:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 06:02 - 2015-09-29 04:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 04:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 03:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 06:02 - 2015-09-29 03:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 06:02 - 2015-09-29 03:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 06:02 - 2015-09-29 03:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 06:02 - 2015-09-29 03:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 06:02 - 2015-09-29 03:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 03:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 03:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 06:02 - 2015-09-29 03:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 06:02 - 2015-09-25 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 06:02 - 2015-09-25 20:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 06:02 - 2015-09-25 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 06:02 - 2015-09-25 20:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 06:02 - 2015-09-25 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 06:02 - 2015-09-25 19:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 06:02 - 2015-09-25 19:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 06:02 - 2015-09-25 19:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 06:02 - 2015-09-25 19:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 06:02 - 2015-09-25 19:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 06:02 - 2015-09-15 20:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 06:02 - 2015-09-15 20:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 06:02 - 2015-09-15 20:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 06:02 - 2015-09-15 20:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 06:02 - 2015-09-15 20:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 06:02 - 2015-09-15 20:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 06:02 - 2015-09-15 20:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 06:02 - 2015-09-15 20:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 06:02 - 2015-09-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 06:02 - 2015-09-15 19:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 06:02 - 2015-09-15 19:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 06:02 - 2015-09-15 19:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 06:02 - 2015-09-15 19:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 06:02 - 2015-07-18 15:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-14 05:52 - 2015-10-14 05:52 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Roaming\ProductData
2015-10-13 20:50 - 2015-10-13 20:50 - 00002575 _____ C:\Users\Joachim Steffen\Desktop\JRT.txt
2015-10-13 20:42 - 2015-10-13 20:43 - 01798976 _____ (Malwarebytes) C:\Users\Joachim Steffen\Desktop\JRT.exe
2015-10-13 20:23 - 2015-10-13 20:23 - 00001225 _____ C:\Users\Public\Desktop\mbam.txt
2015-10-13 18:48 - 2015-10-13 18:48 - 01682432 _____ C:\Users\Public\Desktop\AdwCleaner_5.013.exe
2015-10-13 18:47 - 2015-10-13 18:47 - 01682432 _____ C:\Users\Joachim Steffen\Downloads\AdwCleaner_5.013.exe
2015-10-13 16:16 - 2015-10-13 16:16 - 00035951 _____ C:\ComboFix.txt
2015-10-13 15:38 - 2015-10-13 16:17 - 00000000 ____D C:\Qoobox
2015-10-13 15:38 - 2015-10-13 16:12 - 00000000 ____D C:\Windows\erdnt
2015-10-13 15:38 - 2015-10-13 15:38 - 05636349 ____R (Swearware) C:\Users\Joachim Steffen\Desktop\ComboFix.exe
2015-10-13 15:38 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-13 15:38 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-13 15:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-13 15:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-13 15:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-13 15:38 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-13 15:38 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-13 15:38 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-13 15:15 - 2015-10-17 10:03 - 00000000 ____D C:\FRST
2015-10-13 14:19 - 2015-10-13 14:19 - 00001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-10-13 14:19 - 2015-10-13 14:19 - 00001209 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-10-05 10:57 - 2015-10-13 14:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-10-04 09:29 - 2015-10-04 09:44 - 00163644 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2015-09-24 04:51 - 2015-09-24 04:52 - 00000000 ____D C:\$Windows.~BT
2015-09-23 11:37 - 2015-08-07 10:28 - 00000436 _____ C:\Users\Joachim Steffen\Desktop\Forge of Empires.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-17 10:02 - 2009-07-14 06:45 - 00031872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-17 10:02 - 2009-07-14 06:45 - 00031872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-17 09:54 - 2015-06-18 04:43 - 00001264 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3882796918-1267182291-717328296-1000UA.job
2015-10-17 09:54 - 2013-06-17 15:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-17 09:21 - 2013-07-15 14:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-17 09:21 - 2013-07-15 14:24 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-17 07:54 - 2013-06-17 15:28 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 07:54 - 2013-06-17 15:28 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 07:54 - 2013-06-17 15:28 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 07:25 - 2013-06-16 18:24 - 01680959 _____ C:\Windows\WindowsUpdate.log
2015-10-17 06:46 - 2015-06-17 04:26 - 00033485 _____ C:\Windows\setupact.log
2015-10-17 06:46 - 2013-06-19 20:23 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Roaming\Dropbox
2015-10-17 06:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-17 06:44 - 2013-11-29 10:43 - 00000000 ____D C:\Users\Joachim Steffen\AppData\LocalLow\Adblock Plus for IE
2015-10-16 11:05 - 2013-06-17 05:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-15 16:23 - 2014-10-15 19:39 - 00002177 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-15 10:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-10-15 06:22 - 2013-06-16 18:51 - 00000000 ____D C:\Program Files (x86)\Avira
2015-10-15 03:12 - 2014-12-10 04:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 03:12 - 2014-05-06 21:48 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-14 09:55 - 2013-08-14 20:47 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 09:42 - 2013-06-21 11:16 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 09:42 - 2013-06-17 06:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 05:50 - 2015-06-19 22:54 - 00007264 _____ C:\Windows\PFRO.log
2015-10-14 05:50 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-13 20:41 - 2013-11-08 17:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-13 20:41 - 2013-06-16 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-13 20:32 - 2013-11-27 13:39 - 00000000 ____D C:\AdwCleaner
2015-10-13 20:20 - 2014-07-02 15:04 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-13 16:17 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-10-13 15:56 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-10-13 15:54 - 2013-07-24 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-13 09:45 - 2014-12-26 05:48 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-13 08:59 - 2014-10-24 07:22 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Roaming\Thunderbird
2015-10-13 08:59 - 2013-06-16 20:04 - 01648846 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-13 08:59 - 2011-04-12 09:43 - 00702964 _____ C:\Windows\system32\perfh007.dat
2015-10-13 08:59 - 2011-04-12 09:43 - 00150604 _____ C:\Windows\system32\perfc007.dat
2015-10-12 22:54 - 2015-06-18 04:43 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3882796918-1267182291-717328296-1000Core.job
2015-10-09 00:05 - 2015-04-04 21:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-09 00:05 - 2015-04-04 21:49 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-07 07:15 - 2013-07-15 14:23 - 00000000 ____D C:\Users\Joachim Steffen\AppData\Local\Google
2015-10-04 09:43 - 2013-06-18 07:28 - 00000415 _____ C:\Users\Joachim Steffen\Documents\ax_files.xml
2015-09-24 15:49 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-24 08:48 - 2013-06-16 18:51 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-24 08:48 - 2013-06-16 18:51 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-09-24 04:51 - 2013-06-16 19:18 - 00000000 ____D C:\Windows\Panther
2015-09-23 11:25 - 2013-06-17 07:48 - 00002002 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2015-09-23 11:23 - 2014-08-25 07:32 - 00000000 ____D C:\Users\Joachim Steffen\Documents\SelfMV
2015-09-23 09:41 - 2013-11-29 10:43 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2015-09-23 09:16 - 2013-07-15 14:24 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-23 09:16 - 2013-07-15 14:24 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-06-18 07:22 - 2013-06-18 07:22 - 0007721 _____ () C:\Users\Joachim Steffen\AppData\Roaming\unins000.dat
2013-06-18 07:22 - 2013-06-18 07:22 - 0725514 _____ () C:\Users\Joachim Steffen\AppData\Roaming\unins000.exe
2014-09-25 16:56 - 2014-09-25 18:00 - 0033193 _____ () C:\Users\Joachim Steffen\AppData\Roaming\UserTile.png
2013-08-02 05:40 - 2013-08-02 05:40 - 0081582 _____ () C:\Users\Joachim Steffen\AppData\Roaming\zulagames.ico
Einige Dateien in TEMP:
====================
C:\Users\Joachim Steffen\AppData\Local\Temp\avgnt.exe
C:\Users\Joachim Steffen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbhhhbk.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-11 06:36
==================== Ende von FRST.txt ============================
FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-10-2015
durchgeführt von Joachim Steffen (2015-10-17 10:05:40)
Gestartet von C:\FRST
Windows 7 Professional Service Pack 1 (X64) (2013-06-16 16:24:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3882796918-1267182291-717328296-500 - Administrator - Disabled)
Gast (S-1-5-21-3882796918-1267182291-717328296-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3882796918-1267182291-717328296-1003 - Limited - Enabled)
Joachim Steffen (S-1-5-21-3882796918-1267182291-717328296-1000 - Administrator - Enabled) => C:\Users\Joachim Steffen
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{588B7DD2-3480-4A89-A8F6-C6781CBFAD56}) (Version: 1.5 - Eyeo GmbH)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 9 v.9.4.3 (HKLM-x32\...\Ashampoo Photo Commander 9_is1) (Version: 9.4.3 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 1.0.3 (HKLM-x32\...\Ashampoo Slideshow Studio HD_is1) (Version: 1.0.3 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2010 Advanced (HKLM-x32\...\Ashampoo WinOptimizer 2010 Advanced_is1) (Version: 6.5.0 - Ashampoo GmbH & Co. KG)
Audio 180% (HKLM-x32\...\{0CC1B2D9-B316-4AE3-902D-EA9A15E0DCF4}_is1) (Version: Audio 180% - FRANZIS GmbH)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
BVSSolitaire (HKLM-x32\...\BVSSolitaire) (Version: - )
Chilirec 1.03 (HKLM-x32\...\Chilirec_0) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DIE SIEDLER - Das Erbe der Könige (Alle Produkte) (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Dropbox (HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Elevated Installer (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.2.17437 - Landesfinanzdirektion Thüringen)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - Free PDF to Word Doc Converter - easy and powerful pdf converter software.)
Free YouTube to MP3 Converter version 3.12.44.820 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.820 - DVDVideoSoft Ltd.)
Garmin Express Tray (x32 Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HKGELD-2000 Version 1.14 (HKLM-x32\...\HKGELD-2000_is1) (Version: - Holger Krinke Softwareentwicklung)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.3.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Schoener Fernsehen 0.0.0.2c (HKLM-x32\...\Schoener Fernsehen) (Version: 0.0.0.2c - © schoener-fernsehen.com)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skat-Online V9 (HKU\S-1-5-21-3882796918-1267182291-717328296-1000\...\Skat-Online V9) (Version: - Skat.com, c/o Markus Riehl)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SPAMfighter (HKLM-x32\...\SPAMfighter) (Version: 7.6.123 - Spamfighter ApS)
SPAMfighter (x32 Version: 7.6.123 - Spamfighter ApS) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
T-Online 6.0 (HKLM-x32\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3882796918-1267182291-717328296-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
11-10-2015 19:00:26 Windows-Sicherung
13-10-2015 08:57:11 Installed SPAMfighter.
13-10-2015 14:11:30 Mozilla Thunderbird 38.3.0 (x86 de) restore point
13-10-2015 20:43:35 JRT Pre-Junkware Removal
14-10-2015 06:01:09 Windows Update
14-10-2015 09:36:49 Windows Update
15-10-2015 03:12:14 Windows Update
15-10-2015 06:22:30 Installed Avira Browser Safety
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-10-13 15:53 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0A3B976C-0176-4594-8013-CF002AED0207} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2015-09-18] (Microsoft Corporation)
Task: {1B94042E-37E3-4C94-956A-0DC2E37DEBD9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {273BFE39-8B75-4978-BAB8-508F453CE51E} - System32\Tasks\{E0B85B23-585B-4835-8C57-C544A03B97E4} => pcalua.exe -a "D:\Office2007-DE mit OPA-backup\office2007dt\SETUP.EXE" -d "D:\Office2007-DE mit OPA-backup\office2007dt"
Task: {27491C3C-9770-4DFF-97D8-56DE93D6BFD3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3882796918-1267182291-717328296-1000Core => C:\Users\Joachim Steffen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {35564E7A-A832-426E-900B-16C4D7B65282} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {37AEA474-F81B-4C80-A592-6079B4FFC3FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {439CE9AE-1E42-4F8D-9375-9C7C06DAC052} - System32\Tasks\{74E75D27-15AA-4301-8870-A5BA3C020E3E} => pcalua.exe -a "C:\Users\Joachim Steffen\Downloads\e_mail_software_setup.exe" -d "C:\Users\Joachim Steffen\Desktop"
Task: {6D7609EE-A6F1-4520-B174-F6E6B70439F8} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {8442988A-178D-4659-9C91-20A2B5E4D31F} - System32\Tasks\Uninstaller_SkipUac_Joachim_Steffen => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {A2A348BF-87C6-4370-8DB5-23FFC7F0E215} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-01-28] ()
Task: {B7EC633A-16F6-423F-93CE-E400B84CB3E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B8DC3F9A-EF35-47DA-B68E-5724CABDCFB0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3882796918-1267182291-717328296-1000UA => C:\Users\Joachim Steffen\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {C08C1856-C0B7-4693-A83A-E2915894A60A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3882796918-1267182291-717328296-1000Core.job => C:\Users\Joachim Steffen\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3882796918-1267182291-717328296-1000UA.job => C:\Users\Joachim Steffen\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-06-16 20:00 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-27 13:31 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-17 06:46 - 2015-10-17 06:46 - 00071168 _____ () c:\Users\Joachim Steffen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbhhhbk.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00012800 _____ () C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00779776 _____ () C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-03 17:54 - 2015-09-24 01:07 - 00056320 _____ () C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-09-24 01:07 - 00012288 _____ () C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-05-20 22:53 - 2015-05-20 22:53 - 01777664 _____ () C:\Program Files (x86)\Google\Google Earth\client\QtCore4.dll
2015-05-20 23:00 - 2015-05-20 23:00 - 01224704 _____ () C:\Program Files (x86)\Google\Google Earth\client\IGCore.dll
2015-05-20 23:00 - 2015-05-20 23:00 - 00290816 _____ () C:\Program Files (x86)\Google\Google Earth\client\IGUtils.DLL
2015-05-20 23:00 - 2015-05-20 23:00 - 00631808 _____ () C:\Program Files (x86)\Google\Google Earth\client\IGMath.dll
2015-05-20 23:01 - 2015-05-20 23:01 - 01393664 _____ () C:\Program Files (x86)\Google\Google Earth\client\alchemy\ogles20\IGSg.dll
2015-05-20 23:01 - 2015-05-20 23:01 - 00751104 _____ () C:\Program Files (x86)\Google\Google Earth\client\alchemy\ogles20\IGAttrs.dll
2015-05-20 23:01 - 2015-05-20 23:01 - 03105280 _____ () C:\Program Files (x86)\Google\Google Earth\client\alchemy\ogles20\IGGfx.dll
2015-05-20 23:01 - 2015-05-20 23:01 - 00059392 _____ () C:\Program Files (x86)\Google\Google Earth\client\alchemy\ogles20\libEGL.dll
2015-05-20 23:01 - 2015-05-20 23:01 - 00519168 _____ () C:\Program Files (x86)\Google\Google Earth\client\alchemy\ogles20\libGLESv2.dll
2015-05-21 00:11 - 2015-05-21 00:11 - 17660744 _____ () C:\Program Files (x86)\Google\Google Earth\client\googleearth_free.dll
2015-05-20 23:00 - 2015-05-20 23:00 - 00726016 _____ () C:\Program Files (x86)\Google\Google Earth\client\IGExportCommon.dll
2015-05-20 23:00 - 2015-05-20 23:00 - 01050624 _____ () C:\Program Files (x86)\Google\Google Earth\client\IGOpt.dll
2015-05-20 23:07 - 2015-05-20 23:07 - 00015872 _____ () C:\Program Files (x86)\Google\Google Earth\client\alchemyext.dll
2015-05-20 22:53 - 2015-05-20 22:53 - 07877632 _____ () C:\Program Files (x86)\Google\Google Earth\client\QtWebKit4.dll
2015-05-20 22:53 - 2015-05-20 22:53 - 06174208 _____ () C:\Program Files (x86)\Google\Google Earth\client\QtGui4.dll
2015-05-20 22:53 - 2015-05-20 22:53 - 00518656 _____ () C:\Program Files (x86)\Google\Google Earth\client\QtNetwork4.dll
2015-05-21 00:11 - 2015-05-21 00:11 - 00093000 _____ () C:\Program Files (x86)\Google\Google Earth\client\ge_expat.dll
2015-05-20 22:53 - 2015-05-20 22:53 - 00018944 _____ () C:\Program Files (x86)\Google\Google Earth\client\imageformats\qgif4.dll
2015-05-20 22:53 - 2015-05-20 22:53 - 00158208 _____ () C:\Program Files (x86)\Google\Google Earth\client\imageformats\qjpeg4.dll
2015-05-20 23:00 - 2015-05-20 23:00 - 00145408 _____ () C:\Program Files (x86)\Google\Google Earth\client\alchemy\optimizations\IGOptExtension.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3882796918-1267182291-717328296-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Joachim Steffen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F90A606D-9723-4778-8D86-344FB1764A33}] => (Allow) C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{966E700A-C02F-41D3-9383-0535483562ED}] => (Allow) C:\Users\Joachim Steffen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{63515A53-5FEA-4095-9DB0-5CAF51688659}C:\program files (x86)\ubisoft\blue byte\die siedler - das erbe der könige\extra2\bin\settlershok.exe] => (Allow) C:\program files (x86)\ubisoft\blue byte\die siedler - das erbe der könige\extra2\bin\settlershok.exe
FirewallRules: [UDP Query User{FA56462A-A7E5-4E76-BFE4-BB821A7C0AFB}C:\program files (x86)\ubisoft\blue byte\die siedler - das erbe der könige\extra2\bin\settlershok.exe] => (Allow) C:\program files (x86)\ubisoft\blue byte\die siedler - das erbe der könige\extra2\bin\settlershok.exe
FirewallRules: [{7BF4B63C-D940-491A-B2ED-33F0D9C0120E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{BAA48D71-C44F-4680-A351-CA14A65291CB}C:\program files (x86)\chilirec\chilirec.exe] => (Allow) C:\program files (x86)\chilirec\chilirec.exe
FirewallRules: [UDP Query User{4419BF5E-F071-4F98-906A-F1192EBDAE7E}C:\program files (x86)\chilirec\chilirec.exe] => (Allow) C:\program files (x86)\chilirec\chilirec.exe
FirewallRules: [{2C8D6B61-C1DA-4A85-B081-528EFD049025}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{6B7D23A0-9782-41A2-BFA0-62F5BA1FDC4F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DE572673-606F-474A-A593-0BAF836A646D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{347D34AE-62C3-497A-8CCB-7C2B1F7D4F05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{95B6731E-A12C-41F8-AD1F-16B8CE979E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D49F70FE-C72E-479B-9391-95755943E7CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BE48C620-814F-4C28-802C-D805AFEEEFAD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{C7D1E91C-4C0A-4587-A5C1-BAF06205904F}C:\users\joachim steffen\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\joachim steffen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{FEC444F6-0101-423E-A2F8-7BCA39D2856E}C:\users\joachim steffen\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\joachim steffen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{5BC66628-03C0-4E7B-9BDB-3416899CDB77}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{8E2C02AA-DFFF-4340-8956-E2157210ED95}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{5B15576A-FC55-474C-9776-A6C04AC0CDBB}] => (Allow) C:\Program Files (x86)\Advanced Driver Updater\adu.exe
FirewallRules: [{C6BCE203-68D3-4FBF-8B84-6C30CFBF9344}] => (Allow) LPort=12005
FirewallRules: [{1D836771-18B0-42F8-9BF9-83E5646D30E9}] => (Allow) LPort=12006
FirewallRules: [{DDF4F4A9-2F7B-4CB6-90A8-BA8CB20CD64F}] => (Allow) LPort=12007
FirewallRules: [{FAB69849-E9D9-4871-A325-B254032F8A90}] => (Allow) LPort=12008
FirewallRules: [TCP Query User{6A68AA87-A6ED-4270-B8B0-26BAF08901C9}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{36E4BDDB-DA1C-4166-81DD-4009DF26A2D7}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [{1BA9D082-A472-41B8-B7E5-CAFE2F7D1140}] => (Allow) C:\Users\Joachim Steffen\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{EE0901EF-1ACD-4C83-95B8-66C78F2D142A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{178AB134-BC3F-4C0E-9D3E-577F951CA6F9}] => (Allow) LPort=2869
FirewallRules: [{FBD02436-ECCF-48B5-A7EA-94CF063C099F}] => (Allow) LPort=1900
FirewallRules: [{1156516A-70F1-450D-803C-CADC836356D6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4F635FA3-77B9-4997-871D-741F024F765D}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{43FB3232-56E7-4348-B166-46811937C87C}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{2CBFCB5A-59FB-4D1B-AE5D-6023A1C805F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/17/2015 06:46:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/17/2015 06:38:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/17/2015 06:32:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/16/2015 11:14:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/16/2015 11:05:24 AM) (Source: MsiInstaller) (EventID: 1024) (User: User1)
Description: Produkt: Adobe Reader XI (11.0.12) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011013}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (10/16/2015 07:22:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/15/2015 11:33:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/15/2015 06:23:30 AM) (Source: MsiInstaller) (EventID: 10005) (User: User1)
Description: Product: Avira Browser Safety -- Browser version incompatibility
Error: (10/15/2015 05:58:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/15/2015 03:05:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (10/17/2015 08:17:39 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.
Error: (10/17/2015 08:13:22 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.
Error: (10/17/2015 07:00:33 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (10/17/2015 06:47:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%2
Error: (10/17/2015 06:46:20 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (10/17/2015 06:39:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%2
Error: (10/17/2015 06:38:10 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (10/17/2015 06:32:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%2
Error: (10/17/2015 06:31:57 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (10/16/2015 11:14:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%2
CodeIntegrity:
===================================
Date: 2015-10-13 15:47:35.027
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-13 15:47:34.965
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-8120 Eight-Core Processor
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 16381.21 MB
Verfügbarer physikalischer RAM: 12277.1 MB
Summe virtueller Speicher: 16379.42 MB
Verfügbarer virtueller Speicher: 11873.19 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:43.42 GB) NTFS
Drive e: () (Fixed) (Total:232.88 GB) (Free:38.02 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive g: (Lokaler Datenträger(G) Chef) (Fixed) (Total:297.99 GB) (Free:220.34 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 88DA747B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 97CB5369)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 232.9 GB) (Disk ID: F0B3F0B3)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
17.10.2015, 17:25
| #35 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus in thunderbird Ein Eintrag gefällt mir noch nicht so wirklich. Ich will nur sichergehen, bitte daher noch ein Log mit TDSS-Killer: Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.10.2015, 06:57
| #36 |
| | Virus in thunderbird 21:52:47.0895 0x18dc TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57 21:52:53.0504 0x18dc ============================================================ 21:52:53.0504 0x18dc Current date / time: 2015/10/17 21:52:53.0504 21:52:53.0504 0x18dc SystemInfo: 21:52:53.0504 0x18dc 21:52:53.0504 0x18dc OS Version: 6.1.7601 ServicePack: 1.0 21:52:53.0504 0x18dc Product type: Workstation 21:52:53.0505 0x18dc ComputerName: USER1 21:52:53.0505 0x18dc UserName: Joachim Steffen 21:52:53.0505 0x18dc Windows directory: C:\Windows 21:52:53.0505 0x18dc System windows directory: C:\Windows 21:52:53.0505 0x18dc Running under WOW64 21:52:53.0505 0x18dc Processor architecture: Intel x64 21:52:53.0505 0x18dc Number of processors: 8 21:52:53.0505 0x18dc Page size: 0x1000 21:52:53.0505 0x18dc Boot type: Normal boot 21:52:53.0505 0x18dc ============================================================ 21:52:54.0086 0x18dc KLMD registered as C:\Windows\system32\drivers\76850728.sys 21:52:54.0314 0x18dc System UUID: {AE7A07DD-9E50-DA23-3E3A-2C024BC19D4C} 21:52:54.0659 0x18dc Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:52:58.0743 0x18dc Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:53:03.0560 0x18dc Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040 21:53:03.0578 0x18dc ============================================================ 21:53:03.0578 0x18dc \Device\Harddisk1\DR1: 21:53:03.0580 0x18dc MBR partitions: 21:53:03.0580 0x18dc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 21:53:03.0580 0x18dc \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800 21:53:03.0581 0x18dc \Device\Harddisk2\DR2: 21:53:03.0581 0x18dc MBR partitions: 21:53:03.0581 0x18dc \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681 21:53:03.0581 0x18dc \Device\Harddisk0\DR0: 21:53:03.0581 0x18dc MBR partitions: 21:53:03.0582 0x18dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 21:53:03.0582 0x18dc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800 21:53:03.0582 0x18dc ============================================================ 21:53:03.0603 0x18dc C: <-> \Device\Harddisk1\DR1\Partition2 21:53:03.0613 0x18dc E: <-> \Device\Harddisk2\DR2\Partition1 21:53:03.0643 0x18dc F: <-> \Device\Harddisk0\DR0\Partition1 21:53:03.0686 0x18dc G: <-> \Device\Harddisk0\DR0\Partition2 21:53:03.0686 0x18dc ============================================================ 21:53:03.0686 0x18dc Initialize success 21:53:03.0686 0x18dc ============================================================ 21:53:36.0568 0x0fb0 ============================================================ 21:53:36.0568 0x0fb0 Scan started 21:53:36.0568 0x0fb0 Mode: Manual; SigCheck; TDLFS; 21:53:36.0568 0x0fb0 ============================================================ 21:53:36.0568 0x0fb0 KSN ping started 21:53:39.0340 0x0fb0 KSN ping finished: true 21:53:40.0141 0x0fb0 ================ Scan system memory ======================== 21:53:40.0141 0x0fb0 System memory - ok 21:53:40.0142 0x0fb0 ================ Scan services ============================= 21:53:40.0428 0x0fb0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 21:53:40.0497 0x0fb0 1394ohci - ok 21:53:40.0514 0x0fb0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:53:40.0532 0x0fb0 ACPI - ok 21:53:40.0536 0x0fb0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:53:40.0553 0x0fb0 AcpiPmi - ok 21:53:40.0600 0x0fb0 [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:53:40.0631 0x0fb0 AdobeARMservice - ok 21:53:40.0868 0x0fb0 [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:53:40.0912 0x0fb0 AdobeFlashPlayerUpdateSvc - ok 21:53:40.0928 0x0fb0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:53:40.0954 0x0fb0 adp94xx - ok 21:53:40.0967 0x0fb0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:53:40.0989 0x0fb0 adpahci - ok 21:53:41.0016 0x0fb0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:53:41.0035 0x0fb0 adpu320 - ok 21:53:41.0041 0x0fb0 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:53:41.0054 0x0fb0 AeLookupSvc - ok 21:53:41.0068 0x0fb0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 21:53:41.0091 0x0fb0 AFD - ok 21:53:41.0096 0x0fb0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 21:53:41.0111 0x0fb0 agp440 - ok 21:53:41.0136 0x0fb0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 21:53:41.0150 0x0fb0 ALG - ok 21:53:41.0154 0x0fb0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 21:53:41.0166 0x0fb0 aliide - ok 21:53:41.0190 0x0fb0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 21:53:41.0203 0x0fb0 amdide - ok 21:53:41.0207 0x0fb0 [ 35D34AD337A1AC46F74C3377B4CCA88E, 046695BDF540EDCA87C36EDC725615ACA99DA57558A54CAC1B49F245D702B406 ] amdide64 C:\Windows\system32\DRIVERS\amdide64.sys 21:53:41.0223 0x0fb0 amdide64 - ok 21:53:41.0227 0x0fb0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:53:41.0244 0x0fb0 AmdK8 - ok 21:53:41.0268 0x0fb0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 21:53:41.0281 0x0fb0 AmdPPM - ok 21:53:41.0306 0x0fb0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:53:41.0323 0x0fb0 amdsata - ok 21:53:41.0350 0x0fb0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:53:41.0369 0x0fb0 amdsbs - ok 21:53:41.0373 0x0fb0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:53:41.0386 0x0fb0 amdxata - ok 21:53:41.0532 0x0fb0 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe 21:53:41.0578 0x0fb0 AntiVirMailService - ok 21:53:41.0644 0x0fb0 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 21:53:41.0683 0x0fb0 AntiVirSchedulerService - ok 21:53:41.0718 0x0fb0 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 21:53:41.0746 0x0fb0 AntiVirService - ok 21:53:41.0776 0x0fb0 [ D84E576299C73B0B1DC477D2B99958C4, D6703C2B63B9FA87C2DA009CC7B6DF76C3603C6A9874B152D685A1B92EE2DF28 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 21:53:41.0825 0x0fb0 AntiVirWebService - ok 21:53:41.0853 0x0fb0 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys 21:53:41.0866 0x0fb0 AppID - ok 21:53:41.0869 0x0fb0 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:53:41.0881 0x0fb0 AppIDSvc - ok 21:53:41.0885 0x0fb0 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll 21:53:41.0898 0x0fb0 Appinfo - ok 21:53:41.0905 0x0fb0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 21:53:41.0920 0x0fb0 AppMgmt - ok 21:53:41.0925 0x0fb0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 21:53:41.0942 0x0fb0 arc - ok 21:53:41.0947 0x0fb0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:53:41.0964 0x0fb0 arcsas - ok 21:53:42.0099 0x0fb0 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 21:53:42.0156 0x0fb0 aspnet_state - ok 21:53:42.0160 0x0fb0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:53:42.0195 0x0fb0 AsyncMac - ok 21:53:42.0199 0x0fb0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 21:53:42.0209 0x0fb0 atapi - ok 21:53:42.0282 0x0fb0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:53:42.0318 0x0fb0 AudioEndpointBuilder - ok 21:53:42.0357 0x0fb0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:53:42.0385 0x0fb0 AudioSrv - ok 21:53:42.0432 0x0fb0 [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 21:53:42.0452 0x0fb0 avgntflt - ok 21:53:42.0459 0x0fb0 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 21:53:42.0479 0x0fb0 avipbb - ok 21:53:42.0535 0x0fb0 [ 76648BCBEB840B391E85DAD2DC04FFC9, F30FC3CB49DE1B79E8EFA78ED4679E870ADD17B3101219A1EC2D18DDE7712F66 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 21:53:42.0573 0x0fb0 Avira.ServiceHost - ok 21:53:42.0577 0x0fb0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 21:53:42.0591 0x0fb0 avkmgr - ok 21:53:42.0636 0x0fb0 [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 21:53:42.0654 0x0fb0 avnetflt - ok 21:53:42.0681 0x0fb0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:53:42.0707 0x0fb0 AxInstSV - ok 21:53:42.0741 0x0fb0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 21:53:42.0772 0x0fb0 b06bdrv - ok 21:53:42.0822 0x0fb0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:53:42.0844 0x0fb0 b57nd60a - ok 21:53:42.0851 0x0fb0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 21:53:42.0864 0x0fb0 BDESVC - ok 21:53:42.0886 0x0fb0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 21:53:42.0917 0x0fb0 Beep - ok 21:53:42.0958 0x0fb0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 21:53:42.0985 0x0fb0 BFE - ok 21:53:43.0011 0x0fb0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll 21:53:43.0062 0x0fb0 BITS - ok 21:53:43.0070 0x0fb0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:53:43.0085 0x0fb0 blbdrive - ok 21:53:43.0110 0x0fb0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:53:43.0123 0x0fb0 bowser - ok 21:53:43.0146 0x0fb0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:53:43.0162 0x0fb0 BrFiltLo - ok 21:53:43.0165 0x0fb0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:53:43.0181 0x0fb0 BrFiltUp - ok 21:53:43.0227 0x0fb0 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 21:53:43.0260 0x0fb0 BridgeMP - ok 21:53:43.0286 0x0fb0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 21:53:43.0301 0x0fb0 Browser - ok 21:53:43.0326 0x0fb0 [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys 21:53:43.0341 0x0fb0 BrSerIb - ok 21:53:43.0351 0x0fb0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:53:43.0374 0x0fb0 Brserid - ok 21:53:43.0636 0x0fb0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:53:43.0662 0x0fb0 BrSerWdm - ok 21:53:43.0665 0x0fb0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:53:43.0684 0x0fb0 BrUsbMdm - ok 21:53:43.0730 0x0fb0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:53:43.0744 0x0fb0 BrUsbSer - ok 21:53:43.0749 0x0fb0 [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys 21:53:43.0761 0x0fb0 BrUsbSIb - ok 21:53:43.0788 0x0fb0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:53:43.0808 0x0fb0 BTHMODEM - ok 21:53:43.0815 0x0fb0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 21:53:43.0849 0x0fb0 bthserv - ok 21:53:43.0891 0x0fb0 catchme - ok 21:53:43.0898 0x0fb0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:53:43.0932 0x0fb0 cdfs - ok 21:53:43.0958 0x0fb0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:53:43.0973 0x0fb0 cdrom - ok 21:53:43.0979 0x0fb0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 21:53:44.0011 0x0fb0 CertPropSvc - ok 21:53:44.0016 0x0fb0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 21:53:44.0034 0x0fb0 circlass - ok 21:53:44.0066 0x0fb0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 21:53:44.0105 0x0fb0 CLFS - ok 21:53:44.0193 0x0fb0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:53:44.0206 0x0fb0 clr_optimization_v2.0.50727_32 - ok 21:53:44.0273 0x0fb0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:53:44.0286 0x0fb0 clr_optimization_v2.0.50727_64 - ok 21:53:44.0376 0x0fb0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:53:44.0439 0x0fb0 clr_optimization_v4.0.30319_32 - ok 21:53:44.0444 0x0fb0 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:53:44.0465 0x0fb0 clr_optimization_v4.0.30319_64 - ok 21:53:44.0489 0x0fb0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 21:53:44.0504 0x0fb0 CmBatt - ok 21:53:44.0508 0x0fb0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:53:44.0522 0x0fb0 cmdide - ok 21:53:44.0556 0x0fb0 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys 21:53:44.0584 0x0fb0 CNG - ok 21:53:44.0589 0x0fb0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 21:53:44.0602 0x0fb0 Compbatt - ok 21:53:44.0607 0x0fb0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 21:53:44.0621 0x0fb0 CompositeBus - ok 21:53:44.0624 0x0fb0 COMSysApp - ok 21:53:44.0628 0x0fb0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:53:44.0642 0x0fb0 crcdisk - ok 21:53:44.0650 0x0fb0 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:53:44.0666 0x0fb0 CryptSvc - ok 21:53:44.0681 0x0fb0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 21:53:44.0704 0x0fb0 CSC - ok 21:53:44.0784 0x0fb0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 21:53:44.0812 0x0fb0 CscService - ok 21:53:44.0830 0x0fb0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:53:44.0875 0x0fb0 DcomLaunch - ok 21:53:44.0927 0x0fb0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 21:53:44.0966 0x0fb0 defragsvc - ok 21:53:44.0971 0x0fb0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:53:45.0006 0x0fb0 DfsC - ok 21:53:45.0104 0x0fb0 [ D51B32BA3897F630D99713B74B40D6A2, 5EB136A8248E6FA1316CFA273D9DC8F9C8E8CCB9AC00AE23C1337FBF5F6FDBEC ] DfSdkS C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe 21:53:45.0131 0x0fb0 DfSdkS - detected UnsignedFile.Multi.Generic ( 1 ) 21:53:46.0553 0x0668 Object required for P2P: [ 76648BCBEB840B391E85DAD2DC04FFC9 ] Avira.ServiceHost 21:53:47.0819 0x0fb0 Detect skipped due to KSN trusted 21:53:47.0819 0x0fb0 DfSdkS - ok 21:53:47.0848 0x0fb0 [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 21:53:47.0864 0x0fb0 dg_ssudbus - ok 21:53:47.0875 0x0fb0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 21:53:47.0895 0x0fb0 Dhcp - ok 21:53:48.0012 0x0fb0 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll 21:53:48.0057 0x0fb0 DiagTrack - ok 21:53:48.0105 0x0fb0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 21:53:48.0157 0x0fb0 discache - ok 21:53:48.0162 0x0fb0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 21:53:48.0174 0x0fb0 Disk - ok 21:53:48.0240 0x0fb0 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 21:53:48.0270 0x0fb0 dmvsc - ok 21:53:48.0439 0x0fb0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:53:48.0531 0x0fb0 Dnscache - ok 21:53:48.0833 0x0fb0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 21:53:48.0879 0x0fb0 dot3svc - ok 21:53:48.0886 0x0fb0 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys 21:53:48.0916 0x0fb0 Dot4 - ok 21:53:48.0920 0x0fb0 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys 21:53:48.0934 0x0fb0 Dot4Print - ok 21:53:48.0938 0x0fb0 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys 21:53:48.0952 0x0fb0 dot4usb - ok 21:53:48.0959 0x0fb0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 21:53:48.0993 0x0fb0 DPS - ok 21:53:48.0996 0x0fb0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:53:49.0007 0x0fb0 drmkaud - ok 21:53:49.0073 0x0fb0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:53:49.0108 0x0fb0 DXGKrnl - ok 21:53:49.0117 0x0fb0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 21:53:49.0151 0x0fb0 EapHost - ok 21:53:49.0404 0x0668 Object send P2P result: true 21:53:49.0674 0x0fb0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 21:53:49.0815 0x0fb0 ebdrv - ok 21:53:49.0939 0x0fb0 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS C:\Windows\System32\lsass.exe 21:53:49.0971 0x0fb0 EFS - ok 21:53:50.0080 0x0fb0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:53:50.0095 0x0fb0 ehRecvr - ok 21:53:50.0127 0x0fb0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 21:53:50.0142 0x0fb0 ehSched - ok 21:53:50.0189 0x0fb0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:53:50.0236 0x0fb0 elxstor - ok 21:53:50.0251 0x0fb0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:53:50.0267 0x0fb0 ErrDev - ok 21:53:50.0329 0x0fb0 [ FD291A75ECAF197F07BD2040C2A7322A, B4DE1B8A75928C8E6DF870A7B6F286EAA0B9A5D9443E99B66633F8B60013AC67 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys 21:53:50.0361 0x0fb0 EtronHub3 - ok 21:53:50.0439 0x0fb0 [ DDE9068F9BAC0210195F217AA39B9276, 3AE8CE03B0F93EF6006B46F8DFD5523F6C1951D98FB9A411EA90261C368A453F ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys 21:53:50.0470 0x0fb0 EtronXHCI - ok 21:53:50.0563 0x0fb0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 21:53:50.0641 0x0fb0 EventSystem - ok 21:53:50.0688 0x0fb0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 21:53:50.0782 0x0fb0 exfat - ok 21:53:50.0797 0x0fb0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:53:50.0844 0x0fb0 fastfat - ok 21:53:50.0953 0x0fb0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 21:53:50.0969 0x0fb0 Fax - ok 21:53:50.0985 0x0fb0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 21:53:51.0000 0x0fb0 fdc - ok 21:53:51.0047 0x0fb0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 21:53:51.0094 0x0fb0 fdPHost - ok 21:53:51.0109 0x0fb0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 21:53:51.0141 0x0fb0 FDResPub - ok 21:53:51.0156 0x0fb0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:53:51.0188 0x0fb0 FileInfo - ok 21:53:51.0219 0x0fb0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:53:51.0281 0x0fb0 Filetrace - ok 21:53:51.0297 0x0fb0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 21:53:51.0312 0x0fb0 flpydisk - ok 21:53:51.0437 0x0fb0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:53:51.0453 0x0fb0 FltMgr - ok 21:53:51.0640 0x0fb0 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll 21:53:51.0687 0x0fb0 FontCache - ok 21:53:51.0718 0x0fb0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:53:51.0718 0x0fb0 FontCache3.0.0.0 - ok 21:53:51.0780 0x0fb0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:53:51.0796 0x0fb0 FsDepends - ok 21:53:51.0905 0x0fb0 [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 21:53:51.0936 0x0fb0 fssfltr - ok 21:53:52.0170 0x0fb0 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 21:53:52.0248 0x0fb0 fsssvc - ok 21:53:52.0280 0x0fb0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:53:53.0013 0x0fb0 Fs_Rec - ok 21:53:53.0044 0x0fb0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:53:53.0075 0x0fb0 fvevol - ok 21:53:53.0075 0x0fb0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:53:53.0091 0x0fb0 gagp30kx - ok 21:53:53.0106 0x0fb0 [ 12CD74D8F037AE10E03C2415EFF59EF5, EDE7187DC57010119A46730B63EAF1548E3BDC170D375568880478AB36340726 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe 21:53:53.0138 0x0fb0 Garmin Core Update Service - ok 21:53:53.0138 0x0fb0 gdrv - ok 21:53:53.0294 0x0fb0 [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 21:53:53.0325 0x0fb0 GfExperienceService - ok 21:53:53.0418 0x0fb0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 21:53:53.0481 0x0fb0 gpsvc - ok 21:53:53.0512 0x0fb0 [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb C:\Windows\system32\drivers\grmnusb.sys 21:53:53.0528 0x0fb0 grmnusb - ok 21:53:53.0559 0x0fb0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:53:53.0559 0x0fb0 gupdate - ok 21:53:53.0574 0x0fb0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:53:53.0574 0x0fb0 gupdatem - ok 21:53:53.0590 0x0fb0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:53:53.0606 0x0fb0 hcw85cir - ok 21:53:53.0606 0x0fb0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:53:53.0637 0x0fb0 HdAudAddService - ok 21:53:53.0637 0x0fb0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:53:53.0652 0x0fb0 HDAudBus - ok 21:53:53.0652 0x0fb0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:53:53.0668 0x0fb0 HidBatt - ok 21:53:53.0699 0x0fb0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:53:53.0715 0x0fb0 HidBth - ok 21:53:53.0746 0x0fb0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 21:53:53.0762 0x0fb0 HidIr - ok 21:53:53.0762 0x0fb0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll 21:53:53.0793 0x0fb0 hidserv - ok 21:53:53.0855 0x0fb0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:53:53.0886 0x0fb0 HidUsb - ok 21:53:53.0886 0x0fb0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:53:53.0933 0x0fb0 hkmsvc - ok 21:53:53.0933 0x0fb0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:53:53.0964 0x0fb0 HomeGroupListener - ok 21:53:53.0964 0x0fb0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:53:53.0980 0x0fb0 HomeGroupProvider - ok 21:53:53.0996 0x0fb0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:53:54.0011 0x0fb0 HpSAMD - ok 21:53:54.0105 0x0fb0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:53:54.0136 0x0fb0 HTTP - ok 21:53:54.0698 0x0fb0 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS 21:53:54.0760 0x0fb0 HWiNFO32 - ok 21:53:54.0776 0x0fb0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:53:54.0791 0x0fb0 hwpolicy - ok 21:53:54.0807 0x0fb0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:53:54.0838 0x0fb0 i8042prt - ok 21:53:54.0900 0x0fb0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:53:54.0963 0x0fb0 iaStorV - ok 21:53:55.0041 0x0fb0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:53:55.0072 0x0fb0 idsvc - ok 21:53:55.0088 0x0fb0 IEEtwCollectorService - ok 21:53:55.0103 0x0fb0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:53:55.0119 0x0fb0 iirsp - ok 21:53:55.0228 0x0fb0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 21:53:55.0275 0x0fb0 IKEEXT - ok 21:53:55.0493 0x0fb0 [ 4BBB5A55EEB5EC11B20FCBB4CBB49357, CAC46B546C56F03B7D843FAC44F9C66FFFE924ACB975B543545B7BEA705E2BAE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 21:53:55.0587 0x0fb0 IntcAzAudAddService - ok 21:53:55.0587 0x0fb0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 21:53:55.0602 0x0fb0 intelide - ok 21:53:55.0602 0x0fb0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys 21:53:55.0618 0x0fb0 intelppm - ok 21:53:55.0634 0x0fb0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:53:55.0665 0x0fb0 IPBusEnum - ok 21:53:55.0665 0x0fb0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:53:55.0696 0x0fb0 IpFilterDriver - ok 21:53:55.0774 0x0fb0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:53:55.0805 0x0fb0 iphlpsvc - ok 21:53:55.0836 0x0fb0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:53:55.0852 0x0fb0 IPMIDRV - ok 21:53:55.0852 0x0fb0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:53:55.0883 0x0fb0 IPNAT - ok 21:53:55.0883 0x0fb0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:53:55.0899 0x0fb0 IRENUM - ok 21:53:55.0914 0x0fb0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:53:55.0914 0x0fb0 isapnp - ok 21:53:55.0946 0x0fb0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:53:55.0961 0x0fb0 iScsiPrt - ok 21:53:55.0977 0x0fb0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:53:55.0977 0x0fb0 kbdclass - ok 21:53:55.0992 0x0fb0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 21:53:55.0992 0x0fb0 kbdhid - ok 21:53:56.0008 0x0fb0 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso C:\Windows\system32\lsass.exe 21:53:56.0008 0x0fb0 KeyIso - ok 21:53:56.0024 0x0fb0 [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:53:56.0024 0x0fb0 KSecDD - ok 21:53:56.0039 0x0fb0 [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:53:56.0055 0x0fb0 KSecPkg - ok 21:53:56.0055 0x0fb0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:53:56.0086 0x0fb0 ksthunk - ok 21:53:56.0117 0x0fb0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 21:53:56.0164 0x0fb0 KtmRm - ok 21:53:56.0211 0x0fb0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll 21:53:56.0273 0x0fb0 LanmanServer - ok 21:53:56.0273 0x0fb0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:53:56.0304 0x0fb0 LanmanWorkstation - ok 21:53:56.0336 0x0fb0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:53:56.0367 0x0fb0 lltdio - ok 21:53:56.0398 0x0fb0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:53:56.0429 0x0fb0 lltdsvc - ok 21:53:56.0445 0x0fb0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:53:56.0476 0x0fb0 lmhosts - ok 21:53:56.0476 0x0fb0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:53:56.0492 0x0fb0 LSI_FC - ok 21:53:56.0523 0x0fb0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:53:56.0538 0x0fb0 LSI_SAS - ok 21:53:56.0585 0x0fb0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:53:56.0616 0x0fb0 LSI_SAS2 - ok 21:53:56.0632 0x0fb0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:53:56.0663 0x0fb0 LSI_SCSI - ok 21:53:56.0710 0x0fb0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 21:53:56.0757 0x0fb0 luafv - ok 21:53:56.0804 0x0fb0 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 21:53:56.0835 0x0fb0 MBAMProtector - ok 21:53:56.0975 0x0fb0 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 21:53:57.0022 0x0fb0 MBAMService - ok 21:53:57.0053 0x0fb0 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 21:53:57.0069 0x0fb0 MBAMWebAccessControl - ok 21:53:57.0069 0x0fb0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:53:57.0084 0x0fb0 Mcx2Svc - ok 21:53:57.0100 0x0fb0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 21:53:57.0116 0x0fb0 megasas - ok 21:53:57.0131 0x0fb0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:53:57.0147 0x0fb0 MegaSR - ok 21:53:57.0162 0x0fb0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 21:53:57.0194 0x0fb0 MMCSS - ok 21:53:57.0194 0x0fb0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 21:53:57.0225 0x0fb0 Modem - ok 21:53:57.0225 0x0fb0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:53:57.0240 0x0fb0 monitor - ok 21:53:57.0256 0x0fb0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:53:57.0256 0x0fb0 mouclass - ok 21:53:57.0287 0x0fb0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:53:57.0287 0x0fb0 mouhid - ok 21:53:57.0303 0x0fb0 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:53:57.0318 0x0fb0 mountmgr - ok 21:53:57.0350 0x0fb0 [ 05D7AF9196DAA3E5215FB7B053603C36, 1A3C6B9FC3906D7B2DDAE7270BD4F78D8A63A02F8CD9A79FCD63EF0F9562FF7D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 21:53:57.0365 0x0fb0 MozillaMaintenance - ok 21:53:57.0412 0x0fb0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 21:53:57.0428 0x0fb0 mpio - ok 21:53:57.0428 0x0fb0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:53:57.0474 0x0fb0 mpsdrv - ok 21:53:57.0568 0x0fb0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:53:57.0615 0x0fb0 MpsSvc - ok 21:53:57.0630 0x0fb0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:53:57.0646 0x0fb0 MRxDAV - ok 21:53:57.0693 0x0fb0 [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:53:57.0724 0x0fb0 mrxsmb - ok 21:53:57.0802 0x0fb0 [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:53:57.0833 0x0fb0 mrxsmb10 - ok 21:53:57.0880 0x0fb0 [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:53:57.0911 0x0fb0 mrxsmb20 - ok 21:53:57.0942 0x0fb0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 21:53:57.0974 0x0fb0 msahci - ok 21:53:57.0989 0x0fb0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:53:58.0020 0x0fb0 msdsm - ok 21:53:58.0020 0x0fb0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 21:53:58.0036 0x0fb0 MSDTC - ok 21:53:58.0052 0x0fb0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:53:58.0083 0x0fb0 Msfs - ok 21:53:58.0083 0x0fb0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:53:58.0114 0x0fb0 mshidkmdf - ok 21:53:58.0114 0x0fb0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:53:58.0130 0x0fb0 msisadrv - ok 21:53:58.0161 0x0fb0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:53:58.0192 0x0fb0 MSiSCSI - ok 21:53:58.0192 0x0fb0 msiserver - ok 21:53:58.0192 0x0fb0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:53:58.0223 0x0fb0 MSKSSRV - ok 21:53:58.0254 0x0fb0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:53:58.0286 0x0fb0 MSPCLOCK - ok 21:53:58.0286 0x0fb0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:53:58.0317 0x0fb0 MSPQM - ok 21:53:58.0379 0x0fb0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:53:58.0395 0x0fb0 MsRPC - ok 21:53:58.0410 0x0fb0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:53:58.0410 0x0fb0 mssmbios - ok 21:53:58.0426 0x0fb0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:53:58.0457 0x0fb0 MSTEE - ok 21:53:58.0457 0x0fb0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:53:58.0473 0x0fb0 MTConfig - ok 21:53:58.0473 0x0fb0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 21:53:58.0488 0x0fb0 Mup - ok 21:53:58.0520 0x0fb0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 21:53:58.0566 0x0fb0 napagent - ok 21:53:58.0598 0x0fb0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:53:58.0613 0x0fb0 NativeWifiP - ok 21:53:58.0707 0x0fb0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 21:53:58.0738 0x0fb0 NDIS - ok 21:53:58.0785 0x0fb0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:53:58.0847 0x0fb0 NdisCap - ok 21:53:58.0894 0x0fb0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:53:58.0941 0x0fb0 NdisTapi - ok 21:53:58.0941 0x0fb0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:53:58.0972 0x0fb0 Ndisuio - ok 21:53:59.0019 0x0fb0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:53:59.0081 0x0fb0 NdisWan - ok 21:53:59.0097 0x0fb0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:53:59.0128 0x0fb0 NDProxy - ok 21:53:59.0144 0x0fb0 [ 76C4D5C98A808D8C8E0C46280036FAF8, A808DFA8B6949D44698122CDA43CD01B3B1CD14029B368F1686D023426239B87 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 21:53:59.0159 0x0fb0 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 21:54:01.0998 0x0fb0 Detect skipped due to KSN trusted 21:54:01.0998 0x0fb0 Net Driver HPZ12 - ok 21:54:02.0030 0x0fb0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:54:02.0076 0x0fb0 NetBIOS - ok 21:54:02.0092 0x0fb0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:54:02.0123 0x0fb0 NetBT - ok 21:54:02.0139 0x0fb0 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon C:\Windows\system32\lsass.exe 21:54:02.0139 0x0fb0 Netlogon - ok 21:54:02.0154 0x0fb0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 21:54:02.0201 0x0fb0 Netman - ok 21:54:02.0295 0x0fb0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:54:02.0342 0x0fb0 NetMsmqActivator - ok 21:54:02.0342 0x0fb0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:54:02.0357 0x0fb0 NetPipeActivator - ok 21:54:02.0388 0x0fb0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 21:54:02.0435 0x0fb0 netprofm - ok 21:54:02.0435 0x0fb0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:54:02.0451 0x0fb0 NetTcpActivator - ok 21:54:02.0482 0x0fb0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:54:02.0498 0x0fb0 NetTcpPortSharing - ok 21:54:02.0498 0x0fb0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:54:02.0513 0x0fb0 nfrd960 - ok 21:54:02.0529 0x0fb0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 21:54:02.0544 0x0fb0 NlaSvc - ok 21:54:02.0591 0x0fb0 [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys 21:54:02.0654 0x0fb0 nmwcd - ok 21:54:02.0654 0x0fb0 [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys 21:54:02.0685 0x0fb0 nmwcdc - ok 21:54:02.0700 0x0fb0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:54:02.0747 0x0fb0 Npfs - ok 21:54:02.0747 0x0fb0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 21:54:02.0778 0x0fb0 nsi - ok 21:54:02.0778 0x0fb0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:54:02.0810 0x0fb0 nsiproxy - ok 21:54:02.0872 0x0fb0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:54:02.0934 0x0fb0 Ntfs - ok 21:54:02.0934 0x0fb0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 21:54:02.0966 0x0fb0 Null - ok 21:54:02.0997 0x0fb0 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 21:54:03.0012 0x0fb0 NVHDA - ok 21:54:03.0527 0x0fb0 [ 5D89C0070BC2643117CF33D0367AFABA, C245E0C0DB6665B6226B4D188F620272C175F0FEA63617ECA45B4FA86273E20C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 21:54:03.0870 0x0fb0 nvlddmkm - ok 21:54:03.0980 0x0fb0 [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 21:54:04.0042 0x0fb0 NvNetworkService - ok 21:54:04.0073 0x0fb0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:54:04.0089 0x0fb0 nvraid - ok 21:54:04.0120 0x0fb0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:54:04.0136 0x0fb0 nvstor - ok 21:54:04.0214 0x0fb0 [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 21:54:04.0229 0x0fb0 NvStreamKms - ok 21:54:04.0323 0x0fb0 NvStreamSvc - ok 21:54:04.0416 0x0fb0 [ C5647FB500C2A1F946B77C953528042D, E0A53D158B2141EBBE6762165154B4DE9524E6BD3AD7247B6D25AC96E0A34AA0 ] nvsvc C:\Windows\system32\nvvsvc.exe 21:54:04.0448 0x0fb0 nvsvc - ok 21:54:04.0463 0x0fb0 [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys 21:54:04.0479 0x0fb0 nvvad_WaveExtensible - ok 21:54:04.0479 0x0fb0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:54:04.0494 0x0fb0 nv_agp - ok 21:54:04.0557 0x0fb0 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 21:54:04.0604 0x0fb0 odserv - ok 21:54:04.0604 0x0fb0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:54:04.0619 0x0fb0 ohci1394 - ok 21:54:04.0650 0x0fb0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:54:04.0666 0x0fb0 ose - ok 21:54:04.0682 0x0fb0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:54:04.0697 0x0fb0 p2pimsvc - ok 21:54:04.0760 0x0fb0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 21:54:04.0791 0x0fb0 p2psvc - ok 21:54:04.0791 0x0fb0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 21:54:04.0822 0x0fb0 Parport - ok 21:54:04.0822 0x0fb0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:54:04.0838 0x0fb0 partmgr - ok 21:54:04.0853 0x0fb0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:54:04.0869 0x0fb0 PcaSvc - ok 21:54:04.0900 0x0fb0 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 21:54:04.0916 0x0fb0 pccsmcfd - ok 21:54:04.0916 0x0fb0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 21:54:04.0931 0x0fb0 pci - ok 21:54:04.0931 0x0fb0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 21:54:04.0947 0x0fb0 pciide - ok 21:54:04.0978 0x0fb0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:54:05.0009 0x0fb0 pcmcia - ok 21:54:05.0056 0x0fb0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 21:54:05.0087 0x0fb0 pcw - ok 21:54:05.0134 0x0fb0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:54:05.0150 0x0fb0 PEAUTH - ok 21:54:05.0290 0x0fb0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 21:54:05.0337 0x0fb0 PeerDistSvc - ok 21:54:05.0352 0x0fb0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:54:05.0352 0x0fb0 PerfHost - ok 21:54:05.0462 0x0fb0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 21:54:05.0524 0x0fb0 pla - ok 21:54:05.0555 0x0fb0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:54:05.0571 0x0fb0 PlugPlay - ok 21:54:05.0602 0x0fb0 [ D1A4DBB8A29F7FFC78378F47F9EA6B91, 782C7C6AA7A4A772C5E7392EA6D849BBCD159C30DF30918941C0BE058226D765 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 21:54:05.0618 0x0fb0 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 21:54:08.0691 0x0fb0 Detect skipped due to KSN trusted 21:54:08.0691 0x0fb0 Pml Driver HPZ12 - ok 21:54:08.0691 0x0fb0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:54:08.0722 0x0fb0 PNRPAutoReg - ok 21:54:08.0738 0x0fb0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:54:08.0753 0x0fb0 PNRPsvc - ok 21:54:08.0769 0x0fb0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:54:08.0816 0x0fb0 PolicyAgent - ok 21:54:08.0831 0x0fb0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 21:54:08.0862 0x0fb0 Power - ok 21:54:08.0862 0x0fb0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:54:08.0894 0x0fb0 PptpMiniport - ok 21:54:08.0909 0x0fb0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 21:54:08.0925 0x0fb0 Processor - ok 21:54:08.0925 0x0fb0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 21:54:08.0940 0x0fb0 ProfSvc - ok 21:54:08.0956 0x0fb0 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:54:08.0956 0x0fb0 ProtectedStorage - ok 21:54:08.0972 0x0fb0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:54:09.0003 0x0fb0 Psched - ok 21:54:09.0081 0x0fb0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:54:09.0128 0x0fb0 ql2300 - ok 21:54:09.0143 0x0fb0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:54:09.0159 0x0fb0 ql40xx - ok 21:54:09.0190 0x0fb0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 21:54:09.0206 0x0fb0 QWAVE - ok 21:54:09.0206 0x0fb0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:54:09.0221 0x0fb0 QWAVEdrv - ok 21:54:09.0237 0x0fb0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:54:09.0268 0x0fb0 RasAcd - ok 21:54:09.0268 0x0fb0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:54:09.0299 0x0fb0 RasAgileVpn - ok 21:54:09.0330 0x0fb0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 21:54:09.0362 0x0fb0 RasAuto - ok 21:54:09.0362 0x0fb0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:54:09.0408 0x0fb0 Rasl2tp - ok 21:54:09.0440 0x0fb0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 21:54:09.0486 0x0fb0 RasMan - ok 21:54:09.0518 0x0fb0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:54:09.0564 0x0fb0 RasPppoe - ok 21:54:09.0580 0x0fb0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:54:09.0611 0x0fb0 RasSstp - ok 21:54:09.0611 0x0fb0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:54:09.0658 0x0fb0 rdbss - ok 21:54:09.0658 0x0fb0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:54:09.0674 0x0fb0 rdpbus - ok 21:54:09.0689 0x0fb0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:54:09.0720 0x0fb0 RDPCDD - ok 21:54:09.0783 0x0fb0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 21:54:09.0814 0x0fb0 RDPDR - ok 21:54:09.0830 0x0fb0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:54:09.0861 0x0fb0 RDPENCDD - ok 21:54:09.0861 0x0fb0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:54:09.0892 0x0fb0 RDPREFMP - ok 21:54:09.0908 0x0fb0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 21:54:09.0923 0x0fb0 RdpVideoMiniport - ok 21:54:09.0923 0x0fb0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:54:09.0939 0x0fb0 RDPWD - ok 21:54:09.0986 0x0fb0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:54:10.0001 0x0fb0 rdyboost - ok 21:54:10.0017 0x0fb0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:54:10.0048 0x0fb0 RemoteAccess - ok 21:54:10.0048 0x0fb0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:54:10.0095 0x0fb0 RemoteRegistry - ok 21:54:10.0095 0x0fb0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:54:10.0126 0x0fb0 RpcEptMapper - ok 21:54:10.0157 0x0fb0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 21:54:10.0173 0x0fb0 RpcLocator - ok 21:54:10.0188 0x0fb0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 21:54:10.0235 0x0fb0 RpcSs - ok 21:54:10.0235 0x0fb0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:54:10.0266 0x0fb0 rspndr - ok 21:54:10.0376 0x0fb0 [ DCF7221D6588EDA8CD77CB27AE9B1844, 7741A4F513952CC3C4D5056958D0D50F8F2A9D3142C7478707F73A83D3CDE01C ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 21:54:10.0422 0x0fb0 RTL8167 - ok 21:54:10.0422 0x0fb0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 21:54:10.0438 0x0fb0 s3cap - ok 21:54:10.0438 0x0fb0 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs C:\Windows\system32\lsass.exe 21:54:10.0454 0x0fb0 SamSs - ok 21:54:10.0454 0x0fb0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:54:10.0469 0x0fb0 sbp2port - ok 21:54:10.0485 0x0fb0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:54:10.0516 0x0fb0 SCardSvr - ok 21:54:10.0532 0x0fb0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:54:10.0547 0x0fb0 scfilter - ok 21:54:10.0610 0x0fb0 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 21:54:10.0641 0x0fb0 Schedule - ok 21:54:10.0672 0x0fb0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 21:54:10.0703 0x0fb0 SCPolicySvc - ok 21:54:10.0703 0x0fb0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:54:10.0719 0x0fb0 SDRSVC - ok 21:54:10.0734 0x0fb0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:54:10.0766 0x0fb0 secdrv - ok 21:54:10.0781 0x0fb0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 21:54:10.0812 0x0fb0 seclogon - ok 21:54:10.0828 0x0fb0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll 21:54:10.0859 0x0fb0 SENS - ok 21:54:10.0859 0x0fb0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:54:10.0875 0x0fb0 SensrSvc - ok 21:54:10.0875 0x0fb0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 21:54:10.0890 0x0fb0 Serenum - ok 21:54:10.0906 0x0fb0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 21:54:10.0922 0x0fb0 Serial - ok 21:54:10.0922 0x0fb0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:54:10.0937 0x0fb0 sermouse - ok 21:54:11.0015 0x0fb0 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 21:54:11.0046 0x0fb0 ServiceLayer - ok 21:54:11.0062 0x0fb0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 21:54:11.0093 0x0fb0 SessionEnv - ok 21:54:11.0124 0x0fb0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:54:11.0140 0x0fb0 sffdisk - ok 21:54:11.0140 0x0fb0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:54:11.0156 0x0fb0 sffp_mmc - ok 21:54:11.0171 0x0fb0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:54:11.0171 0x0fb0 sffp_sd - ok 21:54:11.0187 0x0fb0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:54:11.0202 0x0fb0 sfloppy - ok 21:54:11.0202 0x0fb0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:54:11.0249 0x0fb0 SharedAccess - ok 21:54:11.0280 0x0fb0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:54:11.0327 0x0fb0 ShellHWDetection - ok 21:54:11.0327 0x0fb0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:54:11.0343 0x0fb0 SiSRaid2 - ok 21:54:11.0343 0x0fb0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:54:11.0358 0x0fb0 SiSRaid4 - ok 21:54:11.0421 0x0fb0 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 21:54:11.0483 0x0fb0 SkypeUpdate - ok 21:54:11.0499 0x0fb0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:54:11.0530 0x0fb0 Smb - ok 21:54:11.0546 0x0fb0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:54:11.0546 0x0fb0 SNMPTRAP - ok 21:54:11.0577 0x0fb0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 21:54:11.0592 0x0fb0 spldr - ok 21:54:11.0624 0x0fb0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 21:54:11.0655 0x0fb0 Spooler - ok 21:54:11.0873 0x0fb0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 21:54:11.0982 0x0fb0 sppsvc - ok 21:54:11.0998 0x0fb0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:54:12.0029 0x0fb0 sppuinotify - ok 21:54:12.0060 0x0fb0 [ 34F974F8B3C86DE03A30DCBE79091C97, 14E12E3A145F898CB8B89FB75E0100D47D04E3BFD3078C315FE1F3CBF30FEFEE ] sptd C:\Windows\system32\Drivers\sptd.sys 21:54:12.0060 0x0fb0 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 34F974F8B3C86DE03A30DCBE79091C97, sha256: 14E12E3A145F898CB8B89FB75E0100D47D04E3BFD3078C315FE1F3CBF30FEFEE 21:54:12.0060 0x0fb0 sptd - detected LockedFile.Multi.Generic ( 1 ) 21:54:14.0853 0x0fb0 Detect skipped due to KSN trusted 21:54:14.0853 0x0fb0 sptd - ok 21:54:14.0900 0x0fb0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 21:54:14.0946 0x0fb0 srv - ok 21:54:14.0962 0x0fb0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:54:14.0978 0x0fb0 srv2 - ok 21:54:14.0978 0x0fb0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:54:14.0993 0x0fb0 srvnet - ok 21:54:15.0024 0x0fb0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:54:15.0056 0x0fb0 SSDPSRV - ok 21:54:15.0071 0x0fb0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:54:15.0102 0x0fb0 SstpSvc - ok 21:54:15.0102 0x0fb0 [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 21:54:15.0134 0x0fb0 ssudmdm - ok 21:54:15.0243 0x0fb0 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe 21:54:15.0274 0x0fb0 ss_conn_service - ok 21:54:15.0383 0x0fb0 [ E5C796B621F6FBA8616511063D7F0FFE, 447FA64F552D4B04AD029E01485B4438A70D9B9B98EB49A883D5B17ED4C1D52F ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe 21:54:15.0414 0x0fb0 StarWindServiceAE - detected UnsignedFile.Multi.Generic ( 1 ) 21:54:18.0332 0x0fb0 Detect skipped due to KSN trusted 21:54:18.0332 0x0fb0 StarWindServiceAE - ok 21:54:18.0410 0x0fb0 [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 21:54:18.0456 0x0fb0 Steam Client Service - ok 21:54:18.0456 0x0fb0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:54:18.0472 0x0fb0 stexstor - ok 21:54:18.0503 0x0fb0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 21:54:18.0534 0x0fb0 stisvc - ok 21:54:18.0534 0x0fb0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 21:54:18.0550 0x0fb0 storflt - ok 21:54:18.0550 0x0fb0 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll 21:54:18.0566 0x0fb0 StorSvc - ok 21:54:18.0566 0x0fb0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 21:54:18.0581 0x0fb0 storvsc - ok 21:54:18.0581 0x0fb0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:54:18.0597 0x0fb0 swenum - ok 21:54:18.0612 0x0fb0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 21:54:18.0659 0x0fb0 swprv - ok 21:54:18.0722 0x0fb0 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 21:54:18.0768 0x0fb0 SysMain - ok 21:54:18.0784 0x0fb0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:54:18.0800 0x0fb0 TabletInputService - ok 21:54:18.0815 0x0fb0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 21:54:18.0846 0x0fb0 TapiSrv - ok 21:54:18.0862 0x0fb0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 21:54:18.0893 0x0fb0 TBS - ok 21:54:18.0956 0x0fb0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:54:19.0018 0x0fb0 Tcpip - ok 21:54:19.0174 0x0fb0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:54:19.0236 0x0fb0 TCPIP6 - ok 21:54:19.0252 0x0fb0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:54:19.0252 0x0fb0 tcpipreg - ok 21:54:19.0268 0x0fb0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:54:19.0268 0x0fb0 TDPIPE - ok 21:54:19.0283 0x0fb0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:54:19.0283 0x0fb0 TDTCP - ok 21:54:19.0299 0x0fb0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:54:19.0299 0x0fb0 tdx - ok 21:54:19.0314 0x0fb0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:54:19.0314 0x0fb0 TermDD - ok 21:54:19.0361 0x0fb0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 21:54:19.0392 0x0fb0 TermService - ok 21:54:19.0392 0x0fb0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 21:54:19.0408 0x0fb0 Themes - ok 21:54:19.0424 0x0fb0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 21:54:19.0455 0x0fb0 THREADORDER - ok 21:54:19.0486 0x0fb0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 21:54:19.0517 0x0fb0 TrkWks - ok 21:54:19.0517 0x0fb0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:54:19.0564 0x0fb0 TrustedInstaller - ok 21:54:19.0564 0x0fb0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:54:19.0580 0x0fb0 tssecsrv - ok 21:54:19.0580 0x0fb0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:54:19.0595 0x0fb0 TsUsbFlt - ok 21:54:19.0595 0x0fb0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:54:19.0611 0x0fb0 TsUsbGD - ok 21:54:19.0611 0x0fb0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:54:19.0642 0x0fb0 tunnel - ok 21:54:19.0658 0x0fb0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:54:19.0673 0x0fb0 uagp35 - ok 21:54:19.0673 0x0fb0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:54:19.0720 0x0fb0 udfs - ok 21:54:19.0720 0x0fb0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:54:19.0736 0x0fb0 UI0Detect - ok 21:54:19.0751 0x0fb0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:54:19.0751 0x0fb0 uliagpkx - ok 21:54:19.0767 0x0fb0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:54:19.0782 0x0fb0 umbus - ok 21:54:19.0782 0x0fb0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 21:54:19.0798 0x0fb0 UmPass - ok 21:54:19.0814 0x0fb0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 21:54:19.0829 0x0fb0 UmRdpService - ok 21:54:19.0845 0x0fb0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 21:54:19.0892 0x0fb0 upnphost - ok 21:54:19.0938 0x0fb0 [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 21:54:19.0970 0x0fb0 upperdev - ok 21:54:19.0970 0x0fb0 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 21:54:19.0985 0x0fb0 usbaudio - ok 21:54:19.0985 0x0fb0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:54:20.0001 0x0fb0 usbccgp - ok 21:54:20.0001 0x0fb0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:54:20.0016 0x0fb0 usbcir - ok 21:54:20.0032 0x0fb0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:54:20.0032 0x0fb0 usbehci - ok 21:54:20.0048 0x0fb0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:54:20.0063 0x0fb0 usbhub - ok 21:54:20.0094 0x0fb0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 21:54:20.0110 0x0fb0 usbohci - ok 21:54:20.0110 0x0fb0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:54:20.0126 0x0fb0 usbprint - ok 21:54:20.0126 0x0fb0 [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys 21:54:20.0141 0x0fb0 usbrndis6 - ok 21:54:20.0157 0x0fb0 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 21:54:20.0172 0x0fb0 usbscan - ok 21:54:20.0188 0x0fb0 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\DRIVERS\usbser.sys 21:54:20.0188 0x0fb0 usbser - ok 21:54:20.0219 0x0fb0 [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 21:54:20.0250 0x0fb0 UsbserFilt - ok 21:54:20.0250 0x0fb0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:54:20.0266 0x0fb0 USBSTOR - ok 21:54:20.0266 0x0fb0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 21:54:20.0282 0x0fb0 usbuhci - ok 21:54:20.0282 0x0fb0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 21:54:20.0297 0x0fb0 usbvideo - ok 21:54:20.0328 0x0fb0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 21:54:20.0360 0x0fb0 UxSms - ok 21:54:20.0360 0x0fb0 [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc C:\Windows\system32\lsass.exe 21:54:20.0375 0x0fb0 VaultSvc - ok 21:54:20.0375 0x0fb0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:54:20.0391 0x0fb0 vdrvroot - ok 21:54:20.0422 0x0fb0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 21:54:20.0469 0x0fb0 vds - ok 21:54:20.0500 0x0fb0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:54:20.0516 0x0fb0 vga - ok 21:54:20.0516 0x0fb0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 21:54:20.0547 0x0fb0 VgaSave - ok 21:54:20.0578 0x0fb0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:54:20.0594 0x0fb0 vhdmp - ok 21:54:20.0625 0x0fb0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 21:54:20.0625 0x0fb0 viaide - ok 21:54:20.0640 0x0fb0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 21:54:20.0656 0x0fb0 vmbus - ok 21:54:20.0672 0x0fb0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 21:54:20.0672 0x0fb0 VMBusHID - ok 21:54:20.0687 0x0fb0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:54:20.0687 0x0fb0 volmgr - ok 21:54:20.0703 0x0fb0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:54:20.0750 0x0fb0 volmgrx - ok 21:54:20.0750 0x0fb0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:54:20.0765 0x0fb0 volsnap - ok 21:54:20.0781 0x0fb0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:54:20.0796 0x0fb0 vsmraid - ok 21:54:20.0859 0x0fb0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 21:54:20.0937 0x0fb0 VSS - ok 21:54:20.0937 0x0fb0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 21:54:20.0952 0x0fb0 vwifibus - ok 21:54:20.0968 0x0fb0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 21:54:20.0999 0x0fb0 W32Time - ok 21:54:21.0015 0x0fb0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:54:21.0030 0x0fb0 WacomPen - ok 21:54:21.0030 0x0fb0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:54:21.0062 0x0fb0 WANARP - ok 21:54:21.0093 0x0fb0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:54:21.0124 0x0fb0 Wanarpv6 - ok 21:54:21.0233 0x0fb0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 21:54:21.0296 0x0fb0 wbengine - ok 21:54:21.0311 0x0fb0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:54:21.0327 0x0fb0 WbioSrvc - ok 21:54:21.0358 0x0fb0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:54:21.0389 0x0fb0 wcncsvc - ok 21:54:21.0389 0x0fb0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:54:21.0405 0x0fb0 WcsPlugInService - ok 21:54:21.0405 0x0fb0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 21:54:21.0420 0x0fb0 Wd - ok 21:54:21.0483 0x0fb0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:54:21.0545 0x0fb0 Wdf01000 - ok 21:54:21.0561 0x0fb0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:54:21.0561 0x0fb0 WdiServiceHost - ok 21:54:21.0576 0x0fb0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:54:21.0592 0x0fb0 WdiSystemHost - ok 21:54:21.0592 0x0fb0 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll 21:54:21.0608 0x0fb0 WebClient - ok 21:54:21.0639 0x0fb0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:54:21.0686 0x0fb0 Wecsvc - ok 21:54:21.0732 0x0fb0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:54:21.0779 0x0fb0 wercplsupport - ok 21:54:21.0810 0x0fb0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 21:54:21.0842 0x0fb0 WerSvc - ok 21:54:21.0857 0x0fb0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:54:21.0888 0x0fb0 WfpLwf - ok 21:54:21.0904 0x0fb0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:54:21.0904 0x0fb0 WIMMount - ok 21:54:21.0904 0x0fb0 WinDefend - ok 21:54:21.0920 0x0fb0 WinHttpAutoProxySvc - ok 21:54:22.0060 0x0fb0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:54:22.0107 0x0fb0 Winmgmt - ok 21:54:22.0247 0x0fb0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 21:54:22.0310 0x0fb0 WinRM - ok 21:54:22.0325 0x0fb0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:54:22.0341 0x0fb0 WinUsb - ok 21:54:22.0372 0x0fb0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 21:54:22.0403 0x0fb0 Wlansvc - ok 21:54:22.0622 0x0fb0 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:54:22.0700 0x0fb0 wlidsvc - ok 21:54:22.0731 0x0fb0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 21:54:22.0731 0x0fb0 WmiAcpi - ok 21:54:22.0762 0x0fb0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:54:22.0778 0x0fb0 wmiApSrv - ok 21:54:22.0793 0x0fb0 WMPNetworkSvc - ok 21:54:22.0809 0x0fb0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:54:22.0824 0x0fb0 WPCSvc - ok 21:54:22.0856 0x0fb0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:54:22.0871 0x0fb0 WPDBusEnum - ok 21:54:22.0887 0x0fb0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:54:22.0918 0x0fb0 ws2ifsl - ok 21:54:22.0949 0x0fb0 [ B81732E39ACF6C4B5BCC24EEBF2C1C7C, 76B3E4F652208E6E713E84B985E8CFC13443FC3FAA4B9A79F1EEEF1400DC550F ] WsAppService C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe 21:54:22.0980 0x0fb0 WsAppService - ok 21:54:22.0980 0x0fb0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll 21:54:22.0996 0x0fb0 wscsvc - ok 21:54:22.0996 0x0fb0 WSearch - ok 21:54:23.0074 0x0fb0 [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv C:\Windows\system32\wuaueng.dll 21:54:23.0136 0x0fb0 wuauserv - ok 21:54:23.0152 0x0fb0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:54:23.0168 0x0fb0 WudfPf - ok 21:54:23.0199 0x0fb0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:54:23.0214 0x0fb0 WUDFRd - ok 21:54:23.0214 0x0fb0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:54:23.0230 0x0fb0 wudfsvc - ok 21:54:23.0261 0x0fb0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 21:54:23.0277 0x0fb0 WwanSvc - ok 21:54:23.0277 0x0fb0 ================ Scan global =============================== 21:54:23.0277 0x0fb0 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 21:54:23.0308 0x0fb0 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll 21:54:23.0324 0x0fb0 [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll 21:54:23.0339 0x0fb0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 21:54:23.0370 0x0fb0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 21:54:23.0370 0x0fb0 [ Global ] - ok 21:54:23.0370 0x0fb0 ================ Scan MBR ================================== 21:54:23.0370 0x0fb0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 21:54:27.0442 0x0fb0 \Device\Harddisk1\DR1 - ok 21:54:27.0458 0x0fb0 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk2\DR2 21:54:27.0551 0x0fb0 \Device\Harddisk2\DR2 - ok 21:54:27.0551 0x0fb0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 21:54:27.0816 0x0fb0 \Device\Harddisk0\DR0 - ok 21:54:27.0816 0x0fb0 ================ Scan VBR ================================== 21:54:27.0832 0x0fb0 [ 100035C1395D35AF8386A47826291A18 ] \Device\Harddisk1\DR1\Partition1 21:54:27.0863 0x0fb0 \Device\Harddisk1\DR1\Partition1 - ok 21:54:27.0879 0x0fb0 [ C11A91904A1C76DB3929CA9905C32D5E ] \Device\Harddisk1\DR1\Partition2 21:54:27.0879 0x0fb0 \Device\Harddisk1\DR1\Partition2 - ok 21:54:27.0879 0x0fb0 [ 9C8380988F2F91BEC2FB7AC0DA8D130F ] \Device\Harddisk2\DR2\Partition1 21:54:27.0879 0x0fb0 \Device\Harddisk2\DR2\Partition1 - ok 21:54:27.0894 0x0fb0 [ 7B39370C9E0827547AF2B890E06D7EA5 ] \Device\Harddisk0\DR0\Partition1 21:54:27.0894 0x0fb0 \Device\Harddisk0\DR0\Partition1 - ok 21:54:27.0894 0x0fb0 [ 656D792622DDC2F3D04FFE50EA8FC5ED ] \Device\Harddisk0\DR0\Partition2 21:54:27.0894 0x0fb0 \Device\Harddisk0\DR0\Partition2 - ok 21:54:27.0894 0x0fb0 ================ Scan generic autorun ====================== 21:54:28.0784 0x0fb0 [ 3DE7064E794A84B8AFF55EEF59DD4280, 270B8747B5F3F22B12463711EA1E554C1CF3286BA915E2DEF625E28D9AF2C4C1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 21:54:29.0314 0x0fb0 RTHDVCPL - ok 21:54:29.0501 0x0fb0 [ 1FE3BF3059129B9156FDBB562860504A, 0590D352A7B87ADE4A8EAD281828D75DB33D5E36ED8B6FA02F3680AEA7C75B05 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 21:54:29.0579 0x0fb0 RtHDVBg_Dolby - ok 21:54:29.0798 0x0fb0 [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 21:54:29.0876 0x0fb0 NvBackend - ok 21:54:29.0891 0x0fb0 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe 21:54:29.0907 0x0fb0 ShadowPlay - ok 21:54:30.0219 0x0fb0 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 21:54:30.0250 0x0fb0 avgnt - ok 21:54:30.0328 0x0fb0 [ 2EA68E33DFF41A10F1BAB15FC3A28076, C971C009F36A87116FBE785E45EB7192EAD9BAF713C43C8A3AC643624144ECF9 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe 21:54:30.0375 0x0fb0 KiesTrayAgent - ok 21:54:30.0375 0x0fb0 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 21:54:30.0406 0x0fb0 APSDaemon - ok 21:54:30.0468 0x0fb0 [ F655E4A1AED366E96E5D5AA397E0F255, F8573CCA72FA25079B8CE2FC5D30379487E2905B109C73C741FAB31589FA49E1 ] C:\Program Files (x86)\QuickTime\QTTask.exe 21:54:30.0500 0x0fb0 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 ) 21:54:33.0339 0x0fb0 Detect skipped due to KSN trusted 21:54:33.0339 0x0fb0 QuickTime Task - ok 21:54:33.0417 0x0fb0 [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 21:54:33.0464 0x0fb0 SunJavaUpdateSched - ok 21:54:33.0495 0x0fb0 [ D52A9F078EA114D3465FC1CD9E900DF1, 841F6055435278A93230C3F5E33E6C530D6FDF5A331EC31E992A35DD084A7C64 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe 21:54:33.0510 0x0fb0 Avira SystrayStartTrigger - ok 21:54:33.0510 0x0fb0 [ AF365A1251FEFBE0BD55886D1D0ACF17, B693A67E03422EE2557239BA54957744814876CD2A4E3B77C66358F53E633E7D ] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe 21:54:33.0526 0x0fb0 AlcoholAutomount - ok 21:54:33.0542 0x0fb0 [ EEA6332ADF062AC5B24535C098DF1F3C, 91969C7BEBEDA1CA5B49324A1A63CD309DBAD2CB9970B041665F98B0ADC779E6 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe 21:54:33.0573 0x0fb0 GarminExpressTrayApp - ok 21:54:33.0729 0x0fb0 [ 1A1A7B2542A67C7A7D166920C8C3D075, 5EC58EFB03367613685956D7F78BE2C8C3A8334B9247E19FABC4790239D330A6 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe 21:54:33.0791 0x0fb0 KiesPDLR.exe - ok 21:54:33.0885 0x0fb0 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Joachim Steffen\AppData\Local\Dropbox\Update\DropboxUpdate.exe 21:54:33.0916 0x0fb0 Dropbox Update - ok 21:54:34.0041 0x0fb0 [ F120335CFD86E98967AD5F77905E981D, B401356E48B649070E733F57CBF7092522D5ACE348856EFAE1AA92F7C11DADDB ] C:\Program Files (x86)\Samsung\Kies\Kies.exe 21:54:34.0103 0x0fb0 KiesPreload - ok 21:54:34.0119 0x0fb0 Waiting for KSN requests completion. In queue: 14 21:54:35.0133 0x0fb0 Waiting for KSN requests completion. In queue: 14 21:54:36.0147 0x0fb0 Waiting for KSN requests completion. In queue: 7 21:54:37.0192 0x0fb0 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x40000 ( disabled : updated ) 21:54:37.0192 0x0fb0 Win FW state via NFP2: enabled ( trusted ) 21:54:40.0000 0x0fb0 ============================================================ 21:54:40.0000 0x0fb0 Scan finished 21:54:40.0000 0x0fb0 ============================================================ 21:54:40.0016 0x1488 Detected object count: 0 21:54:40.0016 0x1488 Actual detected object count: 0 Ich habe jetzt Geek.exe auf dem Desktop. Ich versuche zunächst IO Bit-uninstaller zu deinstallieren. Hinweis: Deinstallation nicht möglich, sollen Registryeinträge gelöscht werden? Oder soll ich über die Systemsteuerung deinstallieren? |
|
18.10.2015, 08:09
| #37 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus in thunderbird Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.10.2015, 09:04
| #38 | |
| Gesperrt   | Virus in thunderbirdZitat:
|
|
18.10.2015, 14:56
| #39 |
| | Virus in thunderbird Revo-Uninstaller: Es kommt der Hinweis: Uninstall ist fehlgeschlagen. Vermutlich ungültiger Deinstall Befehl. Dennoch arbeitet Revo weiter und zeigt dann noch Registry-einträge von IOBit an, die ich dann gelöscht habe. Dann bin ich bei Revo von moderat auf den erweiterten Modus gegangen. Da findet Revo nichts mehr. Soll ich jetzt Thunderbird mit Revo deinstallieren? (Adressen und Ordner sind gesichert auf Notebook) Geändert von JST123 (18.10.2015 um 15:47 Uhr) |
|
18.10.2015, 17:22
| #40 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus in thunderbird Also moment mal, wieso soll Thunderbird runter?  Und wenn kommt das nicht mit revo runter sondern normal, weil wir mit revo in erster Linie nur Müll-Programme rausschmeißen. Nur wenn etwas auf Biegen und Brechen nicht weg geht nimmt man auch für legitime, also auch Nicht-Adware den revo
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.10.2015, 17:46
| #41 |
| | Virus in thunderbird Wie in anfangs berichtet habe, geht Thunderbird beim Start (nach Einfangen der Trojaner/Viren mit dem Öffnungsversuch eines Anhangs von DHL) in eine Endlosschleife. Es können keine Emails geladen werden. Das Programm stürzt auch weiterhin nach all Deinen Tools etc. ab. Ich hatte ja schon wie berichtet eine De-/ Neuinstallation von Thunderbird gemacht. Das brachte keine Abhilfe. Daher wandte ich mich Euch. Nun wäre es schön, wenn ich sauber Thunderbird deinstallieren könnte und ein neues sauberes Thunderbird ohne Absturz beim Starten bekommen könnte. Mit welchem Programm soll ich Thunderbird nun deinstallieren (Windows-Systemsteuerung, geek.exe oder revo? (Wie ich auch berichtete, habe ich Thunderbird auch auf meinem Notebook. Dort funktioniert Thunderbird einwandfrei und dort habe ich die Adressen und Ordner vom PC raufgezogen, damit ich überhaupt Emailschriftverkehr machen kann .) |
|
18.10.2015, 18:23
| #42 |
| Gesperrt | Virus in thunderbird Falls du darauf reagieren willst: durchsuche die Registry nach IObit und lass die Funde löschen sonst wird dir immer wieder mindestens 1 Ordner erstellt(siehe dein JRT Logfile)der IObit zuzuordnen ist. |
|
18.10.2015, 18:51
| #43 |
| | Virus in thunderbird Ja, alle Funde Registry und Ordner mit IO Bit sollten weg sein @Cosinus Thema Neuinstallation Thunderbird sollten wir noch klären. Mit welchem Tool soll ich das defekte Thunderbird komplett deinstallieren? |
|
18.10.2015, 20:29
| #44 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus in thunderbird Wir waren aber mit der Analyse/Bereinigung noch nicht fertig und du gehst einfach über zu "irgendwas" nächstem Was ist denn jetzt mit dem letzten Schritt von revo und iobit? Ist das jetzt erledigt oder nicht?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.10.2015, 20:53
| #45 |
| | Virus in thunderbird Scheint alles von iobit weg zu sein. Alle Registryeinträge und Ordner mit Iobitresten sind gelöscht. Revo hatte diese Reste noch in den Papierkorb gebracht und diesen habe ich jetzt auch geleert. |
|
| Themen zu Virus in thunderbird |
| 64 bit, datei, deinstalliert, ebook, gefunde, installer, iobit, komplett, konto, kreis, lädt, neustart, notebook, ordner, problem, quara, seitdem, thunderbird, troja, trojaner, trojaner gefunden, virus, win, win 7, öffnen |
dann auf 
und dann auf 
. 
Linear-Darstellung
