| |
| |||||||
Log-Analyse und Auswertung: Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter OrdnerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
18.09.2015, 16:22
| #1 |
| |  Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter Ordner Guten Tag mein Problem ist folgendes, ich hatte meinen USB Stick an den alten Win2000 Laptop meines Prof. angeschlossen, dabei wurden alle Dateien zu Verknüpfungen, sie ließen sich öffnen und bearbeiten. Sobald ich eine Datei beifügte wurde diese ebenfals zu einer Verknüpfung. Mein Prof. konnte es sich nicht erklären und verstand das Problem nicht. Wenn ich versucht habe die Dateien zu löschen erschienen sie automatisch wieder auf dem Stick. Ich hatte keine Ahnung warum. Da ich seit einiger Zeit den Stick nicht mehr benutzte, hatte ich es vergessen und an meinen neuen Win10 Laptop angesteckt. Ich habe ihn wieder entfernt nach dem ich ihn kurz geöffnet hatte, steckte einen zweiten USB Stick an und plötzlich wurden alle Dateien zu Verküpfungen, da wurde mir erst bewusst dass ich mir damit was eingefangen hatte. Die Sticks über meinen alten Laptop mit Ubuntu zu formatieren brachte nichts, sobald sie wieder am Win10 Laptop waren, fing alles von vorne an. Schaut man sich über Einstellungen das Ziel einer dieser Verknüpfungen an so erscheint immer: C:\WINDOWS\system32\cmd.exe /c cls&cls&cls&cls&cls&cls&cls&cls&cls&cls&cls& start explorer System" "Volume" "Information&cls&cls&cls&cls&cls&cls&cls&cls&cls&cls&cls& start Microsoft" "Word.WsF&cls&cls&cls&cls&cls&cls&cls&cls&cls&cls&cls&exit Der Ordner welcher als Verknüpfung auf den Sticks auftaucht heißt: System Volume Information Ich habe schon ein paar mal Scans mit den folgende Programmen durchlaufen lassen, alle ohne Wahrnung oder Fund: Microsft Windows Tool zu Entfernen bösartiger Software Malwarebytes Anti Malware & Tool Kit Avira CCleaner adwcleaner mbar Security Task Manager Ich hoffe ihr könnt mir helfen, ich habe alle Schritte in eurer Beschreibung durchgeführt, bei GMER kam die Fehlermeldung C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Das Program wurde wegen einem Fehler geschlossen, ich habe es mehrmals versucht. Die Fils der jeweiligen Programme Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 durchgeführt von Michael (Administrator) auf LOKI (18-09-2015 16:00:14) Gestartet von C:\Users\Michael\Downloads\Mottenkiste Geladene Profile: Michael (Verfügbare Profile: Michael) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Malwarebytes Corporation) C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbamservice.exe (Dassault Systemes) C:\Users\Michael\Meine Welt\Programme jeder Art\cat\intel_a\code\bin\CATSysDemon.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbamscheduler.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\System32\wscript.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (AVAST Software) C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-08-27] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945656 2015-09-08] (Synaptics Incorporated) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-09-07] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-2964265515-3498347506-235733016-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-2964265515-3498347506-235733016-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd) HKU\S-1-5-21-2964265515-3498347506-235733016-1001\...\Run: [Microsoft Word] => wscript.exe //B "C:\Users\Michael\AppData\Roaming\Microsoft Office\\Microsoft Word.WsF" HKU\S-1-5-21-2964265515-3498347506-235733016-1001\...\RunOnce: [Uninstall C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" HKU\S-1-5-21-2964265515-3498347506-235733016-1001\...\RunOnce: [Uninstall C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-02-09] ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{9d3a08c7-b385-4b62-a999-566051641c5e}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com HKU\S-1-5-21-2964265515-3498347506-235733016-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2964265515-3498347506-235733016-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {18751D32-1857-4B7F-98DA-3AFB4D02FF02} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2964265515-3498347506-235733016-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2964265515-3498347506-235733016-1001 -> {05341112-568B-46A9-AEF4-4015D6C617B1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-2964265515-3498347506-235733016-1001 -> {18751D32-1857-4B7F-98DA-3AFB4D02FF02} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-27] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default FF Homepage: hxxp://www.t-online.de/ www.hs-merseburg.de FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-27] () FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Users\Michael\Meine Welt\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-27] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-14] (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-07-21] () FF Plugin-x32: Adobe Reader -> C:\Users\Michael\Meine Welt\Programme jeder Art\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF Extension: Print pages to PDF - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\printPages2Pdf@reinhold.ripper [2015-08-15] FF Extension: YouTube Unblocker - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\youtubeunblocker@unblocker.yt [2015-08-15] FF Extension: Multi YouTube mp3 - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\d.lehr@chello.at.xpi [2015-08-15] FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2015-08-15] FF Extension: ProxTube - Unblock YouTube - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\ich@maltegoetz.de.xpi [2015-08-15] FF Extension: YouTube High Definition - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-08-15] FF Extension: Video DownloadHelper - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-08-15] FF Extension: Adblock Plus - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-15] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-15] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-07] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-07] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-09-07] (Avira Operations GmbH & Co. KG) S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG) R2 BBDemon; C:\Users\Michael\Meine Welt\Programme jeder Art\cat\intel_a\code\bin\CATSysDemon.exe [35840 2005-09-06] (Dassault Systemes) [Datei ist nicht signiert] R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2269440 2015-07-10] (Broadcom Corporation.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2768472 2015-08-11] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-14] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-14] (Dropbox, Inc.) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-07-21] (WildTangent) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] () R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation) R2 MBAMScheduler; C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19438920 2014-09-09] (NVIDIA Corporation) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Datei ist nicht signiert] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-08-27] (Realtek Semiconductor) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-14] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-07-15] (Avira Operations GmbH & Co. KG) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [199472 2015-07-10] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7551240 2015-09-17] (Broadcom Corporation) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-09-17] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-18] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-09] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-08-27] (Realtek ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44216 2015-09-08] (Synaptics Incorporated) S2 TVicPort; kein ImagePath S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.) R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.) U3 pgldapog; C:\Users\Michael\AppData\Local\Temp\pgldapog.sys [56496 2015-09-18] (GMER) [Datei ist nicht signiert] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-18 15:59 - 2015-09-18 16:00 - 00000000 ____D C:\FRST 2015-09-18 15:58 - 2015-09-18 15:58 - 00000000 _____ C:\Users\Michael\defogger_reenable 2015-09-18 15:56 - 2015-09-18 15:56 - 00016148 _____ C:\WINDOWS\system32\LOKI_Michael_HistoryPrediction.bin 2015-09-18 15:41 - 2015-09-18 15:41 - 00000000 ___HD C:\OneDriveTemp 2015-09-18 15:37 - 2015-09-18 15:46 - 00000000 ____D C:\WINDOWS\Minidump 2015-09-18 01:37 - 2015-09-18 01:44 - 00000000 ____D C:\ProgramData\SecTaskMan 2015-09-18 01:31 - 2015-09-18 01:31 - 00000434 _____ C:\Users\Michael\Documents\virus.txt 2015-09-17 23:32 - 2015-09-17 23:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2015-09-17 23:32 - 2015-09-17 23:31 - 03799080 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvui64.dll 2015-09-17 23:31 - 2015-09-17 23:31 - 00000000 ____D C:\Users\Michael\AppData\Roaming\InstallShield 2015-09-17 21:20 - 2015-09-17 21:20 - 00018360 _____ C:\Users\Michael\Documents\cc_20150917_212039.reg 2015-09-17 19:17 - 2015-09-17 22:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-09-17 17:04 - 2015-09-17 22:03 - 00000000 ____D C:\Users\Michael\Desktop\mbar 2015-09-17 16:34 - 2015-09-17 16:34 - 00168468 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.dbg 2015-09-17 16:34 - 2015-09-17 16:34 - 00025197 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.rpt 2015-09-17 16:34 - 2015-09-17 16:34 - 00018194 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.obj 2015-09-17 16:34 - 2015-09-17 16:34 - 00011341 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.hex 2015-09-17 16:34 - 2015-09-17 16:34 - 00004026 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.bin 2015-09-17 14:11 - 2015-09-17 14:11 - 00000448 _____ C:\Users\Michael\Documents\test nummer zwei.err 2015-09-15 19:08 - 2015-09-15 19:08 - 00000366 _____ C:\Users\Michael\Documents\MINMAX.SIM 2015-09-15 17:32 - 2015-09-15 18:16 - 00000064 _____ C:\Users\Michael\Documents\minmax.BM 2015-09-15 17:31 - 2015-09-15 18:16 - 00167460 _____ C:\Users\Michael\Documents\minmax.dbg 2015-09-15 17:31 - 2015-09-15 18:16 - 00023659 _____ C:\Users\Michael\Documents\minmax.rpt 2015-09-15 17:31 - 2015-09-15 18:16 - 00003206 _____ C:\Users\Michael\Documents\minmax.obj 2015-09-15 17:31 - 2015-09-15 18:16 - 00001981 _____ C:\Users\Michael\Documents\minmax.hex 2015-09-15 17:31 - 2015-09-15 18:16 - 00000698 _____ C:\Users\Michael\Documents\minmax.bin 2015-09-14 15:43 - 2015-09-16 01:16 - 00000366 _____ C:\Users\Michael\Documents\TEST NUMMER ZWEI.SIM 2015-09-14 15:19 - 2015-09-17 18:51 - 00000064 _____ C:\Users\Michael\Documents\test nummer zwei.BM 2015-09-14 15:19 - 2015-09-17 12:20 - 00167412 _____ C:\Users\Michael\Documents\test nummer zwei.dbg 2015-09-14 15:19 - 2015-09-17 12:20 - 00023344 _____ C:\Users\Michael\Documents\test nummer zwei.rpt 2015-09-14 15:19 - 2015-09-17 12:20 - 00002127 _____ C:\Users\Michael\Documents\test nummer zwei.obj 2015-09-14 15:19 - 2015-09-17 12:20 - 00001302 _____ C:\Users\Michael\Documents\test nummer zwei.hex 2015-09-14 15:19 - 2015-09-17 12:20 - 00000456 _____ C:\Users\Michael\Documents\test nummer zwei.bin 2015-09-14 15:15 - 2015-09-17 18:51 - 00003700 _____ C:\Users\Michael\Documents\test nummer zwei.bas 2015-09-13 20:32 - 2015-09-13 22:05 - 00000234 _____ C:\Users\Michael\Documents\Blase.err 2015-09-13 20:31 - 2015-09-17 00:05 - 00000064 _____ C:\Users\Michael\Documents\Blase.BM 2015-09-13 19:38 - 2015-09-17 00:05 - 00003883 _____ C:\Users\Michael\Documents\Blase.bas 2015-09-13 17:21 - 2015-09-13 17:21 - 00000000 ___RD C:\Users\Michael\AppData\Roaming\Brother 2015-09-12 23:24 - 2015-09-12 23:24 - 00000029 _____ C:\Users\Michael\Documents\desktophintergrund.txt 2015-09-10 21:45 - 2015-09-10 21:45 - 00000000 ____D C:\Users\Michael\AppData\Local\CEF 2015-09-10 21:05 - 2015-09-11 15:01 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-09-10 21:04 - 2015-09-10 21:04 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-09-10 21:04 - 2015-09-10 21:04 - 00002223 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-09-10 21:02 - 2015-09-10 21:45 - 00000000 ____D C:\ProgramData\Adobe 2015-09-10 17:14 - 2015-09-10 17:14 - 00002687 _____ C:\Users\Michael\Desktop\Hochimpedanzschaltung.txt 2015-09-09 18:23 - 2015-09-15 18:16 - 00001186 _____ C:\Users\Michael\Documents\minmax.bas 2015-09-09 18:10 - 2015-09-17 13:39 - 00000366 _____ C:\Users\Michael\Documents\TEST.SIM 2015-09-09 18:08 - 2015-09-17 18:51 - 00000064 _____ C:\Users\Michael\Documents\test.BM 2015-09-09 18:08 - 2015-09-17 13:38 - 00063270 _____ C:\Users\Michael\Documents\test.dbg 2015-09-09 18:08 - 2015-09-17 13:38 - 00009546 _____ C:\Users\Michael\Documents\test.rpt 2015-09-09 18:08 - 2015-09-17 13:38 - 00004842 _____ C:\Users\Michael\Documents\test.obj 2015-09-09 18:08 - 2015-09-17 13:38 - 00003008 _____ C:\Users\Michael\Documents\test.hex 2015-09-09 18:08 - 2015-09-17 13:38 - 00001062 _____ C:\Users\Michael\Documents\test.bin 2015-09-09 18:07 - 2015-09-17 18:51 - 00000094 _____ C:\Users\Michael\Documents\test.bas 2015-09-09 17:47 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-09-09 17:47 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-09-09 17:47 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-09-09 17:47 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 17:47 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-09-09 17:47 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-09-09 17:47 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-09 17:47 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 17:47 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-09-09 17:47 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 17:47 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 17:47 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 17:47 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 17:47 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 17:47 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 17:47 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 17:47 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 17:47 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-09-09 17:47 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll 2015-09-09 17:47 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 17:47 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-09 17:47 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-09 17:47 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-09 17:47 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-09-09 17:47 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-09 17:47 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 17:47 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-09-09 17:47 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-09 17:47 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-09 17:47 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-09-09 17:47 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-09 17:47 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-09-08 16:15 - 2015-09-08 16:15 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll 2015-09-08 16:15 - 2015-09-08 16:15 - 00044216 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys 2015-09-08 16:15 - 2015-09-08 16:15 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys 2015-09-08 01:52 - 2015-09-08 01:52 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft Office 2015-09-07 18:38 - 2015-09-07 18:38 - 00000366 _____ C:\Users\Michael\Documents\BLASENPROGRAMM.SIM 2015-09-07 18:37 - 2015-09-07 18:37 - 00167124 _____ C:\Users\Michael\Documents\Blasenprogramm.dbg 2015-09-07 18:37 - 2015-09-07 18:37 - 00022918 _____ C:\Users\Michael\Documents\Blasenprogramm.rpt 2015-09-07 18:37 - 2015-09-07 18:37 - 00002329 _____ C:\Users\Michael\Documents\Blasenprogramm.hex 2015-09-07 18:37 - 2015-09-07 18:37 - 00000820 _____ C:\Users\Michael\Documents\Blasenprogramm.bin 2015-09-07 18:36 - 2015-09-07 18:36 - 00000713 _____ C:\Users\Michael\Documents\Oszilloskop.err 2015-09-07 17:21 - 2015-09-07 17:22 - 00000000 ____D C:\Users\Michael\Documents\Rezepte 2015-09-07 17:13 - 2015-09-07 17:20 - 00001538 _____ C:\Users\Michael\Documents\Makefile.win 2015-09-07 17:10 - 2015-09-07 17:11 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Dev-Cpp 2015-09-07 16:57 - 2015-09-17 16:34 - 00000064 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.BM 2015-09-07 16:42 - 2015-09-17 16:34 - 00003891 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.bas 2015-09-07 16:22 - 2015-09-07 16:22 - 00000639 _____ C:\Users\Michael\Documents\SIGNALE.CFG 2015-09-07 16:21 - 2015-09-07 18:37 - 00000208 _____ C:\Users\Michael\Documents\Signale.err 2015-09-07 03:09 - 2015-09-11 20:53 - 00001218 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-09-07 02:59 - 2015-09-07 02:59 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Avira 2015-09-07 02:52 - 2015-09-11 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-09-07 02:50 - 2015-09-07 03:07 - 00000000 ____D C:\ProgramData\Avira 2015-09-07 02:50 - 2015-09-07 03:07 - 00000000 ____D C:\Program Files (x86)\Avira 2015-09-07 02:50 - 2015-07-15 08:37 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-09-07 02:50 - 2015-07-15 08:37 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-09-07 02:50 - 2015-07-15 08:37 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2015-09-07 02:50 - 2015-07-15 08:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2015-09-07 02:40 - 2015-09-18 15:40 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-09-07 02:40 - 2015-09-17 18:57 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-09-07 02:40 - 2015-09-07 02:40 - 00001415 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-09-07 02:40 - 2015-09-07 02:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-07 02:40 - 2015-09-07 02:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-07 02:40 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-09-07 02:40 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-09-07 02:39 - 2015-09-17 22:16 - 00000000 ____D C:\AdwCleaner 2015-09-04 02:00 - 2015-09-04 02:00 - 00001594 _____ C:\Users\Michael\Documents\cc_20150904_020021.reg 2015-09-02 16:22 - 2015-09-02 16:22 - 00000000 ____D C:\Users\Michael\Documents\Benutzerdefinierte Office-Vorlagen 2015-09-01 23:22 - 2015-09-01 23:22 - 00363615 _____ C:\Users\Michael\Documents\Drawing1_02.CATDrawing 2015-09-01 23:07 - 2015-09-01 23:07 - 00345080 _____ C:\Users\Michael\Documents\Drawing1_01.CATDrawing 2015-09-01 22:43 - 2015-09-01 23:08 - 00187721 _____ C:\Users\Michael\Documents\Halterung_Gewindeseite.CATPart 2015-09-01 22:38 - 2015-09-01 22:38 - 00241200 _____ C:\Users\Michael\Documents\Halterung_Schraubenseite.CATPart 2015-09-01 18:54 - 2015-09-18 15:43 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{70BE8D50-0D64-4F60-A7CF-250C7DFFEA57} 2015-09-01 17:57 - 2015-09-01 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.4.0 2015-09-01 15:44 - 2015-09-01 15:44 - 00560288 _____ C:\Users\Michael\Documents\cc_20150901_154417.reg 2015-09-01 15:44 - 2015-09-01 15:44 - 00004814 _____ C:\Users\Michael\Documents\cc_20150901_154446.reg 2015-09-01 05:04 - 2015-09-01 05:04 - 00355892 _____ C:\Users\Michael\Documents\Drawing5.CATDrawing 2015-09-01 05:03 - 2015-09-01 05:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-09-01 04:49 - 2015-09-01 04:49 - 00351733 _____ C:\Users\Michael\Documents\Drawing4.CATDrawing 2015-09-01 04:44 - 2015-09-01 04:44 - 00352120 _____ C:\Users\Michael\Documents\Drawing3.CATDrawing 2015-09-01 03:51 - 2015-09-01 04:37 - 00353364 _____ C:\Users\Michael\Documents\Drawing2.CATDrawing 2015-09-01 03:37 - 2015-09-01 04:36 - 00351234 _____ C:\Users\Michael\Documents\Drawing1.CATDrawing 2015-09-01 01:39 - 2015-09-01 05:01 - 00688490 _____ C:\Users\Michael\Documents\Rohr_Schraege.CATPart 2015-08-31 23:31 - 2015-09-01 04:44 - 00570853 _____ C:\Users\Michael\Documents\Rohr_kurze_Veraengung.CATPart 2015-08-31 23:29 - 2015-09-01 04:44 - 00587353 _____ C:\Users\Michael\Documents\Rohr_lange_Veraengung.CATPart 2015-08-31 23:01 - 2015-09-01 04:30 - 00668005 _____ C:\Users\Michael\Documents\Rohr_grosse_Kugel.CATPart 2015-08-31 21:44 - 2015-09-01 04:10 - 00655176 _____ C:\Users\Michael\Documents\Rohr_kleine_Kugel.CATPart 2015-08-31 18:50 - 2015-08-31 20:50 - 00120076 _____ C:\Users\Michael\Documents\Rohr01.CATPart 2015-08-31 16:25 - 2015-09-02 20:01 - 00000000 ____D C:\Users\Michael\dwhelper 2015-08-31 16:14 - 2015-08-31 16:15 - 00144602 _____ C:\Users\Michael\Documents\Halterung.CATPart 2015-08-31 14:13 - 2015-08-31 14:13 - 00000000 ____D C:\Users\Michael\AppData\Roaming\NVIDIA 2015-08-31 13:51 - 2015-08-31 13:51 - 00002634 _____ C:\Users\Public\Desktop\CATIA V5R16.lnk 2015-08-31 13:51 - 2015-08-31 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CATIA 2015-08-31 13:19 - 2015-08-31 14:14 - 00000000 ____D C:\Users\Michael\AppData\Local\DassaultSystemes 2015-08-31 13:19 - 2015-08-31 13:51 - 00000000 ____D C:\ProgramData\DassaultSystemes 2015-08-31 13:19 - 2015-08-31 13:19 - 00000000 ____D C:\Users\Michael\AppData\Roaming\DassaultSystemes 2015-08-30 21:10 - 2015-09-06 15:49 - 00000000 ____D C:\Users\Michael\Documents\eagle 2015-08-30 21:04 - 2015-09-17 18:51 - 00000064 _____ C:\Users\Michael\Documents\Blasenprogramm.BM 2015-08-30 20:37 - 2015-08-30 20:37 - 00000064 _____ C:\Users\Michael\Documents\Oszilloskop.BM 2015-08-30 20:23 - 2015-08-30 20:37 - 00000744 _____ C:\Users\Michael\Documents\Oszilloskop.bas 2015-08-30 20:20 - 2015-09-07 18:37 - 00000064 _____ C:\Users\Michael\Documents\Signale.BM 2015-08-30 19:46 - 2015-09-07 18:37 - 00000690 _____ C:\Users\Michael\Documents\Signale.bas 2015-08-30 19:43 - 2015-09-17 18:51 - 00001031 _____ C:\Users\Michael\Documents\Blasenprogramm.bas 2015-08-30 19:39 - 2015-08-30 19:39 - 00000000 ____D C:\Users\Michael\AppData\Roaming\MCS Electronics 2015-08-30 19:39 - 2015-08-30 19:39 - 00000000 ____D C:\Users\Michael\AppData\Local\MCS Electronics 2015-08-30 18:34 - 2015-08-30 18:34 - 00000909 _____ C:\Users\Michael\Documents\Bundschuh.txt 2015-08-30 02:35 - 2015-08-30 02:35 - 00000000 ___RD C:\Users\Michael\Downloads\AFF540DC.Torrent_v7353qx4kg3sa!App 2015-08-28 23:26 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-28 23:26 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-28 23:26 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-28 23:26 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-28 23:26 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-08-28 23:26 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-28 23:26 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-28 23:26 - 2015-08-20 07:09 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2015-08-28 23:26 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-28 23:26 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-08-28 23:26 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-28 23:26 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-08-28 23:26 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-08-28 23:26 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-08-28 23:26 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2015-08-28 23:26 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-08-28 23:26 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-08-28 23:26 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2015-08-28 23:26 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-28 23:26 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll 2015-08-28 23:26 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2015-08-28 23:26 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-08-28 23:26 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll 2015-08-28 23:26 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll 2015-08-28 23:26 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll 2015-08-28 23:26 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2015-08-28 23:26 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2015-08-28 23:26 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-28 23:26 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll 2015-08-28 23:26 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-28 23:26 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-08-28 23:26 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2015-08-28 23:26 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll 2015-08-28 23:26 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2015-08-28 23:26 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2015-08-28 23:26 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-28 23:26 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList 2015-08-28 23:25 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2015-08-28 23:25 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-28 23:25 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2015-08-28 23:25 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll 2015-08-28 23:25 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2015-08-28 17:07 - 2015-08-28 17:07 - 00000000 ____D C:\ProgramData\Brother 2015-08-28 17:06 - 2015-08-28 17:06 - 01439744 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWi209d.dll 2015-08-28 17:06 - 2015-08-28 17:06 - 00278528 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrJDec.dll 2015-08-28 17:06 - 2015-08-28 17:06 - 00180224 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BROSNMP.DLL 2015-08-28 17:06 - 2015-08-28 17:06 - 00103736 _____ (Brother Industries Ltd) C:\WINDOWS\SysWOW64\BRRBTOOL.EXE 2015-08-28 17:06 - 2015-08-28 17:06 - 00077824 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BRLMW03A.DLL 2015-08-28 17:06 - 2015-08-28 17:06 - 00050688 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrUsi09d.dll 2015-08-28 17:06 - 2015-08-28 17:06 - 00045056 _____ C:\WINDOWS\SysWOW64\BRTCPCON.DLL 2015-08-28 17:06 - 2015-08-28 17:06 - 00025299 _____ (Brother Industries, Ltd) C:\WINDOWS\SysWOW64\BRLM03A.DLL 2015-08-28 17:06 - 2015-08-28 17:06 - 00000114 _____ C:\WINDOWS\SysWOW64\BRLMW03A.INI 2015-08-28 17:06 - 2015-08-28 17:06 - 00000050 _____ C:\WINDOWS\system32\BRADM10A.DAT 2015-08-28 16:39 - 2015-09-17 18:56 - 00000000 ____D C:\Users\Michael\AppData\Roaming\vlc 2015-08-28 16:16 - 2015-09-07 03:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-28 02:00 - 2015-08-28 02:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.3.0 2015-08-28 01:56 - 2015-08-28 01:56 - 00000000 ____D C:\Users\Michael\AppData\Roaming\CadSoft 2015-08-27 21:36 - 2015-08-27 21:36 - 00000000 ____D C:\Users\Michael\AppData\Roaming\dlg 2015-08-27 21:35 - 2015-08-27 21:35 - 00002852 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-08-27 21:35 - 2015-08-27 21:35 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-08-27 21:35 - 2015-08-27 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-08-27 21:35 - 2015-08-27 21:35 - 00000000 ____D C:\Program Files\CCleaner 2015-08-27 21:32 - 2015-08-27 21:33 - 06667640 _____ (Piriform Ltd) C:\WINDOWS\SysWOW64\ccsetup509.exe 2015-08-27 20:42 - 2015-08-27 20:42 - 00000000 ____D C:\Users\Michael\AppData\Local\Macromedia 2015-08-27 20:14 - 2015-08-27 20:14 - 00000000 ____D C:\Users\Michael\Documents\CyberLink 2015-08-27 19:25 - 2015-09-18 15:37 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMichael.job 2015-08-27 19:25 - 2015-09-17 22:27 - 00003250 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForMichael 2015-08-27 19:24 - 2015-08-27 19:24 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2015-08-27 19:24 - 2015-08-27 19:24 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2015-08-27 19:21 - 2015-08-27 19:20 - 35222128 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2015-08-27 19:21 - 2015-08-27 19:20 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2015-08-27 19:21 - 2015-08-27 19:20 - 01749208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2015-08-27 19:19 - 2015-07-09 20:36 - 06238720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000c.dll 2015-08-27 19:19 - 2015-07-09 20:36 - 02268160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000c.dll 2015-08-27 19:19 - 2015-07-09 20:26 - 02353152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll 2015-08-27 19:19 - 2015-07-09 20:25 - 06238720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000c.dll 2015-08-27 19:13 - 2015-09-18 01:34 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-08-27 19:13 - 2015-08-27 19:13 - 00003860 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-08-27 19:11 - 2015-09-10 21:45 - 00000000 ____D C:\Users\Michael\AppData\Local\Adobe 2015-08-27 19:04 - 2015-07-09 20:37 - 07337472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0011.dll 2015-08-27 19:04 - 2015-07-09 20:36 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70011.dll 2015-08-27 19:04 - 2015-07-09 20:26 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70011.dll 2015-08-27 19:04 - 2015-07-09 20:25 - 07702528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0011.dll 2015-08-27 19:04 - 2015-07-09 20:25 - 07562240 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0011.dll 2015-08-27 19:04 - 2015-07-09 20:25 - 02455040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0011.dll 2015-08-27 19:04 - 2015-06-17 18:05 - 00002060 _____ C:\WINDOWS\system32\noise.jpn 2015-08-27 19:04 - 2015-03-27 14:34 - 00002060 _____ C:\WINDOWS\SysWOW64\noise.jpn 2015-08-27 18:55 - 2015-08-27 18:55 - 00001054 _____ C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk 2015-08-27 18:50 - 2015-08-27 18:50 - 00000000 ____D C:\Users\Michael\Intel 2015-08-27 18:06 - 2015-08-27 18:06 - 00000000 ____D C:\Users\Michael\Documents\MCS Electronics 2015-08-27 18:06 - 2015-08-27 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCS Electronics 2015-08-27 17:49 - 2015-08-13 06:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2015-08-27 17:49 - 2015-08-13 06:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2015-08-27 17:49 - 2015-08-13 05:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2015-08-27 17:49 - 2015-08-11 12:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-08-27 17:49 - 2015-08-11 12:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-08-27 17:49 - 2015-08-11 12:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-08-27 17:49 - 2015-08-11 12:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2015-08-27 17:49 - 2015-08-11 12:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll 2015-08-27 17:49 - 2015-08-11 12:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2015-08-27 17:49 - 2015-08-11 12:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2015-08-27 17:49 - 2015-08-11 11:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2015-08-27 17:49 - 2015-08-11 11:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-08-27 17:49 - 2015-08-11 11:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-08-27 17:49 - 2015-08-11 11:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-08-27 17:49 - 2015-08-11 11:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-08-27 17:49 - 2015-08-11 11:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll 2015-08-27 17:49 - 2015-08-11 11:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2015-08-27 17:49 - 2015-08-11 11:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2015-08-27 17:49 - 2015-08-11 11:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-08-27 17:49 - 2015-08-11 11:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-08-27 17:49 - 2015-08-11 11:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2015-08-27 17:49 - 2015-08-11 11:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2015-08-27 17:49 - 2015-08-11 11:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2015-08-27 17:49 - 2015-08-11 11:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2015-08-27 17:49 - 2015-08-11 11:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-08-27 17:49 - 2015-08-11 11:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll 2015-08-27 17:49 - 2015-08-11 11:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll 2015-08-27 17:49 - 2015-08-11 11:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll 2015-08-27 17:49 - 2015-08-11 11:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2015-08-27 17:49 - 2015-08-11 11:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-08-27 17:49 - 2015-08-11 11:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-27 17:49 - 2015-08-11 11:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll 2015-08-27 17:49 - 2015-08-11 11:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2015-08-27 17:49 - 2015-08-11 11:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2015-08-27 17:49 - 2015-08-11 11:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-08-27 17:49 - 2015-08-11 11:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-08-27 17:49 - 2015-08-11 11:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-08-27 17:49 - 2015-08-11 11:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe 2015-08-27 17:49 - 2015-08-11 11:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-08-27 17:49 - 2015-08-11 11:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2015-08-27 17:49 - 2015-08-11 11:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-08-27 17:49 - 2015-08-11 11:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2015-08-27 17:49 - 2015-08-11 11:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2015-08-27 17:49 - 2015-08-11 11:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-08-27 17:49 - 2015-08-11 11:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2015-08-27 17:49 - 2015-08-11 11:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll 2015-08-27 17:49 - 2015-08-11 10:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2015-08-27 17:49 - 2015-08-11 10:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2015-08-27 17:49 - 2015-08-11 10:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2015-08-27 17:49 - 2015-08-11 10:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll 2015-08-27 17:49 - 2015-08-11 10:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2015-08-27 17:49 - 2015-08-11 10:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-08-27 17:49 - 2015-08-11 10:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2015-08-27 17:49 - 2015-08-11 10:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-08-27 17:49 - 2015-08-11 10:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll 2015-08-27 17:49 - 2015-08-11 10:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2015-08-27 17:49 - 2015-08-11 10:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-08-27 17:49 - 2015-08-11 10:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2015-08-27 17:49 - 2015-08-11 10:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-08-27 17:49 - 2015-08-11 10:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-27 17:49 - 2015-08-11 10:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2015-08-27 17:49 - 2015-08-11 10:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-08-27 17:49 - 2015-08-11 10:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2015-08-27 17:49 - 2015-08-11 10:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2015-08-27 17:49 - 2015-08-11 10:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-08-27 17:49 - 2015-08-11 10:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-08-27 17:49 - 2015-08-11 10:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-08-27 17:49 - 2015-08-11 10:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-08-27 17:49 - 2015-08-11 10:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2015-08-27 17:47 - 2015-08-27 17:47 - 00000000 ____D C:\Program Files (x86)\HP 2015-08-27 17:46 - 2015-08-27 17:46 - 00000000 ____D C:\Users\Michael\Desktop\Alle Aufgaben.{ED7BA470-8E54-465E-825C-99712043E01C} 2015-08-27 17:42 - 2015-09-17 23:33 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-18 16:00 - 2015-08-15 13:23 - 00000000 ____D C:\Users\Michael\Downloads\Mottenkiste 2015-09-18 15:58 - 2015-08-14 20:37 - 00000000 ____D C:\Users\Michael 2015-09-18 15:50 - 2015-08-14 22:21 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Skype 2015-09-18 15:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-18 15:42 - 2015-08-14 15:52 - 00000000 ____D C:\Users\Michael\Documents\Youcam 2015-09-18 15:41 - 2015-08-14 23:32 - 00000000 ___RD C:\Users\Michael\Dropbox 2015-09-18 15:41 - 2015-08-14 23:30 - 00000000 ____D C:\Users\Michael\AppData\Local\Dropbox 2015-09-18 15:41 - 2015-08-14 15:54 - 00000000 ____D C:\Users\Michael\OneDrive 2015-09-18 15:39 - 2015-08-14 23:30 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2015-09-18 15:39 - 2015-08-14 20:33 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-09-18 15:37 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-18 15:37 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-18 01:35 - 2015-08-14 23:30 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2015-09-17 23:36 - 2015-08-14 20:32 - 00000000 ____D C:\Program Files\Intel 2015-09-17 23:35 - 2015-08-14 20:36 - 01997626 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-09-17 23:35 - 2015-07-10 18:34 - 00850366 _____ C:\WINDOWS\system32\perfh007.dat 2015-09-17 23:35 - 2015-07-10 18:34 - 00187104 _____ C:\WINDOWS\system32\perfc007.dat 2015-09-17 23:34 - 2014-04-05 01:55 - 00000000 ____D C:\SWSetup 2015-09-17 23:32 - 2015-02-09 05:08 - 00000000 ____D C:\Program Files\Broadcom 2015-09-17 23:32 - 2014-10-31 03:17 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-17 23:31 - 2015-02-09 05:08 - 07551240 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\BCMWL63a.SYS 2015-09-17 23:31 - 2015-02-09 05:08 - 04154400 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvsrv64.dll 2015-09-17 22:17 - 2015-07-10 11:05 - 03670016 ___SH C:\WINDOWS\system32\config\BBI 2015-09-16 13:05 - 2015-08-14 15:47 - 00000000 ____D C:\Users\Michael\AppData\Local\Packages 2015-09-15 15:54 - 2015-08-14 21:06 - 00002402 _____ C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-09-15 13:50 - 2015-08-14 23:09 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-09-11 17:47 - 2015-07-10 14:20 - 00402480 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-11 17:45 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-11 17:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-09-10 21:44 - 2015-08-14 15:47 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Adobe 2015-09-10 02:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache 2015-09-10 01:08 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-08 18:47 - 2015-02-09 05:33 - 00000000 ____D C:\ProgramData\McAfee 2015-09-08 18:47 - 2015-02-09 05:33 - 00000000 ____D C:\Program Files\Common Files\McAfee 2015-09-08 16:15 - 2015-07-17 07:51 - 01806216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2015-09-08 16:15 - 2015-07-17 07:51 - 00766136 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll 2015-09-08 16:15 - 2015-07-17 07:51 - 00615608 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys 2015-09-08 16:15 - 2015-07-17 07:51 - 00269000 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll 2015-09-08 16:15 - 2015-07-17 07:51 - 00255688 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo31.dll 2015-09-08 16:15 - 2015-07-17 07:51 - 00044216 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys 2015-09-07 11:41 - 2015-08-14 16:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2015-09-07 11:41 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-09-07 11:41 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-09-07 11:40 - 2014-10-31 03:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2015-09-07 11:39 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated 2015-09-07 03:03 - 2015-08-14 21:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-09-07 03:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-09-01 05:04 - 2014-10-31 03:17 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-08-31 13:51 - 2013-08-22 15:25 - 00017710 _____ C:\WINDOWS\system32\Drivers\etc\services 2015-08-31 13:21 - 2014-10-31 03:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-08-31 12:26 - 2015-02-09 05:23 - 00004252 _____ C:\WINDOWS\System32\Tasks\avast! SL Update 2015-08-30 02:01 - 2015-02-09 06:05 - 00000000 ____D C:\Users\Public\Documents\CyberLink 2015-08-30 02:01 - 2015-02-09 05:31 - 00000000 ____D C:\Users\Public\CyberLink 2015-08-30 02:01 - 2015-02-09 05:23 - 00000000 ____D C:\ProgramData\CyberLink 2015-08-28 21:37 - 2015-08-14 22:45 - 00000000 ____D C:\Users\Michael\Meine Welt 2015-08-28 16:48 - 2015-08-14 21:02 - 00000000 ____D C:\Users\Michael\AppData\Local\Comms 2015-08-28 15:53 - 2015-08-14 15:47 - 00000000 ____D C:\Users\Michael\AppData\Local\VirtualStore 2015-08-27 21:36 - 2015-08-14 21:26 - 00000000 ___DC C:\WINDOWS\Panther 2015-08-27 20:17 - 2015-08-14 20:34 - 00015176 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip 2015-08-27 19:25 - 2015-08-14 15:48 - 00000000 ____D C:\Users\Michael\AppData\Local\Hewlett-Packard 2015-08-27 19:24 - 2015-02-09 04:58 - 00000000 ____D C:\Program Files (x86)\Realtek 2015-08-27 19:22 - 2015-08-14 20:34 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-08-27 19:22 - 2015-02-09 04:59 - 00000000 ___HD C:\Program Files (x86)\Temp 2015-08-27 19:20 - 2015-06-24 22:59 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2015-08-27 19:20 - 2015-06-24 22:59 - 02930904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2015-08-27 19:20 - 2015-06-24 22:59 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2015-08-27 19:20 - 2015-06-24 22:57 - 04514008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2015-08-27 19:20 - 2015-06-24 22:57 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2015-08-27 19:20 - 2015-02-09 04:59 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll 2015-08-27 19:19 - 2015-07-10 18:35 - 00000000 ____D C:\WINDOWS\OCR 2015-08-27 18:50 - 2015-02-09 05:18 - 00015023 _____ C:\WINDOWS\SysWOW64\Gms.log 2015-08-27 18:50 - 2015-02-09 04:57 - 00000000 ____D C:\ProgramData\Intel 2015-08-27 18:50 - 2015-02-09 04:57 - 00000000 ____D C:\Program Files (x86)\Intel 2015-08-27 18:44 - 2014-10-31 03:08 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-08-27 18:28 - 2015-02-09 04:58 - 00003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2015-08-27 18:25 - 2015-08-14 15:51 - 00000000 ____D C:\Users\Michael\AppData\Roaming\hpqlog 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\winrm 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\WCN 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\slmgr 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\dsc 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\migwiz 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\en-GB 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\IME 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help 2015-08-27 18:14 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\servicing 2015-08-27 18:13 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2015-08-27 18:13 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender 2015-08-27 18:13 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System 2015-08-27 18:13 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2015-08-27 18:13 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-08-27 17:37 - 2015-08-14 15:47 - 00000000 ____D C:\Users\Michael\AppData\Local\NVIDIA Corporation 2015-08-27 17:37 - 2015-08-14 15:47 - 00000000 ____D C:\Users\Michael\AppData\Local\NVIDIA 2015-08-26 18:37 - 2015-08-14 23:09 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe Einige Dateien in TEMP: ==================== C:\Users\Michael\AppData\Local\Temp\avgnt.exe C:\Users\Michael\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzf3cnp.dll C:\Users\Michael\AppData\Local\Temp\Extract.exe C:\Users\Michael\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-17 19:07 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Michael (2015-09-18 16:01:02)
Gestartet von C:\Users\Michael\Downloads\Mottenkiste
Windows 10 Home (X64) (2015-08-14 19:00:47)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2964265515-3498347506-235733016-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2964265515-3498347506-235733016-503 - Limited - Disabled)
Gast (S-1-5-21-2964265515-3498347506-235733016-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2964265515-3498347506-235733016-1003 - Limited - Enabled)
Michael (S-1-5-21-2964265515-3498347506-235733016-1001 - Administrator - Enabled) => C:\Users\Michael
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
avast! SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.139.2 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
BASCOM-AVR (HKLM-x32\...\{47F94730-ABD2-47F6-920E-EA8CDB6DD0C6}_is1) (Version: 2.0.7.5 - MCS Electronics)
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.695 - Broadcom Corporation)
Build-a-lot (x32 Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.3.5715 - Ihr Firmenname) Hidden
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2.3324 - Ihr Firmenname) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4523 - CyberLink Corp.)
Dassault Systemes Software B16 (HKLM\...\Dassault Systemes B16_0) (Version: - )
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
EAGLE 7.3.0 (HKLM\...\EAGLE 7.3.0) (Version: 7.3.0 - CadSoft Computer GmbH)
EAGLE 7.4.0 (HKLM\...\EAGLE 7.4.0) (Version: 7.4.0 - CadSoft Computer GmbH)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6AAEDF97-4B93-4169-8FCA-FCB0378CED52}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{1E7F409E-E35A-4DF8-BF5C-FE34B74B640E}) (Version: 7.6.31.30 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4753.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.24 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.55 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
17-09-2015 19:07:50 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00B32B17-9052-4315-97B9-B091486AC175} - System32\Tasks\HPCeeScheduleForMichael => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0EF97E16-D65E-41A6-ADAE-0D3667A3C099} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-09-23] (CyberLink Corp.)
Task: {1C6CA9FE-7AFB-42F6-A3C4-C87AD430D31A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {204D6D91-0123-4E55-9C29-1C56ED07E39A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-08-27] (Hewlett-Packard)
Task: {3D52FE3A-68EE-400C-BD90-247F27E02D8F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation)
Task: {4B4207D6-AEAF-4CF4-B8C0-A7F56A9B5B26} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {53401962-78B5-41A2-9AE6-6FCC799CA4FD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {570155F2-CE03-472D-AADD-D2FF0F6907BA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {5B86A5AF-2DD4-4122-8EAB-7AC79023FF0A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {5DB8D70F-A58E-4D69-858D-772DFD8365FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-08-27] (Hewlett-Packard)
Task: {6DC764CA-B5E7-411D-8C92-A9D6534CBD91} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-08-12] (Microsoft Corporation)
Task: {7C284B54-A3EB-4BFF-B955-5B0958E9189A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-01] (Hewlett-Packard Company)
Task: {8494D388-8DC1-4B7E-AE4A-086DE5EFF529} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-14] (Dropbox, Inc.)
Task: {98F2F77F-1F3A-49E7-B33D-8C376C8E4254} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {A3B7282B-9FCA-43D3-821C-4DE2F99A870C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {AC0C291E-6537-43E6-96D3-C7D82B4557FE} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-15] ()
Task: {AD3FA9D2-886B-43B5-8124-BACF0684B235} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation)
Task: {AF0BB421-F3F0-4595-958B-44B3BEC18B19} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {B04CE160-CE9E-45E0-B2E0-48D3BB1E91AC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-27] (Adobe Systems Incorporated)
Task: {B5218830-BCA9-4F37-8D3E-9C1852BF508B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {C2D4B17F-C9B3-4F4D-A37D-5356BB8E89E7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {D1FB83D0-4A49-4B85-8FE8-3D47D55B4754} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-01] (Hewlett-Packard Company)
Task: {D55B8052-CE2B-43CF-BAD2-2E0D10059C2D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-01] (Hewlett-Packard Company)
Task: {E28313AC-9572-40A3-9EF6-47C8486DCF17} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-01] (Hewlett-Packard Company)
Task: {E75BE8E3-5E7C-434D-8B80-55047BAFBF60} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {E8367BC0-7D49-4A97-BB07-B08221C7307C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F0ED0000-0468-4BBB-93A9-D0ABE6731C0D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-14] (Dropbox, Inc.)
Task: {F8008E08-6298-44A7-AC61-FDA94BCF103A} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2014-10-15] (AVAST Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMichael.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-14 21:20 - 2015-08-14 21:20 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-14 20:34 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-28 14:31 - 2014-03-28 14:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-08-27 17:49 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-14 23:09 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-09 05:40 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-08-28 23:26 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-28 23:26 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-14 21:21 - 2015-08-14 21:21 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-08-14 21:21 - 2015-08-14 21:21 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-14 21:21 - 2015-08-14 21:21 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-08-27 17:49 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-14 21:21 - 2015-08-14 21:21 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-08-14 21:21 - 2015-08-14 21:21 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-08-14 21:21 - 2015-08-14 21:21 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-14 21:21 - 2015-08-14 21:21 - 00577024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-08-14 21:21 - 2015-08-14 21:21 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-08-14 21:21 - 2015-08-14 21:21 - 00559616 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-08-14 21:21 - 2015-08-14 21:21 - 00643072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation.diagnostics\bin\NodeRT_Windows_Foundation_Diagnostics.node
2015-07-10 13:00 - 2015-07-10 18:45 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-08-14 21:21 - 2015-08-14 21:21 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-08-14 21:21 - 2015-08-14 21:21 - 00961536 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-08-14 21:21 - 2015-08-14 21:21 - 00204288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-08-14 21:21 - 2015-08-14 21:21 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-08-14 21:21 - 2015-08-14 21:21 - 00074240 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.networking\bin\NodeRT_Windows_Networking.node
2015-07-10 13:00 - 2015-07-10 13:00 - 01760768 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2015-08-14 21:21 - 2015-08-14 21:21 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-08-14 21:21 - 2015-08-14 21:21 - 00124416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2015-08-24 20:28 - 2015-08-24 20:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-09-18 15:41 - 2015-09-18 15:41 - 00071168 _____ () c:\users\michael\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzf3cnp.dll
2015-08-14 23:30 - 2015-08-05 07:26 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-08-14 23:30 - 2015-08-05 07:26 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-14 23:30 - 2015-08-05 07:26 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-14 23:30 - 2015-08-05 07:26 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-02-09 05:22 - 2014-10-15 16:02 - 38561576 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2015-08-27 18:10 - 2015-08-27 18:32 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-08-27 17:50 - 2015-08-27 17:50 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Michael\OneDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2964265515-3498347506-235733016-1001\Control Panel\Desktop\\Wallpaper -> c:\users\michael\pictures\saved pictures\liebe.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A9400893-6621-4257-8778-57EE6A84201E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{467F9B18-6131-4CF1-8A03-9C217A9F7FDA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{BB2FC89A-C5B9-4725-A9FF-F3E438BC8232}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{2C94E98B-17A6-400F-A4F2-BFE24638DD60}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{D3D5452C-1F8F-422C-923B-E33D0718F3F5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{79AA6FDE-E1D7-42DC-881D-86FFCF56DDF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F1357A58-32CB-4EA2-AB89-681663EC8074}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7D7F9E2D-5DA3-4AC9-960C-041FC355592F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{645677D8-5318-4E5C-A1DB-6BCDCE199E49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E260C50E-985F-45B9-8014-0AE5CEAD076A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E459532D-CDA4-47D1-8240-F830C4B07FC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{24199183-0F31-49BF-9301-40C58C3A74C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9D8CE0AC-152E-40D9-82E5-E93C48D757CC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{98C0C0C9-4583-4177-A04D-06FE1E5911BE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3D0370D9-8542-4843-A37F-8B6C450A03DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF801E48-1C5C-4E77-8988-A943AC25B7EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4AB46C16-ECD8-443A-AB8D-B8D3EF59ECAE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{955D4825-0552-4A92-8A82-E2ADDD6C0E6F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{F62ECA06-E480-4CEF-A4C3-8DCDE86665FC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{4ABC46B8-1112-47AF-B63A-F6472F5EE3DB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/18/2015 03:45:36 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (9856) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/18/2015 03:45:36 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (9856) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (09/18/2015 03:45:25 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (9856) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/18/2015 03:45:25 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (9856) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (09/18/2015 03:45:15 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (9856) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/18/2015 03:45:15 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (9856) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (09/18/2015 03:45:05 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (9856) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/18/2015 03:45:05 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (9856) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (09/18/2015 03:44:54 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (9856) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/18/2015 03:44:54 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (9856) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Systemfehler:
=============
Error: (09/18/2015 03:56:18 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}
Error: (09/18/2015 03:43:21 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (09/18/2015 03:38:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (09/18/2015 03:38:02 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000a0 (0x000000000000000c, 0xffffffffc0000001, 0xffffe000266358e0, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP091815-20921-01
Error: (09/18/2015 03:37:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TVicPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/18/2015 03:37:05 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212254731155984
Error: (09/18/2015 03:37:29 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 18.09.2015 um 01:17:50 unerwartet heruntergefahren.
Error: (09/18/2015 01:44:26 AM) (Source: DCOM) (EventID: 10010) (User: LOKI)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}
Error: (09/18/2015 01:41:14 AM) (Source: DCOM) (EventID: 10010) (User: LOKI)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}
Error: (09/18/2015 01:39:14 AM) (Source: DCOM) (EventID: 10010) (User: LOKI)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}
CodeIntegrity:
===================================
Date: 2015-09-11 18:29:35.180
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-11 18:29:35.089
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-11 18:29:34.048
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-11 18:29:33.421
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-11 18:29:32.304
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-11 18:29:30.101
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-11 18:29:25.981
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-11 18:29:25.534
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-11 18:28:48.208
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-11 18:28:45.543
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8114.27 MB
Verfügbarer physikalischer RAM: 5206.91 MB
Summe virtueller Speicher: 9394.27 MB
Verfügbarer virtueller Speicher: 6383.66 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:1837.12 GB) (Free:1520.13 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:24.03 GB) (Free:2.7 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive f: (standard) (Removable) (Total:29.67 GB) (Free:29.67 GB) FAT32
Drive g: (SMALL) (Removable) (Total:7.45 GB) (Free:7.45 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: DC13FC01)
Partition: GPT.
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 6A7E3828)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)
========================================================
Disk: 2 (Size: 29.7 GB) (Disk ID: 01F94BA9)
Partition 1: (Active) - (Size=29.7 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 17.09.2015 Suchlaufzeit: 22:46 Protokolldatei: Logfile.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.17.05 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Michael Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 384186 Abgelaufene Zeit: 7 Min., 39 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Exportierte Ereignisse:
07.09.2015 15:00 [System-Scanner] Malware gefunden
Die Datei
'C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\uninstall.exe.vir'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4b600a8b.qua'
verschoben!
07.09.2015 15:00 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Michael\Meine Welt\Programme jeder
Art\ccsetup509_CB-DL-Manager.exe'
enthielt einen Virus oder unerwünschtes Programm 'PUA/DownloadGuide.Gen'
[riskware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '53c1255f.qua'
verschoben!
07.09.2015 03:11 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\uninstall.exe.vir'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
07.09.2015 03:11 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\uninstall.exe.vir'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
07.09.2015 03:11 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\uninstall.exe.vir'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
07.09.2015 03:10 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\uninstall.exe.vir'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
|
|
18.09.2015, 16:38
| #2 |
| /// the machine /// TB-Ausbilder    | Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter Ordner hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
18.09.2015, 20:57
| #3 |
| | Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter Ordner Habe beide Programme durchlaufen lassen keine Funde, die erste Hälfte des ersten Files(es war zu groß):
__________________Code:
ATTFilter 21:45:19.0334 0x1164 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
21:45:19.0334 0x1164 UEFI system
21:45:24.0870 0x1164 ============================================================
21:45:24.0870 0x1164 Current date / time: 2015/09/18 21:45:24.0870
21:45:24.0870 0x1164 SystemInfo:
21:45:24.0870 0x1164
21:45:24.0870 0x1164 OS Version: 10.0.10240 ServicePack: 0.0
21:45:24.0870 0x1164 Product type: Workstation
21:45:24.0870 0x1164 ComputerName: LOKI
21:45:24.0870 0x1164 UserName: Michael
21:45:24.0870 0x1164 Windows directory: C:\WINDOWS
21:45:24.0870 0x1164 System windows directory: C:\WINDOWS
21:45:24.0870 0x1164 Running under WOW64
21:45:24.0870 0x1164 Processor architecture: Intel x64
21:45:24.0870 0x1164 Number of processors: 4
21:45:24.0870 0x1164 Page size: 0x1000
21:45:24.0870 0x1164 Boot type: Normal boot
21:45:24.0870 0x1164 ============================================================
21:45:25.0323 0x1164 KLMD registered as C:\WINDOWS\system32\drivers\78053910.sys
21:45:25.0651 0x1164 System UUID: {1C1B3EDA-F7A9-A995-D27E-8014AD4EC1E0}
21:45:26.0464 0x1164 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:45:26.0479 0x1164 Drive \Device\Harddisk1\DR1 - Size: 0x1DE200000 ( 7.47 Gb ), SectorSize: 0x200, Cylinders: 0x3CF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:45:26.0479 0x1164 Drive \Device\Harddisk2\DR2 - Size: 0x76C000000 ( 29.69 Gb ), SectorSize: 0x200, Cylinders: 0xF23, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:45:26.0479 0x1164 ============================================================
21:45:26.0479 0x1164 \Device\Harddisk0\DR0:
21:45:26.0479 0x1164 GPT partitions:
21:45:26.0479 0x1164 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {43FF9015-0BE9-4C8A-87AF-D404ACF374D6}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000
21:45:26.0479 0x1164 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {59D732E0-0FEC-4835-A701-049D402A268E}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000
21:45:26.0479 0x1164 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4916A055-851A-4F8D-80D5-E79AF5D4105A}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000
21:45:26.0479 0x1164 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {26C16F60-5F83-4691-8130-4211EDAE63F8}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0xE5A3F5E0
21:45:26.0479 0x1164 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E13B808D-FB17-4632-9719-D793E2AE007F}, Name: , StartLBA 0xE5C47000, BlocksNum 0x1B2000
21:45:26.0479 0x1164 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D70115DA-8197-48B5-AF48-BD4F79FB1DDD}, Name: Basic data partition, StartLBA 0xE5DF9000, BlocksNum 0x300D000
21:45:26.0479 0x1164 MBR partitions:
21:45:26.0479 0x1164 \Device\Harddisk1\DR1:
21:45:26.0479 0x1164 MBR partitions:
21:45:26.0479 0x1164 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEF00D0
21:45:26.0479 0x1164 \Device\Harddisk2\DR2:
21:45:26.0479 0x1164 MBR partitions:
21:45:26.0479 0x1164 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x3B5F800
21:45:26.0479 0x1164 ============================================================
21:45:26.0511 0x1164 C: <-> \Device\Harddisk0\DR0\Partition4
21:45:26.0558 0x1164 D: <-> \Device\Harddisk0\DR0\Partition6
21:45:26.0558 0x1164 ============================================================
21:45:26.0558 0x1164 Initialize success
21:45:26.0558 0x1164 ============================================================
21:45:32.0972 0x2788 ============================================================
21:45:32.0972 0x2788 Scan started
21:45:32.0972 0x2788 Mode: Manual;
21:45:32.0972 0x2788 ============================================================
21:45:32.0972 0x2788 KSN ping started
21:45:35.0566 0x2788 KSN ping finished: true
21:45:37.0738 0x2788 ================ Scan system memory ========================
21:45:37.0738 0x2788 System memory - ok
21:45:37.0738 0x2788 ================ Scan services =============================
21:45:37.0941 0x2788 [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
21:45:37.0956 0x2788 1394ohci - ok
21:45:38.0003 0x2788 [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
21:45:38.0019 0x2788 3ware - ok
21:45:38.0050 0x2788 [ 36E8D1E627D422241D903305B4008E9B, BD4BB52E98302A71A217DDE85102DBFBD04A59CEE9BAD7AF1138BF453889D6EA ] Accelerometer C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
21:45:38.0050 0x2788 Accelerometer - ok
21:45:38.0113 0x2788 [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
21:45:38.0128 0x2788 ACPI - ok
21:45:38.0144 0x2788 [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
21:45:38.0160 0x2788 acpiex - ok
21:45:38.0160 0x2788 [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
21:45:38.0160 0x2788 acpipagr - ok
21:45:38.0191 0x2788 [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
21:45:38.0191 0x2788 AcpiPmi - ok
21:45:38.0206 0x2788 [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
21:45:38.0206 0x2788 acpitime - ok
21:45:38.0316 0x2788 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:45:38.0316 0x2788 AdobeARMservice - ok
21:45:38.0441 0x2788 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:45:38.0456 0x2788 AdobeFlashPlayerUpdateSvc - ok
21:45:38.0566 0x2788 [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:45:38.0597 0x2788 ADP80XX - ok
21:45:38.0613 0x2788 [ 6C12C7E01A4F64E0AA9C88AF66955CC9, 81A413702909341F8694823EC83FBA0089523D7EC927B80E55E0779BB83AD263 ] AFD C:\WINDOWS\system32\drivers\afd.sys
21:45:38.0628 0x2788 AFD - ok
21:45:38.0660 0x2788 [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
21:45:38.0660 0x2788 agp440 - ok
21:45:38.0675 0x2788 [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:45:38.0691 0x2788 ahcache - ok
21:45:38.0706 0x2788 [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
21:45:38.0706 0x2788 AJRouter - ok
21:45:38.0738 0x2788 [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG C:\WINDOWS\System32\alg.exe
21:45:38.0738 0x2788 ALG - ok
21:45:38.0753 0x2788 [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
21:45:38.0753 0x2788 AmdK8 - ok
21:45:38.0753 0x2788 [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
21:45:38.0769 0x2788 AmdPPM - ok
21:45:38.0769 0x2788 [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
21:45:38.0769 0x2788 amdsata - ok
21:45:38.0785 0x2788 [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
21:45:38.0785 0x2788 amdsbs - ok
21:45:38.0800 0x2788 [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
21:45:38.0800 0x2788 amdxata - ok
21:45:38.0878 0x2788 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
21:45:38.0894 0x2788 AntiVirMailService - ok
21:45:38.0941 0x2788 [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
21:45:38.0988 0x2788 AntiVirSchedulerService - ok
21:45:39.0019 0x2788 [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
21:45:39.0035 0x2788 AntiVirService - ok
21:45:39.0081 0x2788 [ D9A8EE3F4A1E604B9315B34A5AA4569E, 287BA8FA1949646E03D39F36F50C016251358A8A454EE19D249E76A723F1455E ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
21:45:39.0113 0x2788 AntiVirWebService - ok
21:45:39.0175 0x2788 [ E4AFE476D9F758514A8A571DF6A24372, A37055A2CDB577CC8B76D4B020924A6C68D94166C1C9A64F7C0E9E16692709FC ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
21:45:39.0175 0x2788 AppHostSvc - ok
21:45:39.0206 0x2788 [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID C:\WINDOWS\system32\drivers\appid.sys
21:45:39.0206 0x2788 AppID - ok
21:45:39.0238 0x2788 [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
21:45:39.0238 0x2788 AppIDSvc - ok
21:45:39.0253 0x2788 [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo C:\WINDOWS\System32\appinfo.dll
21:45:39.0253 0x2788 Appinfo - ok
21:45:39.0300 0x2788 [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
21:45:39.0316 0x2788 AppReadiness - ok
21:45:39.0394 0x2788 [ 4F9CBB4B6FC2D9D0EAC8234343BAA29D, 5A01B55B3D63C3E1593C9E4B653C4D63CAEFBBEB2847D3EBAD4DB3BABA39DE50 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
21:45:39.0425 0x2788 AppXSvc - ok
21:45:39.0441 0x2788 [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
21:45:39.0441 0x2788 arcsas - ok
21:45:39.0535 0x2788 [ BD63768F58666341BE007DAA21B3A063, 1D6112E97042E19E4D916AA22F8AEB7FCC2F36CA45F55049D77042DAF3B8847C ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:45:39.0550 0x2788 aspnet_state - ok
21:45:39.0581 0x2788 [ E4ABC023E251D2BB6B98C9FCAF5CF16D, 2A94320A3EF16E641B693BF6EABABB57C891B914B00F73ACD7ADB8CA5089EC40 ] aswTap C:\WINDOWS\System32\drivers\aswTap.sys
21:45:39.0581 0x2788 aswTap - ok
21:45:39.0597 0x2788 [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
21:45:39.0597 0x2788 AsyncMac - ok
21:45:39.0613 0x2788 [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
21:45:39.0613 0x2788 atapi - ok
21:45:39.0644 0x2788 [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:45:39.0660 0x2788 AudioEndpointBuilder - ok
21:45:39.0722 0x2788 [ 5D6D5DA39A402AE7B05047781699ABDE, E3E4A7BA6E92190F9D9D6AD9AE084E293D2E271089CA78503AD72D7F39492459 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
21:45:39.0738 0x2788 Audiosrv - ok
21:45:39.0769 0x2788 [ A900ED612B02CB3A2A8028866ED62E72, 0A93B04E8796AC6F1B6C8C858F717A4C73C11BC0C99BF285A486E57DB30D7965 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:45:39.0769 0x2788 avgntflt - ok
21:45:39.0785 0x2788 [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:45:39.0785 0x2788 avipbb - ok
21:45:39.0863 0x2788 [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:45:39.0878 0x2788 Avira.ServiceHost - ok
21:45:39.0894 0x2788 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:45:39.0894 0x2788 avkmgr - ok
21:45:39.0910 0x2788 [ 83586138F23A4C284EB68AFC852D7AFA, 9ADE8924B4518ED0A8E3FC4CC3F9964BC05B5FF67F230A7FD0BDABCFFA0BB0C8 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
21:45:39.0910 0x2788 avnetflt - ok
21:45:39.0941 0x2788 [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
21:45:39.0956 0x2788 AxInstSV - ok
21:45:40.0035 0x2788 [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
21:45:40.0050 0x2788 b06bdrv - ok
21:45:40.0081 0x2788 [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:45:40.0081 0x2788 BasicDisplay - ok
21:45:40.0081 0x2788 [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
21:45:40.0081 0x2788 BasicRender - ok
21:45:40.0331 0x2788 [ B68B7EB9C8652E51654396AED5078E49, 63690187F8C34A2A49CBBDE4B6DBE66D1BB5F9D1637ADD357B8CAF440BB90187 ] BBDemon C:\Users\Michael\Meine Welt\Programme jeder Art\cat\intel_a\code\bin\CATSysDemon.exe
21:45:40.0613 0x2788 BBDemon - ok
21:45:40.0753 0x2788 [ C2AFDA82060FA1C57164950802A5C257, 6AEA38BC954A519E2BF89731E1F8562534BB016F33433C69BA764CC3705B1DB6 ] bcbtums C:\WINDOWS\system32\drivers\bcbtums.sys
21:45:40.0753 0x2788 bcbtums - ok
21:45:41.0003 0x2788 [ 4455CB2DCAAE2D706F35425DC3FB46B9, F63BEC14A121DA8BCF24E138D517D4D8313C9183D77257FAF7AABCECE42DA11C ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
21:45:41.0128 0x2788 BCM43XX - ok
21:45:41.0206 0x2788 [ 1C0D4B4E8B14AFC472AC4295A3DDC648, 45970366A1811B36EAE018BFC89E03E2BA9DB2868BCB1B630D642924893086F0 ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe
21:45:41.0238 0x2788 BcmBtRSupport - ok
21:45:41.0269 0x2788 [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
21:45:41.0269 0x2788 bcmfn2 - ok
21:45:41.0300 0x2788 [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
21:45:41.0316 0x2788 BDESVC - ok
21:45:41.0331 0x2788 [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:45:41.0347 0x2788 Beep - ok
21:45:41.0410 0x2788 [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE C:\WINDOWS\System32\bfe.dll
21:45:41.0441 0x2788 BFE - ok
21:45:41.0519 0x2788 [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS C:\WINDOWS\System32\qmgr.dll
21:45:41.0535 0x2788 BITS - ok
21:45:41.0628 0x2788 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:45:41.0644 0x2788 Bonjour Service - ok
21:45:41.0660 0x2788 [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
21:45:41.0660 0x2788 bowser - ok
21:45:41.0675 0x2788 [ EB4F4B88DF20C7B134F33A64EFD56BED, 7C32485FDDEEA23760DF24FC9576FBA11330C5BBA9053869FDAA9AD8A16B1610 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:45:41.0691 0x2788 BrokerInfrastructure - ok
21:45:41.0691 0x2788 [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser C:\WINDOWS\System32\browser.dll
21:45:41.0706 0x2788 Browser - ok
21:45:41.0722 0x2788 [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:45:41.0722 0x2788 BthAvrcpTg - ok
21:45:41.0738 0x2788 [ 74C9D52F3F594529465E18B2BFF80487, F1ECD8B730AD8B90673735FD6D2D9F6F0754F8BAB7135B16A41128145D5F9377 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
21:45:41.0753 0x2788 BthEnum - ok
21:45:41.0769 0x2788 [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
21:45:41.0769 0x2788 BthHFEnum - ok
21:45:41.0785 0x2788 [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
21:45:41.0785 0x2788 bthhfhid - ok
21:45:41.0847 0x2788 [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
21:45:41.0863 0x2788 BthHFSrv - ok
21:45:41.0878 0x2788 [ 986F756D10B5A2B3971A03BD6308B94F, BEDEFD7470155621365439858B35239D4474487873431E67B01A4B7D56E7CE76 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
21:45:41.0878 0x2788 BthLEEnum - ok
21:45:41.0910 0x2788 [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
21:45:41.0910 0x2788 BTHMODEM - ok
21:45:41.0925 0x2788 [ 38C97371F058E889F730BF35530732F4, 7CD16DF9C51D40CF80392E6DF444D6F5546B0E8B6A6DAC6DFD70BB45E014FA27 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
21:45:41.0925 0x2788 BthPan - ok
21:45:41.0990 0x2788 [ A9991032F00FDE9D344FF95C01DBD390, 594403DB61E6F5F9817F1095596FD9245E58B7475875A4546768BD95550C8218 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
21:45:42.0012 0x2788 BTHPORT - ok
21:45:42.0018 0x2788 [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv C:\WINDOWS\system32\bthserv.dll
21:45:42.0021 0x2788 bthserv - ok
21:45:42.0052 0x2788 [ 5866AE46EEF644E6DE5C95942AE419D7, 0726C0845D2BA4247AB26ACF05006F6FA96015158CD49795801BB906DA80C007 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
21:45:42.0054 0x2788 BTHUSB - ok
21:45:42.0094 0x2788 [ EF8A82BCEFB9586F4E75B1ED202CB7A2, 9F32ABC96956D1C3181B82E840CD49F3122C71E515B253BDB80AD54FC53A1D00 ] btwampfl C:\WINDOWS\system32\DRIVERS\btwampfl.sys
21:45:42.0098 0x2788 btwampfl - ok
21:45:42.0111 0x2788 [ F34AD5A9F944D91BD285D1C29EEECB2B, 2EDA8C481B7F7F49AC8399485AE7C2D182568EE2E62394DC78C9A821ADAEA5EC ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
21:45:42.0111 0x2788 buttonconverter - ok
21:45:42.0127 0x2788 [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
21:45:42.0143 0x2788 CapImg - ok
21:45:42.0158 0x2788 [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:45:42.0158 0x2788 cdfs - ok
21:45:42.0174 0x2788 [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
21:45:42.0189 0x2788 CDPSvc - ok
21:45:42.0205 0x2788 [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
21:45:42.0205 0x2788 cdrom - ok
21:45:42.0221 0x2788 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
21:45:42.0221 0x2788 CertPropSvc - ok
21:45:42.0236 0x2788 [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
21:45:42.0236 0x2788 circlass - ok
21:45:42.0252 0x2788 [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
21:45:42.0252 0x2788 CLFS - ok
21:45:42.0439 0x2788 [ E0AF1E0227133040326AF6E247C59823, C5AC881944F7C4DAC98EEA5DDA008E6B9760201A6A44EBF34A867BA161356D20 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:45:42.0486 0x2788 ClickToRunSvc - ok
21:45:42.0533 0x2788 [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
21:45:42.0549 0x2788 ClipSVC - ok
21:45:42.0580 0x2788 [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
21:45:42.0596 0x2788 CLVirtualDrive - ok
21:45:42.0627 0x2788 [ 9731DAFDC7B690B2C7752FDFF045BFD8, 9DDBDC4FE519AF38993EAB2F16602B2B71CF8675BDD1F651F22DFA8C5C2C80F7 ] clwvd C:\WINDOWS\system32\DRIVERS\clwvd.sys
21:45:42.0627 0x2788 clwvd - ok
21:45:42.0643 0x2788 [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
21:45:42.0643 0x2788 CmBatt - ok
21:45:42.0689 0x2788 [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
21:45:42.0705 0x2788 CNG - ok
21:45:42.0721 0x2788 [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
21:45:42.0721 0x2788 cnghwassist - ok
21:45:42.0814 0x2788 [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
21:45:42.0814 0x2788 CompositeBus - ok
21:45:42.0814 0x2788 COMSysApp - ok
21:45:42.0861 0x2788 [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
21:45:42.0861 0x2788 condrv - ok
21:45:42.0893 0x2788 [ 5C2C63BC5CE4A753C16CED512F91A04D, 4ACFA702B4CD7E30525D9595533E6B8EACBFF7F38EE7A05E8AC087BB229AD9D4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
21:45:42.0924 0x2788 CoreMessagingRegistrar - ok
21:45:43.0018 0x2788 [ A6B9FD89353D6005DD74485F591F2A83, 1148FDAC0C4B01E9F7C925E22F0E13CA0ECA3DB8AE13F3303E99AB03D4E7B644 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:45:43.0033 0x2788 cphs - ok
21:45:43.0080 0x2788 [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
21:45:43.0080 0x2788 CryptSvc - ok
21:45:43.0111 0x2788 [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam C:\WINDOWS\system32\drivers\dam.sys
21:45:43.0127 0x2788 dam - ok
21:45:43.0221 0x2788 dbupdate - ok
21:45:43.0236 0x2788 dbupdatem - ok
21:45:43.0314 0x2788 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:45:43.0330 0x2788 DcomLaunch - ok
21:45:43.0361 0x2788 [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
21:45:43.0377 0x2788 DcpSvc - ok
21:45:43.0424 0x2788 [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc C:\WINDOWS\System32\defragsvc.dll
21:45:43.0455 0x2788 defragsvc - ok
21:45:43.0486 0x2788 [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:45:43.0502 0x2788 DeviceAssociationService - ok
21:45:43.0518 0x2788 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
21:45:43.0533 0x2788 DeviceInstall - ok
21:45:43.0564 0x2788 [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
21:45:43.0564 0x2788 DevQueryBroker - ok
21:45:43.0596 0x2788 [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
21:45:43.0596 0x2788 Dfsc - ok
21:45:43.0627 0x2788 [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
21:45:43.0627 0x2788 Dhcp - ok
21:45:43.0674 0x2788 [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
21:45:43.0674 0x2788 diagnosticshub.standardcollector.service - ok
21:45:43.0736 0x2788 [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
21:45:43.0768 0x2788 DiagTrack - ok
21:45:43.0768 0x2788 [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk C:\WINDOWS\system32\drivers\disk.sys
21:45:43.0768 0x2788 disk - ok
21:45:43.0818 0x2788 [ 8E481EDF066552D551613EC9FE7D179F, 96E955CA82B4CDEC00ED08003FDC8DD61E685F421912EDBF7B0DA740048416F9 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
21:45:43.0825 0x2788 DmEnrollmentSvc - ok
21:45:43.0837 0x2788 [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
21:45:43.0838 0x2788 dmvsc - ok
21:45:43.0853 0x2788 [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
21:45:43.0855 0x2788 dmwappushservice - ok
21:45:43.0867 0x2788 [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:45:43.0874 0x2788 Dnscache - ok
21:45:43.0897 0x2788 [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
21:45:43.0902 0x2788 dot3svc - ok
21:45:43.0912 0x2788 [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS C:\WINDOWS\system32\dps.dll
21:45:43.0916 0x2788 DPS - ok
21:45:43.0931 0x2788 [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:45:43.0932 0x2788 drmkaud - ok
21:45:43.0960 0x2788 [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
21:45:43.0971 0x2788 DsmSvc - ok
21:45:43.0983 0x2788 [ F2328181D289CE83E9979733EAB6742A, 73B1CDA6ED8C42B36126909F1335B72126A5DDC6FC7CE8BA2CA274A2B92E82FD ] DsSvc C:\WINDOWS\System32\DsSvc.dll
21:45:43.0990 0x2788 DsSvc - ok
21:45:44.0083 0x2788 [ 310334DAF2C455744703E2D582942DF3, C25C42B4C5BA3456DCB2C24546D7E38A9F5321992B81138A8BDCE021C4BE6D13 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:45:44.0117 0x2788 DXGKrnl - ok
21:45:44.0131 0x2788 [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost C:\WINDOWS\System32\eapsvc.dll
21:45:44.0131 0x2788 Eaphost - ok
21:45:44.0240 0x2788 [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
21:45:44.0303 0x2788 ebdrv - ok
21:45:44.0349 0x2788 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS C:\WINDOWS\System32\lsass.exe
21:45:44.0349 0x2788 EFS - ok
21:45:44.0365 0x2788 [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
21:45:44.0365 0x2788 EhStorClass - ok
21:45:44.0365 0x2788 [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:45:44.0365 0x2788 EhStorTcgDrv - ok
21:45:44.0396 0x2788 [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
21:45:44.0396 0x2788 embeddedmode - ok
21:45:44.0428 0x2788 [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
21:45:44.0443 0x2788 EntAppSvc - ok
21:45:44.0459 0x2788 [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
21:45:44.0459 0x2788 ErrDev - ok
21:45:44.0474 0x2788 [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem C:\WINDOWS\system32\es.dll
21:45:44.0490 0x2788 EventSystem - ok
21:45:44.0506 0x2788 [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
21:45:44.0506 0x2788 exfat - ok
21:45:44.0521 0x2788 [ 435FC0D25ADFD1A2FBA8C98BD4D79E23, F89D02518923D5AAB4A63686F26EE6118584AA9641D2C0B5B1AE4A728D5C06A4 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
21:45:44.0521 0x2788 fastfat - ok
21:45:44.0568 0x2788 [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax C:\WINDOWS\system32\fxssvc.exe
21:45:44.0584 0x2788 Fax - ok
21:45:44.0631 0x2788 [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc C:\WINDOWS\System32\drivers\fcvsc.sys
21:45:44.0631 0x2788 fcvsc - ok
21:45:44.0646 0x2788 [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
21:45:44.0646 0x2788 fdc - ok
21:45:44.0646 0x2788 [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
21:45:44.0662 0x2788 fdPHost - ok
21:45:44.0678 0x2788 [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
21:45:44.0678 0x2788 FDResPub - ok
21:45:44.0693 0x2788 [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc C:\WINDOWS\system32\fhsvc.dll
21:45:44.0709 0x2788 fhsvc - ok
21:45:44.0724 0x2788 [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
21:45:44.0724 0x2788 FileCrypt - ok
21:45:44.0740 0x2788 [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
21:45:44.0740 0x2788 FileInfo - ok
21:45:44.0756 0x2788 [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
21:45:44.0756 0x2788 Filetrace - ok
21:45:44.0787 0x2788 [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
21:45:44.0787 0x2788 flpydisk - ok
21:45:44.0818 0x2788 [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:45:44.0834 0x2788 FltMgr - ok
21:45:44.0912 0x2788 [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache C:\WINDOWS\system32\FntCache.dll
21:45:44.0943 0x2788 FontCache - ok
21:45:45.0037 0x2788 [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:45:45.0037 0x2788 FontCache3.0.0.0 - ok
21:45:45.0053 0x2788 [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
21:45:45.0053 0x2788 FsDepends - ok
21:45:45.0068 0x2788 [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:45:45.0068 0x2788 Fs_Rec - ok
21:45:45.0099 0x2788 [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:45:45.0099 0x2788 fvevol - ok
21:45:45.0115 0x2788 [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
21:45:45.0115 0x2788 gagp30kx - ok
21:45:45.0193 0x2788 [ BADC3F3AAC5CE521D2CF88B14BFA3B29, 1710D69C29FFC35C910A47157BAA6A2FF21F6227DA3EB0B4AAC3CDBA9A8AD1E6 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
21:45:45.0209 0x2788 GamesAppIntegrationService - ok
21:45:45.0224 0x2788 [ 2EF5E839B4B73BD1CEDBB78FD3A8497D, 0FA18707681395AD3812A3EF615B6F8653E47067DDB96F84BB78423333A56C18 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
21:45:45.0224 0x2788 GamesAppService - ok
21:45:45.0271 0x2788 [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
21:45:45.0271 0x2788 gencounter - ok
21:45:45.0287 0x2788 [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
21:45:45.0287 0x2788 genericusbfn - ok
21:45:45.0334 0x2788 [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:45:45.0334 0x2788 GPIOClx0101 - ok
21:45:45.0412 0x2788 [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
21:45:45.0443 0x2788 gpsvc - ok
21:45:45.0459 0x2788 [ BA2455D93BD57989A04FE4094AA6F941, B579FB367C063EA30C034381148410D49D38E183A5A4D51D2334A81DAEE95CEC ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
21:45:45.0459 0x2788 GpuEnergyDrv - ok
21:45:45.0459 0x2788 [ C277A49F8A8295840DEBC9240B75A282, 8B2BA0E6A8300323765D95ECD843105B0FC4B80B85EE2220E677C4E9A760C9D8 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
21:45:45.0459 0x2788 HDAudBus - ok
21:45:45.0474 0x2788 [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
21:45:45.0474 0x2788 HidBatt - ok
21:45:45.0506 0x2788 [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
21:45:45.0506 0x2788 HidBth - ok
21:45:45.0521 0x2788 [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
21:45:45.0537 0x2788 hidi2c - ok
21:45:45.0553 0x2788 [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
21:45:45.0553 0x2788 hidinterrupt - ok
21:45:45.0568 0x2788 [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
21:45:45.0568 0x2788 HidIr - ok
21:45:45.0584 0x2788 [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv C:\WINDOWS\system32\hidserv.dll
21:45:45.0584 0x2788 hidserv - ok
21:45:45.0599 0x2788 [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
21:45:45.0599 0x2788 HidUsb - ok
21:45:45.0615 0x2788 [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:45:45.0631 0x2788 HomeGroupListener - ok
21:45:45.0678 0x2788 [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:45:45.0678 0x2788 HomeGroupProvider - ok
21:45:45.0740 0x2788 [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:45:45.0756 0x2788 HP Support Assistant Service - ok
21:45:45.0787 0x2788 [ 3E28EE56DEC5678EC088752B91C05ADF, 1F80E7162BF80C66C5E58DD40513877579324FE4387044DC2A335F4320E8DFC7 ] hpdskflt C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
21:45:45.0787 0x2788 hpdskflt - ok
21:45:45.0896 0x2788 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
21:45:45.0912 0x2788 hpqwmiex - ok
21:45:45.0928 0x2788 [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
21:45:45.0943 0x2788 HpSAMD - ok
21:45:45.0959 0x2788 [ 2456CAA57C1DBF8DD4AAB89A293F9F26, 8996E639C3FB13D90DC6304563C69F7C46EC5E053BAFEE0E0A9F999093FC31E9 ] hpsrv C:\WINDOWS\system32\Hpservice.exe
21:45:45.0959 0x2788 hpsrv - ok
21:45:46.0021 0x2788 [ 316CE4F4D31F105534DA16B83F6A44C1, 6CD64E9E1EE8101BB4858C27AD70F0F7FEB65932ADDC7A01331472835085FFD0 ] HPWMISVC c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
21:45:46.0021 0x2788 HPWMISVC - ok
21:45:46.0068 0x2788 [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
21:45:46.0084 0x2788 HTTP - ok
21:45:46.0115 0x2788 [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
21:45:46.0115 0x2788 hwpolicy - ok
21:45:46.0146 0x2788 [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
21:45:46.0146 0x2788 hyperkbd - ok
21:45:46.0162 0x2788 [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
21:45:46.0162 0x2788 HyperVideo - ok
21:45:46.0178 0x2788 [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
21:45:46.0178 0x2788 i8042prt - ok
21:45:46.0209 0x2788 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:45:46.0209 0x2788 iaLPSSi_GPIO - ok
21:45:46.0240 0x2788 [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:45:46.0240 0x2788 iaLPSSi_I2C - ok
21:45:46.0287 0x2788 [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
21:45:46.0318 0x2788 iaStorA - ok
21:45:46.0334 0x2788 [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
21:45:46.0349 0x2788 iaStorAV - ok
21:45:46.0490 0x2788 [ 14E3DB5ADA7E2187A404129F4E5CE336, 5925C8E9DC00A6C682D6A3B37C6EBF2C325D37C8E4BF584F0B5AAC5A7B666E47 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:45:46.0490 0x2788 IAStorDataMgrSvc - ok
21:45:46.0521 0x2788 [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
21:45:46.0537 0x2788 iaStorV - ok
21:45:46.0553 0x2788 [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
21:45:46.0568 0x2788 ibbus - ok
21:45:46.0599 0x2788 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:45:46.0599 0x2788 ICCS - ok
21:45:46.0631 0x2788 [ 501AEED29B30B32BB50416C1E04380E6, 5488B34F3FE5D3DFEF321C1EC2F1DC38831A06EA5FC0618FEF24367975ACB862 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
21:45:46.0631 0x2788 icssvc - ok
21:45:46.0631 0x2788 IEEtwCollectorService - ok
21:45:46.0834 0x2788 [ 6FFC445E0D38C3C880125F2C201C9BC6, 488A427239B55394359751FCB8CBAEA8E2AE1CB2AE03C04590E7B8C80EF3F709 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:45:46.0943 0x2788 igfx - ok
21:45:46.0990 0x2788 [ AC4F72ABB5ED596A0F3D9D1EDDC4B27C, F48BFF192B523709DEF64578EA7217EED59E2C1D2627E7BD54E59DABC25B8C36 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:45:46.0990 0x2788 igfxCUIService2.0.0.0 - ok
21:45:47.0053 0x2788 [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
21:45:47.0068 0x2788 IKEEXT - ok
21:45:47.0084 0x2788 [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
21:45:47.0084 0x2788 intaud_WaveExtensible - ok
21:45:47.0209 0x2788 [ D172E06EFE08DF148155A59DB716C1B6, F059B0B37C5E944D70626E9F029BC6311029E0A9D778C9C75DDDDC59A5AF1605 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:45:47.0287 0x2788 IntcAzAudAddService - ok
21:45:47.0334 0x2788 [ 0D92782AEAFEC340F7F637E91C7E367D, 2E2654D017FF567CF8ED4D0BA20209894792C8BDDF50C3396961F2B850E17E36 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:45:47.0349 0x2788 IntcDAud - ok
21:45:47.0412 0x2788 [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:45:47.0443 0x2788 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:45:47.0443 0x2788 [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
21:45:47.0459 0x2788 intelide - ok
21:45:47.0474 0x2788 [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
21:45:47.0474 0x2788 intelpep - ok
21:45:47.0490 0x2788 [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
21:45:47.0506 0x2788 intelppm - ok
21:45:47.0521 0x2788 [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
21:45:47.0521 0x2788 IoQos - ok
21:45:47.0537 0x2788 [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:45:47.0537 0x2788 IpFilterDriver - ok
21:45:47.0599 0x2788 [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
21:45:47.0615 0x2788 iphlpsvc - ok
21:45:47.0646 0x2788 [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:45:47.0646 0x2788 IPMIDRV - ok
21:45:47.0662 0x2788 [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
21:45:47.0662 0x2788 IPNAT - ok
21:45:47.0709 0x2788 [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
21:45:47.0709 0x2788 IRENUM - ok
21:45:47.0740 0x2788 [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
21:45:47.0740 0x2788 isapnp - ok
21:45:47.0756 0x2788 [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
21:45:47.0771 0x2788 iScsiPrt - ok
21:45:47.0803 0x2788 [ EC62720A72C1ACD6AB638C0D7D10F431, CB1DC7A7E2247C11D4F40041F889786CD20E0C5CF6EEDFC320F8E9646E974C07 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:45:47.0803 0x2788 iumsvc - ok
21:45:47.0834 0x2788 [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
21:45:47.0834 0x2788 iwdbus - ok
21:45:47.0865 0x2788 [ 832F7C2747F04D1294AEF46A2CE5B63B, ABAECEFCAD9B526C3D98681A874966B924EB99AF61CDFAC6D5E767BE2FAF6CFA ] jhi_service C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:45:47.0881 0x2788 jhi_service - ok
21:45:47.0881 0x2788 [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
21:45:47.0881 0x2788 kbdclass - ok
21:45:47.0896 0x2788 [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
21:45:47.0896 0x2788 kbdhid - ok
21:45:47.0912 0x2788 [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
21:45:47.0912 0x2788 kdnic - ok
21:45:47.0928 0x2788 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso C:\WINDOWS\system32\lsass.exe
21:45:47.0928 0x2788 KeyIso - ok
21:45:47.0928 0x2788 [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
21:45:47.0946 0x2788 KSecDD - ok
21:45:47.0953 0x2788 [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:45:47.0957 0x2788 KSecPkg - ok
21:45:47.0967 0x2788 [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
21:45:47.0968 0x2788 ksthunk - ok
21:45:48.0012 0x2788 [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
21:45:48.0021 0x2788 KtmRm - ok
21:45:48.0057 0x2788 [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
21:45:48.0064 0x2788 LanmanServer - ok
21:45:48.0108 0x2788 [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:45:48.0109 0x2788 LanmanWorkstation - ok
21:45:48.0140 0x2788 [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
21:45:48.0140 0x2788 lfsvc - ok
21:45:48.0171 0x2788 [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
21:45:48.0171 0x2788 LicenseManager - ok
21:45:48.0187 0x2788 [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
21:45:48.0187 0x2788 lltdio - ok
21:45:48.0203 0x2788 [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
21:45:48.0218 0x2788 lltdsvc - ok
21:45:48.0250 0x2788 [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
21:45:48.0250 0x2788 lmhosts - ok
21:45:48.0266 0x2788 [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
21:45:48.0268 0x2788 LSI_SAS - ok
21:45:48.0273 0x2788 [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
21:45:48.0276 0x2788 LSI_SAS2i - ok
21:45:48.0276 0x2788 [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
21:45:48.0276 0x2788 LSI_SAS3i - ok
21:45:48.0276 0x2788 [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
21:45:48.0276 0x2788 LSI_SSS - ok
21:45:48.0307 0x2788 [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM C:\WINDOWS\System32\lsm.dll
21:45:48.0323 0x2788 LSM - ok
21:45:48.0354 0x2788 [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
21:45:48.0354 0x2788 luafv - ok
21:45:48.0370 0x2788 [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker C:\WINDOWS\System32\moshost.dll
21:45:48.0370 0x2788 MapsBroker - ok
21:45:48.0401 0x2788 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
21:45:48.0401 0x2788 MBAMProtector - ok
21:45:48.0620 0x2788 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:45:48.0651 0x2788 MBAMScheduler - ok
21:45:48.0713 0x2788 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbamservice.exe
21:45:48.0760 0x2788 MBAMService - ok
21:45:48.0838 0x2788 [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:45:48.0854 0x2788 MBAMSwissArmy - ok
21:45:48.0870 0x2788 [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
21:45:48.0885 0x2788 MBAMWebAccessControl - ok
21:45:48.0901 0x2788 [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
21:45:48.0917 0x2788 megasas - ok
21:45:48.0948 0x2788 [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
21:45:48.0979 0x2788 megasr - ok
21:45:48.0995 0x2788 [ 0CAEA11CEC2EEC7511385A467FD464D1, C84DD82374D551C90CCB274AB7F8CE4A503042CC8D1337A1F6498B2538E1793A ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
21:45:48.0995 0x2788 MEIx64 - ok
21:45:49.0026 0x2788 [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
21:45:49.0042 0x2788 mlx4_bus - ok
21:45:49.0042 0x2788 [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
21:45:49.0042 0x2788 MMCSS - ok
21:45:49.0074 0x2788 [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem C:\WINDOWS\system32\drivers\modem.sys
21:45:49.0076 0x2788 Modem - ok
21:45:49.0090 0x2788 [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
21:45:49.0091 0x2788 monitor - ok
21:45:49.0105 0x2788 [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
21:45:49.0107 0x2788 mouclass - ok
21:45:49.0112 0x2788 [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
21:45:49.0113 0x2788 mouhid - ok
21:45:49.0141 0x2788 [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
21:45:49.0143 0x2788 mountmgr - ok
21:45:49.0189 0x2788 [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:45:49.0193 0x2788 MozillaMaintenance - ok
21:45:49.0197 0x2788 [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
21:45:49.0199 0x2788 mpsdrv - ok
21:45:49.0229 0x2788 [ 51D4584BC245AF1B679CAF01669ACE23, AA0BE0D216A00113F5C07DD95CBC15C4448BF2CBD4954CF16D1E9689455447DB ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
21:45:49.0245 0x2788 MpsSvc - ok
21:45:49.0276 0x2788 [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
21:45:49.0276 0x2788 MRxDAV - ok
21:45:49.0291 0x2788 [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:45:49.0291 0x2788 mrxsmb - ok
21:45:49.0307 0x2788 [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:45:49.0307 0x2788 mrxsmb10 - ok
21:45:49.0323 0x2788 [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:45:49.0323 0x2788 mrxsmb20 - ok
21:45:49.0354 0x2788 [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
21:45:49.0354 0x2788 MsBridge - ok
21:45:49.0370 0x2788 [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:45:49.0385 0x2788 MSDTC - ok
21:45:49.0385 0x2788 [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:45:49.0385 0x2788 Msfs - ok
21:45:49.0417 0x2788 [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:45:49.0417 0x2788 msgpiowin32 - ok
21:45:49.0432 0x2788 [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:45:49.0432 0x2788 mshidkmdf - ok
21:45:49.0463 0x2788 [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
21:45:49.0463 0x2788 mshidumdf - ok
21:45:49.0463 0x2788 [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
21:45:49.0463 0x2788 msisadrv - ok
21:45:49.0479 0x2788 [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
21:45:49.0495 0x2788 MSiSCSI - ok
21:45:49.0495 0x2788 msiserver - ok
21:45:49.0510 0x2788 [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:45:49.0510 0x2788 MSKSSRV - ok
21:45:49.0541 0x2788 [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
21:45:49.0541 0x2788 MsLldp - ok
21:45:49.0557 0x2788 [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:45:49.0573 0x2788 MSPCLOCK - ok
21:45:49.0604 0x2788 [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:45:49.0604 0x2788 MSPQM - ok
21:45:49.0604 0x2788 [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
21:45:49.0620 0x2788 MsRPC - ok
21:45:49.0635 0x2788 [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
21:45:49.0635 0x2788 mssmbios - ok
21:45:49.0651 0x2788 [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:45:49.0651 0x2788 MSTEE - ok
21:45:49.0666 0x2788 [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
21:45:49.0666 0x2788 MTConfig - ok
21:45:49.0692 0x2788 [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
21:45:49.0695 0x2788 Mup - ok
21:45:49.0716 0x2788 [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
21:45:49.0718 0x2788 mvumis - ok
21:45:49.0752 0x2788 [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:45:49.0764 0x2788 NativeWifiP - ok
21:45:49.0796 0x2788 [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
21:45:49.0800 0x2788 NcaSvc - ok
21:45:49.0810 0x2788 [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService C:\WINDOWS\System32\ncbservice.dll
21:45:49.0818 0x2788 NcbService - ok
21:45:49.0834 0x2788 [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
21:45:49.0837 0x2788 NcdAutoSetup - ok
21:45:49.0858 0x2788 [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
21:45:49.0859 0x2788 ndfltr - ok
21:45:49.0906 0x2788 [ D43EAFF4887321A07D9F9A9DD7225E07, CF29073BBABE12D56744B041118F15C6C08CB89EF12413E359A6875C90FA383F ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
21:45:49.0921 0x2788 NDIS - ok
21:45:49.0952 0x2788 [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
21:45:49.0952 0x2788 NdisCap - ok
21:45:49.0952 0x2788 [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
21:45:49.0952 0x2788 NdisImPlatform - ok
21:45:49.0984 0x2788 [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:45:49.0984 0x2788 NdisTapi - ok
21:45:49.0984 0x2788 [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
21:45:49.0984 0x2788 Ndisuio - ok
21:45:49.0999 0x2788 [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:45:49.0999 0x2788 NdisVirtualBus - ok
21:45:50.0015 0x2788 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
21:45:50.0015 0x2788 NdisWan - ok
21:45:50.0031 0x2788 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:45:50.0031 0x2788 ndiswanlegacy - ok
21:45:50.0046 0x2788 [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
21:45:50.0046 0x2788 ndproxy - ok
21:45:50.0077 0x2788 [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
21:45:50.0077 0x2788 Ndu - ok
21:45:50.0093 0x2788 [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ]
|
|
18.09.2015, 20:59
| #4 |
| | Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter Ordner Zweite Hälft und zweites Programm: Code:
ATTFilter NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
21:45:50.0093 0x2788 NetBIOS - ok
21:45:50.0093 0x2788 [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:45:50.0109 0x2788 NetBT - ok
21:45:50.0124 0x2788 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:45:50.0124 0x2788 Netlogon - ok
21:45:50.0156 0x2788 [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman C:\WINDOWS\System32\netman.dll
21:45:50.0171 0x2788 Netman - ok
21:45:50.0202 0x2788 [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
21:45:50.0218 0x2788 netprofm - ok
21:45:50.0249 0x2788 [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
21:45:50.0249 0x2788 NetSetupSvc - ok
21:45:50.0296 0x2788 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:45:50.0296 0x2788 NetTcpPortSharing - ok
21:45:50.0312 0x2788 [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
21:45:50.0312 0x2788 netvsc - ok
21:45:50.0327 0x2788 [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
21:45:50.0327 0x2788 NgcCtnrSvc - ok
21:45:50.0343 0x2788 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc C:\WINDOWS\system32\lsass.exe
21:45:50.0343 0x2788 NgcSvc - ok
21:45:50.0359 0x2788 [ D5B50FCE0B749FC82BD8FD3A79FF623E, DB5E21011E020C08A5BE2B250BDEF9ACEA9891D6B7022BB9AAA5C6B92A4C87F8 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
21:45:50.0374 0x2788 NlaSvc - ok
21:45:50.0374 0x2788 [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:45:50.0374 0x2788 Npfs - ok
21:45:50.0390 0x2788 [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
21:45:50.0390 0x2788 npsvctrig - ok
21:45:50.0406 0x2788 [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi C:\WINDOWS\system32\nsisvc.dll
21:45:50.0406 0x2788 nsi - ok
21:45:50.0421 0x2788 [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
21:45:50.0421 0x2788 nsiproxy - ok
21:45:50.0484 0x2788 [ 466EC5659C02ED53DBD47DC1BC2B8086, 1F35DE75386F7D029C01D67B09D5E5157141C6892858885C11972CE73D6078AC ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
21:45:50.0515 0x2788 NTFS - ok
21:45:50.0546 0x2788 [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null C:\WINDOWS\system32\drivers\Null.sys
21:45:50.0546 0x2788 Null - ok
21:45:50.0874 0x2788 [ DF0BB2C179476D312B7BC0056CEC50A6, 64CC3201FA903E0EC9C99BE167C439C14A4C9AC2A88898B64789EEB381DB97B6 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
21:45:51.0062 0x2788 nvlddmkm - ok
21:45:51.0202 0x2788 [ B6BF397F3AAE84A90B4AD2E5AC7E59E4, 12264346E8866317B36D4A0F34B57E94E7598770433E2CB824ADC7FFFF6BCEDF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:45:51.0234 0x2788 NvNetworkService - ok
21:45:51.0265 0x2788 [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
21:45:51.0265 0x2788 nvraid - ok
21:45:51.0265 0x2788 [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
21:45:51.0281 0x2788 nvstor - ok
21:45:51.0343 0x2788 [ 1A861F6D367B3F21C61F40CFFAAE4289, 9162458087CC41C767396E7399D7AB84CD4C1CABCBCDA4870EFF804771436BC9 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:45:51.0343 0x2788 NvStreamKms - ok
21:45:51.0843 0x2788 [ 895130A7E7060AE8B120987940264063, 9C7A0CAE7EB3EF32C91BCA70BD83E765782629784AC309BFFB0DD9DC226C8106 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
21:45:52.0140 0x2788 NvStreamSvc - ok
21:45:52.0265 0x2788 [ DFCCA437717EACA8418F47992A41B39A, E587A629B894EE6A16AC414747D492FFC6B6E9F051B40F7D25F0D4406E2FF919 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
21:45:52.0281 0x2788 nvsvc - ok
21:45:52.0312 0x2788 [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
21:45:52.0312 0x2788 nvvad_WaveExtensible - ok
21:45:52.0327 0x2788 [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
21:45:52.0343 0x2788 nv_agp - ok
21:45:52.0421 0x2788 [ 8DD366F3B9F16ED722A6A66D956DA27F, 3A61B3D7B0D60CAA801FFDA086BFDDCF9C820CB11114DC60FDC9B30F828CC04F ] omniserv C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
21:45:52.0421 0x2788 omniserv - ok
21:45:52.0468 0x2788 [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
21:45:52.0484 0x2788 OneSyncSvc - ok
21:45:52.0562 0x2788 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:45:52.0577 0x2788 ose - ok
21:45:52.0624 0x2788 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
21:45:52.0640 0x2788 p2pimsvc - ok
21:45:52.0687 0x2788 [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
21:45:52.0687 0x2788 p2psvc - ok
21:45:52.0702 0x2788 [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport C:\WINDOWS\System32\drivers\parport.sys
21:45:52.0702 0x2788 Parport - ok
21:45:52.0718 0x2788 [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
21:45:52.0734 0x2788 partmgr - ok
21:45:52.0749 0x2788 [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
21:45:52.0765 0x2788 PcaSvc - ok
21:45:52.0812 0x2788 [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci C:\WINDOWS\system32\drivers\pci.sys
21:45:52.0827 0x2788 pci - ok
21:45:52.0827 0x2788 [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
21:45:52.0827 0x2788 pciide - ok
21:45:52.0859 0x2788 [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
21:45:52.0859 0x2788 pcmcia - ok
21:45:52.0859 0x2788 [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
21:45:52.0874 0x2788 pcw - ok
21:45:52.0874 0x2788 [ 5A4426450501534666F9E6157E258A0B, 2735EE7C5581D2FF5454662623BE94D08043C894580D540F0E5D3E21C7D7EC45 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
21:45:52.0874 0x2788 pdc - ok
21:45:52.0937 0x2788 [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
21:45:52.0937 0x2788 PEAUTH - ok
21:45:52.0968 0x2788 [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
21:45:52.0968 0x2788 percsas2i - ok
21:45:52.0984 0x2788 [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
21:45:52.0984 0x2788 percsas3i - ok
21:45:53.0072 0x2788 [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
21:45:53.0074 0x2788 PerfHost - ok
21:45:53.0101 0x2788 [ 42172DDE99D9F2AB3B0739506699A566, 6B0FAD656A24787E9429EA89F7DC03CC535D8E5D093378F93164ECADCEE5CFDF ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
21:45:53.0107 0x2788 PimIndexMaintenanceSvc - ok
21:45:53.0183 0x2788 [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla C:\WINDOWS\system32\pla.dll
21:45:53.0210 0x2788 pla - ok
21:45:53.0247 0x2788 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
21:45:53.0251 0x2788 PlugPlay - ok
21:45:53.0259 0x2788 [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
21:45:53.0261 0x2788 PNRPAutoReg - ok
21:45:53.0285 0x2788 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
21:45:53.0292 0x2788 PNRPsvc - ok
21:45:53.0332 0x2788 [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
21:45:53.0341 0x2788 PolicyAgent - ok
21:45:53.0348 0x2788 [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power C:\WINDOWS\system32\umpo.dll
21:45:53.0351 0x2788 Power - ok
21:45:53.0382 0x2788 [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
21:45:53.0384 0x2788 PptpMiniport - ok
21:45:53.0561 0x2788 [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:45:53.0619 0x2788 PrintNotify - ok
21:45:53.0647 0x2788 [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor C:\WINDOWS\System32\drivers\processr.sys
21:45:53.0649 0x2788 Processor - ok
21:45:53.0681 0x2788 [ 27D0B024BB356C6BEB1214B61E47DE02, 8CBDD62E243CC652F2197AE83DEDD21D91D2792558A6D7D1CC680B37607DEF4B ] ProfSvc C:\WINDOWS\system32\profsvc.dll
21:45:53.0689 0x2788 ProfSvc - ok
21:45:53.0701 0x2788 [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched C:\WINDOWS\system32\drivers\pacer.sys
21:45:53.0704 0x2788 Psched - ok
21:45:53.0734 0x2788 [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE C:\WINDOWS\system32\qwave.dll
21:45:53.0741 0x2788 QWAVE - ok
21:45:53.0765 0x2788 [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
21:45:53.0765 0x2788 QWAVEdrv - ok
21:45:53.0781 0x2788 [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:45:53.0781 0x2788 RasAcd - ok
21:45:53.0812 0x2788 [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
21:45:53.0812 0x2788 RasAgileVpn - ok
21:45:53.0828 0x2788 [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:45:53.0843 0x2788 RasAuto - ok
21:45:53.0859 0x2788 [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
21:45:53.0859 0x2788 Rasl2tp - ok
21:45:53.0890 0x2788 [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:45:53.0906 0x2788 RasMan - ok
21:45:53.0906 0x2788 [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
21:45:53.0906 0x2788 RasPppoe - ok
21:45:53.0921 0x2788 [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
21:45:53.0921 0x2788 RasSstp - ok
21:45:53.0937 0x2788 [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:45:53.0953 0x2788 rdbss - ok
21:45:53.0968 0x2788 [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
21:45:53.0968 0x2788 rdpbus - ok
21:45:53.0984 0x2788 [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
21:45:53.0984 0x2788 RDPDR - ok
21:45:54.0000 0x2788 [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:45:54.0015 0x2788 RdpVideoMiniport - ok
21:45:54.0062 0x2788 [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
21:45:54.0078 0x2788 rdyboost - ok
21:45:54.0125 0x2788 [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
21:45:54.0140 0x2788 ReFSv1 - ok
21:45:54.0218 0x2788 [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:45:54.0234 0x2788 RemoteAccess - ok
21:45:54.0265 0x2788 [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:45:54.0281 0x2788 RemoteRegistry - ok
21:45:54.0328 0x2788 [ 16018214C82C4AA1F58A037FC4601A04, DD9FCC06894879EB11841645C3F0325B61D57A7546811743BAE331E25605201A ] RetailDemo C:\WINDOWS\system32\RDXService.dll
21:45:54.0359 0x2788 RetailDemo - ok
21:45:54.0406 0x2788 [ 67E83C0C9A2B5ACEE9EF690E6B7E9189, 63D2A73B2031B52C66EF0455393BF05C55F9F7B0B9E48C54A39E547D46E090F6 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
21:45:54.0406 0x2788 RFCOMM - ok
21:45:54.0500 0x2788 [ 9E18DF158751CF968E7DF83256D70233, 89385DA5ABD283F289E37D7D9E33358B06216E9B3659B2E70F19FD5BA49C7F90 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
21:45:54.0515 0x2788 RichVideo64 - ok
21:45:54.0547 0x2788 [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
21:45:54.0547 0x2788 RpcEptMapper - ok
21:45:54.0578 0x2788 [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:45:54.0578 0x2788 RpcLocator - ok
21:45:54.0625 0x2788 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:45:54.0640 0x2788 RpcSs - ok
21:45:54.0656 0x2788 [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
21:45:54.0656 0x2788 rspndr - ok
21:45:54.0687 0x2788 [ E902D36DD94CB4A0568DF9C26D6E4D70, B7A4FA56B6B4F88AB54A4EF94804F7D8C11C6536C39F3CE4756D5F9298C45198 ] RSUSBSTOR C:\WINDOWS\System32\Drivers\RtsUStor.sys
21:45:54.0703 0x2788 RSUSBSTOR - ok
21:45:54.0781 0x2788 [ 12A3D1530E3F67B8664EBA923A3981E4, 8670C39EB0A7C37C17D014A8917493B776DE0829B55EFED13D91B6FA7B81CA11 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
21:45:54.0796 0x2788 rt640x64 - ok
21:45:54.0875 0x2788 [ C397166D21F4CD59D5AF339F8938CD0D, AC65C3238B0793BDDB43992AF1FF09CC70DA1DB89B8722A312FC1EF8BC97E272 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
21:45:54.0875 0x2788 RtkAudioService - ok
21:45:54.0937 0x2788 [ 48E042D6AAB285409AF06200966EA655, 64FD4305C4EBEC25AA7BC2058952BCB79DB0A054CF46F2413CC54FB1E550D5F4 ] RTL8168 C:\WINDOWS\System32\drivers\Rt630x64.sys
21:45:54.0984 0x2788 RTL8168 - ok
21:45:55.0015 0x2788 [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
21:45:55.0015 0x2788 s3cap - ok
21:45:55.0031 0x2788 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs C:\WINDOWS\system32\lsass.exe
21:45:55.0046 0x2788 SamSs - ok
21:45:55.0078 0x2788 [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
21:45:55.0078 0x2788 sbp2port - ok
21:45:55.0125 0x2788 [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
21:45:55.0140 0x2788 SCardSvr - ok
21:45:55.0171 0x2788 [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
21:45:55.0187 0x2788 ScDeviceEnum - ok
21:45:55.0218 0x2788 [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:45:55.0218 0x2788 scfilter - ok
21:45:55.0296 0x2788 [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:45:55.0312 0x2788 Schedule - ok
21:45:55.0359 0x2788 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
21:45:55.0375 0x2788 SCPolicySvc - ok
21:45:55.0390 0x2788 [ CC41D16FB823F9BE167BE773F225CD1F, 97020D419CFC161A4EEF238F8580ADC2D026221217BF41728C54F52ACDBB9FCB ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
21:45:55.0406 0x2788 sdbus - ok
21:45:55.0406 0x2788 [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
21:45:55.0421 0x2788 SDRSVC - ok
21:45:55.0421 0x2788 [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
21:45:55.0421 0x2788 sdstor - ok
21:45:55.0437 0x2788 [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon C:\WINDOWS\system32\seclogon.dll
21:45:55.0437 0x2788 seclogon - ok
21:45:55.0453 0x2788 [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS C:\WINDOWS\System32\sens.dll
21:45:55.0453 0x2788 SENS - ok
21:45:55.0515 0x2788 [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
21:45:55.0546 0x2788 SensorDataService - ok
21:45:55.0562 0x2788 [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService C:\WINDOWS\system32\SensorService.dll
21:45:55.0578 0x2788 SensorService - ok
21:45:55.0609 0x2788 [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
21:45:55.0609 0x2788 SensrSvc - ok
21:45:55.0625 0x2788 [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
21:45:55.0625 0x2788 SerCx - ok
21:45:55.0640 0x2788 [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
21:45:55.0640 0x2788 SerCx2 - ok
21:45:55.0656 0x2788 [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
21:45:55.0656 0x2788 Serenum - ok
21:45:55.0671 0x2788 [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial C:\WINDOWS\System32\drivers\serial.sys
21:45:55.0671 0x2788 Serial - ok
21:45:55.0687 0x2788 [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
21:45:55.0703 0x2788 sermouse - ok
21:45:55.0718 0x2788 [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
21:45:55.0718 0x2788 SessionEnv - ok
21:45:55.0734 0x2788 [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
21:45:55.0734 0x2788 sfloppy - ok
21:45:55.0781 0x2788 [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:45:55.0781 0x2788 SharedAccess - ok
21:45:55.0859 0x2788 [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:45:55.0859 0x2788 ShellHWDetection - ok
21:45:55.0875 0x2788 [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:45:55.0875 0x2788 SiSRaid2 - ok
21:45:55.0890 0x2788 [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
21:45:55.0890 0x2788 SiSRaid4 - ok
21:45:55.0922 0x2788 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:45:55.0937 0x2788 SkypeUpdate - ok
21:45:55.0968 0x2788 [ C73F57BF4B8CF29794F9FBC9B4AF3494, C7A01C1B3E77D8C84F5C2C3AEF42B9F548E3C41A091C2F826BBF82DEA54097FA ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
21:45:55.0968 0x2788 SmbDrv - ok
21:45:55.0984 0x2788 [ 46EFF9B977AB44007A0C0EF3B2D40541, EC9A349440EC979F99F79B2F60A6C53D561C4C1B32B6B8E74251B856851A1969 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
21:45:56.0000 0x2788 SmbDrvI - ok
21:45:56.0015 0x2788 [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost C:\WINDOWS\System32\smphost.dll
21:45:56.0015 0x2788 smphost - ok
21:45:56.0046 0x2788 [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
21:45:56.0062 0x2788 SmsRouter - ok
21:45:56.0093 0x2788 [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
21:45:56.0093 0x2788 SNMPTRAP - ok
21:45:56.0125 0x2788 [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
21:45:56.0125 0x2788 spaceport - ok
21:45:56.0140 0x2788 [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
21:45:56.0140 0x2788 SpbCx - ok
21:45:56.0171 0x2788 [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler C:\WINDOWS\System32\spoolsv.exe
21:45:56.0187 0x2788 Spooler - ok
21:45:56.0343 0x2788 [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc C:\WINDOWS\system32\sppsvc.exe
21:45:56.0453 0x2788 sppsvc - ok
21:45:56.0468 0x2788 [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:45:56.0484 0x2788 srv - ok
21:45:56.0500 0x2788 [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
21:45:56.0500 0x2788 srv2 - ok
21:45:56.0515 0x2788 [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:45:56.0515 0x2788 srvnet - ok
21:45:56.0562 0x2788 [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:45:56.0578 0x2788 SSDPSRV - ok
21:45:56.0625 0x2788 [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
21:45:56.0625 0x2788 SstpSvc - ok
21:45:56.0765 0x2788 [ C26E2C89EFB4BB39CD135B5DED804B78, 99288C6023DC6AC6554521EA671AB387ACE2AE2BCDE145C7012202842FF40841 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
21:45:56.0796 0x2788 StateRepository - ok
21:45:56.0828 0x2788 [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
21:45:56.0843 0x2788 stexstor - ok
21:45:56.0921 0x2788 [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc C:\WINDOWS\System32\wiaservc.dll
21:45:56.0937 0x2788 stisvc - ok
21:45:56.0968 0x2788 [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
21:45:56.0968 0x2788 storahci - ok
21:45:57.0000 0x2788 [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
21:45:57.0000 0x2788 storflt - ok
21:45:57.0031 0x2788 [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
21:45:57.0031 0x2788 stornvme - ok
21:45:57.0047 0x2788 [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
21:45:57.0047 0x2788 storqosflt - ok
21:45:57.0062 0x2788 [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
21:45:57.0062 0x2788 StorSvc - ok
21:45:57.0078 0x2788 [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
21:45:57.0078 0x2788 storufs - ok
21:45:57.0093 0x2788 [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
21:45:57.0093 0x2788 storvsc - ok
21:45:57.0109 0x2788 [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc C:\WINDOWS\system32\svsvc.dll
21:45:57.0109 0x2788 svsvc - ok
21:45:57.0172 0x2788 [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
21:45:57.0172 0x2788 swenum - ok
21:45:57.0218 0x2788 [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv C:\WINDOWS\System32\swprv.dll
21:45:57.0234 0x2788 swprv - ok
21:45:57.0265 0x2788 [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
21:45:57.0265 0x2788 Synth3dVsc - ok
21:45:57.0343 0x2788 [ CE3CE641FE30A5CAE7D55126BBC66551, 924C13107F832B6655E019FAABDAFABF998DBBD250771F41063D7938512CC815 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:45:57.0359 0x2788 SynTP - ok
21:45:57.0421 0x2788 [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain C:\WINDOWS\system32\sysmain.dll
21:45:57.0437 0x2788 SysMain - ok
21:45:57.0453 0x2788 [ 8863F06F520C1C76254B7DB45057BADA, EE8DA20185FBE37F64E8FE2A6FB477D602159AD6B63FFDD807981E6D28629888 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:45:57.0468 0x2788 SystemEventsBroker - ok
21:45:57.0500 0x2788 [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:45:57.0500 0x2788 TabletInputService - ok
21:45:57.0531 0x2788 [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:45:57.0546 0x2788 TapiSrv - ok
21:45:57.0625 0x2788 [ BA8CDF0FC9469005A84453A128EEB6AE, 5E037452DAB8B9004BCB761FD2161477E1D22D6F398CE97665F95FD0D6DD26B5 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
21:45:57.0656 0x2788 Tcpip - ok
21:45:57.0718 0x2788 [ BA8CDF0FC9469005A84453A128EEB6AE, 5E037452DAB8B9004BCB761FD2161477E1D22D6F398CE97665F95FD0D6DD26B5 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
21:45:57.0750 0x2788 Tcpip6 - ok
21:45:57.0765 0x2788 [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
21:45:57.0765 0x2788 tcpipreg - ok
21:45:57.0796 0x2788 [ 28E1E63A1AC65E17B3194238FA2CF3BF, 9A52D6DD14BEBB7B407B2703A111D1B302F1B84AA40A14D21FCA554F395E935D ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
21:45:57.0796 0x2788 tdx - ok
21:45:57.0812 0x2788 [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
21:45:57.0812 0x2788 terminpt - ok
21:45:57.0843 0x2788 [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService C:\WINDOWS\System32\termsrv.dll
21:45:57.0859 0x2788 TermService - ok
21:45:57.0890 0x2788 [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes C:\WINDOWS\system32\themeservice.dll
21:45:57.0890 0x2788 Themes - ok
21:45:57.0937 0x2788 [ 79431E9EEAE85C3E579D28265D2E3F21, 4C4A5CCCA8754D15737EC6E838E9F8A2B0D044F1FEB435B332EC70BB0CFA7DE1 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
21:45:57.0953 0x2788 tiledatamodelsvc - ok
21:45:57.0968 0x2788 [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
21:45:57.0968 0x2788 TimeBroker - ok
21:45:58.0000 0x2788 [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
21:45:58.0000 0x2788 TPM - ok
21:45:58.0015 0x2788 [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks C:\WINDOWS\System32\trkwks.dll
21:45:58.0031 0x2788 TrkWks - ok
21:45:58.0078 0x2788 [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:45:58.0078 0x2788 TrustedInstaller - ok
21:45:58.0125 0x2788 [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
21:45:58.0125 0x2788 TsUsbFlt - ok
21:45:58.0156 0x2788 [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:45:58.0156 0x2788 TsUsbGD - ok
21:45:58.0187 0x2788 [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
21:45:58.0187 0x2788 tunnel - ok
21:45:58.0187 0x2788 TVicPort - ok
21:45:58.0203 0x2788 [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
21:45:58.0203 0x2788 uagp35 - ok
21:45:58.0218 0x2788 [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
21:45:58.0218 0x2788 UASPStor - ok
21:45:58.0234 0x2788 [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
21:45:58.0234 0x2788 UcmCx0101 - ok
21:45:58.0265 0x2788 [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
21:45:58.0265 0x2788 UcmUcsi - ok
21:45:58.0297 0x2788 [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
21:45:58.0312 0x2788 Ucx01000 - ok
21:45:58.0312 0x2788 [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
21:45:58.0328 0x2788 UdeCx - ok
21:45:58.0343 0x2788 [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
21:45:58.0343 0x2788 udfs - ok
21:45:58.0359 0x2788 [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
21:45:58.0375 0x2788 UEFI - ok
21:45:58.0390 0x2788 [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
21:45:58.0390 0x2788 Ufx01000 - ok
21:45:58.0406 0x2788 [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
21:45:58.0406 0x2788 UfxChipidea - ok
21:45:58.0406 0x2788 [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
21:45:58.0422 0x2788 ufxsynopsys - ok
21:45:58.0437 0x2788 [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
21:45:58.0437 0x2788 UI0Detect - ok
21:45:58.0437 0x2788 [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
21:45:58.0453 0x2788 uliagpkx - ok
21:45:58.0453 0x2788 [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
21:45:58.0453 0x2788 umbus - ok
21:45:58.0468 0x2788 [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
21:45:58.0468 0x2788 UmPass - ok
21:45:58.0500 0x2788 [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
21:45:58.0515 0x2788 UmRdpService - ok
21:45:58.0578 0x2788 [ A4A5FF89F65D8D1AA3A769654AD8DBC0, 9C792595F7E90C6074BC0FF5A63C9A19449E2F2E2780087BBF12A72658437EE0 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
21:45:58.0609 0x2788 UnistoreSvc - ok
21:45:58.0625 0x2788 [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost C:\WINDOWS\System32\upnphost.dll
21:45:58.0625 0x2788 upnphost - ok
21:45:58.0640 0x2788 [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
21:45:58.0640 0x2788 UrsChipidea - ok
21:45:58.0672 0x2788 [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
21:45:58.0672 0x2788 UrsCx01000 - ok
21:45:58.0687 0x2788 [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
21:45:58.0687 0x2788 UrsSynopsys - ok
21:45:58.0687 0x2788 [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
21:45:58.0687 0x2788 usbccgp - ok
21:45:58.0703 0x2788 [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
21:45:58.0703 0x2788 usbcir - ok
21:45:58.0718 0x2788 [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
21:45:58.0718 0x2788 usbehci - ok
21:45:58.0750 0x2788 [ 15FE07A404C8A0CD306661433027FFE4, 250C5B4624EF062C88F49DCFEA00BFF1771EFE8B095EC4F0B51C99BB3F80EC66 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
21:45:58.0765 0x2788 usbhub - ok
21:45:58.0781 0x2788 [ 7E51F2AD1D729F5CDBB6BE21CB58FEB7, 4C9CBC7BE52EE80E3734ACF9AA6FC106FBAA9AE15FCDACB7E5100ED5CC041E80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
21:45:58.0797 0x2788 USBHUB3 - ok
21:45:58.0812 0x2788 [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
21:45:58.0812 0x2788 usbohci - ok
21:45:58.0828 0x2788 [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
21:45:58.0828 0x2788 usbprint - ok
21:45:58.0843 0x2788 [ 923CA145CD0A9DFBA4CBBA60AB684C2C, EFAA1E730802490E9A53718D70484832A38345FE0A670937FC546FD245DF2CC9 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:45:58.0843 0x2788 usbscan - ok
21:45:58.0859 0x2788 [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser C:\WINDOWS\System32\drivers\usbser.sys
21:45:58.0859 0x2788 usbser - ok
21:45:58.0875 0x2788 [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:45:58.0875 0x2788 USBSTOR - ok
21:45:58.0890 0x2788 [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
21:45:58.0890 0x2788 usbuhci - ok
21:45:58.0906 0x2788 [ B1484D4BBC6B7B424F1CD1554B0AFB84, C9432978603360182AAA983248FFA97576B3C59BE5DA45473DFA17E2940479C8 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
21:45:58.0921 0x2788 usbvideo - ok
21:45:58.0953 0x2788 [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:45:58.0968 0x2788 USBXHCI - ok
21:45:59.0031 0x2788 [ FD38DDBCC1699BAB0446B93C1245FE17, 0AADBE137FE4372C3FFF2E98CAB4522CBC16CA1CE9564FB3C53A896A1B4E6EC2 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
21:45:59.0062 0x2788 UserDataSvc - ok
21:45:59.0125 0x2788 [ E9E2B5FFBEFC2CDF14A6E55DD94CC823, A10C011835A65601B8FE3A30F361C224C60084A78085842ADCDA248047530CD1 ] UserManager C:\WINDOWS\System32\usermgr.dll
21:45:59.0140 0x2788 UserManager - ok
21:45:59.0171 0x2788 [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc C:\WINDOWS\system32\usocore.dll
21:45:59.0187 0x2788 UsoSvc - ok
21:45:59.0203 0x2788 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc C:\WINDOWS\system32\lsass.exe
21:45:59.0203 0x2788 VaultSvc - ok
21:45:59.0218 0x2788 [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
21:45:59.0218 0x2788 vdrvroot - ok
21:45:59.0265 0x2788 [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds C:\WINDOWS\System32\vds.exe
21:45:59.0312 0x2788 vds - ok
21:45:59.0312 0x2788 [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
21:45:59.0312 0x2788 VerifierExt - ok
21:45:59.0359 0x2788 [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
21:45:59.0375 0x2788 vhdmp - ok
21:45:59.0375 0x2788 [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
21:45:59.0375 0x2788 vhf - ok
21:45:59.0375 0x2788 [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
21:45:59.0390 0x2788 vmbus - ok
21:45:59.0390 0x2788 [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
21:45:59.0390 0x2788 VMBusHID - ok
21:45:59.0437 0x2788 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
21:45:59.0453 0x2788 vmicguestinterface - ok
21:45:59.0453 0x2788 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
21:45:59.0468 0x2788 vmicheartbeat - ok
21:45:59.0484 0x2788 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
21:45:59.0484 0x2788 vmickvpexchange - ok
21:45:59.0500 0x2788 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
21:45:59.0515 0x2788 vmicrdv - ok
21:45:59.0531 0x2788 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
21:45:59.0531 0x2788 vmicshutdown - ok
21:45:59.0546 0x2788 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
21:45:59.0562 0x2788 vmictimesync - ok
21:45:59.0578 0x2788 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
21:45:59.0578 0x2788 vmicvmsession - ok
21:45:59.0593 0x2788 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
21:45:59.0625 0x2788 vmicvss - ok
21:45:59.0625 0x2788 [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
21:45:59.0625 0x2788 volmgr - ok
21:45:59.0656 0x2788 [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
21:45:59.0656 0x2788 volmgrx - ok
21:45:59.0672 0x2788 [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
21:45:59.0672 0x2788 volsnap - ok
21:45:59.0687 0x2788 [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
21:45:59.0687 0x2788 vpci - ok
21:45:59.0718 0x2788 [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
21:45:59.0718 0x2788 vsmraid - ok
21:45:59.0750 0x2788 [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS C:\WINDOWS\system32\vssvc.exe
21:45:59.0765 0x2788 VSS - ok
21:45:59.0781 0x2788 [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
21:45:59.0781 0x2788 VSTXRAID - ok
21:45:59.0812 0x2788 [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
21:45:59.0812 0x2788 vwifibus - ok
21:45:59.0828 0x2788 [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
21:45:59.0828 0x2788 vwififlt - ok
21:45:59.0859 0x2788 [ 37C868DDE3103130B00AD1313DAB5ACB, BF9C30817A3502F5C0673FD462B18FE1BF37963B29DF09D84B66BDCBF8ECBA81 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
21:45:59.0859 0x2788 vwifimp - ok
21:45:59.0906 0x2788 [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time C:\WINDOWS\system32\w32time.dll
21:45:59.0906 0x2788 W32Time - ok
21:45:59.0953 0x2788 [ 9776E4816D92B766F461957FBDA84360, 048F6ADC97767AFAB50582D0AE1E67A15B038A1C02F7982A6AD30B61AC5C7369 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
21:45:59.0953 0x2788 w3logsvc - ok
21:45:59.0984 0x2788 [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
21:45:59.0984 0x2788 WacomPen - ok
21:46:00.0047 0x2788 [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService C:\WINDOWS\system32\WalletService.dll
21:46:00.0062 0x2788 WalletService - ok
21:46:00.0062 0x2788 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:46:00.0078 0x2788 wanarp - ok
21:46:00.0078 0x2788 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:46:00.0078 0x2788 wanarpv6 - ok
21:46:00.0125 0x2788 [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:46:00.0125 0x2788 WAS - ok
21:46:00.0218 0x2788 [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine C:\WINDOWS\system32\wbengine.exe
21:46:00.0250 0x2788 wbengine - ok
21:46:00.0281 0x2788 [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
21:46:00.0297 0x2788 WbioSrvc - ok
21:46:00.0328 0x2788 [ BB87BF4D17EBB3C05236FDAA048EBE07, 45D3B0C2561E28EDA4460C23768F660AE0F56527F7BDD191ED0DE4F414983AE1 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
21:46:00.0343 0x2788 Wcmsvc - ok
21:46:00.0359 0x2788 [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
21:46:00.0359 0x2788 wcncsvc - ok
21:46:00.0375 0x2788 [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:46:00.0375 0x2788 WcsPlugInService - ok
21:46:00.0406 0x2788 [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
21:46:00.0406 0x2788 WdBoot - ok
21:46:00.0453 0x2788 [ 796D1C95894BC15B3FEF090C107CBA31, 97917C543CBC13288F2194CB09C3A2759012B74F0D72DDB0896EF42C87348C6D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
21:46:00.0468 0x2788 Wdf01000 - ok
21:46:00.0500 0x2788 [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
21:46:00.0500 0x2788 WdFilter - ok
21:46:00.0515 0x2788 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
21:46:00.0531 0x2788 WdiServiceHost - ok
21:46:00.0531 0x2788 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
21:46:00.0531 0x2788 WdiSystemHost - ok
21:46:00.0578 0x2788 [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
21:46:00.0593 0x2788 wdiwifi - ok
21:46:00.0593 0x2788 [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:46:00.0593 0x2788 WdNisDrv - ok
21:46:00.0609 0x2788 WdNisSvc - ok
21:46:00.0625 0x2788 [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:46:00.0640 0x2788 WebClient - ok
21:46:00.0640 0x2788 [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
21:46:00.0656 0x2788 Wecsvc - ok
21:46:00.0656 0x2788 [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
21:46:00.0672 0x2788 WEPHOSTSVC - ok
21:46:00.0672 0x2788 [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
21:46:00.0687 0x2788 wercplsupport - ok
21:46:00.0687 0x2788 [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc C:\WINDOWS\System32\WerSvc.dll
21:46:00.0687 0x2788 WerSvc - ok
21:46:00.0687 0x2788 wfpcapture - ok
21:46:00.0718 0x2788 [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
21:46:00.0718 0x2788 WFPLWFS - ok
21:46:00.0718 0x2788 [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
21:46:00.0718 0x2788 WiaRpc - ok
21:46:00.0734 0x2788 [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
21:46:00.0734 0x2788 WIMMount - ok
21:46:00.0734 0x2788 WinDefend - ok
21:46:00.0750 0x2788 [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
21:46:00.0750 0x2788 WindowsTrustedRT - ok
21:46:00.0765 0x2788 [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
21:46:00.0765 0x2788 WindowsTrustedRTProxy - ok
21:46:00.0812 0x2788 [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:46:00.0828 0x2788 WinHttpAutoProxySvc - ok
21:46:00.0843 0x2788 [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
21:46:00.0843 0x2788 WinMad - ok
21:46:00.0906 0x2788 [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:46:00.0906 0x2788 Winmgmt - ok
21:46:00.0984 0x2788 [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:46:01.0031 0x2788 WinRM - ok
21:46:01.0047 0x2788 [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
21:46:01.0047 0x2788 WINUSB - ok
21:46:01.0062 0x2788 [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
21:46:01.0062 0x2788 WinVerbs - ok
21:46:01.0093 0x2788 [ BD19E2065A51E5E72A58729EE8CAA944, 2E5304B69A0D3ECCF9A1DEA152120493ACC3A77670380CDB24979BF5B56CAC26 ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
21:46:01.0093 0x2788 WirelessButtonDriver - ok
21:46:01.0093 0x2788 [ BD19E2065A51E5E72A58729EE8CAA944, 2E5304B69A0D3ECCF9A1DEA152120493ACC3A77670380CDB24979BF5B56CAC26 ] WirelessButtonDriver64 C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
21:46:01.0093 0x2788 WirelessButtonDriver64 - ok
21:46:01.0172 0x2788 [ 1D57DD1A716A1C2C71F0A53BD00B6AFD, 5374CFA453ECE8F70C1A7AC6CB1ABAF64C6BB4366BAD666533C495DD1BADC395 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
21:46:01.0203 0x2788 WlanSvc - ok
21:46:01.0281 0x2788 [ 802E5A0B96C1E9FCC0CBFD75F04CE7DF, C689E22141B5FA69438205D824DFCB408429DE9B8612A424E3425717017E9DB3 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
21:46:01.0328 0x2788 wlidsvc - ok
21:46:01.0343 0x2788 [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
21:46:01.0343 0x2788 WmiAcpi - ok
21:46:01.0375 0x2788 [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:46:01.0375 0x2788 wmiApSrv - ok
21:46:01.0406 0x2788 WMPNetworkSvc - ok
21:46:01.0437 0x2788 [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
21:46:01.0437 0x2788 Wof - ok
21:46:01.0500 0x2788 [ B2D8EDBBC339D903BF4073FF7A8D251E, 989F3B94F084720A094C89FD5AF02B5D5BCE5FB127F323E1ADA2890B6AAB3535 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
21:46:01.0531 0x2788 workfolderssvc - ok
21:46:01.0578 0x2788 [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
21:46:01.0578 0x2788 wpcfltr - ok
21:46:01.0578 0x2788 [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
21:46:01.0578 0x2788 WPDBusEnum - ok
21:46:01.0609 0x2788 [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:46:01.0609 0x2788 WpdUpFltr - ok
21:46:01.0625 0x2788 [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService C:\WINDOWS\system32\WpnService.dll
21:46:01.0625 0x2788 WpnService - ok
21:46:01.0625 0x2788 [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:46:01.0625 0x2788 ws2ifsl - ok
21:46:01.0640 0x2788 [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
21:46:01.0640 0x2788 wscsvc - ok
21:46:01.0640 0x2788 WSearch - ok
21:46:01.0781 0x2788 [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService C:\WINDOWS\System32\WSService.dll
21:46:01.0843 0x2788 WSService - ok
21:46:01.0922 0x2788 [ 994DB3BD0278B3136FD95F7E1C73A935, 4ECAD55E7ABF24DFB79882E842FE424157C383B0565FF1B222E74A085F05FC28 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
21:46:01.0953 0x2788 wuauserv - ok
21:46:01.0968 0x2788 [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
21:46:01.0968 0x2788 WudfPf - ok
21:46:01.0984 0x2788 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
21:46:02.0000 0x2788 WUDFRd - ok
21:46:02.0015 0x2788 [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
21:46:02.0015 0x2788 wudfsvc - ok
21:46:02.0015 0x2788 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:46:02.0031 0x2788 WUDFWpdFs - ok
21:46:02.0093 0x2788 [ 989EC133AD360CE71F85974B03143D97, 590145B7BD17A25A0848BD5C41AB967ED6C8DADE2BF91C6F4CA6D29CC3D1C79B ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
21:46:02.0125 0x2788 WwanSvc - ok
21:46:02.0156 0x2788 [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
21:46:02.0187 0x2788 XblAuthManager - ok
21:46:02.0203 0x2788 [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
21:46:02.0234 0x2788 XblGameSave - ok
21:46:02.0234 0x2788 [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
21:46:02.0234 0x2788 xboxgip - ok
21:46:02.0265 0x2788 [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
21:46:02.0281 0x2788 XboxNetApiSvc - ok
21:46:02.0312 0x2788 [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
21:46:02.0312 0x2788 xinputhid - ok
21:46:02.0312 0x2788 ================ Scan global ===============================
21:46:02.0375 0x2788 [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
21:46:02.0406 0x2788 [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
21:46:02.0453 0x2788 [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
21:46:02.0484 0x2788 [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
21:46:02.0500 0x2788 [ Global ] - ok
21:46:02.0500 0x2788 ================ Scan MBR ==================================
21:46:02.0515 0x2788 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:46:02.0515 0x2788 \Device\Harddisk0\DR0 - ok
21:46:02.0515 0x2788 [ 8CB37AFC263A219EBB7586F9C495114E ] \Device\Harddisk1\DR1
21:46:02.0781 0x2788 \Device\Harddisk1\DR1 - ok
21:46:02.0797 0x2788 [ 77972509BFCB10CE644B6535A884FD0F ] \Device\Harddisk2\DR2
21:46:02.0797 0x2788 \Device\Harddisk2\DR2 - ok
21:46:02.0812 0x2788 ================ Scan VBR ==================================
21:46:02.0812 0x2788 [ B8E8262EDE36C57E164B55972F448E29 ] \Device\Harddisk0\DR0\Partition1
21:46:02.0859 0x2788 \Device\Harddisk0\DR0\Partition1 - ok
21:46:02.0890 0x2788 [ 0A547AB976CB0C866898313FF8CBD803 ] \Device\Harddisk0\DR0\Partition2
21:46:02.0922 0x2788 \Device\Harddisk0\DR0\Partition2 - ok
21:46:02.0937 0x2788 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
21:46:02.0937 0x2788 \Device\Harddisk0\DR0\Partition3 - ok
21:46:02.0953 0x2788 [ A95DC43CDAC7F759A9F05D040DA2EEA6 ] \Device\Harddisk0\DR0\Partition4
21:46:03.0015 0x2788 \Device\Harddisk0\DR0\Partition4 - ok
21:46:03.0047 0x2788 [ C1AAC682049009BAF4A569C16A163444 ] \Device\Harddisk0\DR0\Partition5
21:46:03.0062 0x2788 \Device\Harddisk0\DR0\Partition5 - ok
21:46:03.0078 0x2788 [ A513D42FC33E040F64865BE6E19BE7D5 ] \Device\Harddisk0\DR0\Partition6
21:46:03.0078 0x2788 \Device\Harddisk0\DR0\Partition6 - ok
21:46:03.0093 0x2788 [ 6A248D3283C1E7F609486EA36FE5C0AA ] \Device\Harddisk1\DR1\Partition1
21:46:03.0093 0x2788 \Device\Harddisk1\DR1\Partition1 - ok
21:46:03.0093 0x2788 [ E2DE269DFB4141A8CBC864AFD414BED5 ] \Device\Harddisk2\DR2\Partition1
21:46:03.0093 0x2788 \Device\Harddisk2\DR2\Partition1 - ok
21:46:03.0093 0x2788 ================ Scan generic autorun ======================
21:46:03.0359 0x2788 [ 890C5393F1E7775A38FA73DC554A379E, 16A01ABF2E6C070156E0A92642496F33BE9A5A923B41FD538C532A52B92E74C4 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:46:03.0484 0x2788 RTHDVCPL - ok
21:46:03.0609 0x2788 [ 8370179ACE961B0DAD1022C00ABCC3D7, 8DE9213DE687340C859E165EFCCD36330AF99BB825AED0F6EA7D23B2614DDF73 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:46:03.0640 0x2788 NvBackend - ok
21:46:03.0672 0x2788 [ 5DED2A3F11AE916C8F2724947E736261, 35402466FE6D02CC85A27171F55D9F7FD0AAF018D3CC410E46F0B43DCE7EA080 ] C:\Windows\system32\rundll32.exe
21:46:03.0672 0x2788 ShadowPlay - ok
21:46:03.0843 0x2788 [ DE9938F17D9B173B1CA83E218F03CCC0, BC007746535036743640A17E4AB495114F1370A7522BA6391309266C0B7789A2 ] C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
21:46:03.0890 0x2788 SimplePass - ok
21:46:03.0922 0x2788 [ 9159063E3EF84A832DB5251447BACE9C, EE1DD20A5176816F484DD6945674750F43EC37B13355815FD20459097028EAA5 ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
21:46:03.0922 0x2788 OPBHOBroker - ok
21:46:03.0937 0x2788 [ AC382EA1AA21E592C808E46D95E6533D, B2941B6AAB48C245B47E94C74F0A1149A66428586ED3747C74C45BBFDA03741E ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
21:46:03.0953 0x2788 OPBHOBrokerDesktop - ok
21:46:03.0953 0x2788 SynTPEnh - ok
21:46:04.0000 0x2788 Dropbox - ok
21:46:04.0062 0x2788 [ C055411BF5412576E0191A61854C3671, 1D8FA9A922C6C954D8DB48344D7DC391EBD6DD5A19F8AF639569C6AE151AF1E7 ] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
21:46:04.0062 0x2788 HPMessageService - ok
21:46:04.0140 0x2788 [ F4BC46AD4FC1F2F3372EBF8505D00436, 94F752406AC4968A917691A2E2A09C2EBAAA24E549E3BC0F5F256A8233DF86D5 ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
21:46:04.0140 0x2788 AccelerometerSysTrayApplet - ok
21:46:04.0234 0x2788 [ 27F8A7A78773427E5D931628F89D6839, 61A312590322109BEA9EA70345E6FB40435D9BACE2B9CFF3ADF68C7B3D6FA163 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
21:46:04.0265 0x2788 avgnt - ok
21:46:04.0312 0x2788 [ F5060B034D37EA26D325A4319806E202, D43ACE85421DB29A6B6E8080D838152AB3858F83C2B373731945460E217C7D9F ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
21:46:04.0312 0x2788 Avira SystrayStartTrigger - ok
21:46:04.0578 0x2788 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:46:04.0718 0x2788 OneDriveSetup - ok
21:46:04.0859 0x2788 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:46:04.0968 0x2788 OneDriveSetup - ok
21:46:05.0140 0x2788 [ C2D2FFD27F46815951C9562F0A2EC864, 892A5DC5C3D797E3FD36230710BA9AF43ADA5CDFD19A03268D20D5A9DA3CCB3A ] C:\Users\Michael\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:46:05.0156 0x2788 OneDrive - ok
21:46:05.0172 0x2788 Skype - ok
21:46:05.0484 0x2788 [ FB5B78A3DE88FD3B725DA574497BC225, 0096C3ED0E29153E6A9E84C121B79A170FEDFE521AEA1BC602BC536E1795E5F3 ] C:\Program Files\CCleaner\CCleaner64.exe
21:46:05.0593 0x2788 CCleaner Monitoring - ok
21:46:05.0609 0x2788 Microsoft Word - ok
21:46:05.0640 0x2788 [ A6177D080759CF4A03EF837A38F62401, 79D1FFABDD7841D9043D4DDF1F93721BCD35D823614411FD4EAB5D2C16A86F35 ] C:\WINDOWS\system32\cmd.exe
21:46:05.0640 0x2788 Uninstall C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64 - ok
21:46:05.0656 0x2788 [ A6177D080759CF4A03EF837A38F62401, 79D1FFABDD7841D9043D4DDF1F93721BCD35D823614411FD4EAB5D2C16A86F35 ] C:\WINDOWS\system32\cmd.exe
21:46:05.0656 0x2788 Uninstall C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64 - ok
21:46:05.0656 0x2788 Waiting for KSN requests completion. In queue: 213
21:46:06.0672 0x2788 Waiting for KSN requests completion. In queue: 213
21:46:07.0687 0x2788 Waiting for KSN requests completion. In queue: 213
21:46:08.0765 0x2788 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.12.420 ), 0x41000 ( enabled : updated )
21:46:08.0765 0x2788 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
21:46:08.0781 0x2788 Win FW state via NFP2: enabled ( trusted )
21:46:11.0328 0x2788 ============================================================
21:46:11.0328 0x2788 Scan finished
21:46:11.0328 0x2788 ============================================================
21:46:11.0343 0x21dc Detected object count: 0
21:46:11.0343 0x21dc Actual detected object count: 0
21:46:35.0234 0x1ba4 Deinitialize success
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.09.18.08
rootkit: v2015.09.18.01
Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16431
Michael :: LOKI [administrator]
18.09.2015 21:28:36
mbar-log-2015-09-18 (21-28-36).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 385833
Time elapsed: 13 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
19.09.2015, 21:44
| #5 |
| /// the machine /// TB-Ausbilder | Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter Ordner Stick anklemmen, Custom Scan mit Stick und Rechner: Lade Dir bitte von hier  Emsisoft Emergency Kit herunter.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.09.2015, 17:22
| #6 |
| | Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter Ordner Ich habe das Programm durchlaufen lassen dabei traten 5 Funde auf, beim fünften musste ich den Laptop neu starten um ihn entfernen zu können, mein Avira zeigte einen Fund, ich habe nichts gemacht und erst mal das Program durchlaufen lassen, danach habe ich Avira laufen lassen. Bericht davon im zweiten Teil. Code:
ATTFilter Emsisoft Emergency Kit - Version 10.0
Letztes Update: 20.09.2015 14:54:51
Benutzerkonto: LOKI\Michael
Scan-Einstellungen:
Scan-Methode: Eigener Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, G:\, F:\
PUPs-Erkennung: An
Archiv-Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan-Beginn: 20.09.2015 14:56:26
C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\NSISHelper.dll.vir Gefunden: Gen:Variant.Adware.Graftor.242805 (B)
C:\ProgramData\Avira\Antivirus\INFECTED\4b600a8b.qua -> (Quarantine-8) Gefunden: Gen:Variant.Kazy.722298 (B)
C:\Users\Michael\AppData\Roaming\Microsoft Office\Microsoft Word.WsF -> (VBSCRIPT 1) Gefunden: Trojan.VBS.UFC (B)
G:\Microsoft Word.WsF -> (VBSCRIPT 1) Gefunden: Trojan.VBS.UFC (B)
F:\Microsoft Word.WsF -> (VBSCRIPT 1) Gefunden: Trojan.VBS.UFC (B)
Gescannt: 408073
Gefunden 5
Scan-Ende: 20.09.2015 16:02:38
Scan-Zeit: 1:06:12
F:\Microsoft Word.WsF Quarantäne Trojan.VBS.UFC (B)
G:\Microsoft Word.WsF Quarantäne Trojan.VBS.UFC (B)
C:\ProgramData\Avira\Antivirus\INFECTED\4b600a8b.qua Quarantäne Gen:Variant.Kazy.722298 (B)
C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\NSISHelper.dll.vir Quarantäne Gen:Variant.Adware.Graftor.242805 (B)
Quarantäne 4
Code:
ATTFilter
Free Antivirus
Erstellungsdatum der Reportdatei: Sonntag, 20. September 2015 16:15
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 10 Home
Windowsversion : (plain) [10.0.10240]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : LOKI
Versionsinformationen:
BUILD.DAT : 15.0.12.420 93846 Bytes 06.08.2015 20:58:00
AVSCAN.EXE : 15.0.12.420 1171384 Bytes 07.09.2015 09:34:29
AVSCANRC.DLL : 15.0.12.380 67688 Bytes 15.07.2015 06:37:55
LUKE.DLL : 15.0.12.398 69248 Bytes 15.07.2015 06:38:20
AVSCPLR.DLL : 15.0.12.398 106352 Bytes 15.07.2015 06:37:55
REPAIR.DLL : 15.0.12.420 516304 Bytes 07.09.2015 09:34:27
REPAIR.RDF : 1.0.10.60 1088162 Bytes 16.09.2015 11:01:51
AVREG.DLL : 15.0.12.420 339632 Bytes 07.09.2015 09:34:26
AVLODE.DLL : 15.0.12.420 634712 Bytes 07.09.2015 09:34:25
AVLODE.RDF : 14.0.5.6 84211 Bytes 07.09.2015 09:34:21
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 06:38:40
XBV00075.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:35
XBV00076.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:35
XBV00077.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:35
XBV00078.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:35
XBV00079.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:35
XBV00080.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:35
XBV00081.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00082.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00083.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00084.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00085.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00086.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00087.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00088.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00089.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00090.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00091.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00092.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00093.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00094.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:36
XBV00095.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00096.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00097.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00098.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00099.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00100.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00101.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00102.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00103.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00104.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00105.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00106.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00107.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:37
XBV00108.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00109.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00110.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00111.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00112.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00113.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00114.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00115.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00116.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00117.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00118.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00119.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00120.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00121.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00122.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:38
XBV00123.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00124.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00125.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00126.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00127.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00128.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00129.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00130.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00131.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00132.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00133.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:39
XBV00134.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00135.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00136.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00137.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00138.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00139.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00140.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00141.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00142.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00143.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00144.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00145.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00146.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00147.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00148.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:40
XBV00149.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00150.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00151.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00152.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00153.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00154.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00155.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00156.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00157.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00158.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00159.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00160.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00161.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00162.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:41
XBV00163.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00164.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00165.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00166.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00167.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00168.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00169.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00170.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00171.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00172.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00173.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:42
XBV00174.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00175.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00176.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00177.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00178.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00179.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00180.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00181.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00182.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00183.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00184.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00185.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00186.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00187.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:43
XBV00188.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00189.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00190.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00191.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00192.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00193.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00194.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00195.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00196.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00197.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00198.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00199.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00200.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:44
XBV00201.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:45
XBV00202.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:45
XBV00203.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:45
XBV00204.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:45
XBV00205.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:45
XBV00206.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:45
XBV00207.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:45
XBV00208.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:45
XBV00209.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:45
XBV00210.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00211.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00212.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00213.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00214.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00215.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00216.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00217.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00218.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00219.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00220.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00221.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00222.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00223.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00224.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:46
XBV00225.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00226.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00227.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00228.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00229.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00230.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00231.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00232.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00233.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00234.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00235.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00236.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00237.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:47
XBV00238.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00239.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00240.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00241.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00242.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00243.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00244.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00245.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00246.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00247.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00248.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00249.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00250.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00251.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00252.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:48
XBV00253.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:49
XBV00254.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:49
XBV00255.VDF : 8.12.8.238 2048 Bytes 16.09.2015 11:01:49
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 06:38:40
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 06:38:40
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 06:38:40
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 06:38:40
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 06:38:40
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 06:38:40
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 06:38:40
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 06:38:40
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 06:38:40
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 06:38:40
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 06:38:40
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 06:38:40
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 06:38:40
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 06:38:40
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 06:38:40
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 06:38:40
XBV00016.VDF : 8.11.213.176 212480 Bytes 05.03.2015 06:38:40
XBV00017.VDF : 8.11.219.166 2033664 Bytes 25.03.2015 06:38:40
XBV00018.VDF : 8.11.225.88 2367488 Bytes 22.04.2015 06:38:40
XBV00019.VDF : 8.11.230.186 1674752 Bytes 13.05.2015 06:38:40
XBV00020.VDF : 8.11.237.30 4711936 Bytes 02.06.2015 06:38:40
XBV00021.VDF : 8.11.243.12 2747904 Bytes 26.06.2015 06:38:40
XBV00022.VDF : 8.11.248.172 2350592 Bytes 17.07.2015 09:34:58
XBV00023.VDF : 8.11.254.112 2570752 Bytes 07.08.2015 09:35:05
XBV00024.VDF : 8.12.3.6 2196480 Bytes 27.08.2015 09:35:11
XBV00025.VDF : 8.12.8.238 1951232 Bytes 16.09.2015 11:01:32
XBV00042.VDF : 8.12.8.240 2048 Bytes 16.09.2015 11:01:32
XBV00043.VDF : 8.12.8.242 2048 Bytes 16.09.2015 11:01:32
XBV00044.VDF : 8.12.8.248 10752 Bytes 16.09.2015 11:01:32
XBV00045.VDF : 8.12.8.250 2048 Bytes 16.09.2015 11:01:32
XBV00046.VDF : 8.12.9.0 7680 Bytes 16.09.2015 11:01:32
XBV00047.VDF : 8.12.9.2 2048 Bytes 16.09.2015 11:01:32
XBV00048.VDF : 8.12.9.4 13824 Bytes 16.09.2015 11:01:33
XBV00049.VDF : 8.12.9.38 45056 Bytes 16.09.2015 11:01:33
XBV00050.VDF : 8.12.10.84 211456 Bytes 17.09.2015 20:08:01
XBV00051.VDF : 8.12.10.114 2560 Bytes 17.09.2015 20:08:01
XBV00052.VDF : 8.12.10.144 8704 Bytes 17.09.2015 22:08:00
XBV00053.VDF : 8.12.10.172 12800 Bytes 17.09.2015 13:48:08
XBV00054.VDF : 8.12.10.192 2048 Bytes 17.09.2015 13:48:08
XBV00055.VDF : 8.12.10.214 29696 Bytes 18.09.2015 13:48:08
XBV00056.VDF : 8.12.10.216 9728 Bytes 18.09.2015 13:48:09
XBV00057.VDF : 8.12.10.218 10240 Bytes 18.09.2015 13:48:09
XBV00058.VDF : 8.12.10.220 14848 Bytes 18.09.2015 12:16:18
XBV00059.VDF : 8.12.10.240 6144 Bytes 18.09.2015 12:16:18
XBV00060.VDF : 8.12.11.4 18432 Bytes 18.09.2015 12:16:18
XBV00061.VDF : 8.12.11.24 2560 Bytes 18.09.2015 12:16:18
XBV00062.VDF : 8.12.11.44 2048 Bytes 18.09.2015 12:16:18
XBV00063.VDF : 8.12.11.64 25600 Bytes 18.09.2015 12:16:18
XBV00064.VDF : 8.12.11.84 11264 Bytes 18.09.2015 12:16:18
XBV00065.VDF : 8.12.11.86 6656 Bytes 18.09.2015 12:16:18
XBV00066.VDF : 8.12.11.88 5120 Bytes 18.09.2015 12:16:18
XBV00067.VDF : 8.12.11.90 42496 Bytes 19.09.2015 12:16:19
XBV00068.VDF : 8.12.11.92 9728 Bytes 19.09.2015 12:16:19
XBV00069.VDF : 8.12.11.112 4096 Bytes 19.09.2015 17:09:30
XBV00070.VDF : 8.12.11.130 7168 Bytes 19.09.2015 17:09:30
XBV00071.VDF : 8.12.11.148 84480 Bytes 20.09.2015 12:41:22
XBV00072.VDF : 8.12.11.166 2048 Bytes 20.09.2015 12:41:22
XBV00073.VDF : 8.12.11.184 7168 Bytes 20.09.2015 12:41:22
XBV00074.VDF : 8.12.11.186 5120 Bytes 20.09.2015 12:41:22
LOCAL000.VDF : 8.12.11.186 138246144 Bytes 20.09.2015 12:41:51
Engineversion : 8.3.34.26
AEBB.DLL : 8.1.2.0 60448 Bytes 15.07.2015 06:37:47
AECORE.DLL : 8.3.8.0 249920 Bytes 07.09.2015 09:34:01
AEDROID.DLL : 8.4.3.338 1571968 Bytes 07.09.2015 09:34:19
AEEMU.DLL : 8.1.3.4 399264 Bytes 15.07.2015 06:37:47
AEEXP.DLL : 8.4.2.122 273264 Bytes 07.09.2015 09:34:17
AEGEN.DLL : 8.1.7.52 464800 Bytes 07.09.2015 09:34:02
AEHELP.DLL : 8.3.2.2 281456 Bytes 15.07.2015 06:37:47
AEHEUR.DLL : 8.1.4.1924 8702832 Bytes 11.09.2015 12:50:34
AEMOBILE.DLL : 8.1.8.4 303168 Bytes 07.09.2015 09:34:20
AEOFFICE.DLL : 8.3.1.48 405568 Bytes 11.09.2015 12:50:34
AEPACK.DLL : 8.4.1.8 793728 Bytes 07.09.2015 09:34:13
AERDL.DLL : 8.2.1.36 811064 Bytes 08.09.2015 13:52:35
AESBX.DLL : 8.2.21.0 1622072 Bytes 15.07.2015 06:37:47
AESCN.DLL : 8.3.3.2 141216 Bytes 07.09.2015 09:34:16
AESCRIPT.DLL : 8.2.2.100 535408 Bytes 11.09.2015 12:50:35
AEVDF.DLL : 8.3.2.2 141216 Bytes 07.09.2015 09:34:17
AVWINLL.DLL : 15.0.12.380 29600 Bytes 15.07.2015 06:37:58
AVPREF.DLL : 15.0.12.380 55864 Bytes 15.07.2015 06:37:54
AVREP.DLL : 15.0.12.380 225320 Bytes 15.07.2015 06:37:54
AVARKT.DLL : 15.0.12.380 232000 Bytes 15.07.2015 06:37:48
AVEVTLOG.DLL : 15.0.12.398 202112 Bytes 15.07.2015 06:37:50
SQLITE3.DLL : 15.0.12.380 461672 Bytes 15.07.2015 06:38:34
AVSMTP.DLL : 15.0.12.380 82120 Bytes 15.07.2015 06:37:56
NETNT.DLL : 15.0.12.380 18792 Bytes 15.07.2015 06:38:23
CommonImageRc.dll: 15.0.12.380 4308216 Bytes 15.07.2015 06:38:24
CommonTextRc.dll: 15.0.12.386 69248 Bytes 15.07.2015 06:38:24
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Prüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\Antivirus\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Sonntag, 20. September 2015 16:15
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '222' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxCUIService.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'OmniServ.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'Hpservice.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkAudioService64.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVBg64.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVBg64.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '13' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.ServiceHost.exe' - '118' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'CATSysDemon.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtwRSupportService.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPWMISVC.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'OfficeClickToRun.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamscheduler.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'RichVideo64.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'sihost.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '254' Modul(e) wurden durchsucht
Durchsuche Prozess 'RemindersServer.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostw.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxEM.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxHK.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxTray.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'opvapp.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '134' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'ShellExperienceHost.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchUI.exe' - '149' Modul(e) wurden durchsucht
Durchsuche Prozess 'YouCamService.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'CoolSense.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpeechRuntime.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqwmiex.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkNGUI64.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'ClientCore.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'opbhobroker.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'opbhobrokerdsktop.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'SYNTPHELPER.EXE' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'OneDrive.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCleaner64.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'SecureLine.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPMSGSVC.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'AccelerometerSt.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.Systray.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'CSISYNCCLIENT.EXE' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'MsoSync.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'a2emergencykit.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'GamesAppIntegrationService.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpsa_service.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SettingSyncHost.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOTEPAD.EXE' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '118' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '77' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '4153' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <Windows>
C:\swapfile.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
Beginne mit der Suche in 'D:\' <RECOVERY>
Ende des Suchlaufs: Sonntag, 20. September 2015 18:17
Benötigte Zeit: 2:01:34 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
45974 Verzeichnisse wurden überprüft
1077752 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
1 Dateien konnten nicht durchsucht werden
1077751 Dateien ohne Befall
11125 Archive wurden durchsucht
1 Warnungen
0 Hinweise
|
|
21.09.2015, 15:56
| #7 |
| /// the machine /// TB-Ausbilder | Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter OrdnerESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.09.2015, 00:14
| #8 |
| | Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter Ordner Alles durchgeführt Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=17a3dda619a03447b03494bbc7a30dd5
# end=init
# utc_time=2015-09-21 08:08:57
# local_time=2015-09-21 10:08:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25871
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=17a3dda619a03447b03494bbc7a30dd5
# end=updated
# utc_time=2015-09-21 08:55:19
# local_time=2015-09-21 10:55:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=17a3dda619a03447b03494bbc7a30dd5
# engine=25871
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-21 10:57:11
# local_time=2015-09-22 12:57:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 14979 6350243 0 0
# scanned=356221
# found=6
# cleaned=0
# scan_time=7311
sh=79D3C4D357090FBF441190D1366B1A4019BAA42B ft=1 fh=1d7055786ab55519 vn="Variante von Win64/Adware.CouponMarvel.K Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\SecurityUtility64.dll.vir"
sh=38277117C1C752ABCAE2B12CB2A901C7D3D9926D ft=0 fh=0000000000000000 vn="VBS/Padon.B Wurm" ac=I fn="F:\.Trash-1000.lnk"
sh=2A8752EBABDD14A7FE6ACCDAC5E065640C335691 ft=0 fh=0000000000000000 vn="VBS/Padon.B Wurm" ac=I fn="F:\System Volume Information.lnk"
sh=1781732C8AD8424DCB21D0BAB3D64161C78EB994 ft=0 fh=0000000000000000 vn="VBS/Padon.B Wurm" ac=I fn="F:\ReadyBoostPerfTest.lnk"
sh=70D386CAE62D4BA41928488F2AFD73CE11D7B73D ft=0 fh=0000000000000000 vn="VBS/Padon.B Wurm" ac=I fn="F:\FOUND.000.lnk"
sh=0856F9FC401098067408C83660EC16222822D44D ft=0 fh=0000000000000000 vn="VBS/Padon.B Wurm" ac=I fn="G:\System Volume Information.lnk"
Code:
ATTFilter Results of screen317's Security Check version 1.008 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Antivirus Windows Defender Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 19.0.0.185 Mozilla Firefox (40.0.3) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Avira Antivirus sched.exe Avira Antivirus avshadow.exe Michael Meine Welt Programme jeder Art Malwarebytes Anti-Malware\mbamscheduler.exe Windows Defender MpCmdRun.exe AVAST Software SecureLine SecureLine.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 durchgeführt von Michael (Administrator) auf LOKI (22-09-2015 01:11:05) Gestartet von C:\Users\Michael\Downloads\Mottenkiste Geladene Profile: Michael (Verfügbare Profile: Michael) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Dassault Systemes) C:\Users\Michael\Meine Welt\Programme jeder Art\cat\intel_a\code\bin\CATSysDemon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbamscheduler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Malwarebytes Corporation) C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (AVAST Software) C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.915.17170.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.9.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-08-27] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945656 2015-09-08] (Synaptics Incorporated) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-09-07] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-2964265515-3498347506-235733016-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-2964265515-3498347506-235733016-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd) HKU\S-1-5-21-2964265515-3498347506-235733016-1001\...\Run: [Microsoft Word] => wscript.exe //B "C:\Users\Michael\AppData\Roaming\Microsoft Office\\Microsoft Word.WsF" HKU\S-1-5-21-2964265515-3498347506-235733016-1001\...\RunOnce: [Uninstall C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" HKU\S-1-5-21-2964265515-3498347506-235733016-1001\...\RunOnce: [Uninstall C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-02-09] ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{9d3a08c7-b385-4b62-a999-566051641c5e}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com HKU\S-1-5-21-2964265515-3498347506-235733016-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2964265515-3498347506-235733016-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {18751D32-1857-4B7F-98DA-3AFB4D02FF02} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2964265515-3498347506-235733016-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2964265515-3498347506-235733016-1001 -> {05341112-568B-46A9-AEF4-4015D6C617B1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-2964265515-3498347506-235733016-1001 -> {18751D32-1857-4B7F-98DA-3AFB4D02FF02} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-27] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default FF Homepage: hxxp://www.t-online.de/ www.hs-merseburg.de FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] () FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Users\Michael\Meine Welt\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-14] (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-07-21] () FF Plugin-x32: Adobe Reader -> C:\Users\Michael\Meine Welt\Programme jeder Art\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF Extension: Print pages to PDF - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\printPages2Pdf@reinhold.ripper [2015-08-15] FF Extension: YouTube Unblocker - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\youtubeunblocker@unblocker.yt [2015-08-15] FF Extension: Multi YouTube mp3 - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\d.lehr@chello.at.xpi [2015-08-15] FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2015-08-15] FF Extension: ProxTube - Unblock YouTube - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\ich@maltegoetz.de.xpi [2015-08-15] FF Extension: YouTube High Definition - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-08-15] FF Extension: Video DownloadHelper - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-08-15] FF Extension: Adblock Plus - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\oub17xxc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-15] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-15] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-07] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-07] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-09-07] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG) R2 BBDemon; C:\Users\Michael\Meine Welt\Programme jeder Art\cat\intel_a\code\bin\CATSysDemon.exe [35840 2005-09-06] (Dassault Systemes) [Datei ist nicht signiert] R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2269440 2015-07-10] (Broadcom Corporation.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2768472 2015-08-11] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-14] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-14] (Dropbox, Inc.) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-07-21] (WildTangent) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] () R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation) R2 MBAMScheduler; C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Users\Michael\Meine Welt\Programme jeder Art\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19438920 2014-09-09] (NVIDIA Corporation) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Datei ist nicht signiert] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-08-27] (Realtek Semiconductor) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-14] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-07-15] (Avira Operations GmbH & Co. KG) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [199472 2015-07-10] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7551240 2015-09-17] (Broadcom Corporation) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-09-20] (Emsisoft GmbH) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-22] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-09] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-08-27] (Realtek ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44216 2015-09-08] (Synaptics Incorporated) S2 TVicPort; kein ImagePath S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.) R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-22 00:58 - 2015-09-22 00:58 - 00016148 _____ C:\WINDOWS\system32\LOKI_Michael_HistoryPrediction.bin 2015-09-21 22:08 - 2015-09-21 22:08 - 00000000 ____D C:\Program Files (x86)\ESET 2015-09-21 20:52 - 2015-09-21 20:53 - 02870984 _____ (ESET) C:\Users\Michael\Desktop\esetsmartinstaller_deu.exe 2015-09-21 20:47 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-09-21 20:13 - 2015-09-22 01:03 - 00852704 _____ C:\Users\Michael\Desktop\SecurityCheck.exe 2015-09-21 20:09 - 2015-09-21 20:09 - 00000000 ___HD C:\OneDriveTemp 2015-09-21 20:08 - 2015-09-21 20:08 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\0AB46819.sys 2015-09-20 16:09 - 2015-09-20 16:09 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-09-20 16:09 - 2015-09-20 16:09 - 00000000 _____ C:\WINDOWS\setupact.log 2015-09-20 16:05 - 2015-09-20 16:05 - 00000408 _____ C:\EamClean.log 2015-09-20 14:51 - 2015-09-20 16:09 - 00000000 ____D C:\EEK 2015-09-20 14:51 - 2015-09-20 16:08 - 00000791 _____ C:\Users\Michael\Desktop\Start Emsisoft Emergency Kit.lnk 2015-09-19 15:06 - 2015-09-20 22:07 - 00002326 _____ C:\Users\Michael\Documents\veroelung.txt 2015-09-19 14:33 - 2015-09-22 00:57 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-09-18 21:30 - 2015-09-18 21:30 - 00001330 _____ C:\Users\Michael\Desktop\hi.txt 2015-09-18 21:29 - 2015-09-18 21:45 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Michael\Desktop\tdsskiller.exe 2015-09-18 21:25 - 2015-09-18 21:27 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Michael\Desktop\mbar-1.09.3.1001(1).exe 2015-09-18 16:32 - 2015-09-18 16:32 - 00004012 _____ C:\Users\Michael\Desktop\Ereignisse.txt 2015-09-18 15:59 - 2015-09-22 01:11 - 00000000 ____D C:\FRST 2015-09-18 15:58 - 2015-09-18 15:58 - 00000000 _____ C:\Users\Michael\defogger_reenable 2015-09-18 15:37 - 2015-09-19 14:21 - 00000000 ____D C:\WINDOWS\Minidump 2015-09-18 01:37 - 2015-09-18 01:44 - 00000000 ____D C:\ProgramData\SecTaskMan 2015-09-18 01:31 - 2015-09-18 01:31 - 00000434 _____ C:\Users\Michael\Documents\virus.txt 2015-09-17 23:32 - 2015-09-17 23:31 - 03799080 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvui64.dll 2015-09-17 23:31 - 2015-09-17 23:31 - 00000000 ____D C:\Users\Michael\AppData\Roaming\InstallShield 2015-09-17 21:20 - 2015-09-17 21:20 - 00018360 _____ C:\Users\Michael\Documents\cc_20150917_212039.reg 2015-09-17 19:17 - 2015-09-18 21:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-09-17 17:04 - 2015-09-18 21:43 - 00000000 ____D C:\Users\Michael\Desktop\mbar 2015-09-17 16:34 - 2015-09-17 16:34 - 00168468 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.dbg 2015-09-17 16:34 - 2015-09-17 16:34 - 00025197 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.rpt 2015-09-17 16:34 - 2015-09-17 16:34 - 00018194 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.obj 2015-09-17 16:34 - 2015-09-17 16:34 - 00011341 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.hex 2015-09-17 16:34 - 2015-09-17 16:34 - 00004026 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.bin 2015-09-17 14:11 - 2015-09-17 14:11 - 00000448 _____ C:\Users\Michael\Documents\test nummer zwei.err 2015-09-15 19:08 - 2015-09-15 19:08 - 00000366 _____ C:\Users\Michael\Documents\MINMAX.SIM 2015-09-15 17:32 - 2015-09-15 18:16 - 00000064 _____ C:\Users\Michael\Documents\minmax.BM 2015-09-15 17:31 - 2015-09-15 18:16 - 00167460 _____ C:\Users\Michael\Documents\minmax.dbg 2015-09-15 17:31 - 2015-09-15 18:16 - 00023659 _____ C:\Users\Michael\Documents\minmax.rpt 2015-09-15 17:31 - 2015-09-15 18:16 - 00003206 _____ C:\Users\Michael\Documents\minmax.obj 2015-09-15 17:31 - 2015-09-15 18:16 - 00001981 _____ C:\Users\Michael\Documents\minmax.hex 2015-09-15 17:31 - 2015-09-15 18:16 - 00000698 _____ C:\Users\Michael\Documents\minmax.bin 2015-09-14 15:43 - 2015-09-16 01:16 - 00000366 _____ C:\Users\Michael\Documents\TEST NUMMER ZWEI.SIM 2015-09-14 15:19 - 2015-09-17 18:51 - 00000064 _____ C:\Users\Michael\Documents\test nummer zwei.BM 2015-09-14 15:19 - 2015-09-17 12:20 - 00167412 _____ C:\Users\Michael\Documents\test nummer zwei.dbg 2015-09-14 15:19 - 2015-09-17 12:20 - 00023344 _____ C:\Users\Michael\Documents\test nummer zwei.rpt 2015-09-14 15:19 - 2015-09-17 12:20 - 00002127 _____ C:\Users\Michael\Documents\test nummer zwei.obj 2015-09-14 15:19 - 2015-09-17 12:20 - 00001302 _____ C:\Users\Michael\Documents\test nummer zwei.hex 2015-09-14 15:19 - 2015-09-17 12:20 - 00000456 _____ C:\Users\Michael\Documents\test nummer zwei.bin 2015-09-14 15:15 - 2015-09-17 18:51 - 00003700 _____ C:\Users\Michael\Documents\test nummer zwei.bas 2015-09-13 20:32 - 2015-09-13 22:05 - 00000234 _____ C:\Users\Michael\Documents\Blase.err 2015-09-13 20:31 - 2015-09-17 00:05 - 00000064 _____ C:\Users\Michael\Documents\Blase.BM 2015-09-13 19:38 - 2015-09-17 00:05 - 00003883 _____ C:\Users\Michael\Documents\Blase.bas 2015-09-13 17:21 - 2015-09-13 17:21 - 00000000 ___RD C:\Users\Michael\AppData\Roaming\Brother 2015-09-12 23:24 - 2015-09-12 23:24 - 00000029 _____ C:\Users\Michael\Documents\desktophintergrund.txt 2015-09-10 21:45 - 2015-09-10 21:45 - 00000000 ____D C:\Users\Michael\AppData\Local\CEF 2015-09-10 21:05 - 2015-09-11 15:01 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-09-10 21:04 - 2015-09-10 21:04 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-09-10 21:04 - 2015-09-10 21:04 - 00002223 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-09-10 21:02 - 2015-09-10 21:45 - 00000000 ____D C:\ProgramData\Adobe 2015-09-10 17:14 - 2015-09-10 17:14 - 00002687 _____ C:\Users\Michael\Desktop\Hochimpedanzschaltung.txt 2015-09-09 18:23 - 2015-09-15 18:16 - 00001186 _____ C:\Users\Michael\Documents\minmax.bas 2015-09-09 18:10 - 2015-09-17 13:39 - 00000366 _____ C:\Users\Michael\Documents\TEST.SIM 2015-09-09 18:08 - 2015-09-17 18:51 - 00000064 _____ C:\Users\Michael\Documents\test.BM 2015-09-09 18:08 - 2015-09-17 13:38 - 00063270 _____ C:\Users\Michael\Documents\test.dbg 2015-09-09 18:08 - 2015-09-17 13:38 - 00009546 _____ C:\Users\Michael\Documents\test.rpt 2015-09-09 18:08 - 2015-09-17 13:38 - 00004842 _____ C:\Users\Michael\Documents\test.obj 2015-09-09 18:08 - 2015-09-17 13:38 - 00003008 _____ C:\Users\Michael\Documents\test.hex 2015-09-09 18:08 - 2015-09-17 13:38 - 00001062 _____ C:\Users\Michael\Documents\test.bin 2015-09-09 18:07 - 2015-09-17 18:51 - 00000094 _____ C:\Users\Michael\Documents\test.bas 2015-09-09 17:47 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-09-09 17:47 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-09-09 17:47 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-09-09 17:47 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 17:47 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-09-09 17:47 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-09-09 17:47 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-09 17:47 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 17:47 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-09-09 17:47 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 17:47 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 17:47 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 17:47 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 17:47 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 17:47 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 17:47 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 17:47 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 17:47 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-09-09 17:47 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll 2015-09-09 17:47 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 17:47 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-09 17:47 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-09 17:47 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-09 17:47 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-09-09 17:47 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-09 17:47 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 17:47 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-09-09 17:47 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-09 17:47 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-09 17:47 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-09-09 17:47 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-09 17:47 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-09-08 16:15 - 2015-09-08 16:15 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll 2015-09-08 16:15 - 2015-09-08 16:15 - 00044216 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys 2015-09-08 16:15 - 2015-09-08 16:15 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys 2015-09-08 01:52 - 2015-09-20 16:05 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft Office 2015-09-07 18:38 - 2015-09-07 18:38 - 00000366 _____ C:\Users\Michael\Documents\BLASENPROGRAMM.SIM 2015-09-07 18:37 - 2015-09-07 18:37 - 00167124 _____ C:\Users\Michael\Documents\Blasenprogramm.dbg 2015-09-07 18:37 - 2015-09-07 18:37 - 00022918 _____ C:\Users\Michael\Documents\Blasenprogramm.rpt 2015-09-07 18:37 - 2015-09-07 18:37 - 00002329 _____ C:\Users\Michael\Documents\Blasenprogramm.hex 2015-09-07 18:37 - 2015-09-07 18:37 - 00000820 _____ C:\Users\Michael\Documents\Blasenprogramm.bin 2015-09-07 18:36 - 2015-09-07 18:36 - 00000713 _____ C:\Users\Michael\Documents\Oszilloskop.err 2015-09-07 17:21 - 2015-09-07 17:22 - 00000000 ____D C:\Users\Michael\Documents\Rezepte 2015-09-07 17:13 - 2015-09-07 17:20 - 00001538 _____ C:\Users\Michael\Documents\Makefile.win 2015-09-07 17:10 - 2015-09-07 17:11 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Dev-Cpp 2015-09-07 16:57 - 2015-09-17 16:34 - 00000064 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.BM 2015-09-07 16:42 - 2015-09-17 16:34 - 00003891 _____ C:\Users\Michael\Documents\Mein_Blasenzaehler.bas 2015-09-07 16:22 - 2015-09-07 16:22 - 00000639 _____ C:\Users\Michael\Documents\SIGNALE.CFG 2015-09-07 16:21 - 2015-09-07 18:37 - 00000208 _____ C:\Users\Michael\Documents\Signale.err 2015-09-07 03:09 - 2015-09-11 20:53 - 00001218 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-09-07 02:59 - 2015-09-07 02:59 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Avira 2015-09-07 02:52 - 2015-09-11 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-09-07 02:50 - 2015-09-07 03:07 - 00000000 ____D C:\ProgramData\Avira 2015-09-07 02:50 - 2015-09-07 03:07 - 00000000 ____D C:\Program Files (x86)\Avira 2015-09-07 02:50 - 2015-07-15 08:37 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-09-07 02:50 - 2015-07-15 08:37 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-09-07 02:50 - 2015-07-15 08:37 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2015-09-07 02:50 - 2015-07-15 08:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2015-09-07 02:40 - 2015-09-22 00:03 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-09-07 02:40 - 2015-09-18 21:27 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-09-07 02:40 - 2015-09-07 02:40 - 00001415 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-09-07 02:40 - 2015-09-07 02:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-07 02:40 - 2015-09-07 02:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-07 02:40 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-09-07 02:40 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-09-07 02:39 - 2015-09-17 22:16 - 00000000 ____D C:\AdwCleaner 2015-09-04 02:00 - 2015-09-04 02:00 - 00001594 _____ C:\Users\Michael\Documents\cc_20150904_020021.reg 2015-09-02 16:22 - 2015-09-02 16:22 - 00000000 ____D C:\Users\Michael\Documents\Benutzerdefinierte Office-Vorlagen 2015-09-01 23:22 - 2015-09-01 23:22 - 00363615 _____ C:\Users\Michael\Documents\Drawing1_02.CATDrawing 2015-09-01 23:07 - 2015-09-01 23:07 - 00345080 _____ C:\Users\Michael\Documents\Drawing1_01.CATDrawing 2015-09-01 22:43 - 2015-09-01 23:08 - 00187721 _____ C:\Users\Michael\Documents\Halterung_Gewindeseite.CATPart 2015-09-01 22:38 - 2015-09-01 22:38 - 00241200 _____ C:\Users\Michael\Documents\Halterung_Schraubenseite.CATPart 2015-09-01 18:54 - 2015-09-21 20:12 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{70BE8D50-0D64-4F60-A7CF-250C7DFFEA57} 2015-09-01 17:57 - 2015-09-01 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.4.0 2015-09-01 15:44 - 2015-09-01 15:44 - 00560288 _____ C:\Users\Michael\Documents\cc_20150901_154417.reg 2015-09-01 15:44 - 2015-09-01 15:44 - 00004814 _____ C:\Users\Michael\Documents\cc_20150901_154446.reg 2015-09-01 05:04 - 2015-09-01 05:04 - 00355892 _____ C:\Users\Michael\Documents\Drawing5.CATDrawing 2015-09-01 05:03 - 2015-09-01 05:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-09-01 04:49 - 2015-09-01 04:49 - 00351733 _____ C:\Users\Michael\Documents\Drawing4.CATDrawing 2015-09-01 04:44 - 2015-09-01 04:44 - 00352120 _____ C:\Users\Michael\Documents\Drawing3.CATDrawing 2015-09-01 03:51 - 2015-09-01 04:37 - 00353364 _____ C:\Users\Michael\Documents\Drawing2.CATDrawing 2015-09-01 03:37 - 2015-09-01 04:36 - 00351234 _____ C:\Users\Michael\Documents\Drawing1.CATDrawing 2015-09-01 01:39 - 2015-09-01 05:01 - 00688490 _____ C:\Users\Michael\Documents\Rohr_Schraege.CATPart 2015-08-31 23:31 - 2015-09-01 04:44 - 00570853 _____ C:\Users\Michael\Documents\Rohr_kurze_Veraengung.CATPart 2015-08-31 23:29 - 2015-09-01 04:44 - 00587353 _____ C:\Users\Michael\Documents\Rohr_lange_Veraengung.CATPart 2015-08-31 23:01 - 2015-09-01 04:30 - 00668005 _____ C:\Users\Michael\Documents\Rohr_grosse_Kugel.CATPart 2015-08-31 21:44 - 2015-09-01 04:10 - 00655176 _____ C:\Users\Michael\Documents\Rohr_kleine_Kugel.CATPart 2015-08-31 18:50 - 2015-08-31 20:50 - 00120076 _____ C:\Users\Michael\Documents\Rohr01.CATPart 2015-08-31 16:25 - 2015-09-02 20:01 - 00000000 ____D C:\Users\Michael\dwhelper 2015-08-31 16:14 - 2015-08-31 16:15 - 00144602 _____ C:\Users\Michael\Documents\Halterung.CATPart 2015-08-31 14:13 - 2015-08-31 14:13 - 00000000 ____D C:\Users\Michael\AppData\Roaming\NVIDIA 2015-08-31 13:51 - 2015-08-31 13:51 - 00002634 _____ C:\Users\Public\Desktop\CATIA V5R16.lnk 2015-08-31 13:51 - 2015-08-31 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CATIA 2015-08-31 13:19 - 2015-08-31 14:14 - 00000000 ____D C:\Users\Michael\AppData\Local\DassaultSystemes 2015-08-31 13:19 - 2015-08-31 13:51 - 00000000 ____D C:\ProgramData\DassaultSystemes 2015-08-31 13:19 - 2015-08-31 13:19 - 00000000 ____D C:\Users\Michael\AppData\Roaming\DassaultSystemes 2015-08-30 21:10 - 2015-09-06 15:49 - 00000000 ____D C:\Users\Michael\Documents\eagle 2015-08-30 21:04 - 2015-09-17 18:51 - 00000064 _____ C:\Users\Michael\Documents\Blasenprogramm.BM 2015-08-30 20:37 - 2015-08-30 20:37 - 00000064 _____ C:\Users\Michael\Documents\Oszilloskop.BM 2015-08-30 20:23 - 2015-08-30 20:37 - 00000744 _____ C:\Users\Michael\Documents\Oszilloskop.bas 2015-08-30 20:20 - 2015-09-07 18:37 - 00000064 _____ C:\Users\Michael\Documents\Signale.BM 2015-08-30 19:46 - 2015-09-07 18:37 - 00000690 _____ C:\Users\Michael\Documents\Signale.bas 2015-08-30 19:43 - 2015-09-17 18:51 - 00001031 _____ C:\Users\Michael\Documents\Blasenprogramm.bas 2015-08-30 19:39 - 2015-08-30 19:39 - 00000000 ____D C:\Users\Michael\AppData\Roaming\MCS Electronics 2015-08-30 19:39 - 2015-08-30 19:39 - 00000000 ____D C:\Users\Michael\AppData\Local\MCS Electronics 2015-08-30 18:34 - 2015-08-30 18:34 - 00000909 _____ C:\Users\Michael\Documents\Bundschuh.txt 2015-08-30 02:35 - 2015-08-30 02:35 - 00000000 ___RD C:\Users\Michael\Downloads\AFF540DC.Torrent_v7353qx4kg3sa!App 2015-08-28 23:26 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-28 23:26 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-28 23:26 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-28 23:26 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-28 23:26 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-08-28 23:26 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-28 23:26 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-28 23:26 - 2015-08-20 07:09 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2015-08-28 23:26 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-28 23:26 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-08-28 23:26 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-28 23:26 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-08-28 23:26 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-08-28 23:26 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-08-28 23:26 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2015-08-28 23:26 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-08-28 23:26 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-08-28 23:26 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2015-08-28 23:26 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-28 23:26 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll 2015-08-28 23:26 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2015-08-28 23:26 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-08-28 23:26 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll 2015-08-28 23:26 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll 2015-08-28 23:26 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll 2015-08-28 23:26 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2015-08-28 23:26 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2015-08-28 23:26 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-28 23:26 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll 2015-08-28 23:26 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-28 23:26 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-08-28 23:26 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2015-08-28 23:26 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll 2015-08-28 23:26 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2015-08-28 23:26 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2015-08-28 23:26 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-28 23:26 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList 2015-08-28 23:25 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2015-08-28 23:25 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-28 23:25 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2015-08-28 23:25 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll 2015-08-28 23:25 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2015-08-28 17:07 - 2015-08-28 17:07 - 00000000 ____D C:\ProgramData\Brother 2015-08-28 17:06 - 2015-08-28 17:06 - 01439744 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWi209d.dll 2015-08-28 17:06 - 2015-08-28 17:06 - 00278528 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrJDec.dll 2015-08-28 17:06 - 2015-08-28 17:06 - 00180224 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BROSNMP.DLL 2015-08-28 17:06 - 2015-08-28 17:06 - 00103736 _____ (Brother Industries Ltd) C:\WINDOWS\SysWOW64\BRRBTOOL.EXE 2015-08-28 17:06 - 2015-08-28 17:06 - 00077824 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BRLMW03A.DLL 2015-08-28 17:06 - 2015-08-28 17:06 - 00050688 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrUsi09d.dll 2015-08-28 17:06 - 2015-08-28 17:06 - 00045056 _____ C:\WINDOWS\SysWOW64\BRTCPCON.DLL 2015-08-28 17:06 - 2015-08-28 17:06 - 00025299 _____ (Brother Industries, Ltd) C:\WINDOWS\SysWOW64\BRLM03A.DLL 2015-08-28 17:06 - 2015-08-28 17:06 - 00000114 _____ C:\WINDOWS\SysWOW64\BRLMW03A.INI 2015-08-28 17:06 - 2015-08-28 17:06 - 00000050 _____ C:\WINDOWS\system32\BRADM10A.DAT 2015-08-28 16:39 - 2015-09-20 04:25 - 00000000 ____D C:\Users\Michael\AppData\Roaming\vlc 2015-08-28 16:16 - 2015-09-07 03:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-28 02:00 - 2015-08-28 02:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.3.0 2015-08-28 01:56 - 2015-08-28 01:56 - 00000000 ____D C:\Users\Michael\AppData\Roaming\CadSoft 2015-08-27 21:36 - 2015-08-27 21:36 - 00000000 ____D C:\Users\Michael\AppData\Roaming\dlg 2015-08-27 21:35 - 2015-08-27 21:35 - 00002852 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-08-27 21:35 - 2015-08-27 21:35 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-08-27 21:35 - 2015-08-27 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-08-27 21:35 - 2015-08-27 21:35 - 00000000 ____D C:\Program Files\CCleaner 2015-08-27 21:32 - 2015-08-27 21:33 - 06667640 _____ (Piriform Ltd) C:\WINDOWS\SysWOW64\ccsetup509.exe 2015-08-27 20:42 - 2015-08-27 20:42 - 00000000 ____D C:\Users\Michael\AppData\Local\Macromedia 2015-08-27 20:14 - 2015-08-27 20:14 - 00000000 ____D C:\Users\Michael\Documents\CyberLink 2015-08-27 19:25 - 2015-09-20 16:05 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMichael.job 2015-08-27 19:25 - 2015-09-19 14:18 - 00003250 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForMichael 2015-08-27 19:24 - 2015-08-27 19:24 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2015-08-27 19:24 - 2015-08-27 19:24 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2015-08-27 19:21 - 2015-08-27 19:20 - 35222128 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2015-08-27 19:21 - 2015-08-27 19:20 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2015-08-27 19:21 - 2015-08-27 19:20 - 01749208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2015-08-27 19:21 - 2015-08-27 19:20 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2015-08-27 19:19 - 2015-07-09 20:36 - 06238720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000c.dll 2015-08-27 19:19 - 2015-07-09 20:36 - 02268160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000c.dll 2015-08-27 19:19 - 2015-07-09 20:26 - 02353152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll 2015-08-27 19:19 - 2015-07-09 20:25 - 06238720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000c.dll 2015-08-27 19:13 - 2015-09-22 00:34 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-08-27 19:13 - 2015-09-21 20:35 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-08-27 19:11 - 2015-09-10 21:45 - 00000000 ____D C:\Users\Michael\AppData\Local\Adobe 2015-08-27 19:04 - 2015-07-09 20:37 - 07337472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0011.dll 2015-08-27 19:04 - 2015-07-09 20:36 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70011.dll 2015-08-27 19:04 - 2015-07-09 20:26 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70011.dll 2015-08-27 19:04 - 2015-07-09 20:25 - 07702528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0011.dll 2015-08-27 19:04 - 2015-07-09 20:25 - 07562240 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0011.dll 2015-08-27 19:04 - 2015-07-09 20:25 - 02455040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0011.dll 2015-08-27 19:04 - 2015-06-17 18:05 - 00002060 _____ C:\WINDOWS\system32\noise.jpn 2015-08-27 19:04 - 2015-03-27 14:34 - 00002060 _____ C:\WINDOWS\SysWOW64\noise.jpn 2015-08-27 18:55 - 2015-08-27 18:55 - 00001054 _____ C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk 2015-08-27 18:50 - 2015-08-27 18:50 - 00000000 ____D C:\Users\Michael\Intel 2015-08-27 18:06 - 2015-08-27 18:06 - 00000000 ____D C:\Users\Michael\Documents\MCS Electronics 2015-08-27 18:06 - 2015-08-27 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCS Electronics 2015-08-27 17:49 - 2015-08-13 06:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2015-08-27 17:49 - 2015-08-13 06:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2015-08-27 17:49 - 2015-08-13 05:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2015-08-27 17:49 - 2015-08-11 12:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-08-27 17:49 - 2015-08-11 12:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-08-27 17:49 - 2015-08-11 12:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-08-27 17:49 - 2015-08-11 12:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2015-08-27 17:49 - 2015-08-11 12:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll 2015-08-27 17:49 - 2015-08-11 12:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2015-08-27 17:49 - 2015-08-11 12:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2015-08-27 17:49 - 2015-08-11 11:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2015-08-27 17:49 - 2015-08-11 11:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-08-27 17:49 - 2015-08-11 11:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-08-27 17:49 - 2015-08-11 11:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-08-27 17:49 - 2015-08-11 11:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-08-27 17:49 - 2015-08-11 11:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll 2015-08-27 17:49 - 2015-08-11 11:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2015-08-27 17:49 - 2015-08-11 11:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2015-08-27 17:49 - 2015-08-11 11:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-08-27 17:49 - 2015-08-11 11:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-08-27 17:49 - 2015-08-11 11:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2015-08-27 17:49 - 2015-08-11 11:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2015-08-27 17:49 - 2015-08-11 11:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2015-08-27 17:49 - 2015-08-11 11:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2015-08-27 17:49 - 2015-08-11 11:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-08-27 17:49 - 2015-08-11 11:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll 2015-08-27 17:49 - 2015-08-11 11:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll 2015-08-27 17:49 - 2015-08-11 11:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll 2015-08-27 17:49 - 2015-08-11 11:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2015-08-27 17:49 - 2015-08-11 11:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-08-27 17:49 - 2015-08-11 11:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-27 17:49 - 2015-08-11 11:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll 2015-08-27 17:49 - 2015-08-11 11:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2015-08-27 17:49 - 2015-08-11 11:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2015-08-27 17:49 - 2015-08-11 11:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-08-27 17:49 - 2015-08-11 11:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-08-27 17:49 - 2015-08-11 11:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-08-27 17:49 - 2015-08-11 11:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe 2015-08-27 17:49 - 2015-08-11 11:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-08-27 17:49 - 2015-08-11 11:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll 2015-08-27 17:49 - 2015-08-11 11:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2015-08-27 17:49 - 2015-08-11 11:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-08-27 17:49 - 2015-08-11 11:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2015-08-27 17:49 - 2015-08-11 11:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2015-08-27 17:49 - 2015-08-11 11:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-08-27 17:49 - 2015-08-11 11:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2015-08-27 17:49 - 2015-08-11 11:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll 2015-08-27 17:49 - 2015-08-11 10:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2015-08-27 17:49 - 2015-08-11 10:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2015-08-27 17:49 - 2015-08-11 10:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2015-08-27 17:49 - 2015-08-11 10:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll 2015-08-27 17:49 - 2015-08-11 10:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2015-08-27 17:49 - 2015-08-11 10:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-08-27 17:49 - 2015-08-11 10:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2015-08-27 17:49 - 2015-08-11 10:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-08-27 17:49 - 2015-08-11 10:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll 2015-08-27 17:49 - 2015-08-11 10:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2015-08-27 17:49 - 2015-08-11 10:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-08-27 17:49 - 2015-08-11 10:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2015-08-27 17:49 - 2015-08-11 10:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-08-27 17:49 - 2015-08-11 10:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-27 17:49 - 2015-08-11 10:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2015-08-27 17:49 - 2015-08-11 10:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-08-27 17:49 - 2015-08-11 10:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2015-08-27 17:49 - 2015-08-11 10:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2015-08-27 17:49 - 2015-08-11 10:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-08-27 17:49 - 2015-08-11 10:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-08-27 17:49 - 2015-08-11 10:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-08-27 17:49 - 2015-08-11 10:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-08-27 17:49 - 2015-08-11 10:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2015-08-27 17:47 - 2015-08-27 17:47 - 00000000 ____D C:\Program Files (x86)\HP 2015-08-27 17:46 - 2015-08-27 17:46 - 00000000 ____D C:\Users\Michael\Desktop\Alle Aufgaben.{ED7BA470-8E54-465E-825C-99712043E01C} 2015-08-27 17:42 - 2015-09-19 14:18 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-22 01:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-22 01:02 - 2015-08-15 13:23 - 00000000 ____D C:\Users\Michael\Downloads\Mottenkiste 2015-09-22 00:35 - 2015-08-14 23:30 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2015-09-21 23:35 - 2015-08-14 23:30 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2015-09-21 20:13 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-21 20:12 - 2015-08-14 22:21 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Skype 2015-09-21 20:12 - 2015-08-14 15:52 - 00000000 ____D C:\Users\Michael\Documents\Youcam 2015-09-21 20:10 - 2015-08-14 23:32 - 00000000 ___RD C:\Users\Michael\Dropbox 2015-09-21 20:10 - 2015-08-14 23:30 - 00000000 ____D C:\Users\Michael\AppData\Local\Dropbox 2015-09-21 20:09 - 2015-08-14 15:54 - 00000000 ____D C:\Users\Michael\OneDrive 2015-09-21 20:08 - 2015-08-14 20:33 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-09-20 16:05 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-20 16:04 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-09-20 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-18 15:58 - 2015-08-14 20:37 - 00000000 ____D C:\Users\Michael 2015-09-17 23:36 - 2015-08-14 20:32 - 00000000 ____D C:\Program Files\Intel 2015-09-17 23:35 - 2015-08-14 20:36 - 01997626 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-09-17 23:35 - 2015-07-10 18:34 - 00850366 _____ C:\WINDOWS\system32\perfh007.dat 2015-09-17 23:35 - 2015-07-10 18:34 - 00187104 _____ C:\WINDOWS\system32\perfc007.dat 2015-09-17 23:34 - 2014-04-05 01:55 - 00000000 ____D C:\SWSetup 2015-09-17 23:32 - 2015-02-09 05:08 - 00000000 ____D C:\Program Files\Broadcom 2015-09-17 23:32 - 2014-10-31 03:17 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-17 23:31 - 2015-02-09 05:08 - 07551240 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\BCMWL63a.SYS 2015-09-17 23:31 - 2015-02-09 05:08 - 04154400 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvsrv64.dll 2015-09-16 13:05 - 2015-08-14 15:47 - 00000000 ____D C:\Users\Michael\AppData\Local\Packages 2015-09-15 15:54 - 2015-08-14 21:06 - 00002402 _____ C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-09-15 13:50 - 2015-08-14 23:09 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-09-11 17:47 - 2015-07-10 14:20 - 00402480 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-11 17:45 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-11 17:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-09-10 21:44 - 2015-08-14 15:47 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Adobe 2015-09-10 02:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache 2015-09-08 18:47 - 2015-02-09 05:33 - 00000000 ____D C:\ProgramData\McAfee 2015-09-08 18:47 - 2015-02-09 05:33 - 00000000 ____D C:\Program Files\Common Files\McAfee 2015-09-08 16:15 - 2015-07-17 07:51 - 01806216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2015-09-08 16:15 - 2015-07-17 07:51 - 00766136 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll 2015-09-08 16:15 - 2015-07-17 07:51 - 00615608 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys 2015-09-08 16:15 - 2015-07-17 07:51 - 00269000 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll 2015-09-08 16:15 - 2015-07-17 07:51 - 00255688 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo31.dll 2015-09-08 16:15 - 2015-07-17 07:51 - 00044216 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys 2015-09-07 11:41 - 2015-08-14 16:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2015-09-07 11:41 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-09-07 11:41 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-09-07 11:40 - 2014-10-31 03:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2015-09-07 11:39 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated 2015-09-07 03:03 - 2015-08-14 21:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-09-07 03:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-09-01 05:04 - 2014-10-31 03:17 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-08-31 13:51 - 2013-08-22 15:25 - 00017710 _____ C:\WINDOWS\system32\Drivers\etc\services 2015-08-31 13:21 - 2014-10-31 03:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-08-31 12:26 - 2015-02-09 05:23 - 00004252 _____ C:\WINDOWS\System32\Tasks\avast! SL Update 2015-08-30 02:01 - 2015-02-09 06:05 - 00000000 ____D C:\Users\Public\Documents\CyberLink 2015-08-30 02:01 - 2015-02-09 05:31 - 00000000 ____D C:\Users\Public\CyberLink 2015-08-30 02:01 - 2015-02-09 05:23 - 00000000 ____D C:\ProgramData\CyberLink 2015-08-28 21:37 - 2015-08-14 22:45 - 00000000 ____D C:\Users\Michael\Meine Welt 2015-08-28 16:48 - 2015-08-14 21:02 - 00000000 ____D C:\Users\Michael\AppData\Local\Comms 2015-08-28 15:53 - 2015-08-14 15:47 - 00000000 ____D C:\Users\Michael\AppData\Local\VirtualStore 2015-08-27 21:36 - 2015-08-14 21:26 - 00000000 ___DC C:\WINDOWS\Panther 2015-08-27 20:17 - 2015-08-14 20:34 - 00015176 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip 2015-08-27 19:25 - 2015-08-14 15:48 - 00000000 ____D C:\Users\Michael\AppData\Local\Hewlett-Packard 2015-08-27 19:24 - 2015-02-09 04:58 - 00000000 ____D C:\Program Files (x86)\Realtek 2015-08-27 19:22 - 2015-08-14 20:34 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-08-27 19:22 - 2015-02-09 04:59 - 00000000 ___HD C:\Program Files (x86)\Temp 2015-08-27 19:20 - 2015-06-24 22:59 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2015-08-27 19:20 - 2015-06-24 22:59 - 02930904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2015-08-27 19:20 - 2015-06-24 22:59 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2015-08-27 19:20 - 2015-06-24 22:57 - 04514008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2015-08-27 19:20 - 2015-06-24 22:57 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2015-08-27 19:20 - 2015-02-09 04:59 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll 2015-08-27 19:19 - 2015-07-10 18:35 - 00000000 ____D C:\WINDOWS\OCR 2015-08-27 18:50 - 2015-02-09 05:18 - 00015023 _____ C:\WINDOWS\SysWOW64\Gms.log 2015-08-27 18:50 - 2015-02-09 04:57 - 00000000 ____D C:\ProgramData\Intel 2015-08-27 18:50 - 2015-02-09 04:57 - 00000000 ____D C:\Program Files (x86)\Intel 2015-08-27 18:44 - 2014-10-31 03:08 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2015-08-27 18:28 - 2015-02-09 04:58 - 00003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2015-08-27 18:25 - 2015-08-14 15:51 - 00000000 ____D C:\Users\Michael\AppData\Roaming\hpqlog 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\winrm 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\WCN 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\slmgr 2015-08-27 18:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\dsc 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\migwiz 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\en-GB 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\IME 2015-08-27 18:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help 2015-08-27 18:14 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\servicing 2015-08-27 18:13 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2015-08-27 18:13 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender 2015-08-27 18:13 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System 2015-08-27 18:13 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2015-08-27 18:13 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2015-08-27 17:37 - 2015-08-14 15:47 - 00000000 ____D C:\Users\Michael\AppData\Local\NVIDIA Corporation 2015-08-27 17:37 - 2015-08-14 15:47 - 00000000 ____D C:\Users\Michael\AppData\Local\NVIDIA 2015-08-26 18:37 - 2015-08-14 23:09 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe Einige Dateien in TEMP: ==================== C:\Users\Michael\AppData\Local\Temp\avgnt.exe C:\Users\Michael\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpro1cbf.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-17 19:07 ==================== Ende von FRST.txt ============================ |
|
22.09.2015, 19:30
| #9 |
| /// the machine /// TB-Ausbilder | Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter Ordner Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\SecurityUtility64.dll.vir
F:\.Trash-1000.lnk
F:\System Volume Information.lnk
F:\ReadyBoostPerfTest.lnk
F:\FOUND.000.lnk
G:\System Volume Information.lnk
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Aktueller Stand der Sticks?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.09.2015, 21:14
| #10 |
| | Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter Ordner Ich habe die Sticks ausprobiert, sie scheinen wieder voll funktionsfähig zu sein, das freut mich  supper. Ich hoffe doch das wir jetzt sogut wie alles haben verschwinden lassen.Ich habe da aber noch zwei kurze Fragen: Wie überprüfe ich Speichermedien wie externe Festplatten oder USB Sticks auf Vieren etz. ohne das sie meinen Rechner infizieren. und wieso sollte ich eigendlich alle Funde in die Karantäne verschieben statt sie zu entfernen. Ich hoffe du kannst mir das noch erklären, nicht das ich mich so schnell wieder hier bei euch melden muss Ansonsten vielen Dank für die Hilfe bis jetzt  Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Michael (2015-09-22 21:51:08) Run:1
Gestartet von C:\Users\Michael\Downloads\Mottenkiste
Geladene Profile: Michael & (Verfügbare Profile: Michael)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\SecurityUtility64.dll.vir
F:\.Trash-1000.lnk
F:\System Volume Information.lnk
F:\ReadyBoostPerfTest.lnk
F:\FOUND.000.lnk
G:\System Volume Information.lnk
Emptytemp:
*****************
C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\SecurityUtility64.dll.vir => erfolgreich verschoben
F:\.Trash-1000.lnk => erfolgreich verschoben
F:\System Volume Information.lnk => erfolgreich verschoben
F:\ReadyBoostPerfTest.lnk => erfolgreich verschoben
F:\FOUND.000.lnk => erfolgreich verschoben
G:\System Volume Information.lnk => erfolgreich verschoben
EmptyTemp: => 126.3 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 21:51:20 ====
|
|
23.09.2015, 18:42
| #11 | ||
| /// the machine /// TB-Ausbilder | Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter OrdnerZitat:
Zitat:
Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst... und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Dateien auf USB Stick werden automatisch zu Verknüpfungen mit seltsamer Zielangabe + unbekanter Ordner |
| antivirus, bonjour, ccsetup, cmd.exe, computer, dnsapi.dll, downloader, entfernen, firefox, flash player, home, homepage, kis, memory.dmp, mozilla, mp3, office 365, onedrive, problem, prozess, prozesse, realtek, registry, rundll, stick, svchost.exe, system, updates, usb, usb stick nur verknüpfungen, virus ?, win10, windows, zugriff verweigert |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
