| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei WindowsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
19.10.2015, 09:19
| #1 |
| |  Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows Hallo liebe Gemeinde, ich bin Student und angehender Programmierer. Leider muss bei mir vieles immer schnell gehen was auch gerne mal zu einem Virus/Maleware/... führen kann. Ich habe einen neuen Laptop mit der Windows-Studentenversion 8.1 und das ganze abgesichert mit der Vollversion von Kaspersky Internet Security und Spybot - Search & Destroy. Bisher haben immer alle Updates funktioniert. Der Fehler trat vor ca 2 Wochen auf. Windows-Update gestartet -> Rechner wird automatisch neugestartet und dann versucht Windows das update zu installieren(bevor der Login-Bereich erscheint). Bei ca 25 % bricht er ab und setzt die alten Einstellungen wieder. Jetzt habe ich die Software meiner NVIDA Grafikkarte gestartet und ein Update durchgeführt. das hat funktioniert , aber es erscheinte ein Fehler: Runtime Errror c:\windows\syswow64\rundll32.exe dann habe ich mich versucht zu belesen und bin auf folgenden Thread gestossen: http://www.trojaner-board.de/141691-...dll32-exe.html nach dem ich mich hier registriert habe und die Liste abgearbeitet habe, die man davor tun sollte, bräuchte ich eure Hilfe um mir eventuell sagen zu können, ob ich Infiziert bin oder nur ein Hardware-Fehler habe. Der Laptop ist ca 7 Monate alt. Meine Logs: defogger_disable.log: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:29 on 19/10/2015 (Peter)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
durchgeführt von Peter (Administrator) auf PG (19-10-2015 09:32:16)
Gestartet von G:\Chrome_Downlaods
Geladene Profile: Peter (Verfügbare Profile: Peter)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Cisco Systems, Inc.) P:\Cisco System VPN Client\cvpnd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() P:\Synology Assistant\UsbClientService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Adobe Systems Inc.) P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\acrotray.exe
(Geek Software GmbH) P:\PDF24\pdf24.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics.) P:\Samsung Magician\Samsung Magician.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDScan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2893104 2013-08-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => P:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114368 2015-05-27] (VMware, Inc.)
HKLM-x32\...\Run: [PDFPrint] => P:\PDF24\pdf24.exe [217632 2015-07-21] (Geek Software GmbH)
HKLM-x32\...\Run: [SDTray] => P:\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-04-22]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PS-Link.lnk [2015-04-23]
ShortcutTarget: PS-Link.lnk -> P:\D-Link_PrintServer\PsLink.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2015-04-22]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WindowsIoTCoreWatcher.lnk [2015-08-18]
ShortcutTarget: WindowsIoTCoreWatcher.lnk -> C:\Program Files (x86)\Microsoft IoT\WindowsIoTCoreWatcher.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 141.56.1.1 141.56.1.2
Tcpip\..\Interfaces\{0E168C26-8741-4172-A8A5-F0BD7B405E6E}: [DhcpNameServer] 141.56.216.1 141.56.1.1
Tcpip\..\Interfaces\{6372613C-052B-4138-86E0-1A930A94217F}: [DhcpNameServer] 141.56.1.1 141.56.1.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> P:\Microsoft Office 2013\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> P:\Microsoft Office 2013\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> P:\Microsoft Visual Studio 2013\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - P:\Microsoft Office 2013\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> P:\Microsoft Office 2013\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> P:\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> P:\Adobe Master Collection CS6\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-06-15] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-06-15] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-06-15] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Acrobat -> P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> P:\Adobe Master Collection CS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2093703266-1135226498-3496767316-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2093703266-1135226498-3496767316-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-16] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-04-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-06-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-06-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-06-15] [ist nicht signiert]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WhatsChrome) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2015-05-05]
CHR Extension: (Kaspersky Protection) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-06-15]
CHR Extension: (AdBlock) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-05]
CHR Extension: (Google Mail-Checker) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-05-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-22]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-22] (Kaspersky Lab ZAO)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-04-23] (Microsoft Corporation)
R2 CVPND; P:\Cisco System VPN Client\cvpnd.exe [1529856 2011-03-04] (Cisco Systems, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-08-23] (ELAN Microelectronics Corp.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-06-15] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 mi-raysat_3dsmax2016_64; P:\Autodesk\3DMax\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe [86016 2011-09-15] () [Datei ist nicht signiert]
R2 Micro Star SCM; c:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 SDScannerService; P:\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; P:\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; P:\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 UsbClientService; P:\Synology Assistant\UsbClientService.exe [248736 2015-02-05] ()
R2 vmms; C:\Windows\system32\vmms.exe [13784064 2015-04-01] (Microsoft Corporation)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12730048 2015-05-27] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
R3 BusRMUSB; C:\Windows\System32\drivers\BusRMUSB.sys [58064 2011-07-12] (Windows (R) Win 7 DDK provider)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-22] (Kaspersky Lab UK Ltd)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68952 2015-05-12] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-07-16] (REALiX(tm))
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [64368 2015-06-22] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [159960 2015-06-22] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [226480 2015-06-29] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [817848 2015-10-05] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39792 2015-06-22] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [40304 2015-06-22] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [39792 2015-06-22] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [24944 2015-06-22] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2015-06-22] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [85360 2015-06-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [190648 2015-10-05] (Kaspersky Lab ZAO)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2015-04-23] (Microsoft Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2015-04-23] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2013-09-07] (Microsoft Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-09-27] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
R2 vcanv; C:\Windows\System32\drivers\vcanv.sys [71856 2015-02-17] (Vector Informatik GmbH)
S3 vcasexl; C:\Windows\system32\DRIVERS\vcasexl.sys [554696 2013-09-17] (Vector Informatik GmbH)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-01-27] (Microsoft Corporation)
S3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-19 09:31 - 2015-10-19 09:32 - 00000000 ____D C:\FRST
2015-10-19 09:29 - 2015-10-19 09:29 - 00000000 _____ C:\Users\Peter\defogger_reenable
2015-10-19 09:04 - 2015-10-19 09:04 - 00000000 ____D C:\ProgramData\VIPRE
2015-10-19 09:01 - 2015-10-19 09:10 - 00000000 ____D C:\ProgramData\ParetoLogic
2015-10-19 09:01 - 2015-10-19 09:01 - 00000000 ____D C:\Users\Peter\AppData\Roaming\ParetoLogic
2015-10-19 08:29 - 2015-10-19 08:29 - 00000000 ____D C:\Windows\LastGood
2015-10-19 08:29 - 2015-10-03 07:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 17395512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 12769408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-19 08:29 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-18 13:29 - 2015-10-18 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP550 series
2015-10-15 09:09 - 2015-10-15 09:09 - 00000000 ____D C:\Users\Peter\Documents\xgen
2015-10-15 08:43 - 2015-10-15 08:43 - 00000000 ____D C:\Users\Peter\Desktop\Uni
2015-10-14 11:37 - 2015-10-14 11:37 - 00000000 ____D C:\Users\Peter\Documents\Direct Connect
2015-10-14 11:35 - 2015-10-14 11:35 - 00001491 _____ C:\Users\Public\Desktop\Maya 2016.lnk
2015-10-14 11:35 - 2015-10-14 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Maya 2016
2015-10-14 11:27 - 2015-10-14 11:27 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-10-14 11:04 - 2015-10-14 11:04 - 00001811 _____ C:\Users\Peter\Desktop\webcam.sh
2015-10-13 08:44 - 2015-10-14 08:08 - 00000000 ____D C:\Users\Peter\Desktop\Mutsch
2015-10-12 17:42 - 2015-10-12 17:42 - 06521184 _____ (Tim Kosse) C:\Users\Peter\Downloads\FileZilla_3.14.0_win64-setup.exe
2015-10-12 17:25 - 2015-10-12 17:25 - 00000100 _____ C:\Users\Peter\Desktop\Mat.txt
2015-10-06 09:09 - 2015-10-06 09:09 - 00029184 _____ C:\Users\Peter\Desktop\Lebensmittelvertraeglichkeit.xls
2015-09-25 20:39 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-09-25 20:39 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-09-25 20:39 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-09-21 10:01 - 2015-09-21 10:03 - 00000000 ____D C:\Users\Peter\Desktop\Gretenkord_Abgabe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-19 09:29 - 2015-04-22 21:34 - 00000000 ____D C:\Users\Peter
2015-10-19 09:16 - 2015-04-22 21:40 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2093703266-1135226498-3496767316-1001
2015-10-19 09:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-19 09:01 - 2015-06-17 14:20 - 00000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2015-10-19 08:54 - 2015-04-22 22:23 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-19 08:42 - 2015-06-15 10:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-19 08:33 - 2015-04-23 11:16 - 27590656 _____ C:\Windows\system32\vmguest.iso
2015-10-19 08:33 - 2015-04-22 21:36 - 01898524 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-19 08:33 - 2013-08-23 01:24 - 00811136 _____ C:\Windows\system32\perfh007.dat
2015-10-19 08:33 - 2013-08-23 01:24 - 00178636 _____ C:\Windows\system32\perfc007.dat
2015-10-19 08:30 - 2015-04-24 13:18 - 00000000 ____D C:\Users\Peter\AppData\Local\Adobe
2015-10-19 08:30 - 2015-04-22 22:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-19 08:28 - 2015-04-29 12:30 - 00000000 ____D C:\Users\Peter\AppData\Local\Akamai
2015-10-19 08:28 - 2015-04-23 14:38 - 00141923 _____ C:\Windows\setupact.log
2015-10-19 08:27 - 2015-06-16 21:13 - 00000000 ____D C:\ProgramData\VMware
2015-10-19 08:27 - 2015-04-22 22:23 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-19 08:27 - 2015-04-22 21:34 - 01247052 _____ C:\Windows\WindowsUpdate.log
2015-10-19 08:27 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-18 21:04 - 2015-04-23 10:45 - 00000000 ____D C:\Users\Peter\Documents\Visual Studio 2013
2015-10-18 13:30 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media
2015-10-18 13:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\spool
2015-10-15 09:09 - 2015-04-23 10:30 - 00000000 ____D C:\Users\Peter\AppData\Local\Autodesk
2015-10-15 09:09 - 2015-04-23 10:20 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Autodesk
2015-10-15 09:09 - 2015-04-23 10:20 - 00000000 ____D C:\ProgramData\Autodesk
2015-10-15 09:08 - 2015-04-23 10:30 - 00000000 ____D C:\Users\Peter\Documents\maya
2015-10-14 11:56 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-14 11:37 - 2015-04-23 10:24 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-10-14 11:35 - 2015-04-23 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-10-14 11:31 - 2015-04-22 21:52 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-14 11:30 - 2015-04-23 10:19 - 00000000 ____D C:\Autodesk
2015-10-14 11:28 - 2015-04-23 08:44 - 00000000 ___RD C:\Users\Peter\Desktop\Programme
2015-10-14 09:33 - 2015-04-22 21:34 - 00000000 ____D C:\Users\Peter\AppData\Local\Packages
2015-10-13 15:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-10-13 09:53 - 2015-04-24 12:35 - 00000000 ____D C:\Users\Peter\AppData\Roaming\FileZilla
2015-10-13 09:51 - 2015-05-18 17:27 - 00000600 _____ C:\Users\Peter\AppData\Local\PUTTY.RND
2015-10-08 13:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-10-06 15:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-10-06 08:47 - 2015-04-29 08:54 - 00000000 ____D C:\Users\Peter\AppData\Local\Deployment
2015-10-06 08:38 - 2013-08-22 16:44 - 05058656 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-06 08:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-10-06 08:35 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-05 13:56 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-10-05 13:55 - 2015-05-18 22:16 - 00817848 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-10-05 13:55 - 2014-11-10 17:48 - 00190648 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-10-04 10:23 - 2015-04-22 22:05 - 01317192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-10-04 10:23 - 2015-04-22 21:47 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-10-04 10:22 - 2015-04-22 22:05 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-10-04 10:22 - 2015-04-22 21:47 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-10-03 07:06 - 2015-06-26 09:25 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-03 07:06 - 2015-06-26 09:25 - 03154104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2015-04-22 22:29 - 03573832 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-10-03 07:06 - 2015-04-22 22:29 - 00033507 _____ C:\Windows\system32\nvinfo.pb
2015-10-03 04:49 - 2015-04-22 22:29 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 02982520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-03 04:49 - 2015-04-22 22:29 - 00523384 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 00075056 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-01 11:33 - 2015-04-22 22:29 - 05284082 _____ C:\Windows\system32\nvcoproc.bin
2015-09-21 09:49 - 2015-04-22 22:23 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-21 09:49 - 2015-04-22 22:23 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-21 08:17 - 2015-04-22 22:23 - 00000000 ____D C:\Users\Peter\AppData\Local\Google
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-19 09:01 - 2015-10-19 09:05 - 0000115 _____ () C:\Users\Peter\AppData\Roaming\LogFile.txt
2015-05-18 17:27 - 2015-10-13 09:51 - 0000600 _____ () C:\Users\Peter\AppData\Local\PUTTY.RND
2015-06-15 09:56 - 2015-06-15 09:56 - 0000017 _____ () C:\Users\Peter\AppData\Local\resmon.resmoncfg
Einige Dateien in TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\avgnt.exe
C:\Users\Peter\AppData\Local\Temp\ose00000.exe
C:\Users\Peter\AppData\Local\Temp\_isB730.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-18 15:01
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-10-2015
durchgeführt von Peter (2015-10-19 09:32:35)
Gestartet von G:\Chrome_Downlaods
Windows 8.1 Pro (X64) (2015-04-22 19:34:56)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2093703266-1135226498-3496767316-500 - Administrator - Disabled)
Gast (S-1-5-21-2093703266-1135226498-3496767316-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2093703266-1135226498-3496767316-1004 - Limited - Enabled)
Peter (S-1-5-21-2093703266-1135226498-3496767316-1001 - Administrator - Enabled) => C:\Users\Peter
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
Autodesk 3ds Max 2016 (HKLM\...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk)
Autodesk 3ds Max 2016 (Version: 18.0.873.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 Populate Data (HKLM\...\{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}) (Version: 18.0.0.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max 2016 64-bit (HKLM\...\{1C4FFAF0-6DBB-4F7A-A386-46747D060826}) (Version: 18.0.0.0 - Autodesk)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk DirectConnect 2016 64-bit (HKLM\...\Autodesk DirectConnect 2016 64-bit) (Version: 10.0.98.0 - Autodesk)
Autodesk DirectConnect 2016 64-bit (Version: 10.0.98.0 - Autodesk) Hidden
Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM\...\{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk)
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
Autodesk Maya 2016 (HKLM\...\Autodesk Maya 2016) (Version: 16.0.1312.0 - Autodesk)
Autodesk Maya 2016 (Version: 16.0.1312.0 - Autodesk) Hidden
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max (HKLM\...\Autodesk Revit Interoperability for 3ds Max ) (Version: 16.0.394.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max (Version: 16.0.394.0 - Autodesk) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.73a - Blender Foundation)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5767 - CDBurnerXP)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ETDWare PS/2-X64 11.13.4.4_WHQL (HKLM\...\Elantech) (Version: 11.13.4.4 - ELAN Microelectronic Corp.)
FileZilla Client 3.12.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.3 (x32 Version: 1.3.21014.1603 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HWiNFO32 Version 5.00 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.00 - Martin Malík - REALiX)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.396 - Kaspersky Lab) Hidden
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Kit SDK de vérification de Visual Studio*2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{8057481C-0CFC-43BB-8EEC-C6A0E1C82E19}) (Version: 13.0.1.0 - mental ray)
MeshLab_64b 1.3.4BETA (HKLM-x32\...\MeshLab_64b) (Version: 1.3.4BETA - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Tool Web Package:diskpart.exe (HKLM-x32\...\{9782762F-639B-499B-A23D-5EBEAFC160E6}) (Version: 1.0.0.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 3.1.2 (HKLM-x32\...\{d705b4dc-2aa8-4215-9b13-4fad5dcda72b}) (Version: 12.0.30815.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Language Pack - DEU (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Language Pack - DEU) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2013 Tools for Unity (HKLM-x32\...\{EF5E9047-773C-48E7-B070-22454B8546FA}) (Version: 1.9.9.0 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{1a3b012e-1e4d-4929-8980-35d33968e593}) (Version: 12.0.30501 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 7.0.6 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PS Software (HKLM-x32\...\{8F5F3634-4F0F-477D-AA79-25AEB425B517}) (Version: 1.30.000 - D-Link Corp.)
Python Tools - Umleitungsvorlage (x32 Version: 1.3 - Microsoft Corporation) Hidden
Qt (HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Qt) (Version: 1.0.1 - Digia Plc)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{DD21E907-9A2A-44B8-A12E-13691E166664}) (Version: 1.0.30.1003 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21242 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7179 - Realtek Semiconductor Corp.)
Release Management for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.6 - Samsung Electronics)
scilab-5.5.2 (64-bit) (HKLM\...\scilab-5.5.2 (64-bit)_is1) (Version: - Scilab Enterprises)
SCM (HKLM\...\{6692DCAF-A445-4C6B-AF31-3DD85FC06FBA}) (Version: 13.014.01026 - Application)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TortoiseGit 1.8.14.0 (64 bit) (HKLM\...\{05E7136F-60B1-44CA-9525-E99A607630C2}) (Version: 1.8.14.0 - TortoiseGit)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.1.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\UnityWebPlayer) (Version: 5.1.1f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vector CANalyzer 7.1 (HKLM-x32\...\{C90D033F-4458-410A-A48D-F430C2074F4D}) (Version: 7.1.65 - Vector Informatik GmbH)
Vector XL Driver Library (HKLM-x32\...\Vector XL Driver Library9.0.34) (Version: 9.0.34 - Vector Informatik GmbH)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 11.1.1 - VMware, Inc)
VMware Workstation (Version: 11.1.1 - VMware, Inc.) Hidden
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows 10 IoT Core for Raspberry Pi 2 (HKLM-x32\...\{EF913FD2-0DDA-4F0A-A16B-9D18C9BB57A8}) (Version: 1.0.7 - Microsoft Corporation)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
XL Driver Library (HKLM-x32\...\XL Driver Library) (Version: - Vector Informatik GmbH)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2093703266-1135226498-3496767316-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\DirectConnect2016 (64-bit)\bin\Aruba\Inventor Server\B (Der Dateneintrag hat 32 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-2093703266-1135226498-3496767316-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2093703266-1135226498-3496767316-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\DirectConnect2016 (64-bit)\bin\Aruba\Inventor Server\B (Der Dateneintrag hat 32 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-2093703266-1135226498-3496767316-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> P:\BLENDER\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2093703266-1135226498-3496767316-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\DirectConnect2016 (64-bit)\bin\Aruba\Inventor Server\B (Der Dateneintrag hat 32 mehr Zeichen).
==================== Wiederherstellungspunkte =========================
14-10-2015 11:26:08 Installed Autodesk Network License Manager
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2015-08-19 12:35 - 00450903 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
Da befinden sich 15471 zusätzliche Einträge.
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0687FF83-E997-4CED-8A79-94A45704ACB4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {24975C38-B165-469F-AF3C-13CADBA1D465} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => P:\Microsoft Office 2013\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {264C7A73-CAF3-4DFC-86EF-FB0F2F110A05} - System32\Tasks\AdobeAAMUpdater-1.0-PG-Peter => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {29A57252-A9A1-44C0-9D66-2A118CD738BB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => P:\Microsoft Office 2013\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {2DFCE940-A850-4D07-81EE-5503CEFB9D3E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {53583FD0-9562-4DD5-929F-3E034C76B25D} - System32\Tasks\SamsungMagician => P:\Samsung Magician\Samsung Magician.exe [2015-04-10] (Samsung Electronics.)
Task: {7700D1B0-057E-40ED-9014-C09F3B29A81E} - System32\Tasks\AutoKMSCustom => \AutoKMS.exe
Task: {84C800CA-837A-4FE1-94FD-76F22C6032CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {9EC94FCF-C0A8-48B6-B886-D631C43F3603} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => P:\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {DAD3A810-B89F-4584-BD70-E6C4BC7DE755} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => P:\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {E8F18A47-945C-4815-AFE2-621BA17D9662} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-02-05 05:52 - 2015-02-05 05:52 - 00248736 _____ () P:\Synology Assistant\UsbClientService.exe
2015-05-27 15:36 - 2015-05-27 15:36 - 12730048 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2015-07-09 19:32 - 2015-07-09 19:32 - 00043480 _____ () P:\FileZilla-3.10.3\FileZilla FTP Client\fzshellext_64.dll
2015-04-08 19:59 - 2015-04-08 19:59 - 00903096 _____ () P:\TortoiseGIT\bin\libgit2_tgit.dll
2015-04-08 19:59 - 2015-04-08 19:59 - 00087480 _____ () P:\TortoiseGIT\bin\zlib1_tgit.dll
2013-08-08 14:35 - 2013-08-08 14:35 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-04-22 22:29 - 2015-10-03 04:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-29 13:31 - 2014-12-05 04:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-04-29 13:31 - 2014-12-05 04:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () P:\Cisco System VPN Client\vpnapi.dll
2015-08-19 11:33 - 2014-05-13 12:04 - 00109400 _____ () P:\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-19 11:33 - 2014-05-13 12:04 - 00167768 _____ () P:\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-08-19 11:33 - 2014-05-13 12:04 - 00416600 _____ () P:\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-19 11:33 - 2012-08-23 10:38 - 00574840 _____ () P:\Spybot - Search & Destroy 2\sqlite3.dll
2015-08-19 11:33 - 2012-04-03 17:06 - 00565640 _____ () P:\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-05-27 15:58 - 2015-05-27 15:58 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-05-27 15:36 - 2015-05-27 15:36 - 00194752 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
2015-05-27 15:36 - 2015-05-27 15:36 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
2015-05-27 15:36 - 2015-05-27 15:36 - 00388288 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
2011-09-05 19:05 - 2011-09-05 19:05 - 00019968 _____ () P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2015-07-31 08:41 - 2015-07-21 11:43 - 00074272 _____ () P:\PDF24\zlib.dll
2015-07-31 08:41 - 2015-07-21 11:43 - 00051744 _____ () P:\PDF24\OperationUI.dll
2015-04-23 08:40 - 2015-04-10 14:33 - 00019872 _____ () P:\Samsung Magician\SAMSUNG_SSD.dll
2015-04-22 22:05 - 2015-10-04 10:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-09 19:32 - 2015-07-09 19:32 - 00039384 _____ () P:\FileZilla-3.10.3\FileZilla FTP Client\fzshellext.dll
2015-04-08 19:56 - 2015-04-08 19:56 - 00664000 _____ () P:\TortoiseGIT\bin\libgit232_tgit.dll
2015-04-08 19:56 - 2015-04-08 19:56 - 00076728 _____ () P:\TortoiseGIT\bin\zlib132_tgit.dll
2015-10-16 12:07 - 2015-10-09 02:53 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libglesv2.dll
2015-10-16 12:07 - 2015-10-09 02:53 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libegl.dll
2015-04-22 21:40 - 2013-08-08 13:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-19 11:33 - 2014-04-25 14:11 - 02972112 _____ () P:\Spybot - Search & Destroy 2\NotificationSpreader.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 15751 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img3.jpg
DNS Servers: 141.56.1.1 - 141.56.1.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "PS-Link.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WindowsIoTCoreWatcher.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6FA5D3A5-67E4-45EF-98FA-298C635A523B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FDF2F6D2-59C9-4190-A9A3-D81F3CD2A9B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{92FF774D-2F95-4793-8A31-DABC27187258}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{60AB899B-A59E-48F0-8433-A2A69EE9DA7D}] => (Allow) P:\Microsoft Office 2013\Office15\lync.exe
FirewallRules: [{4074334D-0AFF-46EE-94F4-3FED55B98F8D}] => (Allow) P:\Microsoft Office 2013\Office15\lync.exe
FirewallRules: [{0C5E12F2-4051-4323-B833-1C664EEAD74D}] => (Allow) P:\Microsoft Office 2013\Office15\UcMapi.exe
FirewallRules: [{0C07FC43-C5C4-450A-B3B6-E6A406E4C7E9}] => (Allow) P:\Microsoft Office 2013\Office15\UcMapi.exe
FirewallRules: [TCP Query User{B954069C-07FF-44F4-B6FC-F703B08A2D9A}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{73295FB3-03E4-4C31-BC8E-52D93D00FA3C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{162339A1-99F2-4ECC-9735-06558708D083}P:\autodesk\maya\maya2014\bin\maya.exe] => (Allow) P:\autodesk\maya\maya2014\bin\maya.exe
FirewallRules: [UDP Query User{005552FC-1ED8-4599-B937-16EB839B3529}P:\autodesk\maya\maya2014\bin\maya.exe] => (Allow) P:\autodesk\maya\maya2014\bin\maya.exe
FirewallRules: [{6BBCEE0E-1648-48A3-BF28-819C0168D8FA}] => (Allow) P:\Microsoft Visual Studio 2013\Common7\IDE\devenv.exe
FirewallRules: [{82B2B591-9F49-49CE-B1FC-31F40E467C7D}] => (Allow) P:\Microsoft Visual Studio 2013\Common7\IDE\devenv.exe
FirewallRules: [{3CC59912-81D2-48BE-B0F2-15F43E75B98D}] => (Allow) P:\Microsoft Visual Studio 2013\Common7\IDE\devenv.exe
FirewallRules: [{630B6839-5D4C-4AF4-A0A9-849156233823}] => (Allow) P:\Microsoft Visual Studio 2013\Common7\IDE\devenv.exe
FirewallRules: [{57BA4EE6-C330-49E2-BE90-C7491C0CA4B2}] => (Allow) P:\Microsoft Visual Studio 2013\Common7\IDE\devenv.exe
FirewallRules: [{511257A6-8D50-4D4F-9142-49E71F5F5EB4}] => (Allow) P:\Microsoft Visual Studio 2013\Common7\IDE\devenv.exe
FirewallRules: [{DAFD3F16-D010-456D-90E0-202C0ED1F62E}] => (Allow) P:\Microsoft Visual Studio 2013\Common7\IDE\devenv.exe
FirewallRules: [{FA566586-411A-46D8-95D6-6DFE7590F70C}] => (Allow) LPort=12292
FirewallRules: [{87DFB7F5-283D-48A6-9F49-D75DB56DB363}] => (Allow) P:\Adobe Master Collection CS6\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{06201A1D-639E-4D60-8974-64AACEDBE7E8}] => (Allow) P:\Adobe Master Collection CS6\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{5E55F23A-B3FA-47BA-A324-16FD32847266}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{9D39F0AB-E7F9-425D-A751-A42A259AE930}C:\program files\java\jdk1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{AB06A825-3CB2-49CF-9195-380F78FA30E3}C:\program files\java\jdk1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_31\bin\java.exe
FirewallRules: [{1961F47C-45A7-48ED-AA7A-62DCA9BAFC9A}] => (Block) C:\program files\java\jdk1.8.0_31\bin\java.exe
FirewallRules: [{C6DE2C55-A76F-4BC2-A452-29B37D4B24D5}] => (Block) C:\program files\java\jdk1.8.0_31\bin\java.exe
FirewallRules: [TCP Query User{01321053-EF9F-4339-B1C3-C1A8E9A8F778}P:\android studio\bin\studio64.exe] => (Allow) P:\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{6FDE0DEF-16D0-4ADA-B27E-C6346082E3B5}P:\android studio\bin\studio64.exe] => (Allow) P:\android studio\bin\studio64.exe
FirewallRules: [{8FA977A1-D6EA-4A96-9BCF-0ABCE0642B79}] => (Block) P:\android studio\bin\studio64.exe
FirewallRules: [{F7E7ADAD-8AC9-4949-AA80-2A4C422CBCEC}] => (Block) P:\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{5B365260-4CF8-4171-83CA-FF77C0302C30}C:\users\peter\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\peter\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C0E0A3ED-B7AE-48DF-9F9C-1175EE65181A}C:\users\peter\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\peter\appdata\local\akamai\netsession_win.exe
FirewallRules: [{270DAD3F-1411-4FA8-96CF-3F3710BDAF4A}] => (Allow) P:\Autodesk\3DMax\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe
FirewallRules: [{CBA622D7-A708-4E15-9B92-BF97E990D0DE}] => (Allow) P:\Autodesk\3DMax\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe
FirewallRules: [{5F381648-AB67-4E1A-B5C7-A0C1E4E4B626}] => (Allow) P:\Autodesk\3DMax\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe
FirewallRules: [{326E6F12-67CD-46D6-B626-FD77378CDE8D}] => (Allow) P:\Autodesk\3DMax\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe
FirewallRules: [TCP Query User{4648C3D5-4717-41C9-A4A3-C7EDB0FD9FA4}P:\unity\editor\unity.exe] => (Allow) P:\unity\editor\unity.exe
FirewallRules: [UDP Query User{F8E881A2-8D0B-417E-A9E9-D8D6C064EEA5}P:\unity\editor\unity.exe] => (Allow) P:\unity\editor\unity.exe
FirewallRules: [{3AE90F66-F93A-4D4C-8E7D-C052FFDFE8A1}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2013\UnityVS.OpenFile.exe
FirewallRules: [{C7BB0AF5-0845-4044-A704-B0E8C0107E3E}] => (Allow) P:\Microsoft Visual Studio 2013\Common7\IDE\devenv.exe
FirewallRules: [{85B696F4-179E-4487-80BE-2D22E5EAAD52}] => (Allow) P:\Unity\Editor\Unity.exe
FirewallRules: [{ECC5A4D7-D272-453B-84AA-B74A23F41B4B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{54ACA215-D792-41C7-B2CD-093032E8A0E6}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{CB486869-84D5-47F3-BE28-1A34A4545B8B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{FD5E6EA8-4DC9-4059-9EF6-7D36C3574490}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [TCP Query User{CAF2CB4A-537B-4DB6-8E14-BFBF362F130F}C:\test\crack\qemu\qemu.exe] => (Allow) C:\test\crack\qemu\qemu.exe
FirewallRules: [UDP Query User{25358750-C346-4CE2-AA97-7CA60DA842FB}C:\test\crack\qemu\qemu.exe] => (Allow) C:\test\crack\qemu\qemu.exe
FirewallRules: [{8DF4695A-9BD1-4ED1-BFCD-082B8BFA4867}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3438DB4F-583F-4C50-A643-166B1AAE33BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{37A5725C-15F7-41A3-944C-78B1FC50E046}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{EF2E13DF-FFB0-424A-BF0C-0B192560436E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BB96F3AB-CA69-447C-A71F-D5CF2F67D0D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F00D54FE-DFAD-42B4-8B44-76FE80621B21}] => (Allow) C:\Program Files (x86)\Microsoft IoT\WindowsIoTCoreWatcher.exe
FirewallRules: [{E6479E26-2570-4533-877B-6303A17CF772}] => (Allow) C:\Program Files (x86)\Microsoft IoT\WindowsIoTCoreWatcher.exe
FirewallRules: [TCP Query User{D64BFDFF-C114-4ABA-B2C4-26DB5ADACBCC}C:\users\peter\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\peter\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{87122395-3C40-4E7E-B829-6D4229E09899}C:\users\peter\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\peter\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B6FF3C7D-2407-44ED-A6C9-6D9448E9375A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [P:\D-Link_PrintServer\PsLink.exe] => Enabled:PsLink
StandardProfile\AuthorizedApplications: [C:\Windows\PsMon.exe] => Enabled:PsMonitor
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/19/2015 09:01:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RunDll32.EXE, Version: 6.3.9600.17415, Zeitstempel: 0x545045a2
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x54504b2e
Ausnahmecode: 0x40000015
Fehleroffset: 0x000730eb
ID des fehlerhaften Prozesses: 0x2740
Startzeit der fehlerhaften Anwendung: 0xRunDll32.EXE0
Pfad der fehlerhaften Anwendung: RunDll32.EXE1
Pfad des fehlerhaften Moduls: RunDll32.EXE2
Berichtskennung: RunDll32.EXE3
Vollständiger Name des fehlerhaften Pakets: RunDll32.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RunDll32.EXE5
Error: (10/19/2015 08:37:19 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (10/19/2015 08:28:24 AM) (Source: MsiInstaller) (EventID: 11310) (User: PG)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Peter\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (10/19/2015 08:28:05 AM) (Source: MsiInstaller) (EventID: 11310) (User: PG)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Peter\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (10/18/2015 08:36:16 PM) (Source: MsiInstaller) (EventID: 11310) (User: PG)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Peter\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (10/18/2015 08:35:56 PM) (Source: MsiInstaller) (EventID: 11310) (User: PG)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Peter\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (10/18/2015 01:34:49 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (10/18/2015 01:25:38 PM) (Source: MsiInstaller) (EventID: 11310) (User: PG)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Peter\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (10/18/2015 01:25:19 PM) (Source: MsiInstaller) (EventID: 11310) (User: PG)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Peter\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (10/16/2015 11:32:11 AM) (Source: MsiInstaller) (EventID: 11310) (User: PG)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Peter\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Systemfehler:
=============
Error: (10/19/2015 08:56:07 AM) (Source: DCOM) (EventID: 10010) (User: PG)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (10/19/2015 08:55:37 AM) (Source: DCOM) (EventID: 10010) (User: PG)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (10/18/2015 10:15:16 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Hyper-V-Verwaltung für virtuelle Computer konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (10/18/2015 10:14:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/18/2015 04:45:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/18/2015 03:01:50 PM) (Source: DCOM) (EventID: 10010) (User: PG)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (10/18/2015 03:01:20 PM) (Source: DCOM) (EventID: 10010) (User: PG)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (10/16/2015 12:36:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/15/2015 03:33:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/15/2015 01:07:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-05-31 15:02:08.952
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-31 15:02:08.815
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-28 15:35:33.486
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-21 08:36:16.187
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-19 13:35:51.288
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-12 07:33:26.843
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-06 11:21:58.164
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-05 13:41:47.505
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-01 20:45:20.165
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 8110.5 MB
Verfügbarer physikalischer RAM: 2407.55 MB
Summe virtueller Speicher: 8598.5 MB
Verfügbarer virtueller Speicher: 1720.04 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:79.66 GB) (Free:5.26 GB) NTFS
Drive e: (boot) (Removable) (Total:0.05 GB) (Free:0.04 GB) FAT
Drive g: (Daten) (Fixed) (Total:931.51 GB) (Free:528.24 GB) NTFS
Drive p: (Programme) (Fixed) (Total:152.88 GB) (Free:46.52 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 311221B2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 95A77AA3)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=79.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=152.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: A6202AF7)
Partition 1: (Not Active) - (Size=56 MB) - (Type=0C)
Partition 2: (Not Active) - (Size=3 GB) - (Type=83)
==================== Ende von Addition.txt ============================
Ich bedanke mich schon einmal recht herzlich für die Mühe der Helfer. |
|
19.10.2015, 09:38
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
19.10.2015, 10:31
| #3 |
| | nächster Schritt erledigt hallo schrauber,
__________________danke für deine schnelle Reaktion. hier die Logs: Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.10.19.01
rootkit: v2015.10.16.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17937
Peter :: PG [administrator]
19.10.2015 11:06:05
mbar-log-2015-10-19 (11-06-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 497932
Time elapsed: 9 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Die website sagte mir das der Text über 12000 Zeichen ist. ich hänge diesen laut Vorgaben aals .zip an. Wenn ich den Fehler so sehe, ich habe tatsächlich Probleme mit meinem Netzwerkanschluss LAN. Meine Netzwerkkarte ist "Killer E2200 Game Networking" danke schon wieder |
|
19.10.2015, 20:03
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows Hi, Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.10.2015, 07:34
| #5 |
| | und hier noch mal die Log von tdsskiller geteilt tdsskiller Log Teil 1: Code:
ATTFilter 11:17:43.0900 0x2d58 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
11:17:47.0665 0x2d58 ============================================================
11:17:47.0665 0x2d58 Current date / time: 2015/10/19 11:17:47.0665
11:17:47.0665 0x2d58 SystemInfo:
11:17:47.0665 0x2d58
11:17:47.0665 0x2d58 OS Version: 6.3.9600 ServicePack: 0.0
11:17:47.0665 0x2d58 Product type: Workstation
11:17:47.0665 0x2d58 ComputerName: PG
11:17:47.0665 0x2d58 UserName: Peter
11:17:47.0665 0x2d58 Windows directory: C:\Windows
11:17:47.0665 0x2d58 System windows directory: C:\Windows
11:17:47.0665 0x2d58 Running under WOW64
11:17:47.0665 0x2d58 Processor architecture: Intel x64
11:17:47.0665 0x2d58 Number of processors: 8
11:17:47.0665 0x2d58 Page size: 0x1000
11:17:47.0665 0x2d58 Boot type: Normal boot
11:17:47.0665 0x2d58 ============================================================
11:17:47.0821 0x2d58 KLMD registered as C:\Windows\system32\drivers\16868660.sys
11:17:48.0024 0x2d58 System UUID: {3F335253-50BF-AD70-5C40-279032FF97EB}
11:17:48.0477 0x2d58 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:17:48.0477 0x2d58 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:17:48.0493 0x2d58 Drive \Device\Harddisk2\DR2 - Size: 0x1D9C00000 ( 7.40 Gb ), SectorSize: 0x200, Cylinders: 0x3C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:17:48.0508 0x2d58 ============================================================
11:17:48.0508 0x2d58 \Device\Harddisk0\DR0:
11:17:48.0508 0x2d58 MBR partitions:
11:17:48.0508 0x2d58 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
11:17:48.0508 0x2d58 \Device\Harddisk1\DR1:
11:17:48.0508 0x2d58 MBR partitions:
11:17:48.0508 0x2d58 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
11:17:48.0508 0x2d58 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x9F51800
11:17:48.0508 0x2d58 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xA001000, BlocksNum 0x131C4000
11:17:48.0508 0x2d58 \Device\Harddisk2\DR2:
11:17:48.0508 0x2d58 MBR partitions:
11:17:48.0508 0x2d58 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1C000
11:17:48.0508 0x2d58 ============================================================
11:17:48.0508 0x2d58 C: <-> \Device\Harddisk1\DR1\Partition2
11:17:48.0524 0x2d58 G: <-> \Device\Harddisk0\DR0\Partition1
11:17:48.0524 0x2d58 P: <-> \Device\Harddisk1\DR1\Partition3
11:17:48.0524 0x2d58 ============================================================
11:17:48.0524 0x2d58 Initialize success
11:17:48.0524 0x2d58 ============================================================
11:18:47.0343 0x2284 ============================================================
11:18:47.0343 0x2284 Scan started
11:18:47.0343 0x2284 Mode: Manual; SigCheck; TDLFS;
11:18:47.0343 0x2284 ============================================================
11:18:47.0343 0x2284 KSN ping started
11:18:49.0659 0x2284 KSN ping finished: true
11:18:50.0368 0x2284 ================ Scan system memory ========================
11:18:50.0368 0x2284 System memory - ok
11:18:50.0368 0x2284 ================ Scan services =============================
11:18:50.0400 0x2284 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
11:18:50.0446 0x2284 1394ohci - ok
11:18:50.0446 0x2284 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
11:18:50.0462 0x2284 3ware - ok
11:18:50.0478 0x2284 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:18:50.0493 0x2284 ACPI - ok
11:18:50.0493 0x2284 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
11:18:50.0509 0x2284 acpiex - ok
11:18:50.0509 0x2284 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
11:18:50.0525 0x2284 acpipagr - ok
11:18:50.0525 0x2284 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
11:18:50.0525 0x2284 AcpiPmi - ok
11:18:50.0540 0x2284 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
11:18:50.0540 0x2284 acpitime - ok
11:18:50.0556 0x2284 [ CBDF353624D1744734F2FD13B4786F90, 615C695F842D2F777C7D0DAA19B3674AB903FDC401E22A130C04DB0D0C1486D2 ] AdAppMgrSvc C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
11:18:50.0571 0x2284 AdAppMgrSvc - ok
11:18:50.0587 0x2284 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
11:18:50.0618 0x2284 ADP80XX - ok
11:18:50.0618 0x2284 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:18:50.0634 0x2284 AeLookupSvc - ok
11:18:50.0650 0x2284 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
11:18:50.0665 0x2284 AFD - ok
11:18:50.0681 0x2284 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:18:50.0681 0x2284 agp440 - ok
11:18:50.0681 0x2284 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
11:18:50.0696 0x2284 ahcache - ok
11:18:50.0696 0x2284 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
11:18:50.0712 0x2284 ALG - ok
11:18:50.0712 0x2284 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
11:18:50.0728 0x2284 AmdK8 - ok
11:18:50.0728 0x2284 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
11:18:50.0743 0x2284 AmdPPM - ok
11:18:50.0743 0x2284 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:18:50.0759 0x2284 amdsata - ok
11:18:50.0759 0x2284 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:18:50.0775 0x2284 amdsbs - ok
11:18:50.0775 0x2284 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:18:50.0790 0x2284 amdxata - ok
11:18:50.0790 0x2284 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
11:18:50.0806 0x2284 AppID - ok
11:18:50.0806 0x2284 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:18:50.0806 0x2284 AppIDSvc - ok
11:18:50.0821 0x2284 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
11:18:50.0821 0x2284 Appinfo - ok
11:18:50.0837 0x2284 [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:18:50.0853 0x2284 AppMgmt - ok
11:18:50.0868 0x2284 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
11:18:50.0884 0x2284 AppReadiness - ok
11:18:50.0915 0x2284 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
11:18:50.0962 0x2284 AppXSvc - ok
11:18:50.0962 0x2284 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:18:50.0978 0x2284 arcsas - ok
11:18:50.0978 0x2284 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:18:50.0993 0x2284 aspnet_state - ok
11:18:50.0993 0x2284 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
11:18:50.0993 0x2284 atapi - ok
11:18:51.0009 0x2284 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
11:18:51.0025 0x2284 AudioEndpointBuilder - ok
11:18:51.0040 0x2284 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:18:51.0056 0x2284 Audiosrv - ok
11:18:51.0071 0x2284 [ 9C7C876ACB9B707ECD08BD434C46A4D3, 4135E95C0E531854268D2009ACD6F932D8ADC4D31E72D3B942F731C60ECCDF1D ] AVP15.0.2 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
11:18:51.0103 0x2284 AVP15.0.2 - ok
11:18:51.0103 0x2284 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:18:51.0118 0x2284 AxInstSV - ok
11:18:51.0134 0x2284 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:18:51.0150 0x2284 b06bdrv - ok
11:18:51.0150 0x2284 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
11:18:51.0165 0x2284 BasicDisplay - ok
11:18:51.0165 0x2284 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
11:18:51.0181 0x2284 BasicRender - ok
11:18:51.0181 0x2284 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
11:18:51.0181 0x2284 bcmfn2 - ok
11:18:51.0196 0x2284 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\Windows\System32\bdesvc.dll
11:18:51.0212 0x2284 BDESVC - ok
11:18:51.0212 0x2284 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
11:18:51.0228 0x2284 Beep - ok
11:18:51.0243 0x2284 [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE C:\Windows\System32\bfe.dll
11:18:51.0277 0x2284 BFE - ok
11:18:51.0282 0x2284 [ 17BCA402EF3E67277963374F01EE7B34, 03D93DBE984FA59E7FC22ED9FD93C4CD2365F36BFB32880041812EC6FDB8FB29 ] BfLwf C:\Windows\system32\DRIVERS\bwcW8x64.sys
11:18:51.0282 0x2284 BfLwf - ok
11:18:51.0311 0x2284 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
11:18:51.0346 0x2284 BITS - ok
11:18:51.0378 0x2284 [ A8E05BE650637FC1B9CA5A4AD5893D61, A13F902F64BC906473E6576745D9024D157E87F5FDE9B28B5DCAA248BDB3E7CA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:18:51.0400 0x2284 Bluetooth Device Monitor - ok
11:18:51.0418 0x2284 [ 889AED9D7E57139956C5B03D93386A10, A7988A977C9B6AEFB83B9D3BD60CF49D757A5436D782F840C073C4E5B89D370A ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:18:51.0449 0x2284 Bluetooth OBEX Service - ok
11:18:51.0449 0x2284 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:18:51.0465 0x2284 bowser - ok
11:18:51.0480 0x2284 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
11:18:51.0496 0x2284 BrokerInfrastructure - ok
11:18:51.0496 0x2284 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
11:18:51.0512 0x2284 Browser - ok
11:18:51.0512 0x2284 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
11:18:51.0527 0x2284 BthAvrcpTg - ok
11:18:51.0527 0x2284 [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
11:18:51.0527 0x2284 BthEnum - ok
11:18:51.0543 0x2284 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
11:18:51.0543 0x2284 BthHFEnum - ok
11:18:51.0543 0x2284 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
11:18:51.0558 0x2284 bthhfhid - ok
11:18:51.0558 0x2284 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
11:18:51.0574 0x2284 BthHFSrv - ok
11:18:51.0590 0x2284 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\System32\drivers\BthLEEnum.sys
11:18:51.0605 0x2284 BthLEEnum - ok
11:18:51.0605 0x2284 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
11:18:51.0621 0x2284 BTHMODEM - ok
11:18:51.0621 0x2284 [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys
11:18:51.0637 0x2284 BthPan - ok
11:18:51.0652 0x2284 [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:18:51.0683 0x2284 BTHPORT - ok
11:18:51.0699 0x2284 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
11:18:51.0699 0x2284 bthserv - ok
11:18:51.0715 0x2284 [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:18:51.0715 0x2284 BTHUSB - ok
11:18:51.0730 0x2284 [ E55812A296C23169DEDB8841A0684958, D170365CEFBEE39A0784ECDCDEA158A0CDCFEE12DF1FB638CEECD4798C1E759C ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
11:18:51.0730 0x2284 btmaux - ok
11:18:51.0762 0x2284 [ EAAE1737D2209701E203BA017F57E579, B0CA6FDE97DEBAF2FC6FDEA0BB1A0C4234A75133E64C7739B2392F85C1E69E22 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
11:18:51.0808 0x2284 btmhsf - ok
11:18:51.0819 0x2284 [ 5A458422B4312BAEEFA3E64D321596E6, 1213D86B9B6FBB1414D1D3E5F4B0ED0C68D05EB98C902395AB0F0FC3D8A29AD5 ] busenum C:\Windows\System32\drivers\busenum.sys
11:18:51.0828 0x2284 busenum - ok
11:18:51.0834 0x2284 [ 51A60A3E876C30E708D7C5FC0DE7F28C, 58E05650DAB0FC67E44D997760403F2AA947BC08E59349EA7C36219D68BA26AE ] BusRMUSB C:\Windows\System32\drivers\BusRMUSB.sys
11:18:51.0841 0x2284 BusRMUSB - ok
11:18:51.0843 0x2284 c2wts - ok
11:18:51.0849 0x2284 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:18:51.0853 0x2284 cdfs - ok
11:18:51.0871 0x2284 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
11:18:51.0883 0x2284 cdrom - ok
11:18:51.0891 0x2284 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
11:18:51.0903 0x2284 CertPropSvc - ok
11:18:51.0903 0x2284 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
11:18:51.0903 0x2284 circlass - ok
11:18:51.0925 0x2284 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
11:18:51.0942 0x2284 CLFS - ok
11:18:51.0949 0x2284 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
11:18:51.0959 0x2284 CmBatt - ok
11:18:51.0968 0x2284 [ 429B31D047CFAD3CA5DD38120A2CE455, 5CC1459CBBBF2E6788635D4C277B116D90AE01DBE7AD561EB41A668F64801E80 ] cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys
11:18:51.0982 0x2284 cm_km_w - ok
11:18:51.0999 0x2284 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\Windows\system32\Drivers\cng.sys
11:18:52.0019 0x2284 CNG - ok
11:18:52.0026 0x2284 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
11:18:52.0028 0x2284 CompositeBus - ok
11:18:52.0028 0x2284 COMSysApp - ok
11:18:52.0028 0x2284 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
11:18:52.0043 0x2284 condrv - ok
11:18:52.0059 0x2284 [ DAC4D7D79C07957F237E1A4F24435E96, F0D5C21A403580D71F1F6B049C5BB043D3257D39FABCDE623E81CD48034610AC ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:18:52.0074 0x2284 cphs - ok
11:18:52.0090 0x2284 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:18:52.0090 0x2284 CryptSvc - ok
11:18:52.0106 0x2284 [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\Windows\system32\drivers\csc.sys
11:18:52.0137 0x2284 CSC - ok
11:18:52.0153 0x2284 [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\Windows\System32\cscsvc.dll
11:18:52.0184 0x2284 CscService - ok
11:18:52.0184 0x2284 [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
11:18:52.0184 0x2284 CVirtA - ok
11:18:52.0231 0x2284 [ 98C413E1A2FB6E5A4C101C25B3D0B275, 86C02211285F1807A6B276F07C56DE1A54BD5947E513884D8D971A22F4362849 ] CVPND P:\Cisco System VPN Client\cvpnd.exe
11:18:52.0262 0x2284 CVPND - ok
11:18:52.0262 0x2284 [ 79AF0E203D089AF442A3F70ED00A37FB, BF28BF9AEE23A3052D5ADA6C1B4C255C5F09DED69BB88D2CA3C011D2C3CFA8C1 ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
11:18:52.0278 0x2284 CVPNDRVA - ok
11:18:52.0278 0x2284 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\Windows\system32\drivers\dam.sys
11:18:52.0293 0x2284 dam - ok
11:18:52.0321 0x2284 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:18:52.0341 0x2284 DcomLaunch - ok
11:18:52.0357 0x2284 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
11:18:52.0372 0x2284 defragsvc - ok
11:18:52.0388 0x2284 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
11:18:52.0408 0x2284 DeviceAssociationService - ok
11:18:52.0419 0x2284 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
11:18:52.0419 0x2284 DeviceInstall - ok
11:18:52.0435 0x2284 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
11:18:52.0451 0x2284 Dfsc - ok
11:18:52.0458 0x2284 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
11:18:52.0466 0x2284 dg_ssudbus - ok
11:18:52.0471 0x2284 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
11:18:52.0486 0x2284 Dhcp - ok
11:18:52.0517 0x2284 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\Windows\system32\diagtrack.dll
11:18:52.0547 0x2284 DiagTrack - ok
11:18:52.0562 0x2284 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
11:18:52.0562 0x2284 disk - ok
11:18:52.0562 0x2284 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
11:18:52.0578 0x2284 dmvsc - ok
11:18:52.0578 0x2284 [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
11:18:52.0594 0x2284 DNE - ok
11:18:52.0594 0x2284 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:18:52.0609 0x2284 Dnscache - ok
11:18:52.0625 0x2284 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
11:18:52.0625 0x2284 dot3svc - ok
11:18:52.0640 0x2284 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
11:18:52.0656 0x2284 DPS - ok
11:18:52.0656 0x2284 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:18:52.0656 0x2284 drmkaud - ok
11:18:52.0672 0x2284 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
11:18:52.0687 0x2284 DsmSvc - ok
11:18:52.0719 0x2284 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:18:52.0750 0x2284 DXGKrnl - ok
11:18:52.0765 0x2284 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
11:18:52.0765 0x2284 Eaphost - ok
11:18:52.0828 0x2284 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:18:52.0922 0x2284 ebdrv - ok
11:18:52.0922 0x2284 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
11:18:52.0937 0x2284 EFS - ok
11:18:52.0937 0x2284 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
11:18:52.0953 0x2284 EhStorClass - ok
11:18:52.0959 0x2284 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
11:18:52.0967 0x2284 EhStorTcgDrv - ok
11:18:52.0971 0x2284 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
11:18:52.0977 0x2284 ElbyCDIO - ok
11:18:52.0980 0x2284 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
11:18:52.0987 0x2284 ErrDev - ok
11:18:52.0998 0x2284 [ 4A9C48B8C7544193BC7A2B68B50FECE1, 9FC21C02DF59F83F8F4E5BA050208F1C62C03934FBF35E145FCB033FC3D54D09 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
11:18:53.0011 0x2284 ETD - ok
11:18:53.0018 0x2284 [ 342FA09C5BC16D492F6B5F48A5D7B7B7, 44FDCEE2666F1811C68B093781E844B31C5E476944B445DB1E51BB30D6A1EAA9 ] ETDService C:\Program Files\Elantech\ETDService.exe
11:18:53.0024 0x2284 ETDService - ok
11:18:53.0037 0x2284 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
11:18:53.0052 0x2284 EventSystem - ok
11:18:53.0072 0x2284 [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:18:53.0086 0x2284 EvtEng - ok
11:18:53.0094 0x2284 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
11:18:53.0115 0x2284 exfat - ok
11:18:53.0121 0x2284 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:18:53.0132 0x2284 fastfat - ok
11:18:53.0150 0x2284 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
11:18:53.0171 0x2284 Fax - ok
11:18:53.0175 0x2284 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
11:18:53.0182 0x2284 fdc - ok
11:18:53.0185 0x2284 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
11:18:53.0194 0x2284 fdPHost - ok
11:18:53.0198 0x2284 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
11:18:53.0206 0x2284 FDResPub - ok
11:18:53.0211 0x2284 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
11:18:53.0222 0x2284 fhsvc - ok
11:18:53.0227 0x2284 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:18:53.0235 0x2284 FileInfo - ok
11:18:53.0239 0x2284 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:18:53.0250 0x2284 Filetrace - ok
11:18:53.0265 0x2284 [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:18:53.0283 0x2284 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
11:18:55.0604 0x2284 Detect skipped due to KSN trusted
11:18:55.0604 0x2284 FLEXnet Licensing Service - ok
11:18:55.0666 0x2284 [ 96A89625E34EC8B5F05A9D01AAD04759, B64B7E7AD5D02D4C91A2A45FB9F523A162482A37F784625233FE4AD8B2601453 ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
11:18:55.0760 0x2284 FlexNet Licensing Service 64 - ok
11:18:55.0775 0x2284 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
11:18:55.0791 0x2284 flpydisk - ok
11:18:55.0807 0x2284 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:18:55.0822 0x2284 FltMgr - ok
11:18:55.0869 0x2284 [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache C:\Windows\system32\FntCache.dll
11:18:55.0916 0x2284 FontCache - ok
11:18:55.0932 0x2284 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:18:55.0932 0x2284 FontCache3.0.0.0 - ok
11:18:55.0947 0x2284 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:18:55.0947 0x2284 FsDepends - ok
11:18:55.0963 0x2284 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:18:55.0963 0x2284 Fs_Rec - ok
11:18:55.0979 0x2284 [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
11:18:55.0994 0x2284 fussvc - detected UnsignedFile.Multi.Generic ( 1 )
11:18:58.0400 0x2284 Detect skipped due to KSN trusted
11:18:58.0400 0x2284 fussvc - ok
11:18:58.0431 0x2284 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:18:58.0494 0x2284 fvevol - ok
11:18:58.0509 0x2284 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
11:18:58.0541 0x2284 FxPPM - ok
11:18:58.0541 0x2284 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:18:58.0572 0x2284 gagp30kx - ok
11:18:58.0572 0x2284 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
11:18:58.0603 0x2284 gencounter - ok
11:18:58.0650 0x2284 [ D3C40989B164358F5BAA11EB7F605390, 0036F3F8B28F21A0DA0EF6D83965C0A8927C6109985AAA8F94178564FA938C2A ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:18:58.0697 0x2284 GfExperienceService - ok
11:18:58.0713 0x2284 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
11:18:58.0728 0x2284 GPIOClx0101 - ok
11:18:58.0775 0x2284 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
11:18:58.0822 0x2284 gpsvc - ok
11:18:58.0838 0x2284 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:18:58.0838 0x2284 gupdate - ok
11:18:58.0853 0x2284 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:18:58.0853 0x2284 gupdatem - ok
11:18:58.0869 0x2284 [ 2AC2F4227EA41501E7BD2FFA7B3D82F8, 4CB7FF1C759C16733153BF147E4B5CFD61CB8C4EAB071E4655C830C7D35F5215 ] hcmon C:\Windows\system32\drivers\hcmon.sys
11:18:58.0869 0x2284 hcmon - ok
11:18:58.0900 0x2284 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:18:58.0916 0x2284 HdAudAddService - ok
11:18:58.0931 0x2284 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
11:18:58.0931 0x2284 HDAudBus - ok
11:18:58.0947 0x2284 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
11:18:58.0947 0x2284 HidBatt - ok
11:18:58.0963 0x2284 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
11:18:58.0978 0x2284 HidBth - ok
11:18:58.0978 0x2284 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
11:18:58.0994 0x2284 hidi2c - ok
11:18:58.0994 0x2284 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
11:18:59.0009 0x2284 HidIr - ok
11:18:59.0009 0x2284 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
11:18:59.0009 0x2284 hidserv - ok
11:18:59.0009 0x2284 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
11:18:59.0025 0x2284 HidUsb - ok
11:18:59.0025 0x2284 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
11:18:59.0041 0x2284 hkmsvc - ok
11:18:59.0041 0x2284 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:18:59.0056 0x2284 HomeGroupListener - ok
11:18:59.0072 0x2284 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:18:59.0088 0x2284 HomeGroupProvider - ok
11:18:59.0088 0x2284 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:18:59.0103 0x2284 HpSAMD - ok
11:18:59.0134 0x2284 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:18:59.0166 0x2284 HTTP - ok
11:18:59.0166 0x2284 [ 37BE5E1426C190BC35C0D5FE5786CB9A, 393A33B044B6ABCC5FB120B1DE9E265C08C492C2654EB1B0459B2A35C3ACE1A0 ] hvservice C:\Windows\system32\drivers\hvservice.sys
11:18:59.0181 0x2284 hvservice - ok
11:18:59.0197 0x2284 [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
11:18:59.0197 0x2284 HWiNFO32 - ok
11:18:59.0197 0x2284 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:18:59.0213 0x2284 hwpolicy - ok
11:18:59.0213 0x2284 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
11:18:59.0213 0x2284 hyperkbd - ok
11:18:59.0213 0x2284 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
11:18:59.0228 0x2284 HyperVideo - ok
11:18:59.0228 0x2284 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
11:18:59.0244 0x2284 i8042prt - ok
11:18:59.0244 0x2284 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
11:18:59.0259 0x2284 iaLPSSi_GPIO - ok
11:18:59.0259 0x2284 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
11:18:59.0259 0x2284 iaLPSSi_I2C - ok
11:18:59.0275 0x2284 [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
11:18:59.0291 0x2284 iaStorA - ok
11:18:59.0306 0x2284 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
11:18:59.0322 0x2284 iaStorAV - ok
11:18:59.0338 0x2284 [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:18:59.0338 0x2284 IAStorDataMgrSvc - ok
11:18:59.0353 0x2284 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:18:59.0353 0x2284 iaStorV - ok
11:18:59.0369 0x2284 [ 3828FA36AAE08D3E6778E5E78A1DE21F, 3AF349A81907574E047BA5A8414F0E16F5ACCB5B532D1B5C6A6B3B9EE986DD08 ] iBtSiva C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
11:18:59.0369 0x2284 iBtSiva - ok
11:18:59.0384 0x2284 [ 3677953D5072C89E42999F59D32F4FF8, FDE5EBE1A86A4C1EA526EB16EF10E990DDF49A1A3783260B07B029D51D46CD34 ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
11:18:59.0384 0x2284 ibtusb - ok
11:18:59.0384 0x2284 IEEtwCollectorService - ok
11:18:59.0472 0x2284 [ 5863E2DD2E5C2D1B1F70C3826C162A7B, A6A0DBFA91F53D116AFFC1644F636A9D33A20B00A842A190190584F8AE2D1FF0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:18:59.0550 0x2284 igfx - ok
11:18:59.0566 0x2284 [ C5202C7669226FF13A74228BD42AD982, BA843DEF6649DF34F9D0D0A380E77557D7785B8239A61EA33EFF08AEF0C8E6DE ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
11:18:59.0581 0x2284 igfxCUIService1.0.0.0 - ok
11:18:59.0597 0x2284 [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT C:\Windows\System32\ikeext.dll
11:18:59.0628 0x2284 IKEEXT - ok
11:18:59.0628 0x2284 [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:18:59.0644 0x2284 intaud_WaveExtensible - ok
11:18:59.0722 0x2284 [ 689F04285EF20E98B4F338AF7523A4C2, C2D1EB41382A346607BD91CDBFAEACBC4087EC8482312CBE2E6FBCB87E1B8320 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:18:59.0800 0x2284 IntcAzAudAddService - ok
11:18:59.0816 0x2284 [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:18:59.0831 0x2284 IntcDAud - ok
11:18:59.0863 0x2284 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:18:59.0878 0x2284 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:19:02.0227 0x2284 Detect skipped due to KSN trusted
11:19:02.0227 0x2284 Intel(R) Capability Licensing Service Interface - ok
11:19:02.0289 0x2284 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:19:02.0352 0x2284 Intel(R) Capability Licensing Service TCP IP Interface - ok
11:19:02.0367 0x2284 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
11:19:02.0383 0x2284 intelide - ok
11:19:02.0399 0x2284 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\Windows\system32\drivers\intelpep.sys
11:19:02.0399 0x2284 intelpep - ok
11:19:02.0414 0x2284 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
11:19:02.0430 0x2284 intelppm - ok
11:19:02.0446 0x2284 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:19:02.0461 0x2284 IpFilterDriver - ok
11:19:02.0492 0x2284 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:19:02.0524 0x2284 iphlpsvc - ok
11:19:02.0539 0x2284 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
11:19:02.0539 0x2284 IPMIDRV - ok
11:19:02.0555 0x2284 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:19:02.0571 0x2284 IPNAT - ok
11:19:02.0571 0x2284 [ 944A6D2E1D971806EFFE4BBABF0DBDC7, 394FC1137D2F5CAE0076229EBFEA940584A15AE4D382006507292A94441AF442 ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
11:19:02.0586 0x2284 IpOverUsbSvc - ok
11:19:02.0586 0x2284 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:19:02.0602 0x2284 IRENUM - ok
11:19:02.0602 0x2284 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:19:02.0602 0x2284 isapnp - ok
11:19:02.0617 0x2284 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
11:19:02.0633 0x2284 iScsiPrt - ok
11:19:02.0649 0x2284 [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
11:19:02.0649 0x2284 iwdbus - ok
11:19:02.0649 0x2284 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:19:02.0664 0x2284 jhi_service - ok
11:19:02.0664 0x2284 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
11:19:02.0680 0x2284 kbdclass - ok
11:19:02.0680 0x2284 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
11:19:02.0696 0x2284 kbdhid - ok
11:19:02.0696 0x2284 [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\Windows\system32\drivers\kbldfltr.sys
11:19:02.0696 0x2284 kbldfltr - ok
11:19:02.0711 0x2284 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
11:19:02.0711 0x2284 kdnic - ok
11:19:02.0727 0x2284 [ EB62EE6D52F0D6B76256DBE71C07E26F, D92F2D9B1779DC52918CB5D9F212F62F62E40F7EBB81A865F090B071BE69DE77 ] Ke2200 C:\Windows\system32\DRIVERS\e22w8x64.sys
11:19:02.0727 0x2284 Ke2200 - ok
11:19:02.0727 0x2284 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
11:19:02.0742 0x2284 KeyIso - ok
11:19:02.0758 0x2284 [ 5781DA0CFB8833F5D8AEB433233C7294, 5EF52B532257E8CD34CEAFA405FF022CB1127B6A92BEE5578BC73B0380556D2A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
11:19:02.0774 0x2284 kl1 - ok
11:19:02.0774 0x2284 [ EE7A44540B65B6FF617DCB8929C9FDAE, E9FB0BEAA1692CEBE8F6E1DED6AE49EFE2679F606CD251AE2222095D37129CDA ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
11:19:02.0774 0x2284 kldisk - ok
11:19:02.0774 0x2284 [ F2EB9202FCCC81E0902D3C5A70037A44, 9554851BB68228500E69536B0C484B32FC92B85A76A7F1F268549212D0D5CFCA ] klelam C:\Windows\system32\DRIVERS\klelam.sys
11:19:02.0789 0x2284 klelam - ok
11:19:02.0789 0x2284 [ 6C76992FC40A857A24C5D96602E9C3B1, 87DF4C915B9B926891A252A1D126B262DC9A37A508AAEFC5957C4C7AB297D7E3 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
11:19:02.0805 0x2284 klflt - ok
11:19:02.0805 0x2284 [ 52B6208BC2E92558AD7DB2A6015F8E4A, 15E61BB99DCB5ADA9F5E9C9861FDB8B19133CFDA79FB332C68BF527C65F8E0B8 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
11:19:02.0821 0x2284 klhk - ok
11:19:02.0836 0x2284 [ 68A63B654F5545F2131B8C549F18B95B, 03AD286FCCFA25A2C28E206485A27DA47F116546B81964822AF05F268D58D1A6 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
11:19:02.0852 0x2284 KLIF - ok
11:19:02.0867 0x2284 [ 082E4E17C8C56205D7A3A74F52FAD991, BF664A675549F0456983B974FC94614FDE5DC778033ACE0936B78A0FBCB52226 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
11:19:02.0867 0x2284 KLIM6 - ok
11:19:02.0867 0x2284 [ 72EB703CBD490DE11FB468F290A47493, AA7469DA253EFC3B534BA2D0BBBCD95F82DBAA48E4CBC9F67DAD7B118C3F85D3 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
11:19:02.0883 0x2284 klkbdflt - ok
11:19:02.0883 0x2284 klkbdflt2 - ok
11:19:02.0883 0x2284 [ 039C35F0CA2866447C6C38F6653DD0BF, 7F084E1CA2FEA6E3D3FBE3DC8D0362BB5ADCF53B2CB3F1349EF96F39131E1D6D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
11:19:02.0883 0x2284 klmouflt - ok
11:19:02.0899 0x2284 [ B33399BCA2034648520E34987CE2C0C9, F93B38D7DFAAE44B929BC2F739F03A9A67C6FA4AFC29B07DF96D2C7011DCB1AF ] klpd C:\Windows\system32\DRIVERS\klpd.sys
11:19:02.0899 0x2284 klpd - ok
11:19:02.0899 0x2284 [ C66A4C640B7F9606668D35D726D2FF51, B6708A516D55FDDB3C5F018827D4E0B52D2B65D7B0DC33A9AECC301A05A860DE ] klwfp C:\Windows\system32\DRIVERS\klwfp.sys
11:19:02.0914 0x2284 klwfp - ok
11:19:02.0914 0x2284 [ 88D5EF6EE17C280167D42B53282AB4BD, CFFF8D7CE24FCE62FB2C21E1B09DF914612C1EF96876855537B207F7BD83E872 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
11:19:02.0930 0x2284 Klwtp - ok
11:19:02.0930 0x2284 [ F9F8752748D6629EB8A5990F97D4346B, 833788E320F429BA25838F414F190C1D024D352F4F3CE050D593DCAEB2BAC2E8 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
11:19:02.0946 0x2284 kneps - ok
11:19:02.0946 0x2284 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:19:02.0946 0x2284 KSecDD - ok
11:19:02.0961 0x2284 [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:19:02.0961 0x2284 KSecPkg - ok
11:19:02.0977 0x2284 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:19:02.0977 0x2284 ksthunk - ok
11:19:02.0992 0x2284 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:19:03.0008 0x2284 KtmRm - ok
11:19:03.0008 0x2284 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
11:19:03.0024 0x2284 LanmanServer - ok
11:19:03.0039 0x2284 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:19:03.0055 0x2284 LanmanWorkstation - ok
11:19:03.0071 0x2284 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
11:19:03.0086 0x2284 lfsvc - ok
11:19:03.0086 0x2284 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:19:03.0102 0x2284 lltdio - ok
11:19:03.0102 0x2284 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:19:03.0117 0x2284 lltdsvc - ok
11:19:03.0133 0x2284 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:19:03.0133 0x2284 lmhosts - ok
11:19:03.0149 0x2284 [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:19:03.0149 0x2284 LMS - ok
11:19:03.0164 0x2284 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:19:03.0164 0x2284 LSI_SAS - ok
11:19:03.0180 0x2284 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:19:03.0180 0x2284 LSI_SAS2 - ok
11:19:03.0180 0x2284 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
11:19:03.0196 0x2284 LSI_SAS3 - ok
11:19:03.0196 0x2284 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
11:19:03.0211 0x2284 LSI_SSS - ok
11:19:03.0227 0x2284 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
11:19:03.0242 0x2284 LSM - ok
11:19:03.0258 0x2284 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
11:19:03.0258 0x2284 luafv - ok
11:19:03.0274 0x2284 [ 11B7E5BD6EFBB7DB35F7933C3795F050, 28C62C8CE9B13119EDE031E881A4218F89DBFEF9B59975BE6108FBEF7A21E79F ] lunparser C:\Windows\system32\drivers\lunparser.sys
11:19:03.0274 0x2284 lunparser - ok
11:19:03.0274 0x2284 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
11:19:03.0289 0x2284 MBfilt - ok
11:19:03.0289 0x2284 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
11:19:03.0289 0x2284 megasas - ok
11:19:03.0305 0x2284 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
11:19:03.0336 0x2284 megasr - ok
11:19:03.0336 0x2284 [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
11:19:03.0336 0x2284 MEIx64 - ok
11:19:03.0352 0x2284 [ 0AF89452A8CE3928168F4E5B2208C68B, 571F1A9F1F0B31DB5FFAE7FB7F98C16958439D6666A9F2131B0F2E496BF3D2AC ] mi-raysat_3dsmax2016_64 P:\Autodesk\3DMax\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe
11:19:03.0367 0x2284 mi-raysat_3dsmax2016_64 - detected UnsignedFile.Multi.Generic ( 1 )
11:19:05.0883 0x2284 Detect skipped due to KSN trusted
11:19:05.0883 0x2284 mi-raysat_3dsmax2016_64 - ok
11:19:05.0914 0x2284 [ 71C6748EE8DE938532057EF10B4B7E44, 455175332156939B3CDA4511A2A6C213ABBFDB85EEECA98B6AB014C994F532C4 ] Micro Star SCM c:\Program Files (x86)\SCM\MSIService.exe
11:19:05.0930 0x2284 Micro Star SCM - detected UnsignedFile.Multi.Generic ( 1 )
11:19:08.0465 0x2284 Detect skipped due to KSN trusted
11:19:08.0465 0x2284 Micro Star SCM - ok
11:19:08.0465 0x2284 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
11:19:08.0512 0x2284 MMCSS - ok
11:19:08.0512 0x2284 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
11:19:08.0543 0x2284 Modem - ok
11:19:08.0559 0x2284 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
11:19:08.0590 0x2284 monitor - ok
11:19:08.0590 0x2284 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
11:19:08.0621 0x2284 mouclass - ok
11:19:08.0621 0x2284 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
11:19:08.0652 0x2284 mouhid - ok
11:19:08.0668 0x2284 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:19:08.0684 0x2284 mountmgr - ok
11:19:08.0699 0x2284 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:19:08.0715 0x2284 mpsdrv - ok
11:19:08.0730 0x2284 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
11:19:08.0777 0x2284 MpsSvc - ok
11:19:08.0793 0x2284 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:19:08.0793 0x2284 MRxDAV - ok
11:19:08.0809 0x2284 [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:19:08.0824 0x2284 mrxsmb - ok
11:19:08.0840 0x2284 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:19:08.0855 0x2284 mrxsmb10 - ok
11:19:08.0855 0x2284 [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:19:08.0871 0x2284 mrxsmb20 - ok
11:19:08.0871 0x2284 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
11:19:08.0871 0x2284 MsBridge - ok
11:19:08.0887 0x2284 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
11:19:08.0887 0x2284 MSDTC - ok
11:19:08.0902 0x2284 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:19:08.0902 0x2284 Msfs - ok
11:19:08.0918 0x2284 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
11:19:08.0918 0x2284 msgpiowin32 - ok
11:19:08.0918 0x2284 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:19:08.0934 0x2284 mshidkmdf - ok
11:19:08.0934 0x2284 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
11:19:08.0934 0x2284 mshidumdf - ok
11:19:08.0949 0x2284 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:19:08.0949 0x2284 msisadrv - ok
11:19:08.0949 0x2284 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:19:08.0965 0x2284 MSiSCSI - ok
11:19:08.0965 0x2284 msiserver - ok
11:19:08.0980 0x2284 [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
11:19:08.0980 0x2284 MsKeyboardFilter - ok
11:19:08.0980 0x2284 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:19:08.0996 0x2284 MSKSSRV - ok
11:19:08.0996 0x2284 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
11:19:09.0012 0x2284 MsLldp - ok
11:19:09.0012 0x2284 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:19:09.0012 0x2284 MSPCLOCK - ok
11:19:09.0012 0x2284 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:19:09.0027 0x2284 MSPQM - ok
11:19:09.0043 0x2284 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:19:09.0059 0x2284 MsRPC - ok
11:19:09.0059 0x2284 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
11:19:09.0059 0x2284 mssmbios - ok
11:19:09.0074 0x2284 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:19:09.0074 0x2284 MSTEE - ok
11:19:09.0074 0x2284 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
11:19:09.0090 0x2284 MTConfig - ok
11:19:09.0090 0x2284 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
11:19:09.0090 0x2284 Mup - ok
11:19:09.0105 0x2284 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
11:19:09.0105 0x2284 mvumis - ok
11:19:09.0121 0x2284 [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:19:09.0137 0x2284 MyWiFiDHCPDNS - ok
11:19:09.0137 0x2284 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
11:19:09.0152 0x2284 napagent - ok
11:19:09.0168 0x2284 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:19:09.0184 0x2284 NativeWifiP - ok
11:19:09.0199 0x2284 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
11:19:09.0199 0x2284 NcaSvc - ok
11:19:09.0215 0x2284 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
11:19:09.0230 0x2284 NcbService - ok
11:19:09.0230 0x2284 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
11:19:09.0246 0x2284 NcdAutoSetup - ok
11:19:09.0262 0x2284 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:19:09.0293 0x2284 NDIS - ok
11:19:09.0293 0x2284 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:19:09.0309 0x2284 NdisCap - ok
11:19:09.0309 0x2284 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:19:09.0324 0x2284 NdisImPlatform - ok
11:19:09.0324 0x2284 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatformMp C:\Windows\system32\DRIVERS\NdisImPlatform.sys
11:19:09.0340 0x2284 NdisImPlatformMp - ok
11:19:09.0340 0x2284 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:19:09.0340 0x2284 NdisTapi - ok
11:19:09.0355 0x2284 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:19:09.0355 0x2284 Ndisuio - ok
11:19:09.0355 0x2284 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
11:19:09.0371 0x2284 NdisVirtualBus - ok
11:19:09.0371 0x2284 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:19:09.0387 0x2284 NdisWan - ok
11:19:09.0402 0x2284 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
11:19:09.0402 0x2284 NdisWanLegacy - ok
11:19:09.0418 0x2284 [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1, 913AEC8A5F735C2EFDCB417E4077AB5A15457C601E6E88A1F4FA52C91E6E0BBF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:19:09.0418 0x2284 NDProxy - ok
11:19:09.0434 0x2284 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
11:19:09.0434 0x2284 Ndu - ok
11:19:09.0434 0x2284 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:19:09.0449 0x2284 NetBIOS - ok
11:19:09.0465 0x2284 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:19:09.0480 0x2284 NetBT - ok
11:19:09.0480 0x2284 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
11:19:09.0480 0x2284 Netlogon - ok
11:19:09.0496 0x2284 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
11:19:09.0512 0x2284 Netman - ok
11:19:09.0527 0x2284 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
11:19:09.0543 0x2284 netprofm - ok
11:19:09.0559 0x2284 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:19:09.0559 0x2284 NetTcpPortSharing - ok
11:19:09.0559 0x2284 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
11:19:09.0574 0x2284 netvsc - ok
11:19:09.0652 0x2284 [ 619EE1E89B759F4C3B3B684D1FF24A6D, 3654F7F3AB3FF55C6EE3F5CC17CDC660B9C2A2EDEC4CA118BC8660D38E14C191 ] NETwNb64 C:\Windows\system32\DRIVERS\Netwbw02.sys
11:19:09.0715 0x2284 NETwNb64 - ok
11:19:09.0730 0x2284 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
11:19:09.0762 0x2284 NlaSvc - ok
11:19:09.0762 0x2284 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:19:09.0762 0x2284 Npfs - ok
11:19:09.0777 0x2284 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
11:19:09.0777 0x2284 npsvctrig - ok
11:19:09.0777 0x2284 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
11:19:09.0793 0x2284 nsi - ok
11:19:09.0793 0x2284 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:19:09.0809 0x2284 nsiproxy - ok
11:19:09.0855 0x2284 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:19:09.0902 0x2284 Ntfs - ok
11:19:09.0918 0x2284 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
11:19:09.0918 0x2284 Null - ok
11:19:10.0090 0x2284 [ 36BAB895547EA82892292F05FA02142E, 224D165CE3ECB0EF35C18D09507AB43ADC4A7AD12E507F31230012943C83BEDB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:19:10.0277 0x2284 nvlddmkm - ok
11:19:10.0309 0x2284 [ 930AE35B57C33F361AF045D220229063, B67776D3392E879CF6006AC86D72DEA826EF4607A4853116B837F2F95BEBF270 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:19:10.0340 0x2284 NvNetworkService - ok
11:19:10.0355 0x2284 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:19:10.0355 0x2284 nvraid - ok
11:19:10.0371 0x2284 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:19:10.0371 0x2284 nvstor - ok
11:19:10.0387 0x2284 [ EE830ED41C660D6F3F8112B48869943B, 70B3B56F4B399D4F0880D8A486EBFEC16AD60DAD69F96D6E690EF670244C5754 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:19:10.0387 0x2284 NvStreamKms - ok
11:19:10.0480 0x2284 [ B2C3D31934FAFA20EE8ED1977651E871, 42E78CDA5F0FC47D203A4BDFD091575769B2CE3DC5D84B11F36C493AD4D07064 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
11:19:10.0559 0x2284 NvStreamSvc - ok
11:19:10.0590 0x2284 [ 6B245B7F96F901891636814B5A7A9088, BC6DF13929AEBA2CF5DC8449FF9D5F73497DF8E9760AFA93B56543D86BE940C3 ] nvsvc C:\Windows\system32\nvvsvc.exe
11:19:10.0605 0x2284 nvsvc - ok
11:19:10.0605 0x2284 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
11:19:10.0621 0x2284 nvvad_WaveExtensible - ok
11:19:10.0621 0x2284 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:19:10.0621 0x2284 nv_agp - ok
11:19:10.0637 0x2284 [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:19:10.0637 0x2284 ose64 - ok
11:19:10.0652 0x2284 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:19:10.0684 0x2284 p2pimsvc - ok
11:19:10.0699 0x2284 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
11:19:10.0715 0x2284 p2psvc - ok
11:19:10.0715 0x2284 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
11:19:10.0730 0x2284 Parport - ok
11:19:10.0730 0x2284 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:19:10.0746 0x2284 partmgr - ok
11:19:10.0746 0x2284 [ 0D7DA812D815F395BAA113817EC9C094, 5C342BC15B4811B304FC9003553FE52CEA24C31C735B04FD6231AD0950C1DFAC ] passthruparser C:\Windows\system32\drivers\passthruparser.sys
11:19:10.0762 0x2284 passthruparser - ok
11:19:10.0777 0x2284 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:19:10.0793 0x2284 PcaSvc - ok
11:19:10.0793 0x2284 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
11:19:10.0809 0x2284 pci - ok
11:19:10.0809 0x2284 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
11:19:10.0824 0x2284 pciide - ok
11:19:10.0824 0x2284 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:19:10.0840 0x2284 pcmcia - ok
11:19:10.0840 0x2284 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
11:19:10.0840 0x2284 pcw - ok
11:19:10.0855 0x2284 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\Windows\system32\drivers\pdc.sys
11:19:10.0855 0x2284 pdc - ok
11:19:10.0871 0x2284 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:19:10.0902 0x2284 PEAUTH - ok
11:19:10.0965 0x2284 [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:19:11.0027 0x2284 PeerDistSvc - ok
11:19:11.0059 0x2284 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:19:11.0059 0x2284 PerfHost - ok
11:19:11.0105 0x2284 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
11:19:11.0152 0x2284 pla - ok
11:19:11.0168 0x2284 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:19:11.0168 0x2284 PlugPlay - ok
11:19:11.0168 0x2284 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:19:11.0184 0x2284 PNRPAutoReg - ok
11:19:11.0199 0x2284 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:19:11.0215 0x2284 PNRPsvc - ok
11:19:11.0215 0x2284 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:19:11.0230 0x2284 PolicyAgent - ok
11:19:11.0246 0x2284 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
11:19:11.0246 0x2284 Power - ok
11:19:11.0309 0x2284 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
11:19:11.0371 0x2284 PrintNotify - ok
11:19:11.0387 0x2284 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
11:19:11.0387 0x2284 Processor - ok
11:19:11.0402 0x2284 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
11:19:11.0402 0x2284 ProfSvc - ok
11:19:11.0418 0x2284 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:19:11.0418 0x2284 Psched - ok
11:19:11.0434 0x2284 [ 523915C4E06522B7AF8B8B3FE3C3F6D0, F68BBD1542D5DE84AE5DED9296258248BDBBA6B97F61716D10B637D3A736A322 ] pvhdparser C:\Windows\system32\drivers\pvhdparser.sys
11:19:11.0434 0x2284 pvhdparser - ok
11:19:11.0434 0x2284 [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio C:\Windows\system32\pwdrvio.sys
11:19:11.0449 0x2284 pwdrvio - ok
11:19:11.0449 0x2284 [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio C:\Windows\system32\pwdspio.sys
11:19:11.0449 0x2284 pwdspio - ok
11:19:11.0465 0x2284 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
11:19:11.0465 0x2284 PxHlpa64 - ok
11:19:11.0480 0x2284 [ 9EE192B83765E292DB5D3D0ACF712785, 7BFAAC8D746BC7FB89A4FE87A134F8F906806D727E64BD2E1CB39B1E6F4DF913 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
11:19:11.0480 0x2284 Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
11:19:14.0009 0x2284 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - warning
11:19:16.0450 0x2284 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
11:19:16.0497 0x2284 QWAVE - ok
11:19:16.0512 0x2284 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:19:16.0528 0x2284 QWAVEdrv - ok
11:19:16.0528 0x2284 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:19:16.0544 0x2284 RasAcd - ok
11:19:16.0559 0x2284 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
11:19:16.0575 0x2284 RasAuto - ok
11:19:16.0606 0x2284 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
11:19:16.0653 0x2284 RasMan - ok
11:19:16.0653 0x2284 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:19:16.0684 0x2284 RasPppoe - ok
11:19:16.0700 0x2284 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:19:16.0715 0x2284 rdbss - ok
11:19:16.0715 0x2284 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
11:19:16.0731 0x2284 rdpbus - ok
11:19:16.0731 0x2284 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:19:16.0747 0x2284 RDPDR - ok
11:19:16.0747 0x2284 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:19:16.0762 0x2284 RdpVideoMiniport - ok
11:19:16.0762 0x2284 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:19:16.0778 0x2284 rdyboost - ok
11:19:16.0809 0x2284 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
11:19:16.0840 0x2284 ReFS - ok
11:19:16.0840 0x2284 [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:19:16.0856 0x2284 RegSrvc - ok
11:19:16.0856 0x2284 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:19:16.0872 0x2284 RemoteAccess - ok
11:19:16.0872 0x2284 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:19:16.0887 0x2284 RemoteRegistry - ok
11:19:16.0903 0x2284 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
11:19:16.0903 0x2284 RFCOMM - ok
11:19:16.0919 0x2284 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:19:16.0919 0x2284 RpcEptMapper - ok
11:19:16.0934 0x2284 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
11:19:16.0934 0x2284 RpcLocator - ok
11:19:16.0950 0x2284 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
11:19:16.0965 0x1870 Object required for P2P: [ 6B245B7F96F901891636814B5A7A9088 ] nvsvc
11:19:16.0981 0x2284 RpcSs - ok
11:19:16.0981 0x2284 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:19:16.0997 0x2284 rspndr - ok
11:19:17.0012 0x2284 [ F95151BE3F9FD74CFE90D1B35CD58062, E5C9079445CAEEDE51FC588D91D16387701682C8902C7C3E24B7A1A5E2D314AD ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys
11:19:17.0044 0x2284 RTSPER - ok
11:19:17.0044 0x2284 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
11:19:17.0044 0x2284 s3cap - ok
11:19:17.0059 0x2284 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
11:19:17.0059 0x2284 SamSs - ok
11:19:17.0059 0x2284 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:19:17.0075 0x2284 sbp2port - ok
11:19:17.0075 0x2284 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:19:17.0090 0x2284 SCardSvr - ok
11:19:17.0090 0x2284 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
11:19:17.0106 0x2284 ScDeviceEnum - ok
11:19:17.0106 0x2284 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:19:17.0122 0x2284 scfilter - ok
11:19:17.0153 0x2284 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\Windows\system32\schedsvc.dll
11:19:17.0200 0x2284 Schedule - ok
11:19:17.0200 0x2284 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:19:17.0215 0x2284 SCPolicySvc - ok
11:19:17.0215 0x2284 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
11:19:17.0231 0x2284 sdbus - ok
11:19:17.0262 0x2284 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService P:\Spybot - Search & Destroy 2\SDFSSvc.exe
11:19:17.0294 0x2284 SDScannerService - ok
11:19:17.0294 0x2284 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
11:19:17.0294 0x2284 sdstor - ok
11:19:17.0340 0x2284 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService P:\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:19:17.0372 0x2284 SDUpdateService - ok
11:19:17.0372 0x2284 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService P:\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:19:17.0387 0x2284 SDWSCService - ok
11:19:17.0387 0x2284 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:19:17.0387 0x2284 secdrv - ok
11:19:17.0403 0x2284 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
11:19:17.0403 0x2284 seclogon - ok
11:19:17.0419 0x2284 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
11:19:17.0419 0x2284 SENS - ok
11:19:17.0434 0x2284 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsSimulatorDriver C:\Windows\system32\DRIVERS\WUDFRd.sys
11:19:17.0450 0x2284 SensorsSimulatorDriver - ok
11:19:17.0450 0x2284 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:19:17.0465 0x2284 SensrSvc - ok
11:19:17.0465 0x2284 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
11:19:17.0481 0x2284 SerCx - ok
11:19:17.0481 0x2284 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
11:19:17.0497 0x2284 SerCx2 - ok
11:19:17.0497 0x2284 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
11:19:17.0512 0x2284 Serenum - ok
11:19:17.0512 0x2284 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
11:19:17.0512 0x2284 Serial - ok
11:19:17.0528 0x2284 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
11:19:17.0528 0x2284 sermouse - ok
11:19:17.0544 0x2284 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
11:19:17.0559 0x2284 SessionEnv - ok
11:19:17.0559 0x2284 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
11:19:17.0559 0x2284 sfloppy - ok
11:19:17.0575 0x2284 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:19:17.0590 0x2284 SharedAccess - ok
11:19:17.0606 0x2284 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:19:17.0622 0x2284 ShellHWDetection - ok
11:19:17.0637 0x2284 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:19:17.0637 0x2284 SiSRaid2 - ok
11:19:17.0637 0x2284 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:19:17.0653 0x2284 SiSRaid4 - ok
11:19:17.0653 0x2284 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
11:19:17.0653 0x2284 smphost - ok
11:19:17.0669 0x2284 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:19:17.0669 0x2284 SNMPTRAP - ok
11:19:17.0684 0x2284 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
11:19:17.0700 0x2284 spaceport - ok
11:19:17.0715 0x2284 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
11:19:17.0715 0x2284 SpbCx - ok
11:19:17.0731 0x2284 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\Windows\System32\spoolsv.exe
11:19:17.0762 0x2284 Spooler - ok
11:19:17.0856 0x2284 [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc C:\Windows\system32\sppsvc.exe
11:19:17.0997 0x2284 sppsvc - ok
11:19:18.0012 0x2284 [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:19:18.0012 0x2284 SQLWriter - ok
11:19:18.0028 0x2284 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:19:18.0044 0x2284 srv - ok
11:19:18.0059 0x2284 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:19:18.0080 0x2284 srv2 - ok
11:19:18.0091 0x2284 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:19:18.0105 0x2284 srvnet - ok
11:19:18.0106 0x2284 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:19:18.0121 0x2284 SSDPSRV - ok
11:19:18.0121 0x2284 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:19:18.0137 0x2284 SstpSvc - ok
11:19:18.0137 0x2284 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
11:19:18.0137 0x2284 ssudmdm - ok
11:19:18.0153 0x2284 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:19:18.0153 0x2284 stexstor - ok
11:19:18.0168 0x2284 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
11:19:18.0184 0x2284 stisvc - ok
11:19:18.0199 0x2284 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
11:19:18.0199 0x2284 storahci - ok
11:19:18.0199 0x2284 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:19:18.0215 0x2284 storflt - ok
11:19:18.0215 0x2284 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
11:19:18.0215 0x2284 stornvme - ok
11:19:18.0231 0x2284 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
11:19:18.0231 0x2284 StorSvc - ok
11:19:18.0246 0x2284 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:19:18.0246 0x2284 storvsc - ok
11:19:18.0246 0x2284 [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp C:\Windows\System32\drivers\storvsp.sys
11:19:18.0262 0x2284 storvsp - ok
11:19:18.0262 0x2284 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
11:19:18.0278 0x2284 svsvc - ok
11:19:18.0278 0x2284 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
11:19:18.0278 0x2284 swenum - ok
11:19:18.0293 0x2284 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:19:18.0309 0x2284 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
11:19:19.0405 0x1870 Object send P2P result: true
11:19:20.0624 0x2284 Detect skipped due to KSN trusted
11:19:20.0624 0x2284 SwitchBoard - ok
11:19:20.0671 0x2284 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
11:19:20.0733 0x2284 swprv - ok
11:19:20.0811 0x2284 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
11:19:20.0905 0x2284 SysMain - ok
11:19:20.0921 0x2284 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
11:19:20.0936 0x2284 SystemEventsBroker - ok
11:19:20.0936 0x2284 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ]
|
|
20.10.2015, 07:35
| #6 |
| | und hier der 2. Teil der tdsskiller Log tdsskiller Log Teil 2: Code:
ATTFilter TabletInputService C:\Windows\System32\TabSvc.dll
11:19:20.0952 0x2284 TabletInputService - ok
11:19:20.0968 0x2284 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
11:19:20.0983 0x2284 TapiSrv - ok
11:19:21.0030 0x2284 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:19:21.0077 0x2284 Tcpip - ok
11:19:21.0124 0x2284 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:19:21.0171 0x2284 TCPIP6 - ok
11:19:21.0186 0x2284 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:19:21.0186 0x2284 tcpipreg - ok
11:19:21.0202 0x2284 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:19:21.0202 0x2284 tdx - ok
11:19:21.0217 0x2284 [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
11:19:21.0217 0x2284 Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
11:19:23.0561 0x2284 Detect skipped due to KSN trusted
11:19:23.0561 0x2284 Te.Service - ok
11:19:23.0577 0x2284 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
11:19:23.0608 0x2284 terminpt - ok
11:19:23.0671 0x2284 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
11:19:23.0718 0x2284 TermService - ok
11:19:23.0733 0x2284 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
11:19:23.0749 0x2284 Themes - ok
11:19:23.0749 0x2284 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
11:19:23.0764 0x2284 THREADORDER - ok
11:19:23.0780 0x2284 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
11:19:23.0796 0x2284 TimeBroker - ok
11:19:23.0796 0x2284 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
11:19:23.0811 0x2284 TPM - ok
11:19:23.0811 0x2284 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
11:19:23.0827 0x2284 TrkWks - ok
11:19:23.0827 0x2284 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:19:23.0842 0x2284 TrustedInstaller - ok
11:19:23.0842 0x2284 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:19:23.0858 0x2284 TsUsbFlt - ok
11:19:23.0858 0x2284 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
11:19:23.0874 0x2284 TsUsbGD - ok
11:19:23.0874 0x2284 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:19:23.0889 0x2284 tunnel - ok
11:19:23.0889 0x2284 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:19:23.0889 0x2284 uagp35 - ok
11:19:23.0905 0x2284 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
11:19:23.0905 0x2284 UASPStor - ok
11:19:23.0921 0x2284 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
11:19:23.0921 0x2284 UCX01000 - ok
11:19:23.0936 0x2284 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:19:23.0952 0x2284 udfs - ok
11:19:23.0967 0x2284 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
11:19:23.0967 0x2284 UEFI - ok
11:19:23.0967 0x2284 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:19:23.0983 0x2284 UI0Detect - ok
11:19:23.0983 0x2284 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:19:23.0983 0x2284 uliagpkx - ok
11:19:23.0999 0x2284 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
11:19:23.0999 0x2284 umbus - ok
11:19:23.0999 0x2284 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
11:19:24.0014 0x2284 UmPass - ok
11:19:24.0014 0x2284 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
11:19:24.0030 0x2284 UmRdpService - ok
11:19:24.0046 0x2284 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
11:19:24.0061 0x2284 upnphost - ok
11:19:24.0061 0x2284 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:19:24.0077 0x2284 usbaudio - ok
11:19:24.0077 0x2284 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
11:19:24.0092 0x2284 usbccgp - ok
11:19:24.0092 0x2284 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
11:19:24.0108 0x2284 usbcir - ok
11:19:24.0108 0x2284 [ 635686E528F2C9CB916EC1BB04EE6AD1, 080A0F209773232860F510F17005EF92650BA831F69BB0006AEF11A2BB0A4906 ] UsbClientService P:\Synology Assistant\UsbClientService.exe
11:19:24.0124 0x2284 UsbClientService - ok
11:19:24.0124 0x2284 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
11:19:24.0139 0x2284 usbehci - ok
11:19:24.0155 0x2284 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
11:19:24.0171 0x2284 usbhub - ok
11:19:24.0186 0x2284 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
11:19:24.0202 0x2284 USBHUB3 - ok
11:19:24.0217 0x2284 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
11:19:24.0217 0x2284 usbohci - ok
11:19:24.0217 0x2284 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
11:19:24.0233 0x2284 usbprint - ok
11:19:24.0233 0x2284 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:19:24.0249 0x2284 usbscan - ok
11:19:24.0249 0x2284 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
11:19:24.0264 0x2284 USBSTOR - ok
11:19:24.0264 0x2284 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
11:19:24.0264 0x2284 usbuhci - ok
11:19:24.0280 0x2284 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:19:24.0296 0x2284 usbvideo - ok
11:19:24.0296 0x2284 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
11:19:24.0311 0x2284 USBXHCI - ok
11:19:24.0311 0x2284 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
11:19:24.0327 0x2284 VaultSvc - ok
11:19:24.0327 0x2284 [ 8CD776EB77695524CCE594AAC3A71569, AEF6F9B0E5F67E87819EB0E9FA5220EEF247A160A2BF8511CEDC8D12A9D4D941 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
11:19:24.0342 0x2284 VBoxNetAdp - ok
11:19:24.0342 0x2284 VBoxNetFlt - ok
11:19:24.0342 0x2284 [ 3447B8DC38D7E53E8C4BBA8270B5B9E8, 175DE2B17CA7A1542A743DEDECD5D420C1B030B5726B9368D61E62DE86DF49E8 ] VBoxUSB C:\Windows\System32\Drivers\VBoxUSB.sys
11:19:24.0358 0x2284 VBoxUSB - ok
11:19:24.0358 0x2284 [ 5633625403CA6BAD8DC8360CA109F792, 56193C822797B162B0925312561318551CFC851824CE8758D13A18B7151EC3B0 ] vcanv C:\Windows\system32\drivers\vcanv.sys
11:19:24.0358 0x2284 vcanv - ok
11:19:24.0374 0x2284 [ 4FAFF07E3E1DE7D1F31597D180D72E18, 492E96DBEE1578CF3344CF6C62956F63354430EEA6B30063EC53CE1B0362B0BC ] vcasexl C:\Windows\system32\DRIVERS\vcasexl.sys
11:19:24.0389 0x2284 vcasexl - ok
11:19:24.0405 0x2284 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\System32\drivers\VClone.sys
11:19:24.0405 0x2284 VClone - ok
11:19:24.0421 0x2284 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:19:24.0421 0x2284 vdrvroot - ok
11:19:24.0452 0x2284 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
11:19:24.0483 0x2284 vds - ok
11:19:24.0499 0x2284 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
11:19:24.0514 0x2284 VerifierExt - ok
11:19:24.0530 0x2284 [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
11:19:24.0546 0x2284 vhdmp - ok
11:19:24.0561 0x2284 [ 49EF44CB3331381547FD94C36B84FCB5, D93920C63D769F1DC117B11221AE8CAF2782B17CAC6B520E34E2803869FA689B ] vhdparser C:\Windows\system32\drivers\vhdparser.sys
11:19:24.0561 0x2284 vhdparser - ok
11:19:24.0561 0x2284 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
11:19:24.0577 0x2284 viaide - ok
11:19:24.0577 0x2284 [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\Windows\System32\drivers\Vid.sys
11:19:24.0592 0x2284 Vid - ok
11:19:24.0592 0x2284 [ 3C0AAEB073D29FC9A5ACA0D1AF53B5D4, 9259CF79D90D3A6FF4F01FB72F4E4AF34E82AE3D0DA2E70D88620C6268C83716 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
11:19:24.0592 0x2284 VMAuthdService - ok
11:19:24.0608 0x2284 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:19:24.0608 0x2284 vmbus - ok
11:19:24.0624 0x2284 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
11:19:24.0624 0x2284 VMBusHID - ok
11:19:24.0624 0x2284 [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\Windows\System32\drivers\vmbusr.sys
11:19:24.0639 0x2284 vmbusr - ok
11:19:24.0639 0x2284 [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci C:\Windows\system32\drivers\vmci.sys
11:19:24.0655 0x2284 vmci - ok
11:19:24.0671 0x2284 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
11:19:24.0686 0x2284 vmicguestinterface - ok
11:19:24.0702 0x2284 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
11:19:24.0717 0x2284 vmicheartbeat - ok
11:19:24.0733 0x2284 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
11:19:24.0733 0x2284 vmickvpexchange - ok
11:19:24.0749 0x2284 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
11:19:24.0764 0x2284 vmicrdv - ok
11:19:24.0780 0x2284 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
11:19:24.0796 0x2284 vmicshutdown - ok
11:19:24.0811 0x2284 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
11:19:24.0827 0x2284 vmictimesync - ok
11:19:24.0827 0x2284 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
11:19:24.0842 0x2284 vmicvss - ok
11:19:25.0077 0x2284 [ AE692B87C982CCECE9DB1441BE4901EF, 9DD93632EC2BE88D957CAF4832A7078BCFC5D2495B8C6F8A22AE5E4DAB8FB47E ] vmms C:\Windows\system32\vmms.exe
11:19:25.0342 0x2284 vmms - ok
11:19:25.0358 0x2284 [ A3412EC3FF7A5AC2CA3A3951476BFA9C, 8A3D241168205B6B5348F44DF89875067CDD5B29BE8CF14ADA8403225AE2A379 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:19:25.0374 0x2284 VMnetAdapter - ok
11:19:25.0374 0x2284 [ F76AD463DBE8D30CB715A09DF9FF2BE9, 5B2184582496ED0EE8582C6AD3BCF49674690C585439B6F57B43ADC12DF941F6 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:19:25.0374 0x2284 VMnetBridge - ok
11:19:25.0405 0x2284 [ 2AF9285AE0739E5B2CDE79D20593118D, 05D11339B37AF6FCEF062415C14F6D862B3E16FCB10ADD7692DBBDEFDAEC5C71 ] VMnetDHCP C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
11:19:25.0405 0x2284 VMnetDHCP - ok
11:19:25.0421 0x2284 [ C43B35658EF10067AB00D06C8B7997F2, DB869CC5CC1E7AD80D133F5297D620E5E20A45254A7FF4ADEB41CB3908FE19CF ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
11:19:25.0421 0x2284 VMnetuserif - ok
11:19:25.0436 0x2284 [ CD00073C791106205662E5898E1E03F5, 93A24C8DB723366B4DF778CE2733604E9E9A229DA214DB61B2AB7C7B1FB25527 ] VMSMP C:\Windows\system32\DRIVERS\vmswitch.sys
11:19:25.0452 0x2284 VMSMP - ok
11:19:25.0467 0x2284 [ CD00073C791106205662E5898E1E03F5, 93A24C8DB723366B4DF778CE2733604E9E9A229DA214DB61B2AB7C7B1FB25527 ] VMSVSP C:\Windows\system32\DRIVERS\vmswitch.sys
11:19:25.0483 0x2284 VMSVSP - ok
11:19:25.0514 0x2284 [ B7D3AD6D2F2128DE45EE4E0E8EAEACCC, 9B26E82BA97EF5CD3BE1CA22E481CBADB4ED6ACDF748D1F082239F34607019C6 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
11:19:25.0530 0x2284 VMUSBArbService - ok
11:19:25.0546 0x2284 [ 3319A1AF9A7F0D956FE9CF43A5B2136B, 96F3DA50344B75746BBB66E5D75F14463C31BB1369E7AADF1BA3272EF750085C ] VMware NAT Service C:\WINDOWS\SYSWOW64\VMNAT.EXE
11:19:25.0546 0x2284 VMware NAT Service - ok
11:19:25.0811 0x2284 [ BA6BC4CE27D92D6240135F81DEB5C1E9, 940336A56A69E6078E98C8A80FDB3362F67D28AA25CA7ACDD64C16F7B1092738 ] VMwareHostd C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
11:19:25.0999 0x2284 VMwareHostd - ok
11:19:26.0014 0x2284 [ 20E84FC91799C2D2BFE066BFE560CFA8, 6755541AC6A0E8D6A463AB7BE6612E9391033EB11814521325AFFE52C1729DAC ] vmx86 C:\Windows\system32\drivers\vmx86.sys
11:19:26.0014 0x2284 vmx86 - ok
11:19:26.0030 0x2284 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:19:26.0030 0x2284 volmgr - ok
11:19:26.0046 0x2284 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:19:26.0061 0x2284 volmgrx - ok
11:19:26.0061 0x2284 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:19:26.0077 0x2284 volsnap - ok
11:19:26.0092 0x2284 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
11:19:26.0092 0x2284 vpci - ok
11:19:26.0092 0x2284 [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys
11:19:26.0108 0x2284 vpcivsp - ok
11:19:26.0108 0x2284 [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
11:19:26.0108 0x2284 VsEtwService120 - ok
11:19:26.0124 0x2284 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:19:26.0139 0x2284 vsmraid - ok
11:19:26.0139 0x2284 [ 9884BBFB96048DC37A120A1712E0B479, 2A249D4D9076F20CF15946EA2DF19DCEDC044D12FF3D8D64D29AE9140CC93E6B ] vsock C:\Windows\system32\drivers\vsock.sys
11:19:26.0139 0x2284 vsock - ok
11:19:26.0171 0x2284 [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\Windows\system32\vssvc.exe
11:19:26.0217 0x2284 VSS - ok
11:19:26.0233 0x2284 [ C279CC22288F277A14620EB949F0E1B9, 8E158D7C930EA6B3ACD7194062AFB562DE8D392A32E4F93E64D06F4A20739E69 ] vstor2-mntapi20-shared C:\Windows\syswow64\drivers\vstor2-mntapi20-shared.sys
11:19:26.0233 0x2284 vstor2-mntapi20-shared - ok
11:19:26.0249 0x2284 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
11:19:26.0249 0x2284 VSTXRAID - ok
11:19:26.0264 0x2284 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:19:26.0264 0x2284 vwifibus - ok
11:19:26.0264 0x2284 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:19:26.0280 0x2284 vwififlt - ok
11:19:26.0280 0x2284 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:19:26.0296 0x2284 vwifimp - ok
11:19:26.0311 0x2284 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
11:19:26.0327 0x2284 W32Time - ok
11:19:26.0327 0x2284 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
11:19:26.0327 0x2284 WacomPen - ok
11:19:26.0374 0x2284 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
11:19:26.0421 0x2284 wbengine - ok
11:19:26.0421 0x2284 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:19:26.0452 0x2284 WbioSrvc - ok
11:19:26.0467 0x2284 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
11:19:26.0467 0x2284 Wcmsvc - ok
11:19:26.0483 0x2284 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:19:26.0499 0x2284 wcncsvc - ok
11:19:26.0499 0x2284 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:19:26.0514 0x2284 WcsPlugInService - ok
11:19:26.0514 0x2284 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
11:19:26.0530 0x2284 WdBoot - ok
11:19:26.0546 0x2284 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:19:26.0561 0x2284 Wdf01000 - ok
11:19:26.0577 0x2284 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
11:19:26.0577 0x2284 WdFilter - ok
11:19:26.0592 0x2284 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:19:26.0608 0x2284 WdiServiceHost - ok
11:19:26.0608 0x2284 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:19:26.0624 0x2284 WdiSystemHost - ok
11:19:26.0624 0x2284 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
11:19:26.0624 0x2284 WdNisDrv - ok
11:19:26.0639 0x2284 WdNisSvc - ok
11:19:26.0639 0x2284 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\Windows\System32\webclnt.dll
11:19:26.0655 0x2284 WebClient - ok
11:19:26.0655 0x2284 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:19:26.0671 0x2284 Wecsvc - ok
11:19:26.0671 0x2284 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
11:19:26.0686 0x2284 WEPHOSTSVC - ok
11:19:26.0686 0x2284 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:19:26.0702 0x2284 wercplsupport - ok
11:19:26.0702 0x2284 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
11:19:26.0717 0x2284 WerSvc - ok
11:19:26.0733 0x2284 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
11:19:26.0733 0x2284 WFPLWFS - ok
11:19:26.0749 0x2284 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
11:19:26.0749 0x2284 WiaRpc - ok
11:19:26.0749 0x2284 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:19:26.0764 0x2284 WIMMount - ok
11:19:26.0764 0x2284 WinDefend - ok
11:19:26.0780 0x2284 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
11:19:26.0811 0x2284 WinHttpAutoProxySvc - ok
11:19:26.0811 0x2284 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:19:26.0827 0x2284 Winmgmt - ok
11:19:26.0889 0x2284 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
11:19:26.0952 0x2284 WinRM - ok
11:19:26.0967 0x2284 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:19:26.0967 0x2284 WinUsb - ok
11:19:26.0999 0x2284 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
11:19:27.0030 0x2284 WlanSvc - ok
11:19:27.0061 0x2284 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
11:19:27.0108 0x2284 wlidsvc - ok
11:19:27.0108 0x2284 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
11:19:27.0108 0x2284 WmiAcpi - ok
11:19:27.0124 0x2284 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:19:27.0139 0x2284 wmiApSrv - ok
11:19:27.0139 0x2284 WMPNetworkSvc - ok
11:19:27.0139 0x2284 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
11:19:27.0155 0x2284 Wof - ok
11:19:27.0186 0x2284 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
11:19:27.0233 0x2284 workfolderssvc - ok
11:19:27.0233 0x2284 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
11:19:27.0233 0x2284 wpcfltr - ok
11:19:27.0249 0x2284 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:19:27.0249 0x2284 WPCSvc - ok
11:19:27.0264 0x2284 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:19:27.0264 0x2284 WPDBusEnum - ok
11:19:27.0264 0x2284 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
11:19:27.0280 0x2284 WpdUpFltr - ok
11:19:27.0280 0x2284 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:19:27.0296 0x2284 ws2ifsl - ok
11:19:27.0296 0x2284 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
11:19:27.0311 0x2284 wscsvc - ok
11:19:27.0311 0x2284 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
11:19:27.0327 0x2284 WSDPrintDevice - ok
11:19:27.0327 0x2284 WSearch - ok
11:19:27.0374 0x2284 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
11:19:27.0452 0x2284 WSService - ok
11:19:27.0514 0x2284 [ BB6F53F80AA1789815963C16E303A973, B140D5A4633C39E84A5C7DB86C7E869FB5D993B924998BF8CC2B8F07E382CCEA ] wuauserv C:\Windows\system32\wuaueng.dll
11:19:27.0592 0x2284 wuauserv - ok
11:19:27.0592 0x2284 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:19:27.0608 0x2284 WudfPf - ok
11:19:27.0608 0x2284 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
11:19:27.0624 0x2284 WUDFRd - ok
11:19:27.0624 0x2284 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:19:27.0639 0x2284 wudfsvc - ok
11:19:27.0639 0x2284 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
11:19:27.0655 0x2284 WUDFWpdFs - ok
11:19:27.0655 0x2284 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
11:19:27.0671 0x2284 WUDFWpdMtp - ok
11:19:27.0686 0x2284 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:19:27.0702 0x2284 WwanSvc - ok
11:19:27.0780 0x2284 [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:19:27.0843 0x2284 ZeroConfigService - ok
11:19:27.0843 0x2284 ================ Scan global ===============================
11:19:27.0858 0x2284 [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
11:19:27.0858 0x2284 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
11:19:27.0874 0x2284 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
11:19:27.0874 0x2284 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
11:19:27.0889 0x2284 [ Global ] - ok
11:19:27.0889 0x2284 ================ Scan MBR ==================================
11:19:27.0889 0x2284 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:19:28.0217 0x2284 \Device\Harddisk0\DR0 - ok
11:19:28.0217 0x2284 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:19:28.0358 0x2284 \Device\Harddisk1\DR1 - ok
11:19:28.0374 0x2284 [ 0792F22BCC85CFD3B28324561FFFCABB ] \Device\Harddisk2\DR2
11:19:28.0451 0x2284 \Device\Harddisk2\DR2 - ok
11:19:28.0451 0x2284 ================ Scan VBR ==================================
11:19:28.0451 0x2284 [ 3CE58E7F42BEDC7F930F240447462FCC ] \Device\Harddisk0\DR0\Partition1
11:19:28.0498 0x2284 \Device\Harddisk0\DR0\Partition1 - ok
11:19:28.0498 0x2284 [ BEAE5A23F424B4606DCD53C9598F5400 ] \Device\Harddisk1\DR1\Partition1
11:19:28.0514 0x2284 \Device\Harddisk1\DR1\Partition1 - ok
11:19:28.0514 0x2284 [ 6820D376D561EF5B249322E65AD94F93 ] \Device\Harddisk1\DR1\Partition2
11:19:28.0514 0x2284 \Device\Harddisk1\DR1\Partition2 - ok
11:19:28.0514 0x2284 [ FDACF3267374055D299A27CAE325C01E ] \Device\Harddisk1\DR1\Partition3
11:19:28.0529 0x2284 \Device\Harddisk1\DR1\Partition3 - ok
11:19:28.0529 0x2284 [ 759E044E5735E4415F2B4FBF58BCA85C ] \Device\Harddisk2\DR2\Partition1
11:19:28.0529 0x2284 \Device\Harddisk2\DR2\Partition1 - ok
11:19:28.0529 0x2284 ================ Scan generic autorun ======================
11:19:28.0639 0x2284 [ FEDF59A44767480267C5615C46F0FBA5, 91FE9E7E1FC471E99BD769F4F6FC96934B91A3E5406A921CD75292021B72C3CF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:19:28.0717 0x2284 NvBackend - ok
11:19:28.0733 0x2284 [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
11:19:28.0733 0x2284 ShadowPlay - ok
11:19:29.0014 0x2284 [ 78D93C04E892F50D6264A05F4EBCE150, F24D26CAF44B81725AAE9FE84F24DB848BAA7857C89DC34C2E258617E886EE5B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:19:29.0201 0x2284 RTHDVCPL - ok
11:19:29.0217 0x2284 [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
11:19:29.0217 0x2284 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
11:19:31.0758 0x2284 Detect skipped due to KSN trusted
11:19:31.0758 0x2284 IAStorIcon - ok
11:19:31.0758 0x2284 ETDCtrl - ok
11:19:31.0774 0x2284 BTMTrayAgent - ok
11:19:31.0805 0x2284 [ 815F6E3727453C978FFD721B2BDF48A5, E33A85E8EF80C662C84F705080585B35A899F8E588E8481D48538BA1224B5E57 ] C:\Program Files (x86)\SCM\Radio Manager.exe
11:19:31.0836 0x2284 Radio Manager - detected UnsignedFile.Multi.Generic ( 1 )
11:19:34.0667 0x2284 Detect skipped due to KSN trusted
11:19:34.0667 0x2284 Radio Manager - ok
11:19:34.0698 0x2284 [ 0123AE1BC462CD5F7321E0249B0379E1, 60BDE9BE24B541576F8C929B32C672E9079535FE63D8FAC9B7AD5A50474A515C ] C:\Program Files (x86)\SCM\SCM.exe
11:19:34.0730 0x2284 SCM - detected UnsignedFile.Multi.Generic ( 1 )
11:19:37.0280 0x2284 Detect skipped due to KSN trusted
11:19:37.0280 0x2284 SCM - ok
11:19:37.0326 0x2284 [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
11:19:37.0358 0x2284 AdobeAAMUpdater-1.0 - ok
11:19:37.0373 0x2284 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] P:\VirtualCloneDrive\VCDDaemon.exe
11:19:37.0389 0x2284 VirtualCloneDrive - ok
11:19:37.0420 0x2284 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:19:37.0446 0x2284 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
11:19:37.0446 0x2284 Detect skipped due to KSN trusted
11:19:37.0446 0x2284 SwitchBoard - ok
11:19:37.0477 0x2284 [ 3EE19173AC7BB16AD239B195D97C13B0, A9E5FC90F20DC7500A186C9D184ED55BC04038FFC6D97714E64C660EAE808A98 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
11:19:37.0524 0x2284 AdobeCS6ServiceManager - ok
11:19:37.0571 0x2284 [ 47C1DE0A890613FFCFF1D67648EEDF90, 5821567D7DD99623257AEA794023EF4200E6E17FD09656B40D97C44A35C701BB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:19:37.0618 0x2284 Adobe ARM - ok
11:19:37.0727 0x2284 [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe
11:19:37.0806 0x2284 Akamai NetSession Interface - ok
11:19:37.0821 0x2284 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
11:19:37.0837 0x2284 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
11:19:40.0155 0x2284 Detect skipped due to KSN trusted
11:19:40.0155 0x2284 SpybotPostWindows10UpgradeReInstall - ok
11:19:40.0157 0x2284 Waiting for KSN requests completion. In queue: 5
11:19:41.0170 0x2284 Waiting for KSN requests completion. In queue: 5
11:19:42.0170 0x2284 Waiting for KSN requests completion. In queue: 5
11:19:43.0196 0x2284 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
11:19:43.0196 0x2284 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41000 ( enabled : updated )
11:19:43.0212 0x2284 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41010 ( enabled )
11:19:45.0555 0x2284 ============================================================
11:19:45.0555 0x2284 Scan finished
11:19:45.0555 0x2284 ============================================================
11:19:45.0571 0x272c Detected object count: 1
11:19:45.0571 0x272c Actual detected object count: 1
11:21:55.0835 0x272c Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - skipped by user
11:21:55.0835 0x272c Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
20.10.2015, 21:25
| #7 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.10.2015, 08:11
| #8 |
| | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows Und hier die mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 21.10.2015 Suchlaufzeit: 08:37 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.10.21.02 Rootkit-Datenbank: v2015.10.16.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Peter Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 561643 Abgelaufene Zeit: 14 Min., 4 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.014 - Bericht erstellt am 21/10/2015 um 08:57:47
# Aktualisiert am 18/10/2015 von Xplode
# Datenbank : 2015-10-18.5 [Server]
# Betriebssystem : Windows 8.1 Pro (x64)
# Benutzername : Peter - PG
# Gestartet von : G:\Chrome_Downlaods\AdwCleaner_5.014.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\ParetoLogic
[-] Ordner Gelöscht : C:\Users\Peter\AppData\Roaming\ParetoLogic
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\ParetoLogic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FAD0F79E-5EA4-542B-76A3-46093E52C1F5}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ParetoLogic
***** [ Internetbrowser ] *****
[-] [C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : regcure-pro.en.softonic.com
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1283 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 8.1 Pro x64
Ran by Peter on 21.10.2015 at 9:00:47,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3}
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\Peter\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Peter\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Peter\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Peter\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.10.2015 at 9:02:38,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
durchgeführt von Peter (Administrator) auf PG (21-10-2015 09:07:06)
Gestartet von G:\Chrome_Downlaods
Geladene Profile: Peter (Verfügbare Profile: Peter)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Cisco Systems, Inc.) P:\Cisco System VPN Client\cvpnd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() P:\Synology Assistant\UsbClientService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Akamai Technologies, Inc.) C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Adobe Systems Inc.) P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\acrotray.exe
(Geek Software GmbH) P:\PDF24\pdf24.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics.) P:\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\wmi64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2893104 2013-08-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => P:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114368 2015-05-27] (VMware, Inc.)
HKLM-x32\...\Run: [PDFPrint] => P:\PDF24\pdf24.exe [217632 2015-07-21] (Geek Software GmbH)
HKLM-x32\...\Run: [SDTray] => P:\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\MountPoints2: {38a13294-e989-11e4-8253-303a648df161} - "I:\vs_enterprise.exe"
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-04-22]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PS-Link.lnk [2015-04-23]
ShortcutTarget: PS-Link.lnk -> P:\D-Link_PrintServer\PsLink.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2015-04-22]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WindowsIoTCoreWatcher.lnk [2015-08-18]
ShortcutTarget: WindowsIoTCoreWatcher.lnk -> C:\Program Files (x86)\Microsoft IoT\WindowsIoTCoreWatcher.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 141.56.1.1 141.56.1.2
Tcpip\..\Interfaces\{0E168C26-8741-4172-A8A5-F0BD7B405E6E}: [DhcpNameServer] 141.56.216.1 141.56.1.1
Tcpip\..\Interfaces\{6372613C-052B-4138-86E0-1A930A94217F}: [DhcpNameServer] 141.56.1.1 141.56.1.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> P:\Microsoft Office 2013\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> P:\Microsoft Office 2013\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> P:\Microsoft Visual Studio 2013\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - P:\Microsoft Office 2013\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> P:\Microsoft Office 2013\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> P:\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> P:\Adobe Master Collection CS6\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-06-15] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-06-15] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-06-15] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Acrobat -> P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> P:\Adobe Master Collection CS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2093703266-1135226498-3496767316-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2093703266-1135226498-3496767316-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-16] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-04-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-06-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-06-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-06-15] [ist nicht signiert]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WhatsChrome) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2015-05-05]
CHR Extension: (Kaspersky Protection) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-06-15]
CHR Extension: (AdBlock) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-05]
CHR Extension: (Google Mail-Checker) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-05-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-22]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-22] (Kaspersky Lab ZAO)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-04-23] (Microsoft Corporation)
R2 CVPND; P:\Cisco System VPN Client\cvpnd.exe [1529856 2011-03-04] (Cisco Systems, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-08-23] (ELAN Microelectronics Corp.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-06-15] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S2 MBAMService; P:\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 mi-raysat_3dsmax2016_64; P:\Autodesk\3DMax\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe [86016 2011-09-15] () [Datei ist nicht signiert]
R2 Micro Star SCM; c:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 SDScannerService; P:\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; P:\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; P:\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
R2 UsbClientService; P:\Synology Assistant\UsbClientService.exe [248736 2015-02-05] ()
R2 vmms; C:\Windows\system32\vmms.exe [13784064 2015-04-01] (Microsoft Corporation)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12730048 2015-05-27] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 VSStandardCollectorService140; P:\Microsoft Visual Studio 2015\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
R3 BusRMUSB; C:\Windows\System32\drivers\BusRMUSB.sys [58064 2011-07-12] (Windows (R) Win 7 DDK provider)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-22] (Kaspersky Lab UK Ltd)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68952 2015-05-12] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-07-16] (REALiX(tm))
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [64368 2015-06-22] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [159960 2015-06-22] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [226480 2015-06-29] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [817848 2015-10-05] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39792 2015-06-22] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [40304 2015-06-22] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [39792 2015-06-22] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [24944 2015-06-22] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2015-06-22] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [85360 2015-06-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [190648 2015-10-05] (Kaspersky Lab ZAO)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2015-04-23] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2015-04-23] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2013-09-07] (Microsoft Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-09-27] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
R2 vcanv; C:\Windows\System32\drivers\vcanv.sys [71856 2015-02-17] (Vector Informatik GmbH)
S3 vcasexl; C:\Windows\system32\DRIVERS\vcasexl.sys [554696 2013-09-17] (Vector Informatik GmbH)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-01-27] (Microsoft Corporation)
S3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-21 09:02 - 2015-10-21 09:02 - 00001511 _____ C:\Users\Peter\Desktop\JRT.txt
2015-10-21 08:56 - 2015-10-21 08:57 - 00000000 ____D C:\AdwCleaner
2015-10-21 08:54 - 2015-10-21 08:54 - 09354683 _____ C:\Users\Peter\Downloads\CSScriptNpp.1.0.46.0.zip
2015-10-21 08:53 - 2015-10-21 08:53 - 00001196 _____ C:\Users\Peter\Desktop\mbam.txt
2015-10-21 08:36 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-21 08:36 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-20 10:28 - 2015-10-20 10:28 - 00000000 ____D C:\Users\Peter\AppData\Roaming\OpenOffice
2015-10-20 10:20 - 2015-10-20 10:20 - 00000765 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-10-20 10:20 - 2015-10-20 10:20 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-10-20 10:15 - 2015-10-20 11:36 - 00000000 ____D C:\Users\Peter\Documents\Visual Studio 2015
2015-10-20 10:14 - 2015-10-20 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python Tools for Visual Studio 2015
2015-10-20 09:57 - 2015-10-20 09:57 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Emulator for Android.lnk
2015-10-20 09:57 - 2015-10-20 09:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Emulator for Android
2015-10-20 09:57 - 2015-10-20 09:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Emulator Manager
2015-10-20 09:55 - 2015-10-20 09:55 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2015-10-20 09:55 - 2015-10-20 09:55 - 00000000 ____D C:\Program Files\Application Verifier
2015-10-20 09:55 - 2015-10-20 09:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-10-20 09:55 - 2015-10-20 09:55 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2015-10-20 09:41 - 2015-10-20 09:41 - 00000000 ____D C:\ProgramData\Microsoft DNX
2015-10-20 09:41 - 2015-10-20 09:41 - 00000000 ____D C:\Program Files\Microsoft DNX
2015-10-20 09:39 - 2015-10-20 09:39 - 00000000 ____D C:\Program Files\IIS Express
2015-10-20 09:39 - 2015-10-20 09:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2015-10-20 09:39 - 2015-10-20 09:39 - 00000000 ____D C:\Program Files (x86)\IIS Express
2015-10-20 09:38 - 2015-10-20 09:38 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2015-10-20 09:37 - 2015-10-20 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2015-10-20 09:32 - 2015-10-20 09:32 - 00000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Test Manager 2015.lnk
2015-10-20 09:31 - 2015-10-20 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-10-20 09:30 - 2015-10-20 09:30 - 00001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2015-10-20 09:29 - 2015-10-20 09:29 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0
2015-10-20 09:28 - 2015-10-20 09:28 - 00077312 ___SH C:\Users\Peter\Desktop\Thumbs.db
2015-10-20 09:28 - 2015-10-20 09:28 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-10-20 09:28 - 2015-10-20 09:28 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-10-19 11:38 - 2015-10-20 11:13 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-10-19 11:17 - 2015-10-19 11:29 - 00000000 ____D C:\Users\Peter\Desktop\TDKiller
2015-10-19 11:06 - 2015-10-21 08:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-19 11:06 - 2015-10-21 08:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-19 11:06 - 2015-10-19 11:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-19 11:04 - 2015-10-19 11:04 - 00000000 ____D C:\Users\Peter\Desktop\Malewarebytes
2015-10-19 11:04 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-19 09:31 - 2015-10-21 09:07 - 00000000 ____D C:\FRST
2015-10-19 09:29 - 2015-10-19 09:29 - 00000000 _____ C:\Users\Peter\defogger_reenable
2015-10-19 09:04 - 2015-10-19 09:04 - 00000000 ____D C:\ProgramData\VIPRE
2015-10-19 08:29 - 2015-10-03 07:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 17395512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 12769408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-19 08:29 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-19 08:29 - 2015-10-03 07:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-18 13:29 - 2015-10-18 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP550 series
2015-10-15 09:09 - 2015-10-15 09:09 - 00000000 ____D C:\Users\Peter\Documents\xgen
2015-10-14 11:37 - 2015-10-14 11:37 - 00000000 ____D C:\Users\Peter\Documents\Direct Connect
2015-10-14 11:35 - 2015-10-14 11:35 - 00001491 _____ C:\Users\Public\Desktop\Maya 2016.lnk
2015-10-14 11:35 - 2015-10-14 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Maya 2016
2015-10-14 11:27 - 2015-10-14 11:27 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-10-14 11:04 - 2015-10-14 11:04 - 00001811 _____ C:\Users\Peter\Desktop\webcam.sh
2015-10-13 08:44 - 2015-10-14 08:08 - 00000000 ____D C:\Users\Peter\Desktop\Mutsch
2015-10-12 17:42 - 2015-10-12 17:42 - 06521184 _____ (Tim Kosse) C:\Users\Peter\Downloads\FileZilla_3.14.0_win64-setup.exe
2015-10-12 17:25 - 2015-10-12 17:25 - 00000100 _____ C:\Users\Peter\Desktop\Mat.txt
2015-10-06 09:09 - 2015-10-06 09:09 - 00029184 _____ C:\Users\Peter\Desktop\Lebensmittelvertraeglichkeit.xls
2015-09-25 20:39 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-09-25 20:39 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-09-25 20:39 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-09-25 20:39 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-09-21 10:01 - 2015-10-19 14:21 - 00000000 ____D C:\Users\Peter\Desktop\Gretenkord_Abgabe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-21 09:05 - 2015-06-16 21:13 - 00000000 ____D C:\ProgramData\VMware
2015-10-21 09:05 - 2015-06-15 10:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-21 09:05 - 2015-04-23 14:38 - 00146360 _____ C:\Windows\setupact.log
2015-10-21 09:05 - 2015-04-23 11:16 - 27590656 _____ C:\Windows\system32\vmguest.iso
2015-10-21 09:05 - 2015-04-22 22:23 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-21 09:05 - 2015-04-22 21:34 - 01622492 _____ C:\Windows\WindowsUpdate.log
2015-10-21 09:05 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 09:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-10-21 08:58 - 2015-04-22 21:24 - 01085430 _____ C:\Windows\PFRO.log
2015-10-21 08:55 - 2015-04-24 13:18 - 00000000 ____D C:\Users\Peter\AppData\Local\Adobe
2015-10-21 08:54 - 2015-04-22 22:23 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-21 08:47 - 2015-04-23 08:44 - 00000000 ___RD C:\Users\Peter\Desktop\Programme
2015-10-21 08:32 - 2015-04-22 21:36 - 01898524 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-21 08:32 - 2013-08-23 01:24 - 00811136 _____ C:\Windows\system32\perfh007.dat
2015-10-21 08:32 - 2013-08-23 01:24 - 00178636 _____ C:\Windows\system32\perfc007.dat
2015-10-21 08:25 - 2015-04-29 12:30 - 00000000 ____D C:\Users\Peter\AppData\Local\Akamai
2015-10-20 11:36 - 2015-04-28 09:44 - 00000000 ____D C:\ProgramData\Microsoft Visual Studio
2015-10-20 11:23 - 2015-04-22 21:40 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2093703266-1135226498-3496767316-1001
2015-10-20 10:21 - 2013-08-22 16:44 - 05084816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-20 10:15 - 2015-04-22 21:52 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-20 10:01 - 2015-04-23 10:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-10-20 09:58 - 2015-04-23 10:45 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE
2015-10-20 09:55 - 2015-04-23 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-10-20 09:50 - 2015-04-24 12:43 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-10-20 09:50 - 2015-04-24 12:43 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-10-20 09:44 - 2015-04-24 13:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-10-20 09:44 - 2015-04-22 21:34 - 00000000 ____D C:\Users\Peter\AppData\Local\Packages
2015-10-20 09:43 - 2015-04-29 08:54 - 00000000 ____D C:\Users\Peter\AppData\Local\Deployment
2015-10-20 09:43 - 2015-04-23 10:38 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-10-20 09:40 - 2015-04-23 10:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2015-10-20 09:39 - 2015-04-23 10:40 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-10-20 09:33 - 2015-04-23 10:38 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2015-10-20 09:31 - 2015-04-23 10:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-10-20 09:31 - 2015-04-23 10:37 - 00000000 ____D C:\Windows\SysWOW64\1031
2015-10-20 09:30 - 2015-04-23 10:37 - 00000000 ____D C:\Windows\system32\1033
2015-10-20 09:29 - 2015-04-23 10:36 - 00000000 ____D C:\Windows\system32\1031
2015-10-20 09:29 - 2015-04-23 10:04 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-20 09:22 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-20 09:21 - 2015-06-17 14:20 - 00000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2015-10-19 13:05 - 2015-05-20 11:28 - 00000000 ____D C:\ProgramData\Unity
2015-10-19 12:59 - 2015-06-25 09:51 - 00000000 ____D C:\Users\Peter\AppData\Local\TortoiseGit
2015-10-19 09:29 - 2015-04-22 21:34 - 00000000 ____D C:\Users\Peter
2015-10-19 08:30 - 2015-04-22 22:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-18 21:04 - 2015-04-23 10:45 - 00000000 ____D C:\Users\Peter\Documents\Visual Studio 2013
2015-10-18 13:30 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media
2015-10-18 13:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\spool
2015-10-15 09:09 - 2015-04-23 10:30 - 00000000 ____D C:\Users\Peter\AppData\Local\Autodesk
2015-10-15 09:09 - 2015-04-23 10:20 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Autodesk
2015-10-15 09:09 - 2015-04-23 10:20 - 00000000 ____D C:\ProgramData\Autodesk
2015-10-15 09:08 - 2015-04-23 10:30 - 00000000 ____D C:\Users\Peter\Documents\maya
2015-10-14 11:37 - 2015-04-23 10:24 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-10-14 11:35 - 2015-04-23 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-10-14 11:30 - 2015-04-23 10:19 - 00000000 ____D C:\Autodesk
2015-10-13 15:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-10-13 09:53 - 2015-04-24 12:35 - 00000000 ____D C:\Users\Peter\AppData\Roaming\FileZilla
2015-10-13 09:51 - 2015-05-18 17:27 - 00000600 _____ C:\Users\Peter\AppData\Local\PUTTY.RND
2015-10-08 13:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-10-06 15:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-10-06 08:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-10-06 08:35 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-05 13:56 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-10-05 13:55 - 2015-05-18 22:16 - 00817848 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-10-05 13:55 - 2014-11-10 17:48 - 00190648 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-10-04 10:23 - 2015-04-22 22:05 - 01317192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-10-04 10:23 - 2015-04-22 21:47 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-10-04 10:22 - 2015-04-22 22:05 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-10-04 10:22 - 2015-04-22 21:47 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-10-03 07:06 - 2015-06-26 09:25 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-03 07:06 - 2015-06-26 09:25 - 03154104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2015-04-22 22:29 - 03573832 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-10-03 07:06 - 2015-04-22 22:29 - 00033507 _____ C:\Windows\system32\nvinfo.pb
2015-10-03 04:49 - 2015-04-22 22:29 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 02982520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-03 04:49 - 2015-04-22 22:29 - 00523384 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 00075056 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-10-03 04:49 - 2015-04-22 22:29 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-01 11:33 - 2015-04-22 22:29 - 05284082 _____ C:\Windows\system32\nvcoproc.bin
2015-09-21 09:49 - 2015-04-22 22:23 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-21 09:49 - 2015-04-22 22:23 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-21 08:17 - 2015-04-22 22:23 - 00000000 ____D C:\Users\Peter\AppData\Local\Google
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-19 09:01 - 2015-10-19 09:05 - 0000115 _____ () C:\Users\Peter\AppData\Roaming\LogFile.txt
2015-05-18 17:27 - 2015-10-13 09:51 - 0000600 _____ () C:\Users\Peter\AppData\Local\PUTTY.RND
2015-06-15 09:56 - 2015-06-15 09:56 - 0000017 _____ () C:\Users\Peter\AppData\Local\resmon.resmoncfg
Einige Dateien in TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\avgnt.exe
C:\Users\Peter\AppData\Local\Temp\ose00000.exe
C:\Users\Peter\AppData\Local\Temp\sqlite3.dll
C:\Users\Peter\AppData\Local\Temp\_isB730.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-18 15:01
==================== Ende von FRST.txt ============================
|
|
21.10.2015, 19:27
| #9 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei WindowsESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.11.2015, 15:14
| #10 |
| | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows Ich habe es leider erst jetzt wieder geschafft die Untersuchungen durch zu führen. Hier die Logs: ESET-Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=22620d34f2b4a145a00e686db6332a17
# end=init
# utc_time=2015-10-27 07:08:36
# local_time=2015-10-27 08:08:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 26429
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=22620d34f2b4a145a00e686db6332a17
# end=updated
# utc_time=2015-10-27 07:17:58
# local_time=2015-10-27 08:17:58 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=22620d34f2b4a145a00e686db6332a17
# engine=26429
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-27 09:52:14
# local_time=2015-10-27 10:52:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1302 16777213 100 100 14798 73518364 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6121063 15316539 0 0
# scanned=901617
# found=0
# cleaned=0
# scan_time=9255
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=22620d34f2b4a145a00e686db6332a17
# end=init
# utc_time=2015-11-12 06:18:59
# local_time=2015-11-12 07:18:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 26686
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=22620d34f2b4a145a00e686db6332a17
# end=updated
# utc_time=2015-11-12 06:22:24
# local_time=2015-11-12 07:22:24 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=22620d34f2b4a145a00e686db6332a17
# engine=26686
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-12 10:25:31
# local_time=2015-11-12 11:25:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1302 16777213 100 100 15038 74902761 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 7505460 16700936 0 0
# scanned=1449376
# found=0
# cleaned=0
# scan_time=14586
Code:
ATTFilter Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Visual Studio Extensions for Windows Library for JavaScript
Microsoft VisualStudio JavaScript Project System
Microsoft VisualStudio JavaScript Language Service
Visual Studio Extensions for Windows Library for JavaScript
Java version 32-bit out of Date!
Google Chrome (46.0.2490.71)
Google Chrome (46.0.2490.80)
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Kaspersky Lab Kaspersky Internet Security 15.0.2 avp.exe
Kaspersky Lab Kaspersky Internet Security 15.0.2 avpui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Peter (Administrator) auf PG (12-11-2015 15:09:20)
Gestartet von G:\Chrome_Downlaods
Geladene Profile: Peter (Verfügbare Profile: Peter)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Cisco Systems, Inc.) P:\Cisco System VPN Client\cvpnd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() P:\Synology Assistant\UsbClientService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Adobe Systems Inc.) P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\acrotray.exe
(Geek Software GmbH) P:\PDF24\pdf24.exe
(Safer-Networking Ltd.) P:\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics.) P:\Samsung Magician\Samsung Magician.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2893104 2013-08-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => P:\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114368 2015-05-27] (VMware, Inc.)
HKLM-x32\...\Run: [PDFPrint] => P:\PDF24\pdf24.exe [217632 2015-07-21] (Geek Software GmbH)
HKLM-x32\...\Run: [SDTray] => P:\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\...\MountPoints2: {38a13294-e989-11e4-8253-303a648df161} - "I:\vs_enterprise.exe"
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-04-22]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PS-Link.lnk [2015-04-23]
ShortcutTarget: PS-Link.lnk -> P:\D-Link_PrintServer\PsLink.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2015-04-22]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WindowsIoTCoreWatcher.lnk [2015-08-18]
ShortcutTarget: WindowsIoTCoreWatcher.lnk -> C:\Program Files (x86)\Microsoft IoT\WindowsIoTCoreWatcher.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 141.56.1.1 141.56.1.2
Tcpip\..\Interfaces\{0E168C26-8741-4172-A8A5-F0BD7B405E6E}: [DhcpNameServer] 141.56.216.1 141.56.1.1
Tcpip\..\Interfaces\{6372613C-052B-4138-86E0-1A930A94217F}: [DhcpNameServer] 141.56.1.1 141.56.1.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2093703266-1135226498-3496767316-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> P:\Microsoft Office 2013\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> P:\Microsoft Office 2013\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> P:\Microsoft Visual Studio 2013\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - P:\Microsoft Office 2013\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> P:\Microsoft Office 2013\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> P:\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> P:\Adobe Master Collection CS6\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-06-15] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-06-15] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-06-15] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Acrobat -> P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> P:\Adobe Master Collection CS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2093703266-1135226498-3496767316-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> P:\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2093703266-1135226498-3496767316-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-16] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - P:\Adobe Master Collection CS6\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-04-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-06-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-06-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-06-15] [ist nicht signiert]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WhatsChrome) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2015-05-05]
CHR Extension: (Kaspersky Protection) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-06-15]
CHR Extension: (AdBlock) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-14]
CHR Extension: (Google Mail-Checker) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-05-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-22] (Kaspersky Lab ZAO)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-04-23] (Microsoft Corporation)
R2 CVPND; P:\Cisco System VPN Client\cvpnd.exe [1529856 2011-03-04] (Cisco Systems, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-08-23] (ELAN Microelectronics Corp.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2015-06-15] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S2 MBAMService; P:\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 mi-raysat_3dsmax2016_64; P:\Autodesk\3DMax\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe [86016 2011-09-15] () [Datei ist nicht signiert]
R2 Micro Star SCM; c:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 SDScannerService; P:\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; P:\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; P:\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
R2 UsbClientService; P:\Synology Assistant\UsbClientService.exe [248736 2015-02-05] ()
R2 vmms; C:\Windows\system32\vmms.exe [13784064 2015-04-01] (Microsoft Corporation)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12730048 2015-05-27] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 VSStandardCollectorService140; P:\Microsoft Visual Studio 2015\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
R3 BusRMUSB; C:\Windows\System32\drivers\BusRMUSB.sys [58064 2011-07-12] (Windows (R) Win 7 DDK provider)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-22] (Kaspersky Lab UK Ltd)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68952 2015-05-12] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-07-16] (REALiX(tm))
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [64368 2015-06-22] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [159960 2015-06-22] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [226480 2015-06-29] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [817848 2015-10-05] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39792 2015-06-22] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [40304 2015-06-22] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [39792 2015-06-22] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [24944 2015-06-22] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2015-06-22] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [85360 2015-06-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [190648 2015-10-05] (Kaspersky Lab ZAO)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2015-04-23] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2015-04-23] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2013-09-07] (Microsoft Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-09-27] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
R2 vcanv; C:\Windows\System32\drivers\vcanv.sys [71856 2015-02-17] (Vector Informatik GmbH)
S3 vcasexl; C:\Windows\system32\DRIVERS\vcasexl.sys [554696 2013-09-17] (Vector Informatik GmbH)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-01-27] (Microsoft Corporation)
S3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-01-07] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-12 15:06 - 2015-11-12 15:06 - 00001180 _____ C:\Users\Peter\Desktop\checkup.txt
2015-11-12 07:18 - 2015-11-12 07:18 - 02870984 _____ (ESET) C:\Users\Peter\Desktop\esetsmartinstaller_deu.exe
2015-11-09 10:05 - 2015-11-09 10:05 - 00000000 ____D C:\Users\Peter\AppData\Roaming\QtProject
2015-10-30 11:49 - 2015-10-30 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2015-10-27 08:24 - 2015-10-27 08:24 - 00852720 _____ C:\Users\Peter\Desktop\SecurityCheck.exe
2015-10-27 08:07 - 2015-10-27 08:07 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-26 09:37 - 2015-10-26 09:37 - 00009719 _____ C:\Users\Peter\Desktop\Mögliche Arbeitszeiten WS2015_2016.xlsx
2015-10-21 08:02 - 2015-10-21 08:02 - 00001511 _____ C:\Users\Peter\Desktop\JRT.txt
2015-10-21 07:56 - 2015-10-21 07:57 - 00000000 ____D C:\AdwCleaner
2015-10-21 07:54 - 2015-10-21 07:54 - 09354683 _____ C:\Users\Peter\Downloads\CSScriptNpp.1.0.46.0.zip
2015-10-21 07:53 - 2015-10-21 07:53 - 00001196 _____ C:\Users\Peter\Desktop\mbam.txt
2015-10-21 07:36 - 2015-10-05 08:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-21 07:36 - 2015-10-05 08:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-20 09:28 - 2015-10-20 09:28 - 00000000 ____D C:\Users\Peter\AppData\Roaming\OpenOffice
2015-10-20 09:20 - 2015-10-20 09:20 - 00000765 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-10-20 09:20 - 2015-10-20 09:20 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-10-20 09:15 - 2015-10-20 10:36 - 00000000 ____D C:\Users\Peter\Documents\Visual Studio 2015
2015-10-20 09:14 - 2015-10-20 09:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python Tools for Visual Studio 2015
2015-10-20 08:57 - 2015-10-20 08:57 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Emulator for Android.lnk
2015-10-20 08:57 - 2015-10-20 08:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Emulator for Android
2015-10-20 08:57 - 2015-10-20 08:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Emulator Manager
2015-10-20 08:55 - 2015-10-20 08:55 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2015-10-20 08:55 - 2015-10-20 08:55 - 00000000 ____D C:\Program Files\Application Verifier
2015-10-20 08:55 - 2015-10-20 08:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-10-20 08:55 - 2015-10-20 08:55 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2015-10-20 08:41 - 2015-10-20 08:41 - 00000000 ____D C:\ProgramData\Microsoft DNX
2015-10-20 08:41 - 2015-10-20 08:41 - 00000000 ____D C:\Program Files\Microsoft DNX
2015-10-20 08:39 - 2015-10-20 08:39 - 00000000 ____D C:\Program Files\IIS Express
2015-10-20 08:39 - 2015-10-20 08:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2015-10-20 08:39 - 2015-10-20 08:39 - 00000000 ____D C:\Program Files (x86)\IIS Express
2015-10-20 08:38 - 2015-10-20 08:38 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2015-10-20 08:37 - 2015-10-20 08:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2015-10-20 08:32 - 2015-10-20 08:32 - 00000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Test Manager 2015.lnk
2015-10-20 08:31 - 2015-10-20 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-10-20 08:30 - 2015-10-20 08:30 - 00001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2015-10-20 08:29 - 2015-10-20 08:29 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0
2015-10-20 08:28 - 2015-10-30 14:36 - 00131584 ___SH C:\Users\Peter\Desktop\Thumbs.db
2015-10-20 08:28 - 2015-10-20 08:28 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-10-20 08:28 - 2015-10-20 08:28 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-10-19 10:38 - 2015-10-20 10:13 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-10-19 10:17 - 2015-10-19 10:29 - 00000000 ____D C:\Users\Peter\Desktop\TDKiller
2015-10-19 10:06 - 2015-10-21 07:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-19 10:06 - 2015-10-21 07:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-19 10:06 - 2015-10-19 10:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-19 10:04 - 2015-10-19 10:04 - 00000000 ____D C:\Users\Peter\Desktop\Malewarebytes
2015-10-19 10:04 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-19 08:31 - 2015-11-12 15:09 - 00000000 ____D C:\FRST
2015-10-19 08:29 - 2015-10-19 08:29 - 00000000 _____ C:\Users\Peter\defogger_reenable
2015-10-19 08:04 - 2015-10-19 08:04 - 00000000 ____D C:\ProgramData\VIPRE
2015-10-19 07:29 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 17395512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 12769408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-19 07:29 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-19 07:29 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-18 12:29 - 2015-10-18 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP550 series
2015-10-15 08:09 - 2015-10-15 08:09 - 00000000 ____D C:\Users\Peter\Documents\xgen
2015-10-14 10:37 - 2015-10-14 10:37 - 00000000 ____D C:\Users\Peter\Documents\Direct Connect
2015-10-14 10:35 - 2015-10-14 10:35 - 00001491 _____ C:\Users\Public\Desktop\Maya 2016.lnk
2015-10-14 10:35 - 2015-10-14 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Maya 2016
2015-10-14 10:27 - 2015-10-14 10:27 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-10-14 10:04 - 2015-10-14 10:04 - 00001811 _____ C:\Users\Peter\Desktop\webcam.sh
2015-10-13 07:44 - 2015-10-30 08:10 - 00000000 ____D C:\Users\Peter\Desktop\Mutsch
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-12 15:03 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-12 11:23 - 2015-06-15 09:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-11-12 10:54 - 2015-04-22 21:23 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-12 09:54 - 2015-04-22 21:23 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-12 08:13 - 2015-04-29 11:30 - 00000000 ____D C:\Users\Peter\AppData\Local\Akamai
2015-11-12 07:24 - 2015-04-24 12:18 - 00000000 ____D C:\Users\Peter\AppData\Local\Adobe
2015-11-12 07:24 - 2015-04-22 20:34 - 01887935 _____ C:\Windows\WindowsUpdate.log
2015-11-12 07:21 - 2015-04-23 10:16 - 27590656 _____ C:\Windows\system32\vmguest.iso
2015-11-12 07:21 - 2015-04-22 20:36 - 01898524 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-12 07:21 - 2013-08-23 00:24 - 00811136 _____ C:\Windows\system32\perfh007.dat
2015-11-12 07:21 - 2013-08-23 00:24 - 00178636 _____ C:\Windows\system32\perfc007.dat
2015-11-12 07:14 - 2015-06-16 20:13 - 00000000 ____D C:\ProgramData\VMware
2015-11-12 07:14 - 2015-04-23 13:38 - 00155422 _____ C:\Windows\setupact.log
2015-11-12 07:14 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-10 15:35 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-09 10:05 - 2015-04-23 07:44 - 00000000 ___RD C:\Users\Peter\Desktop\Programme
2015-11-06 15:29 - 2015-05-20 10:28 - 00000000 ____D C:\ProgramData\Unity
2015-11-06 15:01 - 2015-04-22 20:40 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2093703266-1135226498-3496767316-1001
2015-11-06 14:05 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-06 13:54 - 2015-06-25 08:51 - 00000000 ____D C:\Users\Peter\AppData\Local\TortoiseGit
2015-11-06 11:37 - 2015-06-17 13:20 - 00000000 ____D C:\Users\Peter\AppData\Local\CrashDumps
2015-11-03 13:36 - 2015-04-23 09:45 - 00000000 ____D C:\Users\Peter\Documents\Visual Studio 2013
2015-10-30 11:40 - 2015-06-15 08:56 - 00007604 _____ C:\Users\Peter\AppData\Local\resmon.resmoncfg
2015-10-26 09:27 - 2015-04-29 07:54 - 00000000 ____D C:\Users\Peter\AppData\Local\Deployment
2015-10-23 12:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-10-23 10:24 - 2015-05-18 16:27 - 00000600 _____ C:\Users\Peter\AppData\Local\PUTTY.RND
2015-10-23 10:24 - 2015-04-24 11:35 - 00000000 ____D C:\Users\Peter\AppData\Roaming\FileZilla
2015-10-21 07:58 - 2015-04-22 20:24 - 01085430 _____ C:\Windows\PFRO.log
2015-10-20 10:36 - 2015-04-28 08:44 - 00000000 ____D C:\ProgramData\Microsoft Visual Studio
2015-10-20 09:21 - 2013-08-22 15:44 - 05084816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-20 09:15 - 2015-04-22 20:52 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-20 09:01 - 2015-04-23 09:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-10-20 08:58 - 2015-04-23 09:45 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE
2015-10-20 08:55 - 2015-04-23 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-10-20 08:50 - 2015-04-24 11:43 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-10-20 08:50 - 2015-04-24 11:43 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-10-20 08:44 - 2015-04-24 12:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-10-20 08:44 - 2015-04-22 20:34 - 00000000 ____D C:\Users\Peter\AppData\Local\Packages
2015-10-20 08:43 - 2015-04-23 09:38 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-10-20 08:40 - 2015-04-23 09:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2015-10-20 08:39 - 2015-04-23 09:40 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-10-20 08:39 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-20 08:33 - 2015-04-23 09:38 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2015-10-20 08:31 - 2015-04-23 09:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-10-20 08:31 - 2015-04-23 09:37 - 00000000 ____D C:\Windows\SysWOW64\1031
2015-10-20 08:30 - 2015-04-23 09:37 - 00000000 ____D C:\Windows\system32\1033
2015-10-20 08:29 - 2015-04-23 09:36 - 00000000 ____D C:\Windows\system32\1031
2015-10-20 08:29 - 2015-04-23 09:04 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-19 13:21 - 2015-09-21 09:01 - 00000000 ____D C:\Users\Peter\Desktop\Gretenkord_Abgabe
2015-10-19 08:29 - 2015-04-22 20:34 - 00000000 ____D C:\Users\Peter
2015-10-19 07:30 - 2015-04-22 21:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-18 12:30 - 2013-08-22 16:36 - 00000000 __RSD C:\Windows\Media
2015-10-18 12:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\spool
2015-10-15 08:09 - 2015-04-23 09:30 - 00000000 ____D C:\Users\Peter\AppData\Local\Autodesk
2015-10-15 08:09 - 2015-04-23 09:20 - 00000000 ____D C:\Users\Peter\AppData\Roaming\Autodesk
2015-10-15 08:09 - 2015-04-23 09:20 - 00000000 ____D C:\ProgramData\Autodesk
2015-10-15 08:08 - 2015-04-23 09:30 - 00000000 ____D C:\Users\Peter\Documents\maya
2015-10-14 10:37 - 2015-04-23 09:24 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-10-14 10:35 - 2015-04-23 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-10-14 10:30 - 2015-04-23 09:19 - 00000000 ____D C:\Autodesk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-19 08:01 - 2015-10-19 08:05 - 0000115 _____ () C:\Users\Peter\AppData\Roaming\LogFile.txt
2015-05-18 16:27 - 2015-10-23 10:24 - 0000600 _____ () C:\Users\Peter\AppData\Local\PUTTY.RND
2015-06-15 08:56 - 2015-10-30 11:40 - 0007604 _____ () C:\Users\Peter\AppData\Local\resmon.resmoncfg
Einige Dateien in TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\avgnt.exe
C:\Users\Peter\AppData\Local\Temp\ose00000.exe
C:\Users\Peter\AppData\Local\Temp\sqlite3.dll
C:\Users\Peter\AppData\Local\Temp\_isB730.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-06 07:22
==================== Ende von FRST.txt ============================
|
|
12.11.2015, 17:24
| #11 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows Bestehen noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.11.2015, 10:01
| #12 |
| | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows ja leider besteht das Problem immer noch. Ich habe zumindest herausgefunden woran es noch liegen könnte. Ich besitze die Windows 8.1 Studenten Version und habe die über Dreamspark "erwerben" können, da ich ja noch Student bin. Ich habe jetzt versucht jedes Update einzeln zu installieren und nur bei einem Update kommt ein Fehler bzw kann das Update nicht abschliesen: Sicherheitsupdate für Windows 8.1 für 64x-basierte Systeme (KB3087088). nach dem installieren des Updates startet der rechner neu und nach dem Neustart möchte Windows das Update "abschliesen", wobei Windows bei 67% immer wieder abbricht und sagt: "Windows konnte das Update nicht fertig stellen" und setzt sich auf die alten Einstellungen zurück. Der Runtime Error ist aber soweit beseitigt. weist du noch Rat? |
|
20.11.2015, 16:32
| #13 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows Wenn Du keine Hyper V Virtualisierung nutzt brauchst Du das Update nicht.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.11.2015, 08:10
| #14 |
| | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows Ich hatte eine VM-Ware installiert die ich in den letzten Tagen vorzugsweise deinstalliert habe. Momentan läuft das System stabil und der runtime error kam denk ich durch den Treiber meiner Grafikkarte zustande, der sich bis jetzt noch nicht wieder blicken lies. Ich danke dir für deine ausgiebige Hilfe und beanspruchte Zeit. Hast du abschließend noch einen Tipp, welche der hier genutzten Programme ich selbständig ab und zu mal durchlaufen lassen sollte um auf Viren jagt zu gehen!? Mit freundlichem Gruß Peter |
|
24.11.2015, 22:27
| #15 |
| /// the machine /// TB-Ausbilder | Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows Kommt jetzt Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows |
| akamai, avg, canon, computer, cpu, desktop, dnsapi.dll, einstellungen, failed, fehler, ftp, google, internet, kaspersky, mozilla, nvida, prozesse, realtek, registry, rundll, scan, security, software, svchost.exe, synology, system, udp, update-fehler, updates, windows |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
