| |
| |||||||
Log-Analyse und Auswertung: Istartpageing.com Virus auf RechnerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.12.2015, 15:07
| #1 |
| |  Istartpageing.com Virus auf Rechner Hallo liebe Mitglieder, gestern habe ich mir den Istartpageing eingefangen. Als ich wieder einen Browser öffnete fand ich nun Istartpageing.com sowie diverse am 10.12.2015 installierte Programme. Ich bin eurer Anleitung unter "Istartpageing.com redirect Virus entfernen" gefolgt und habe alle Schritte durchgeführt. Die Logdateien füge ich an. Vielleicht mag mir ja jemand helfen und einmal drüber schauen, ob alles weg ist. Danke vorab dafür! Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 11.12.2015 Suchlaufzeit: 10:08 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.11.02 Rootkit-Datenbank: v2015.12.07.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Anni Blask Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 420532 Abgelaufene Zeit: 41 Min., 13 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 2 PUP.Optional.DNSBlock.BrwsrFlsh, C:\Windows\System32\DnsBlockUpdateSvc.exe, 1772, Löschen bei Neustart, [c20ca2017615df57a0c890ebcf346b95] PUP.Optional.WindowsMangerProtect, C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe, 1388, Löschen bei Neustart, [5c72faa9d0bb5cdaa89ec8f516edfd03] Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 8 PUP.Optional.DNSBlock.BrwsrFlsh, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DnsBlockUpdateSvc, In Quarantäne, [c20ca2017615df57a0c890ebcf346b95], PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\APPID\DPBHO.DLL, In Quarantäne, [a628ffa412799e985c6f7a86c93b4ab6], PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\DPBHO.DLL, In Quarantäne, [547a673cb8d33ff7884318e849bb8779], PUP.Optional.IStartPageing.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\istartpageingSoftware, In Quarantäne, [e1edb3f043481125d2d17b83bb4851af], PUP.Optional.DownloadProtect, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DPBHO.DLL, In Quarantäne, [f3db0a998b005bdb408b837dcc38fb05], PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [5c72faa9d0bb5cdaa89ec8f516edfd03], PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [def09e05eaa1e650063fdbe2dc271ee2], PUP.Optional.DeskCut, HKU\S-1-5-21-2899336889-42798528-283681265-1001\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [ece2edb6ee9dce68186c256853b08d73], Registrierungswerte: 3 PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|yahooprotected@gmail.com, C:\Users\Anni Blask\AppData\Roaming\Mozilla\Firefox\Profiles\GtLqFdaV.default\extensions\yahooprotected@gmail.com, In Quarantäne, [05c9396aa4e77fb7e972842157ab37c9] PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{E2AF99E5-4405-4CC9-924E-D3D25A8BB003}, C:\Windows\Installer\{AC4A2B91-3FAB-48BE-868F-8476850C0D37}\{E2AF99E5-4405-4CC9-924E-D3D25A8BB003}.xpi, In Quarantäne, [d0fe445f6f1c979f18a6d5b91fe44eb2] PUP.Optional.DeskCut, HKU\S-1-5-21-2899336889-42798528-283681265-1001\SOFTWARE\MOZILLA\EXTENDS|appid, deskCutv2@gmail.com, In Quarantäne, [ece2edb6ee9dce68186c256853b08d73] Registrierungsdaten: 2 PUP.Optional.IStartPageing.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartpageing.com/?type=sc&ts=1449779020&z=a04112a83d12a51bf5f9b6cg9z9zbt0m1mbt3e0gab&from=cvs2&uid=ST500LT012-1DG142_S3PKDV6H, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartpageing.com/?type=sc&ts=1449779020&z=a04112a83d12a51bf5f9b6cg9z9zbt0m1mbt3e0gab&from=cvs2&uid=ST500LT012-1DG142_S3PKDV6H),Ersetzt,[ae201c879dee79bdb09fafc516ee50b0] PUP.Optional.IStartPageing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartpageing.com/?type=sc&ts=1449779020&z=a04112a83d12a51bf5f9b6cg9z9zbt0m1mbt3e0gab&from=cvs2&uid=ST500LT012-1DG142_S3PKDV6H, Gut: (firefox.exe), Schlecht: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.istartpageing.com/?type=sc&ts=1449779020&z=a04112a83d12a51bf5f9b6cg9z9zbt0m1mbt3e0gab&from=cvs2&uid=ST500LT012-1DG142_S3PKDV6H),Ersetzt,[626c059ecfbcd0668ac5aacaae56a35d] Ordner: 8 PUP.Optional.DownloadProtect, C:\Windows\Installer\{4E3E9653-4270-4EAB-8958-671A896A0E2E}, In Quarantäne, [b519287b6b205ed85d4d107e798a40c0], PUP.Optional.Elex, C:\Program Files (x86)\SFK, In Quarantäne, [a12d901387048aac01ef5a6ff60db44c], PUP.Optional.DNSBlock.BrwsrFlsh, C:\Users\Anni Blask\AppData\Local\DnsBlock, In Quarantäne, [c30b485b800b51e5c1ed591bfd050000], PUP.Optional.WindowsProtectManager, C:\ProgramData\Tmp0x0x, Löschen bei Neustart, [4b836d3679122214ff99257e1ae8966a], PUP.Optional.WindowsProtectManager, C:\ProgramData\Tmp0x0x\log, In Quarantäne, [4b836d3679122214ff99257e1ae8966a], PUP.Optional.WindowsProtectManager, C:\ProgramData\Tmp0x0x\update, In Quarantäne, [4b836d3679122214ff99257e1ae8966a], PUP.Optional.DownloadProtect, C:\Program Files (x86)\{73074610-4705-4D26-8D7C-0AD8F55DD8F3}, In Quarantäne, [7955970c573476c0b5003573fc08f010], PUP.Optional.DownloadProtect, C:\Program Files\{58B851E6-CEAA-4F5B-BA9F-70209A69D641}, In Quarantäne, [c509d0d3098278bef1c4b1f7808405fb], Dateien: 13 PUP.Optional.DNSBlock.BrwsrFlsh, C:\Windows\System32\DnsBlockUpdateSvc.exe, Löschen bei Neustart, [c20ca2017615df57a0c890ebcf346b95], PUP.Optional.DNSBlocker.BrwsrFlsh, C:\Windows\System32\dns.block, In Quarantäne, [705e861dd5b69d99303cb0cb7e85e21e], PUP.Optional.DNSBlocker.BrwsrFlsh, C:\Windows\SysWOW64\dns.block, In Quarantäne, [e9e5cfd4e3a887af9ad2700b946fa25e], PUP.Optional.DownloadProtect, C:\Windows\Installer\{4E3E9653-4270-4EAB-8958-671A896A0E2E}\cfnhnjhplcnhglmcfjnkdfkplljiifmeorx, In Quarantäne, [b519287b6b205ed85d4d107e798a40c0], PUP.Optional.DownloadProtect, C:\Windows\Installer\{4E3E9653-4270-4EAB-8958-671A896A0E2E}\xfnhnjhplcnhglmcfjnkdfkplljiifmeoml, In Quarantäne, [b519287b6b205ed85d4d107e798a40c0], PUP.Optional.Elex, C:\Program Files (x86)\SFK\SFK.ini, In Quarantäne, [a12d901387048aac01ef5a6ff60db44c], PUP.Optional.WindowsMangerProtect, C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe, Löschen bei Neustart, [5c72faa9d0bb5cdaa89ec8f516edfd03], PUP.Optional.WindowsProtectManager, C:\ProgramData\Tmp0x0x\log\ProtectWindowsManager_2015-12-10[21-25-03-890].log, In Quarantäne, [4b836d3679122214ff99257e1ae8966a], PUP.Optional.WindowsProtectManager, C:\ProgramData\Tmp0x0x\update\conf, In Quarantäne, [4b836d3679122214ff99257e1ae8966a], PUP.Optional.DownloadProtect, C:\Program Files (x86)\{73074610-4705-4D26-8D7C-0AD8F55DD8F3}\config.json, In Quarantäne, [7955970c573476c0b5003573fc08f010], PUP.Optional.DownloadProtect, C:\Program Files (x86)\{73074610-4705-4D26-8D7C-0AD8F55DD8F3}\def.bin, In Quarantäne, [7955970c573476c0b5003573fc08f010], PUP.Optional.DownloadProtect, C:\Program Files\{58B851E6-CEAA-4F5B-BA9F-70209A69D641}\config.json, In Quarantäne, [c509d0d3098278bef1c4b1f7808405fb], PUP.Optional.DownloadProtect, C:\Program Files\{58B851E6-CEAA-4F5B-BA9F-70209A69D641}\def.bin, In Quarantäne, [c509d0d3098278bef1c4b1f7808405fb], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.024 - Bericht erstellt am 11/12/2015 um 11:10:45
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-07.3 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Anni Blask - ANNI
# Gestartet von : C:\Users\Anni Blask\Downloads\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Windows\Installer\{AC4A2B91-3FAB-48BE-868F-8476850C0D37}
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\SpeedMon
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1040 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 8.1 x64
Ran by Anni Blask (Administrator) on 11.12.2015 at 11:15:25,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.12.2015 at 11:18:19,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Shortcut Cleaner 1.3.9 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/
Windows Version: Windows 8.1
Program started at: 12/11/2015 11:19:40 AM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\Anni Blask\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\Anni Blask\Desktop\
Searching C:\Users\Public\Desktop\
0 bad shortcuts found.
Program finished at: 12/11/2015 11:19:41 AM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)
|
|
11.12.2015, 15:32
| #2 |
| /// TB-Ausbilder   | Istartpageing.com Virus auf Rechner Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Gibt es aktuell noch Probleme? Wenn ja, in welchem Browser? Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
11.12.2015, 16:16
| #3 |
| | Istartpageing.com Virus auf Rechner Wie gewünscht:
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
durchgeführt von Anni Blask (Administrator) auf ANNI (11-12-2015 16:05:51)
Gestartet von C:\Users\Anni Blask\Downloads
Geladene Profile: Anni Blask & (Verfügbare Profile: Anni Blask)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_6.3.9600.20278_x64__8wekyb3d8bbwe\numbers.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-12-05] (IDT, Inc.)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2795248 2013-10-26] (Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2899336889-42798528-283681265-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2899336889-42798528-283681265-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
Startup: C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-12-11]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3137ED8D-372F-4D19-8468-BB25E814F246}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/10
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/10
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2899336889-42798528-283681265-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2899336889-42798528-283681265-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/10
HKU\S-1-5-21-2899336889-42798528-283681265-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPCOM14/10
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/10
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPCOM14/10
HKU\YouCam_HIVE\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/10
HKU\YouCam_HIVE\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPCOM14/10
HKU\YouCam_HIVE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/10
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-07] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Anni Blask\AppData\Roaming\Mozilla\Firefox\Profiles\hsk1p1hn.default-1449784234263
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-22] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-22] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-07] (Microsoft Corporation)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-17] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [Datei ist nicht signiert]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-12-05] (IDT, Inc.) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-01] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-01] (Microsoft Corporation)
S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-09-27] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-10-26] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-26] (Synaptics Incorporated)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-09-01] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-09-01] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-01] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
U3 McMPFSvc; kein ImagePath
U3 McNaiAnn; kein ImagePath
U3 mcpltsvc; kein ImagePath
U3 McProxy; kein ImagePath
U3 mfecore; kein ImagePath
U3 MSK80Service; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-11 16:05 - 2015-12-11 16:06 - 00017844 _____ C:\Users\Anni Blask\Downloads\FRST.txt
2015-12-11 15:55 - 2015-12-11 16:05 - 00000000 ____D C:\FRST
2015-12-11 15:55 - 2015-12-11 15:55 - 04676456 _____ (Kaspersky Lab ZAO) C:\Users\Anni Blask\Downloads\tdsskiller.exe
2015-12-11 15:54 - 2015-12-11 15:54 - 02369024 _____ (Farbar) C:\Users\Anni Blask\Downloads\FRST64.exe
2015-12-11 15:54 - 2015-12-11 15:54 - 02369024 _____ (Farbar) C:\Users\Anni Blask\Downloads\FRST64(1).exe
2015-12-11 11:49 - 2015-12-11 11:49 - 00000000 ____D C:\Users\Anni Blask\AppData\Roaming\e-academy Inc
2015-12-11 11:49 - 2015-12-11 11:49 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\e-academy Inc
2015-12-11 11:48 - 2015-12-11 11:49 - 00720384 _____ C:\Users\Anni Blask\Downloads\SDM_DE.msi
2015-12-11 11:29 - 2015-12-11 11:29 - 00001283 _____ C:\Users\Anni Blask\Desktop\Revo Uninstaller.lnk
2015-12-11 11:29 - 2015-12-11 11:29 - 00000000 ____D C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-12-11 11:29 - 2015-12-11 11:29 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-12-11 11:20 - 2015-12-11 11:20 - 02870984 _____ (ESET) C:\Users\Anni Blask\Downloads\esetsmartinstaller_deu.exe
2015-12-11 11:20 - 2015-12-11 11:20 - 00000000 ____D C:\Program Files (x86)\ESET
2015-12-11 11:07 - 2015-12-11 11:10 - 00000000 ____D C:\AdwCleaner
2015-12-11 10:59 - 2015-12-11 11:00 - 00483328 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 10:35 - 2015-12-11 10:35 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Anni Blask\Downloads\revosetup95.exe
2015-12-11 10:34 - 2015-12-11 10:34 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Anni Blask\Downloads\sc-cleaner.exe
2015-12-11 10:33 - 2015-12-11 10:33 - 01738240 _____ C:\Users\Anni Blask\Downloads\AdwCleaner_5.024.exe
2015-12-11 10:33 - 2015-12-11 10:33 - 01599336 _____ (Malwarebytes) C:\Users\Anni Blask\Downloads\JRT.exe
2015-12-10 23:27 - 2015-12-10 23:27 - 00000000 ____D C:\Users\Anni Blask\AppData\Roaming\Avira
2015-12-10 23:23 - 2015-12-03 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-10 23:23 - 2015-12-03 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-10 23:23 - 2015-12-03 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-10 23:23 - 2015-12-03 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-12-10 22:56 - 2015-12-11 11:02 - 00001197 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-12-10 22:56 - 2015-12-10 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-10 22:56 - 2015-12-10 23:23 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-10 22:53 - 2015-12-10 22:55 - 04600536 _____ (Avira Operations GmbH & Co. KG) C:\Users\Anni Blask\Downloads\avira_de_av_5669f3e9c1948__ws.exe
2015-12-10 22:45 - 2015-12-10 22:46 - 04600536 _____ (Avira Operations GmbH & Co. KG) C:\Users\Anni Blask\Downloads\avira_de_av_5669f13e98269__ws.exe
2015-12-10 22:27 - 2015-12-10 22:27 - 00003142 _____ C:\Windows\System32\Tasks\{C694253A-B1AE-4A42-95CD-514800100869}
2015-12-10 21:57 - 2015-12-11 15:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-10 21:57 - 2015-12-11 11:02 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-10 21:57 - 2015-12-10 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-12-10 21:56 - 2015-12-10 21:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-12-10 21:56 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-10 21:56 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-10 21:56 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-10 21:52 - 2015-12-10 21:55 - 22908888 _____ (Malwarebytes ) C:\Users\Anni Blask\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-10 21:31 - 2015-12-10 22:26 - 00000000 ____D C:\Program Files (x86)\AVG
2015-12-10 21:31 - 2015-12-10 21:45 - 00000000 ____D C:\ProgramData\Avg
2015-12-10 21:29 - 2015-12-11 11:01 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-12-10 21:27 - 2015-12-10 22:26 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\AvgSetupLog
2015-12-10 21:27 - 2015-12-10 21:45 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\Avg
2015-12-04 10:39 - 2015-12-04 10:52 - 00401408 _____ C:\Users\Anni Blask\Documents\Datenbank1.accdb
2015-11-22 20:50 - 2015-11-22 20:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-19 15:20 - 2015-11-19 15:22 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\Temporary Projects
2015-11-17 12:42 - 2015-11-27 12:28 - 00000000 ____D C:\Users\Anni Blask\Documents\Visual Studio 2012
2015-11-17 12:39 - 2015-11-17 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-17 12:38 - 2015-11-17 12:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-11-17 12:38 - 2015-11-17 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Deutsch
2015-11-17 12:38 - 2015-11-17 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK - Deutsch
2015-11-17 12:36 - 2015-11-17 12:36 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2015-11-17 12:36 - 2015-11-17 12:36 - 00000000 ____D C:\Program Files\Application Verifier
2015-11-17 12:36 - 2015-11-17 12:36 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2015-11-17 12:35 - 2015-11-17 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-11-17 12:30 - 2015-12-11 11:02 - 00002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk
2015-11-17 12:28 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-11-17 12:22 - 2015-11-17 12:22 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2015-11-17 12:16 - 2015-11-17 12:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-11-17 12:16 - 2015-11-17 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-11-17 12:16 - 2015-11-17 12:16 - 00000000 ____D C:\Windows\symbols
2015-11-17 12:16 - 2015-11-17 12:16 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2015-11-17 11:20 - 2015-11-17 11:20 - 00000000 ____D C:\Users\Anni Blask\AppData\LocalLow\Temp
2015-11-17 11:19 - 2015-11-17 11:19 - 00000000 ____D C:\Users\Anni Blask\AppData\Roaming\NuGet
2015-11-16 18:18 - 2015-11-17 10:54 - 00000000 ____D C:\Users\Anni Blask\Documents\Visual Studio 2015
2015-11-16 18:13 - 2015-11-16 18:13 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-11-16 18:13 - 2015-11-16 18:13 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-11-16 18:12 - 2015-11-16 18:12 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2015-11-16 18:11 - 2015-11-16 18:11 - 00000000 ____D C:\Program Files (x86)\ShellDir
2015-11-16 18:10 - 2015-11-17 12:33 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-11-16 18:08 - 2015-11-16 18:08 - 00000000 ____D C:\ProgramData\Microsoft DNX
2015-11-16 18:08 - 2015-11-16 18:08 - 00000000 ____D C:\Program Files\Microsoft DNX
2015-11-16 18:04 - 2015-11-16 18:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2015-11-16 18:02 - 2015-11-16 18:02 - 00000000 ____D C:\Program Files\IIS Express
2015-11-16 18:02 - 2015-11-16 18:02 - 00000000 ____D C:\Program Files (x86)\IIS Express
2015-11-16 18:01 - 2015-11-16 18:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2015-11-16 18:01 - 2015-11-16 18:01 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-11-16 18:00 - 2015-11-17 12:30 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-11-16 18:00 - 2015-11-17 12:29 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-11-16 18:00 - 2015-11-16 18:00 - 00000000 ____D C:\ProgramData\NuGet
2015-11-16 18:00 - 2015-11-16 18:00 - 00000000 ____D C:\Program Files\IIS
2015-11-16 18:00 - 2015-11-16 18:00 - 00000000 ____D C:\Program Files (x86)\IIS
2015-11-16 17:59 - 2015-11-16 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-11-16 17:58 - 2015-12-11 11:02 - 00001549 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2015-11-16 17:58 - 2015-11-16 17:58 - 00000000 ____D C:\Users\Anni%20Blask
2015-11-16 17:58 - 2015-11-16 17:58 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2015-11-16 17:57 - 2015-11-16 17:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-11-16 17:56 - 2015-11-16 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-11-16 17:55 - 2015-11-17 12:28 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-11-16 17:55 - 2015-11-17 12:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-11-16 17:53 - 2015-12-11 11:02 - 00001550 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2015-11-16 17:53 - 2015-11-17 12:37 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-11-16 17:53 - 2015-11-17 12:37 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-11-16 17:53 - 2015-11-16 17:57 - 00000000 ____D C:\Windows\SysWOW64\1031
2015-11-16 17:53 - 2015-11-16 17:54 - 00000000 ____D C:\Windows\system32\1033
2015-11-16 17:53 - 2015-11-16 17:53 - 00000000 ____D C:\Windows\SysWOW64\1033
2015-11-16 17:50 - 2015-11-16 17:53 - 00000000 ____D C:\Windows\system32\1031
2015-11-16 17:50 - 2015-11-16 17:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2015-11-16 17:50 - 2015-11-16 17:50 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0
2015-11-16 17:49 - 2015-11-17 12:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-11-16 17:49 - 2015-11-16 18:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-11-16 17:40 - 2015-06-22 07:31 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-11-16 17:40 - 2015-06-22 07:30 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-11-16 17:30 - 2015-06-04 14:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-11-16 17:27 - 2015-11-17 10:50 - 00000000 ____D C:\ProgramData\VsTelemetry
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-11 16:04 - 2014-09-01 09:35 - 00801992 _____ C:\Windows\system32\perfh007.dat
2015-12-11 16:04 - 2014-09-01 09:35 - 00174994 _____ C:\Windows\system32\perfc007.dat
2015-12-11 16:04 - 2014-03-18 10:53 - 01924576 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-11 16:04 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2015-12-11 15:57 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-11 15:16 - 2015-04-06 11:03 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2899336889-42798528-283681265-1001
2015-12-11 11:38 - 2014-12-27 19:15 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-12-11 11:38 - 2014-09-01 00:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-11 11:37 - 2014-12-27 19:19 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-12-11 11:37 - 2014-12-27 19:17 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-12-11 11:11 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-11 11:02 - 2015-10-04 12:47 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-11 11:02 - 2015-04-07 20:18 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-11 11:02 - 2014-12-27 19:10 - 00001653 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Sound.lnk
2015-12-11 11:02 - 2013-09-30 22:49 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Control Zone (Touchpad Clickpad Trackpad Mouse).lnk
2015-12-11 11:01 - 2015-04-07 20:46 - 00000295 _____ C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2015-12-11 11:01 - 2015-04-07 20:40 - 00000707 _____ C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anni Blask.lnk
2015-12-11 11:01 - 2015-04-06 10:57 - 00000469 _____ C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-12-11 11:01 - 2015-04-06 10:57 - 00000467 _____ C:\Users\Anni Blask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-12-11 10:53 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Resources
2015-12-10 23:23 - 2015-04-07 16:20 - 00000000 ____D C:\ProgramData\Avira
2015-12-10 22:56 - 2014-12-27 19:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-10 22:31 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Registration
2015-12-10 21:29 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-12-10 19:10 - 2015-04-06 10:57 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\Packages
2015-12-07 17:43 - 2015-06-05 17:15 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\Microsoft Help
2015-12-04 13:58 - 2015-04-07 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-25 09:45 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-25 09:43 - 2015-04-07 16:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-24 09:10 - 2015-04-06 10:57 - 00000000 ____D C:\Users\Anni Blask
2015-11-22 18:16 - 2015-09-22 09:44 - 00000000 ____D C:\Users\Anni Blask\AppData\Local\Adobe
2015-11-22 18:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-11-22 17:43 - 2015-10-04 12:47 - 00000000 ____D C:\Users\Anni Blask\AppData\Roaming\Skype
2015-11-22 17:40 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-11-22 17:22 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-17 12:36 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-17 12:34 - 2014-04-03 00:13 - 00000000 ____D C:\Program Files\MSBuild
2015-11-17 12:22 - 2014-04-03 00:13 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-16 19:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-16 18:02 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
Einige Dateien in TEMP:
====================
C:\Users\Anni Blask\AppData\Local\Temp\avgnt.exe
C:\Users\Anni Blask\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-06 17:41
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-12-2015
durchgeführt von Anni Blask (2015-12-11 16:06:58)
Gestartet von C:\Users\Anni Blask\Downloads
Windows 8.1 (X64) (2015-04-06 09:57:20)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2899336889-42798528-283681265-500 - Administrator - Disabled)
Anni Blask (S-1-5-21-2899336889-42798528-283681265-1001 - Administrator - Enabled) => C:\Users\Anni Blask
Gast (S-1-5-21-2899336889-42798528-283681265-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3606 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3305 - CyberLink Corp.)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{094D6E27-97CC-447E-8660-56F75CFC1E00}) (Version: 11.1.20702.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{C178F0A7-86C8-4BE0-8401-3BC4F6E12F81}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6498.0 - IDT)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.44.8258 - Intel(R) Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31125 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.31125 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{3682f425-c5f9-4fd6-b36a-793f4606b68f}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{8A69F02D-A72B-AEE6-1CD3-6B05B9F9DD83}) (Version: 11.0.742.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.34.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21242 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.16.2 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
18-11-2015 16:31:48 Removed Bonjour
26-11-2015 14:59:08 Geplanter Prüfpunkt
06-12-2015 19:00:02 Geplanter Prüfpunkt
10-12-2015 22:28:16 Removed Visual Studio 2012 x64 Redistributables
11-12-2015 11:14:45 JRT Pre-Junkware Removal
11-12-2015 11:15:26 JRT Pre-Junkware Removal
11-12-2015 11:30:27 Revo Uninstaller's restore point - CyberLink YouCam
11-12-2015 11:31:08 Konfiguriert YouCam
11-12-2015 15:32:25 Revo Uninstaller's restore point - Secure Download Manager
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {18CFC75D-D3B3-4793-9E83-C318F315C787} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-13] (Microsoft Corporation)
Task: {31111AD1-0414-4A65-8E2A-F2038CA6A0FD} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {4DD0FE3C-4657-4424-BE4F-7C166CC78435} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {663CCF03-FAA2-4683-81AA-C0671AEF133A} - System32\Tasks\{C694253A-B1AE-4A42-95CD-514800100869} => pcalua.exe -a "C:\Users\Anni Blask\AppData\Roaming\SpeedMon\speedmon.exe" -c /uninstall
Task: {962EE93E-D1CD-4669-9C4C-FDBB2DC593F8} - System32\Tasks\{3B0E6C7C-3F3C-4960-8552-02A8883E3B73} => Firefox.exe hxxp://ui.skype.com/ui/0/7.12.0.101/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {A740DFB6-E7C4-4FF8-A86F-CAA95BB91B25} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {C9F0FFF4-F404-4935-B48F-81D2E3763EFF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {CF673C33-3AFF-4FE2-AA28-00E0858D3994} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {D8C8D4DE-BC3A-4C39-AF49-394E31058B1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {DE7A0D87-1FB3-43FA-8F88-6B345231E4F9} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {E4C39BE2-4A38-418E-8510-397D2A8802D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-14 11:23 - 2013-10-14 11:23 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 11:24 - 2013-10-14 11:24 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-10-14 11:25 - 2013-10-14 11:25 - 02541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 11:22 - 2013-10-14 11:22 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 11:35 - 2013-10-14 11:35 - 01297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-04-07 19:21 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-27 19:05 - 2013-09-17 12:19 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2899336889-42798528-283681265-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img11.jpg
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img11.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "DnsBlock"
HKU\S-1-5-21-2899336889-42798528-283681265-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2899336889-42798528-283681265-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2899336889-42798528-283681265-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8030F42C-16DB-4013-94F0-1436255BB821}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{7C2E3CED-CC63-4B0D-A441-4C20BFD5A318}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{2E2E3C57-EA27-4987-8518-332F4394C2BA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{0A81E774-3D92-4738-A917-7F25650529B7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{7527666A-984E-4C17-B7A7-5D8A71CADB47}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{672FC62C-079D-469D-A6C9-A0D2254531D8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{95699018-1674-478E-BC38-47CEEE2DCC20}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C0571ED8-235E-474C-B53A-AC706BBC91F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{602E53F7-7FCD-41BE-B209-53E44CFF46B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{63EF34BE-42D3-4948-8A36-853E2541F326}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FE3C967B-F6BB-4C0E-9D31-66077F0F1D6E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2B960C70-A234-4CD6-BE58-FF279313E669}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{11674471-48E1-4174-880E-C384BF544EBC}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0AE95B10-D9A5-4002-B85F-A60A914D48C2}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{BDB329DA-01F2-4650-9020-9167C8A30E2E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{4916F6BF-36DA-44DB-91E4-0CD39B2920D9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DDD55130-B68D-4D3F-940B-9F78D124A704}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DF691D3-329B-4156-8D8D-A207E38B52F9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{10BB0D7A-11F1-43BC-B4A5-B86B75F600FD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{44D276E3-E6CC-4871-8BD7-9D9BEE65D52A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{73985E9D-C4A6-4F98-B4C1-53306B63A9B5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/11/2015 03:31:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (12/11/2015 11:20:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (12/11/2015 11:20:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (12/11/2015 11:20:40 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (12/11/2015 11:20:40 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (12/10/2015 11:30:21 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-2899336889-42798528-283681265-1001}/">.
Error: (12/10/2015 11:30:04 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-2899336889-42798528-283681265-1001}/">.
Error: (12/10/2015 05:53:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 42.0.0.5780 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11fc
Startzeit: 01d13367edfaa42d
Endzeit: 76
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 7a2d56ca-9f5e-11e5-826b-d0bf9c24d770
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/10/2015 02:40:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/10/2015 02:38:45 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Systemfehler:
=============
Error: (12/11/2015 11:21:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (12/11/2015 11:21:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANNIBL~1\AppData\Local\Temp\ehdrv.sys
Error: (12/11/2015 11:21:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (12/11/2015 11:21:04 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANNIBL~1\AppData\Local\Temp\ehdrv.sys
Error: (12/11/2015 11:21:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (12/11/2015 11:21:04 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\ANNIBL~1\AppData\Local\Temp\ehdrv.sys
Error: (12/11/2015 11:11:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/11/2015 11:10:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/11/2015 11:10:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/11/2015 11:10:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 4012.27 MB
Verfügbarer physikalischer RAM: 2386.37 MB
Summe virtueller Speicher: 4716.27 MB
Verfügbarer virtueller Speicher: 2865.95 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:448.57 GB) (Free:399.26 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.17 GB) (Free:1.63 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1E1F4777)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
11.12.2015, 16:17
| #4 |
| | Istartpageing.com Virus auf Rechner Und hier die TDSSKiller: Code:
ATTFilter 16:09:45.0181 0x1318 TDSS rootkit removing tool 3.1.0.8 Dec 5 2015 01:19:03
16:09:45.0181 0x1318 UEFI system
16:09:55.0848 0x1318 ============================================================
16:09:55.0849 0x1318 Current date / time: 2015/12/11 16:09:55.0848
16:09:55.0849 0x1318 SystemInfo:
16:09:55.0849 0x1318
16:09:55.0849 0x1318 OS Version: 6.3.9600 ServicePack: 0.0
16:09:55.0849 0x1318 Product type: Workstation
16:09:55.0849 0x1318 ComputerName: ANNI
16:09:55.0849 0x1318 UserName: Anni Blask
16:09:55.0849 0x1318 Windows directory: C:\Windows
16:09:55.0849 0x1318 System windows directory: C:\Windows
16:09:55.0849 0x1318 Running under WOW64
16:09:55.0849 0x1318 Processor architecture: Intel x64
16:09:55.0849 0x1318 Number of processors: 4
16:09:55.0849 0x1318 Page size: 0x1000
16:09:55.0849 0x1318 Boot type: Normal boot
16:09:55.0849 0x1318 ============================================================
16:09:56.0544 0x1318 KLMD registered as C:\Windows\system32\drivers\95049476.sys
16:09:56.0907 0x1318 System UUID: {22AC08BD-3DD7-B2D2-5FEA-BA272D742D48}
16:09:57.0926 0x1318 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:09:57.0958 0x1318 ============================================================
16:09:57.0958 0x1318 \Device\Harddisk0\DR0:
16:09:57.0959 0x1318 GPT partitions:
16:09:57.0960 0x1318 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {133ED07E-22E5-4308-9315-DE26E42B5723}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000
16:09:57.0960 0x1318 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {76ED9E1C-9934-441B-8EC3-0C33302E6B4D}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000
16:09:57.0960 0x1318 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {B2777725-0001-4796-BEB7-844B4879B106}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000
16:09:57.0960 0x1318 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {67397706-7B17-462B-BD2A-9031C35159B6}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0x38123000
16:09:57.0960 0x1318 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {78788AEA-9523-4071-B251-C32D9D9D523C}, Name: Basic data partition, StartLBA 0x3832A800, BlocksNum 0x2059000
16:09:57.0960 0x1318 MBR partitions:
16:09:57.0960 0x1318 ============================================================
16:09:57.0981 0x1318 C: <-> \Device\Harddisk0\DR0\Partition4
16:09:58.0056 0x1318 D: <-> \Device\Harddisk0\DR0\Partition5
16:09:58.0056 0x1318 ============================================================
16:09:58.0056 0x1318 Initialize success
16:09:58.0056 0x1318 ============================================================
16:10:31.0544 0x01e8 ============================================================
16:10:31.0544 0x01e8 Scan started
16:10:31.0544 0x01e8 Mode: Manual; SigCheck; TDLFS;
16:10:31.0544 0x01e8 ============================================================
16:10:31.0544 0x01e8 KSN ping started
16:10:33.0872 0x01e8 KSN ping finished: true
16:10:37.0856 0x01e8 ================ Scan system memory ========================
16:10:37.0856 0x01e8 System memory - ok
16:10:37.0856 0x01e8 ================ Scan services =============================
16:10:38.0028 0x01e8 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
16:10:38.0216 0x01e8 1394ohci - ok
16:10:38.0262 0x01e8 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
16:10:38.0294 0x01e8 3ware - ok
16:10:38.0325 0x01e8 [ F39180029723D7779C80360F9E255709, F4831FEE79AAF4DB66BF58D3F89B8A6DD8F38CD546B3C653BFF7052DDA112CC6 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:10:38.0341 0x01e8 Accelerometer - ok
16:10:38.0419 0x01e8 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:10:38.0481 0x01e8 ACPI - ok
16:10:38.0512 0x01e8 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
16:10:38.0544 0x01e8 acpiex - ok
16:10:38.0559 0x01e8 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
16:10:38.0591 0x01e8 acpipagr - ok
16:10:38.0591 0x01e8 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
16:10:38.0622 0x01e8 AcpiPmi - ok
16:10:38.0637 0x01e8 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
16:10:38.0653 0x01e8 acpitime - ok
16:10:38.0731 0x01e8 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
16:10:38.0809 0x01e8 ADP80XX - ok
16:10:38.0872 0x01e8 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:10:38.0919 0x01e8 AeLookupSvc - ok
16:10:38.0981 0x01e8 [ 7C7BE474915166B61B84C025F1F10157, 41F5E2C29F602D272138A6FA0E0FC3369491DABEFF123EF3914613979BA6BDA8 ] AFD C:\Windows\system32\drivers\afd.sys
16:10:39.0044 0x01e8 AFD - ok
16:10:39.0075 0x01e8 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:10:39.0106 0x01e8 agp440 - ok
16:10:39.0138 0x01e8 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
16:10:39.0153 0x01e8 ahcache - ok
16:10:39.0184 0x01e8 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe
16:10:39.0231 0x01e8 ALG - ok
16:10:39.0263 0x01e8 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
16:10:39.0294 0x01e8 AmdK8 - ok
16:10:39.0309 0x01e8 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
16:10:39.0341 0x01e8 AmdPPM - ok
16:10:39.0356 0x01e8 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:10:39.0388 0x01e8 amdsata - ok
16:10:39.0419 0x01e8 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:10:39.0466 0x01e8 amdsbs - ok
16:10:39.0481 0x01e8 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:10:39.0497 0x01e8 amdxata - ok
16:10:39.0809 0x01e8 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
16:10:39.0903 0x01e8 AntiVirMailService - ok
16:10:40.0028 0x01e8 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
16:10:40.0075 0x01e8 AntiVirSchedulerService - ok
16:10:40.0138 0x01e8 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
16:10:40.0184 0x01e8 AntiVirService - ok
16:10:40.0278 0x01e8 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
16:10:40.0388 0x01e8 AntiVirWebService - ok
16:10:40.0434 0x01e8 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
16:10:40.0466 0x01e8 AppHostSvc - ok
16:10:40.0497 0x01e8 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\Windows\system32\drivers\appid.sys
16:10:40.0528 0x01e8 AppID - ok
16:10:40.0559 0x01e8 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:10:40.0575 0x01e8 AppIDSvc - ok
16:10:40.0591 0x01e8 [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo C:\Windows\System32\appinfo.dll
16:10:40.0638 0x01e8 Appinfo - ok
16:10:40.0684 0x01e8 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\Windows\system32\AppReadiness.dll
16:10:40.0747 0x01e8 AppReadiness - ok
16:10:40.0841 0x01e8 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
16:10:40.0966 0x01e8 AppXSvc - ok
16:10:40.0997 0x01e8 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:10:41.0028 0x01e8 arcsas - ok
16:10:41.0122 0x01e8 [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:10:41.0153 0x01e8 aspnet_state - ok
16:10:41.0184 0x01e8 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
16:10:41.0216 0x01e8 atapi - ok
16:10:41.0247 0x01e8 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
16:10:41.0309 0x01e8 AudioEndpointBuilder - ok
16:10:41.0372 0x01e8 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:10:41.0450 0x01e8 Audiosrv - ok
16:10:41.0497 0x01e8 [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:10:41.0528 0x01e8 avgntflt - ok
16:10:41.0544 0x01e8 [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:10:41.0575 0x01e8 avipbb - ok
16:10:41.0731 0x01e8 [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
16:10:41.0763 0x01e8 Avira.ServiceHost - ok
16:10:41.0778 0x01e8 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:10:41.0809 0x01e8 avkmgr - ok
16:10:41.0825 0x01e8 [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
16:10:41.0841 0x01e8 avnetflt - ok
16:10:41.0981 0x01e8 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:10:42.0028 0x01e8 AxInstSV - ok
16:10:42.0091 0x01e8 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:10:42.0153 0x01e8 b06bdrv - ok
16:10:42.0200 0x01e8 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
16:10:42.0231 0x01e8 BasicDisplay - ok
16:10:42.0247 0x01e8 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
16:10:42.0278 0x01e8 BasicRender - ok
16:10:42.0309 0x01e8 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
16:10:42.0325 0x01e8 bcmfn2 - ok
16:10:42.0372 0x01e8 [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC C:\Windows\System32\bdesvc.dll
16:10:42.0403 0x01e8 BDESVC - ok
16:10:42.0434 0x01e8 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
16:10:42.0450 0x01e8 Beep - ok
16:10:42.0528 0x01e8 [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE C:\Windows\System32\bfe.dll
16:10:42.0606 0x01e8 BFE - ok
16:10:42.0700 0x01e8 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll
16:10:42.0903 0x01e8 BITS - ok
16:10:42.0934 0x01e8 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:10:42.0966 0x01e8 bowser - ok
16:10:42.0997 0x01e8 [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
16:10:43.0044 0x01e8 BrokerInfrastructure - ok
16:10:43.0059 0x01e8 [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\Windows\System32\browser.dll
16:10:43.0106 0x01e8 Browser - ok
16:10:43.0122 0x01e8 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
16:10:43.0153 0x01e8 BthAvrcpTg - ok
16:10:43.0200 0x01e8 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
16:10:43.0247 0x01e8 BthEnum - ok
16:10:43.0263 0x01e8 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
16:10:43.0278 0x01e8 BthHFEnum - ok
16:10:43.0294 0x01e8 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
16:10:43.0325 0x01e8 bthhfhid - ok
16:10:43.0356 0x01e8 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
16:10:43.0388 0x01e8 BthLEEnum - ok
16:10:43.0419 0x01e8 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
16:10:43.0450 0x01e8 BTHMODEM - ok
16:10:43.0466 0x01e8 [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:10:43.0497 0x01e8 BthPan - ok
16:10:43.0622 0x01e8 [ 92370F46AF28D54B67C135FA8C2AFCFC, B1C0DBF27D392DEA8786AB9479C6CCD5A5DBDF3BE25ABA5FC7C6DB6D3EEE739B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:10:43.0747 0x01e8 BTHPORT - ok
16:10:43.0763 0x01e8 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll
16:10:43.0794 0x01e8 bthserv - ok
16:10:43.0825 0x01e8 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:10:43.0872 0x01e8 BTHUSB - ok
16:10:43.0950 0x01e8 [ DEE40211AA700A0A9D7F95EC38DE0714, F3926D92D940311D7E1E7E656116B1B48C4D6B3AFC35017658C4EC3D0A33EF40 ] Cachedrv server C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
16:10:43.0966 0x01e8 Cachedrv server - detected UnsignedFile.Multi.Generic ( 1 )
16:10:54.0153 0x01e8 Cachedrv server ( UnsignedFile.Multi.Generic ) - warning
16:10:54.0153 0x01e8 Force sending object to P2P due to detect: Cachedrv server
16:10:54.0200 0x01e8 Object send P2P result: false
16:10:54.0294 0x01e8 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:10:54.0325 0x01e8 cdfs - ok
16:10:54.0356 0x01e8 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
16:10:54.0388 0x01e8 cdrom - ok
16:10:54.0419 0x01e8 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll
16:10:54.0466 0x01e8 CertPropSvc - ok
16:10:54.0497 0x01e8 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
16:10:54.0528 0x01e8 circlass - ok
16:10:54.0575 0x01e8 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\Windows\system32\drivers\CLFS.sys
16:10:54.0622 0x01e8 CLFS - ok
16:10:54.0888 0x01e8 [ 92547C9A6C5E9A3BEC689486C4885C4B, AB56F0BB2CBAB9AA6EA2E12F04F192271762DEBD7F6FBFB8CFAB6BA23121C295 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
16:10:55.0075 0x01e8 ClickToRunSvc - ok
16:10:55.0185 0x01e8 [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
16:10:55.0200 0x01e8 CLVirtualDrive - ok
16:10:55.0216 0x01e8 clwvd - ok
16:10:55.0247 0x01e8 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
16:10:55.0278 0x01e8 CmBatt - ok
16:10:55.0341 0x01e8 [ 593CA2F3E870D586C20A332171988AFF, A811C1ED00E616D0F752EB35D03DD4CA852503D4B8553B99EBE1212D915E7448 ] CNG C:\Windows\system32\Drivers\cng.sys
16:10:55.0403 0x01e8 CNG - ok
16:10:55.0419 0x01e8 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
16:10:55.0450 0x01e8 CompositeBus - ok
16:10:55.0450 0x01e8 COMSysApp - ok
16:10:55.0481 0x01e8 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
16:10:55.0497 0x01e8 condrv - ok
16:10:55.0591 0x01e8 [ 07519E3097517BAFBC19BFD0E20EFB36, 145E0518D296A198383328B9F0CBBE83B08C84FD43546C643938DE7A9DF6A8B0 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:10:55.0638 0x01e8 cphs - ok
16:10:55.0669 0x01e8 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:10:55.0716 0x01e8 CryptSvc - ok
16:10:55.0810 0x01e8 [ F2099D2D7B6085D94FB597FA39356D08, BCC73C9BA642E0DAB97D184486F4006B78EFE98131C92AB48AC77295DBDA347E ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
16:10:55.0825 0x01e8 CyberLink PowerDVD 12 Media Server Monitor Service - ok
16:10:55.0856 0x01e8 [ CA27F20A09B6500482AC2F5B3DB488CF, 4D946F6163DBEEB93E9DA54B056032C3A6B5C2215A2FB0CCFEB0789BC74BB2C9 ] CyberLink PowerDVD 12 Media Server Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
16:10:55.0919 0x01e8 CyberLink PowerDVD 12 Media Server Service - ok
16:10:55.0950 0x01e8 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
16:10:55.0997 0x01e8 dam - ok
16:10:56.0075 0x01e8 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:10:56.0231 0x01e8 DcomLaunch - ok
16:10:56.0294 0x01e8 [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc C:\Windows\System32\defragsvc.dll
16:10:56.0388 0x01e8 defragsvc - ok
16:10:56.0450 0x01e8 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
16:10:56.0528 0x01e8 DeviceAssociationService - ok
16:10:56.0544 0x01e8 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
16:10:56.0575 0x01e8 DeviceInstall - ok
16:10:56.0607 0x01e8 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
16:10:56.0653 0x01e8 Dfsc - ok
16:10:56.0685 0x01e8 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
16:10:56.0716 0x01e8 dg_ssudbus - ok
16:10:56.0763 0x01e8 [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:10:56.0810 0x01e8 Dhcp - ok
16:10:56.0841 0x01e8 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
16:10:56.0872 0x01e8 disk - ok
16:10:56.0888 0x01e8 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
16:10:56.0919 0x01e8 dmvsc - ok
16:10:56.0966 0x01e8 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:10:57.0013 0x01e8 Dnscache - ok
16:10:57.0044 0x01e8 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll
16:10:57.0091 0x01e8 dot3svc - ok
16:10:57.0106 0x01e8 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll
16:10:57.0169 0x01e8 DPS - ok
16:10:57.0200 0x01e8 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:10:57.0216 0x01e8 drmkaud - ok
16:10:57.0278 0x01e8 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
16:10:57.0341 0x01e8 DsmSvc - ok
16:10:57.0466 0x01e8 [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:10:57.0607 0x01e8 DXGKrnl - ok
16:10:57.0622 0x01e8 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll
16:10:57.0669 0x01e8 Eaphost - ok
16:10:57.0888 0x01e8 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:10:58.0138 0x01e8 ebdrv - ok
16:10:58.0169 0x01e8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe
16:10:58.0200 0x01e8 EFS - ok
16:10:58.0216 0x01e8 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
16:10:58.0247 0x01e8 EhStorClass - ok
16:10:58.0263 0x01e8 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
16:10:58.0294 0x01e8 EhStorTcgDrv - ok
16:10:58.0325 0x01e8 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
16:10:58.0341 0x01e8 ErrDev - ok
16:10:58.0403 0x01e8 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll
16:10:58.0450 0x01e8 EventSystem - ok
16:10:58.0482 0x01e8 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
16:10:58.0544 0x01e8 exfat - ok
16:10:58.0560 0x01e8 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:10:58.0607 0x01e8 fastfat - ok
16:10:58.0653 0x01e8 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe
16:10:58.0716 0x01e8 Fax - ok
16:10:58.0732 0x01e8 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
16:10:58.0763 0x01e8 fdc - ok
16:10:58.0778 0x01e8 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll
16:10:58.0810 0x01e8 fdPHost - ok
16:10:58.0825 0x01e8 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll
16:10:58.0872 0x01e8 FDResPub - ok
16:10:58.0888 0x01e8 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll
16:10:58.0919 0x01e8 fhsvc - ok
16:10:58.0950 0x01e8 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:10:58.0982 0x01e8 FileInfo - ok
16:10:58.0982 0x01e8 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:10:59.0028 0x01e8 Filetrace - ok
16:10:59.0091 0x01e8 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
16:10:59.0122 0x01e8 flpydisk - ok
16:10:59.0169 0x01e8 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:10:59.0247 0x01e8 FltMgr - ok
16:10:59.0341 0x01e8 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\Windows\system32\FntCache.dll
16:10:59.0450 0x01e8 FontCache - ok
16:10:59.0528 0x01e8 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:10:59.0544 0x01e8 FontCache3.0.0.0 - ok
16:10:59.0575 0x01e8 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:10:59.0607 0x01e8 FsDepends - ok
16:10:59.0622 0x01e8 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:10:59.0638 0x01e8 Fs_Rec - ok
16:10:59.0747 0x01e8 [ 895BA1CFF25E867CE5A52073E905C93B, A417065E831B768BD76364EC1E5FEDAADF172DCD1E6C2A134CB311EDDC2DC477 ] fussvc C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
16:10:59.0763 0x01e8 fussvc - detected UnsignedFile.Multi.Generic ( 1 )
16:10:59.0763 0x01e8 fussvc ( UnsignedFile.Multi.Generic ) - warning
16:10:59.0825 0x01e8 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:10:59.0888 0x01e8 fvevol - ok
16:10:59.0903 0x01e8 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
16:10:59.0935 0x01e8 FxPPM - ok
16:10:59.0966 0x01e8 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:10:59.0982 0x01e8 gagp30kx - ok
16:11:00.0013 0x01e8 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
16:11:00.0028 0x01e8 gencounter - ok
16:11:00.0060 0x01e8 [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
16:11:00.0091 0x01e8 GPIOClx0101 - ok
16:11:00.0185 0x01e8 [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc C:\Windows\System32\gpsvc.dll
16:11:00.0294 0x01e8 gpsvc - ok
16:11:00.0341 0x01e8 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:11:00.0388 0x01e8 HdAudAddService - ok
16:11:00.0419 0x01e8 [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
16:11:00.0450 0x01e8 HDAudBus - ok
16:11:00.0466 0x01e8 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
16:11:00.0482 0x01e8 HidBatt - ok
16:11:00.0513 0x01e8 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\Windows\System32\drivers\hidbth.sys
16:11:00.0544 0x01e8 HidBth - ok
16:11:00.0544 0x01e8 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
16:11:00.0575 0x01e8 hidi2c - ok
16:11:00.0575 0x01e8 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
16:11:00.0607 0x01e8 HidIr - ok
16:11:00.0622 0x01e8 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll
16:11:00.0653 0x01e8 hidserv - ok
16:11:00.0685 0x01e8 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
16:11:00.0700 0x01e8 HidUsb - ok
16:11:00.0732 0x01e8 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:11:00.0763 0x01e8 hkmsvc - ok
16:11:00.0794 0x01e8 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:11:00.0841 0x01e8 HomeGroupListener - ok
16:11:00.0888 0x01e8 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:11:00.0935 0x01e8 HomeGroupProvider - ok
16:11:00.0966 0x01e8 [ 8B8E6BD988EAF18C1B86704BF05E5C03, 84052C116032F3DC47B0D3A7A8FC8E86DF94DDB3136C866D8FC8A3DF23209DEC ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:11:00.0982 0x01e8 hpdskflt - ok
16:11:01.0091 0x01e8 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:11:01.0185 0x01e8 hpqwmiex - ok
16:11:01.0232 0x01e8 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:11:01.0263 0x01e8 HpSAMD - ok
16:11:01.0278 0x01e8 [ 0865F178E272C682B0689F1AA269128D, F8CC23EA339F0C917C3948FF35BEFE10664CCFF8796954898E41F4EC1618E5E1 ] hpsrv C:\Windows\system32\Hpservice.exe
16:11:01.0310 0x01e8 hpsrv - ok
16:11:01.0388 0x01e8 [ F5F3F27E5823A4DF0193CC2534029742, F0126009F8CE9B85A2E9CFC257D1A3117B1CD5A739369502576B1CDF49E1DF85 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
16:11:01.0466 0x01e8 HPWMISVC - ok
16:11:01.0544 0x01e8 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:11:01.0638 0x01e8 HTTP - ok
16:11:01.0669 0x01e8 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:11:01.0685 0x01e8 hwpolicy - ok
16:11:01.0700 0x01e8 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
16:11:01.0732 0x01e8 hyperkbd - ok
16:11:01.0732 0x01e8 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
16:11:01.0763 0x01e8 HyperVideo - ok
16:11:01.0778 0x01e8 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
16:11:01.0810 0x01e8 i8042prt - ok
16:11:01.0825 0x01e8 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
16:11:01.0841 0x01e8 iaLPSSi_GPIO - ok
16:11:01.0857 0x01e8 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
16:11:01.0872 0x01e8 iaLPSSi_I2C - ok
16:11:01.0935 0x01e8 [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
16:11:01.0997 0x01e8 iaStorA - ok
16:11:02.0060 0x01e8 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
16:11:02.0122 0x01e8 iaStorAV - ok
16:11:02.0185 0x01e8 [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:11:02.0200 0x01e8 IAStorDataMgrSvc - ok
16:11:02.0247 0x01e8 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:11:02.0310 0x01e8 iaStorV - ok
16:11:02.0310 0x01e8 IEEtwCollectorService - ok
16:11:02.0575 0x01e8 [ 40E022751ECBBAEAB90C199F3B8358FC, 3C8B150AA67029ADF3221E76B37B9E277F38059EAF9F3E0EA380144600039156 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:11:02.0872 0x01e8 igfx - ok
16:11:02.0966 0x01e8 [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT C:\Windows\System32\ikeext.dll
16:11:03.0060 0x01e8 IKEEXT - ok
16:11:03.0091 0x01e8 [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:11:03.0107 0x01e8 intaud_WaveExtensible - ok
16:11:03.0169 0x01e8 [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:11:03.0216 0x01e8 IntcDAud - ok
16:11:03.0294 0x01e8 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:11:03.0341 0x01e8 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
16:11:03.0341 0x01e8 Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - warning
16:11:03.0403 0x01e8 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
16:11:03.0482 0x01e8 Intel(R) Capability Licensing Service TCP IP Interface - ok
16:11:03.0528 0x01e8 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
16:11:03.0560 0x01e8 Intel(R) ME Service - ok
16:11:03.0591 0x01e8 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
16:11:03.0607 0x01e8 intelide - ok
16:11:03.0653 0x01e8 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\Windows\system32\drivers\intelpep.sys
16:11:03.0669 0x01e8 intelpep - ok
16:11:03.0685 0x01e8 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
16:11:03.0716 0x01e8 intelppm - ok
16:11:03.0778 0x01e8 [ EA6080592F2F2B9478D4E1B4D3D9791B, 7EFC55B45ECED145EC0DC2C7494BEAD1E753304C64F6210A2A0B60F54E9000AC ] intelsba C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
16:11:03.0794 0x01e8 intelsba - ok
16:11:03.0810 0x01e8 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:11:03.0857 0x01e8 IpFilterDriver - ok
16:11:03.0935 0x01e8 [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:11:04.0013 0x01e8 iphlpsvc - ok
16:11:04.0044 0x01e8 [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
16:11:04.0075 0x01e8 IPMIDRV - ok
16:11:04.0107 0x01e8 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:11:04.0138 0x01e8 IPNAT - ok
16:11:04.0153 0x01e8 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:11:04.0185 0x01e8 IRENUM - ok
16:11:04.0185 0x01e8 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:11:04.0216 0x01e8 isapnp - ok
16:11:04.0278 0x01e8 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
16:11:04.0310 0x01e8 iScsiPrt - ok
16:11:04.0357 0x01e8 [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
16:11:04.0372 0x01e8 iwdbus - ok
16:11:04.0419 0x01e8 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:11:04.0435 0x01e8 jhi_service - ok
16:11:04.0466 0x01e8 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
16:11:04.0497 0x01e8 kbdclass - ok
16:11:04.0513 0x01e8 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
16:11:04.0528 0x01e8 kbdhid - ok
16:11:04.0560 0x01e8 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
16:11:04.0575 0x01e8 kdnic - ok
16:11:04.0591 0x01e8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe
16:11:04.0622 0x01e8 KeyIso - ok
16:11:04.0638 0x01e8 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:11:04.0669 0x01e8 KSecDD - ok
16:11:04.0700 0x01e8 [ 24F7908334185E342729B883DA5DFA84, D80AED7B43971BF9B53C4128D602DA1B39BC55666D4FCB2FDF40732358A837C2 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:11:04.0747 0x01e8 KSecPkg - ok
16:11:04.0763 0x01e8 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:11:04.0794 0x01e8 ksthunk - ok
16:11:04.0841 0x01e8 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:11:04.0888 0x01e8 KtmRm - ok
16:11:04.0950 0x01e8 [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:11:04.0982 0x01e8 LanmanServer - ok
16:11:05.0028 0x01e8 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:11:05.0075 0x01e8 LanmanWorkstation - ok
16:11:05.0122 0x01e8 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
16:11:05.0169 0x01e8 lfsvc - ok
16:11:05.0200 0x01e8 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:11:05.0232 0x01e8 lltdio - ok
16:11:05.0263 0x01e8 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:11:05.0310 0x01e8 lltdsvc - ok
16:11:05.0325 0x01e8 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:11:05.0357 0x01e8 lmhosts - ok
16:11:05.0403 0x01e8 [ 08E2B577DB95156F9A658C988EE71F5D, D229FFD97EE9478169D2418A722FD2AD6AD10108FF1B0156BE9A1ADF38B5633A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:11:05.0450 0x01e8 LMS - ok
16:11:05.0482 0x01e8 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:11:05.0513 0x01e8 LSI_SAS - ok
16:11:05.0529 0x01e8 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:11:05.0560 0x01e8 LSI_SAS2 - ok
16:11:05.0575 0x01e8 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
16:11:05.0591 0x01e8 LSI_SAS3 - ok
16:11:05.0607 0x01e8 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
16:11:05.0638 0x01e8 LSI_SSS - ok
16:11:05.0700 0x01e8 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\Windows\System32\lsm.dll
16:11:05.0763 0x01e8 LSM - ok
16:11:05.0794 0x01e8 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
16:11:05.0825 0x01e8 luafv - ok
16:11:05.0857 0x01e8 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:11:05.0872 0x01e8 MBAMProtector - ok
16:11:06.0013 0x01e8 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
16:11:06.0091 0x01e8 MBAMService - ok
16:11:06.0122 0x01e8 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:11:06.0138 0x01e8 MBAMWebAccessControl - ok
16:11:06.0169 0x01e8 mcbootdelaystartsvc - ok
16:11:06.0216 0x01e8 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
16:11:06.0232 0x01e8 megasas - ok
16:11:06.0310 0x01e8 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
16:11:06.0372 0x01e8 megasr - ok
16:11:06.0419 0x01e8 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
16:11:06.0435 0x01e8 MEIx64 - ok
16:11:06.0482 0x01e8 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll
16:11:06.0497 0x01e8 MMCSS - ok
16:11:06.0528 0x01e8 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
16:11:06.0560 0x01e8 Modem - ok
16:11:06.0575 0x01e8 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
16:11:06.0591 0x01e8 monitor - ok
16:11:06.0622 0x01e8 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\Windows\System32\drivers\mouclass.sys
16:11:06.0653 0x01e8 mouclass - ok
16:11:06.0669 0x01e8 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\Windows\System32\drivers\mouhid.sys
16:11:06.0700 0x01e8 mouhid - ok
16:11:06.0716 0x01e8 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:11:06.0747 0x01e8 mountmgr - ok
16:11:06.0779 0x01e8 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:11:06.0810 0x01e8 MozillaMaintenance - ok
16:11:06.0825 0x01e8 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:11:06.0857 0x01e8 mpsdrv - ok
16:11:06.0935 0x01e8 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:11:07.0013 0x01e8 MpsSvc - ok
16:11:07.0044 0x01e8 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:11:07.0075 0x01e8 MRxDAV - ok
16:11:07.0138 0x01e8 [ 0696F66E4D423793951A60562F794D14, E808E4E160C019F2F10762758F48C4565037974775CD267DF06B8B4A2CE26705 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:11:07.0185 0x01e8 mrxsmb - ok
16:11:07.0216 0x01e8 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:11:07.0247 0x01e8 mrxsmb10 - ok
16:11:07.0279 0x01e8 [ DBA635C6398782C549E3BE45CF1D0411, E9806E075F401D3E7357E876C7F941F7DAFFBBEE065DC3FE556014F5D92EDAC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:11:07.0310 0x01e8 mrxsmb20 - ok
16:11:07.0357 0x01e8 [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
16:11:07.0388 0x01e8 MsBridge - ok
16:11:07.0403 0x01e8 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe
16:11:07.0450 0x01e8 MSDTC - ok
16:11:07.0482 0x01e8 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:11:07.0513 0x01e8 Msfs - ok
16:11:07.0529 0x01e8 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
16:11:07.0560 0x01e8 msgpiowin32 - ok
16:11:07.0575 0x01e8 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:11:07.0607 0x01e8 mshidkmdf - ok
16:11:07.0622 0x01e8 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
16:11:07.0638 0x01e8 mshidumdf - ok
16:11:07.0653 0x01e8 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:11:07.0685 0x01e8 msisadrv - ok
16:11:07.0716 0x01e8 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:11:07.0747 0x01e8 MSiSCSI - ok
16:11:07.0747 0x01e8 msiserver - ok
16:11:07.0763 0x01e8 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:11:07.0794 0x01e8 MSKSSRV - ok
16:11:07.0825 0x01e8 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
16:11:07.0857 0x01e8 MsLldp - ok
16:11:07.0857 0x01e8 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:11:07.0888 0x01e8 MSPCLOCK - ok
16:11:07.0904 0x01e8 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:11:07.0919 0x01e8 MSPQM - ok
16:11:07.0950 0x01e8 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:11:07.0997 0x01e8 MsRPC - ok
16:11:08.0013 0x01e8 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
16:11:08.0044 0x01e8 mssmbios - ok
16:11:08.0044 0x01e8 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:11:08.0075 0x01e8 MSTEE - ok
16:11:08.0075 0x01e8 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
16:11:08.0107 0x01e8 MTConfig - ok
16:11:08.0122 0x01e8 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
16:11:08.0138 0x01e8 Mup - ok
16:11:08.0154 0x01e8 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
16:11:08.0185 0x01e8 mvumis - ok
16:11:08.0247 0x01e8 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll
16:11:08.0310 0x01e8 napagent - ok
16:11:08.0341 0x01e8 [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:11:08.0388 0x01e8 NativeWifiP - ok
16:11:08.0419 0x01e8 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll
16:11:08.0466 0x01e8 NcaSvc - ok
16:11:08.0482 0x01e8 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll
16:11:08.0513 0x01e8 NcbService - ok
16:11:08.0513 0x01e8 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
16:11:08.0591 0x01e8 NcdAutoSetup - ok
16:11:08.0669 0x01e8 [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS C:\Windows\system32\drivers\ndis.sys
16:11:08.0763 0x01e8 NDIS - ok
16:11:08.0794 0x01e8 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:11:08.0825 0x01e8 NdisCap - ok
16:11:08.0857 0x01e8 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
16:11:08.0888 0x01e8 NdisImPlatform - ok
16:11:08.0904 0x01e8 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:11:08.0935 0x01e8 NdisTapi - ok
16:11:08.0950 0x01e8 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:11:08.0982 0x01e8 Ndisuio - ok
16:11:08.0997 0x01e8 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
16:11:09.0029 0x01e8 NdisVirtualBus - ok
16:11:09.0044 0x01e8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:11:09.0091 0x01e8 NdisWan - ok
16:11:09.0107 0x01e8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
16:11:09.0154 0x01e8 NdisWanLegacy - ok
16:11:09.0154 0x01e8 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:11:09.0200 0x01e8 NDProxy - ok
16:11:09.0216 0x01e8 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys
16:11:09.0247 0x01e8 Ndu - ok
16:11:09.0263 0x01e8 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:11:09.0294 0x01e8 NetBIOS - ok
16:11:09.0325 0x01e8 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:11:09.0372 0x01e8 NetBT - ok
16:11:09.0404 0x01e8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe
16:11:09.0419 0x01e8 Netlogon - ok
16:11:09.0466 0x01e8 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll
16:11:09.0513 0x01e8 Netman - ok
16:11:09.0544 0x01e8 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll
16:11:09.0607 0x01e8 netprofm - ok
16:11:09.0779 0x01e8 [ 76E90502D9001077DA92F81126D06C9B, 9E5B6DD3F1DAF49D303A7B3F6763A25C5F55F1E67A33AA8572204E9105B092EF ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
16:11:09.0935 0x01e8 netr28x - ok
16:11:09.0997 0x01e8 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:11:10.0044 0x01e8 NetTcpPortSharing - ok
16:11:10.0091 0x01e8 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys
16:11:10.0107 0x01e8 netvsc - ok
16:11:10.0169 0x01e8 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
16:11:10.0216 0x01e8 NlaSvc - ok
16:11:10.0232 0x01e8 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:11:10.0279 0x01e8 Npfs - ok
16:11:10.0310 0x01e8 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
16:11:10.0357 0x01e8 npsvctrig - ok
16:11:10.0388 0x01e8 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll
16:11:10.0404 0x01e8 nsi - ok
16:11:10.0419 0x01e8 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:11:10.0450 0x01e8 nsiproxy - ok
16:11:10.0591 0x01e8 [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:11:10.0779 0x01e8 Ntfs - ok
16:11:10.0825 0x01e8 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
16:11:10.0841 0x01e8 Null - ok
16:11:10.0872 0x01e8 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:11:10.0904 0x01e8 nvraid - ok
16:11:10.0919 0x01e8 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:11:10.0950 0x01e8 nvstor - ok
16:11:10.0966 0x01e8 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:11:10.0997 0x01e8 nv_agp - ok
16:11:11.0075 0x01e8 [ 1300D100EF891C98504DE38624D3F639, 3F7D5A1BB725DC224E08EFC0D6A7F579FC78C64554BAF02D58A6624B91D6384E ] omniserv C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
16:11:11.0091 0x01e8 omniserv - detected UnsignedFile.Multi.Generic ( 1 )
16:11:11.0091 0x01e8 omniserv ( UnsignedFile.Multi.Generic ) - warning
16:11:11.0138 0x01e8 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:11:11.0169 0x01e8 ose - ok
16:11:11.0216 0x01e8 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:11:11.0263 0x01e8 p2pimsvc - ok
16:11:11.0294 0x01e8 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll
16:11:11.0357 0x01e8 p2psvc - ok
16:11:11.0388 0x01e8 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
16:11:11.0404 0x01e8 Parport - ok
16:11:11.0435 0x01e8 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:11:11.0466 0x01e8 partmgr - ok
16:11:11.0497 0x01e8 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:11:11.0560 0x01e8 PcaSvc - ok
16:11:11.0591 0x01e8 [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci C:\Windows\system32\drivers\pci.sys
16:11:11.0622 0x01e8 pci - ok
16:11:11.0654 0x01e8 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
16:11:11.0669 0x01e8 pciide - ok
16:11:11.0700 0x01e8 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:11:11.0732 0x01e8 pcmcia - ok
16:11:11.0747 0x01e8 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
16:11:11.0763 0x01e8 pcw - ok
16:11:11.0779 0x01e8 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\Windows\system32\drivers\pdc.sys
16:11:11.0810 0x01e8 pdc - ok
16:11:11.0872 0x01e8 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:11:11.0935 0x01e8 PEAUTH - ok
16:11:12.0013 0x01e8 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:11:12.0044 0x01e8 PerfHost - ok
16:11:12.0169 0x01e8 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll
16:11:12.0294 0x01e8 pla - ok
16:11:12.0341 0x01e8 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:11:12.0372 0x01e8 PlugPlay - ok
16:11:12.0388 0x01e8 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:11:12.0419 0x01e8 PNRPAutoReg - ok
16:11:12.0435 0x01e8 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:11:12.0482 0x01e8 PNRPsvc - ok
16:11:12.0529 0x01e8 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:11:12.0575 0x01e8 PolicyAgent - ok
16:11:12.0607 0x01e8 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll
16:11:12.0638 0x01e8 Power - ok
16:11:12.0841 0x01e8 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:11:13.0044 0x01e8 PrintNotify - ok
16:11:13.0091 0x01e8 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
16:11:13.0122 0x01e8 Processor - ok
16:11:13.0138 0x01e8 [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc C:\Windows\system32\profsvc.dll
16:11:13.0185 0x01e8 ProfSvc - ok
16:11:13.0200 0x01e8 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:11:13.0247 0x01e8 Psched - ok
16:11:13.0294 0x01e8 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll
16:11:13.0341 0x01e8 QWAVE - ok
16:11:13.0357 0x01e8 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:11:13.0388 0x01e8 QWAVEdrv - ok
16:11:13.0419 0x01e8 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:11:13.0435 0x01e8 RasAcd - ok
16:11:13.0466 0x01e8 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll
16:11:13.0513 0x01e8 RasAuto - ok
16:11:13.0575 0x01e8 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\Windows\System32\rasmans.dll
16:11:13.0622 0x01e8 RasMan - ok
16:11:13.0638 0x01e8 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:11:13.0669 0x01e8 RasPppoe - ok
16:11:13.0716 0x01e8 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:11:13.0763 0x01e8 rdbss - ok
16:11:13.0779 0x01e8 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
16:11:13.0810 0x01e8 rdpbus - ok
16:11:13.0825 0x01e8 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:11:13.0857 0x01e8 RDPDR - ok
16:11:13.0904 0x01e8 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:11:13.0919 0x01e8 RdpVideoMiniport - ok
16:11:13.0950 0x01e8 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:11:13.0982 0x01e8 rdyboost - ok
16:11:14.0060 0x01e8 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\Windows\system32\drivers\ReFS.sys
16:11:14.0154 0x01e8 ReFS - ok
16:11:14.0200 0x01e8 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:11:14.0232 0x01e8 RemoteAccess - ok
16:11:14.0279 0x01e8 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:11:14.0357 0x01e8 RemoteRegistry - ok
16:11:14.0404 0x01e8 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:11:14.0450 0x01e8 RFCOMM - ok
16:11:14.0482 0x01e8 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:11:14.0513 0x01e8 RpcEptMapper - ok
16:11:14.0544 0x01e8 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe
16:11:14.0560 0x01e8 RpcLocator - ok
16:11:14.0622 0x01e8 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\Windows\system32\rpcss.dll
16:11:14.0685 0x01e8 RpcSs - ok
16:11:14.0747 0x01e8 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:11:14.0779 0x01e8 rspndr - ok
16:11:14.0872 0x01e8 [ 3B7A94926B52D171C5B515EDECC2118E, 4D3A8F24AAA8DD155BE2B5814701FFE67C367BB29D31D615685277D2DEF0DB0A ] rtbth C:\Windows\System32\drivers\rtbth.sys
16:11:14.0966 0x01e8 rtbth - ok
16:11:15.0075 0x01e8 [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
16:11:15.0154 0x01e8 RTL8168 - ok
16:11:15.0200 0x01e8 [ F95151BE3F9FD74CFE90D1B35CD58062, E5C9079445CAEEDE51FC588D91D16387701682C8902C7C3E24B7A1A5E2D314AD ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys
16:11:15.0232 0x01e8 RTSPER - ok
16:11:15.0263 0x01e8 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
16:11:15.0294 0x01e8 s3cap - ok
16:11:15.0310 0x01e8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe
16:11:15.0341 0x01e8 SamSs - ok
16:11:15.0372 0x01e8 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:11:15.0404 0x01e8 sbp2port - ok
16:11:15.0435 0x01e8 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:11:15.0482 0x01e8 SCardSvr - ok
16:11:15.0497 0x01e8 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
16:11:15.0529 0x01e8 ScDeviceEnum - ok
16:11:15.0560 0x01e8 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:11:15.0591 0x01e8 scfilter - ok
16:11:15.0685 0x01e8 [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule C:\Windows\system32\schedsvc.dll
16:11:15.0779 0x01e8 Schedule - ok
16:11:15.0825 0x01e8 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:11:15.0857 0x01e8 SCPolicySvc - ok
16:11:15.0888 0x01e8 [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\Windows\System32\drivers\sdbus.sys
16:11:15.0935 0x01e8 sdbus - ok
16:11:15.0982 0x01e8 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
16:11:16.0013 0x01e8 sdstor - ok
16:11:16.0029 0x01e8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:11:16.0044 0x01e8 secdrv - ok
16:11:16.0076 0x01e8 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll
16:11:16.0122 0x01e8 seclogon - ok
16:11:16.0138 0x01e8 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll
16:11:16.0185 0x01e8 SENS - ok
16:11:16.0232 0x01e8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsSimulatorDriver C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:16.0263 0x01e8 SensorsSimulatorDriver - ok
16:11:16.0279 0x01e8 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:11:16.0326 0x01e8 SensrSvc - ok
16:11:16.0357 0x01e8 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
16:11:16.0372 0x01e8 SerCx - ok
16:11:16.0388 0x01e8 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
16:11:16.0419 0x01e8 SerCx2 - ok
16:11:16.0435 0x01e8 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
16:11:16.0466 0x01e8 Serenum - ok
16:11:16.0497 0x01e8 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
16:11:16.0529 0x01e8 Serial - ok
16:11:16.0544 0x01e8 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\Windows\System32\drivers\sermouse.sys
16:11:16.0560 0x01e8 sermouse - ok
16:11:16.0607 0x01e8 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\Windows\system32\sessenv.dll
16:11:16.0654 0x01e8 SessionEnv - ok
16:11:16.0669 0x01e8 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
16:11:16.0701 0x01e8 sfloppy - ok
16:11:16.0747 0x01e8 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:11:16.0794 0x01e8 SharedAccess - ok
16:11:16.0872 0x01e8 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:11:16.0966 0x01e8 ShellHWDetection - ok
16:11:16.0966 0x01e8 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:11:16.0997 0x01e8 SiSRaid2 - ok
16:11:17.0013 0x01e8 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:11:17.0029 0x01e8 SiSRaid4 - ok
16:11:17.0107 0x01e8 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:11:17.0138 0x01e8 SkypeUpdate - ok
16:11:17.0169 0x01e8 [ 6A05EDE953D5F8F106AD5800C3BDAA14, 42B1819C54E5F4CCC4F3CD4590B4A4D68C53604314079A492438C849A463FC9A ] SmbDrv C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
16:11:17.0185 0x01e8 SmbDrv - ok
16:11:17.0216 0x01e8 [ 5C1C621A1936B369EC8548CC57DD47FB, 564533EC07EAEDA6BEF80770BBEE33BDF4512DC18A307EEDBD8D1442D7960356 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
16:11:17.0232 0x01e8 SmbDrvI - ok
16:11:17.0279 0x01e8 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll
16:11:17.0294 0x01e8 smphost - ok
16:11:17.0326 0x01e8 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:11:17.0357 0x01e8 SNMPTRAP - ok
16:11:17.0419 0x01e8 [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport C:\Windows\system32\drivers\spaceport.sys
16:11:17.0466 0x01e8 spaceport - ok
16:11:17.0497 0x01e8 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
16:11:17.0529 0x01e8 SpbCx - ok
16:11:17.0591 0x01e8 [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\Windows\System32\spoolsv.exe
16:11:17.0669 0x01e8 Spooler - ok
16:11:18.0044 0x01e8 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
16:11:18.0544 0x01e8 sppsvc - ok
16:11:18.0732 0x01e8 [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:11:18.0763 0x01e8 SQLWriter - ok
16:11:18.0810 0x01e8 [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:11:18.0857 0x01e8 srv - ok
16:11:19.0185 0x01e8 [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:11:19.0247 0x01e8 srv2 - ok
16:11:19.0263 0x01e8 [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:11:19.0294 0x01e8 srvnet - ok
16:11:19.0341 0x01e8 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:11:19.0388 0x01e8 SSDPSRV - ok
16:11:19.0404 0x01e8 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:11:19.0451 0x01e8 SstpSvc - ok
16:11:19.0482 0x01e8 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
16:11:19.0513 0x01e8 ssudmdm - ok
16:11:19.0591 0x01e8 [ 1B4B3C81E36A4A06120284CD1B42AE50, 376ECBC77569E4536CE6DD8E71D3D46233758F132639272ADE463DF5FFCD82BB ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:11:19.0622 0x01e8 STacSV - detected UnsignedFile.Multi.Generic ( 1 )
16:11:19.0622 0x01e8 STacSV ( UnsignedFile.Multi.Generic ) - warning
16:11:19.0654 0x01e8 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:11:19.0669 0x01e8 stexstor - ok
16:11:19.0732 0x01e8 [ 674648106F972128B29D90EF6567629D, 5D0A6D089D812FD9BE0F81ED796DD46DFB840655D760A8055E70B80C897DC1F9 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:11:19.0794 0x01e8 STHDA - ok
16:11:19.0857 0x01e8 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll
16:11:19.0919 0x01e8 stisvc - ok
16:11:19.0951 0x01e8 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
16:11:19.0982 0x01e8 storahci - ok
16:11:20.0029 0x01e8 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
16:11:20.0044 0x01e8 storflt - ok
16:11:20.0060 0x01e8 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
16:11:20.0091 0x01e8 stornvme - ok
16:11:20.0107 0x01e8 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll
16:11:20.0138 0x01e8 StorSvc - ok
16:11:20.0154 0x01e8 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:11:20.0169 0x01e8 storvsc - ok
16:11:20.0201 0x01e8 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll
16:11:20.0232 0x01e8 svsvc - ok
16:11:20.0263 0x01e8 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys
16:11:20.0279 0x01e8 swenum - ok
16:11:20.0357 0x01e8 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\Windows\System32\swprv.dll
16:11:20.0419 0x01e8 swprv - ok
16:11:20.0482 0x01e8 [ 4AC0EDD7CE827590FCC93BD3529A98D6, 8631A2BF904CAFC01793BD88483237ACD1D98DC43FCE45414FC5037B2D074D78 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:11:20.0529 0x01e8 SynTP - ok
16:11:20.0622 0x01e8 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\Windows\system32\sysmain.dll
16:11:20.0716 0x01e8 SysMain - ok
16:11:20.0763 0x01e8 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
16:11:20.0794 0x01e8 SystemEventsBroker - ok
16:11:20.0810 0x01e8 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
16:11:20.0857 0x01e8 TabletInputService - ok
16:11:20.0872 0x01e8 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:11:20.0919 0x01e8 TapiSrv - ok
16:11:21.0122 0x01e8 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:11:21.0326 0x01e8 Tcpip - ok
16:11:21.0529 0x01e8 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:11:21.0732 0x01e8 TCPIP6 - ok
16:11:21.0888 0x01e8 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:11:21.0904 0x01e8 tcpipreg - ok
16:11:21.0935 0x01e8 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:11:21.0966 0x01e8 tdx - ok
16:11:22.0060 0x01e8 [ BB676D2C7AD5E7131D12417E4691F9B9, C6DE7D8C08C2F059C696E9D63FC55692C8CB37FECF92F5A863D7D2C5AF3B425F ] Te.Service C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
16:11:22.0076 0x01e8 Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
16:11:22.0076 0x01e8 Te.Service ( UnsignedFile.Multi.Generic ) - warning
16:11:22.0091 0x01e8 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
16:11:22.0122 0x01e8 terminpt - ok
16:11:22.0216 0x01e8 [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\Windows\System32\termsrv.dll
16:11:22.0294 0x01e8 TermService - ok
16:11:22.0310 0x01e8 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll
16:11:22.0357 0x01e8 Themes - ok
16:11:22.0388 0x01e8 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll
16:11:22.0419 0x01e8 THREADORDER - ok
16:11:22.0435 0x01e8 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
16:11:22.0497 0x01e8 TimeBroker - ok
16:11:22.0529 0x01e8 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
16:11:22.0560 0x01e8 TPM - ok
16:11:22.0591 0x01e8 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll
16:11:22.0622 0x01e8 TrkWks - ok
16:11:22.0669 0x01e8 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:11:22.0716 0x01e8 TrustedInstaller - ok
16:11:22.0732 0x01e8 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:11:22.0763 0x01e8 TsUsbFlt - ok
16:11:22.0763 0x01e8 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
16:11:22.0794 0x01e8 TsUsbGD - ok
16:11:22.0826 0x01e8 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:11:22.0872 0x01e8 tunnel - ok
16:11:22.0888 0x01e8 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:11:22.0904 0x01e8 uagp35 - ok
16:11:22.0935 0x01e8 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
16:11:22.0966 0x01e8 UASPStor - ok
16:11:22.0982 0x01e8 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
16:11:23.0013 0x01e8 UCX01000 - ok
16:11:23.0044 0x01e8 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:11:23.0107 0x01e8 udfs - ok
16:11:23.0107 0x01e8 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
16:11:23.0138 0x01e8 UEFI - ok
16:11:23.0169 0x01e8 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:11:23.0216 0x01e8 UI0Detect - ok
16:11:23.0216 0x01e8 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:11:23.0247 0x01e8 uliagpkx - ok
16:11:23.0279 0x01e8 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
16:11:23.0294 0x01e8 umbus - ok
16:11:23.0310 0x01e8 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
16:11:23.0326 0x01e8 UmPass - ok
16:11:23.0372 0x01e8 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll
16:11:23.0404 0x01e8 UmRdpService - ok
16:11:23.0451 0x01e8 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll
16:11:23.0513 0x01e8 upnphost - ok
16:11:23.0529 0x01e8 [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
16:11:23.0560 0x01e8 usbccgp - ok
16:11:23.0607 0x01e8 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys
16:11:23.0638 0x01e8 usbcir - ok
16:11:23.0669 0x01e8 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
16:11:23.0701 0x01e8 usbehci - ok
16:11:23.0747 0x01e8 [ 93435654DCA210298BA0F986EB51C679, 926313A0499100EA5C49C5EC44BB8FE5F8F2A7F57F3EA56D59DA694F8396A409 ] usbhub C:\Windows\System32\drivers\usbhub.sys
16:11:23.0810 0x01e8 usbhub - ok
16:11:23.0872 0x01e8 [ 83C9C45D59C72FEFDAE9A5686BE31FEA, 12FC2C3C3C5CD5F2EFBAA11A1AD06FDD7DDB6EECF6F2684BBAAF88198D976316 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
16:11:23.0935 0x01e8 USBHUB3 - ok
16:11:23.0966 0x01e8 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
16:11:23.0997 0x01e8 usbohci - ok
16:11:24.0013 0x01e8 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
16:11:24.0044 0x01e8 usbprint - ok
16:11:24.0076 0x01e8 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
16:11:24.0107 0x01e8 USBSTOR - ok
16:11:24.0138 0x01e8 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
16:11:24.0169 0x01e8 usbuhci - ok
16:11:24.0201 0x01e8 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:11:24.0232 0x01e8 usbvideo - ok
16:11:24.0263 0x01e8 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
16:11:24.0310 0x01e8 USBXHCI - ok
16:11:24.0326 0x01e8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe
16:11:24.0357 0x01e8 VaultSvc - ok
16:11:24.0372 0x01e8 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:11:24.0388 0x01e8 vdrvroot - ok
16:11:24.0497 0x01e8 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\Windows\System32\vds.exe
16:11:24.0591 0x01e8 vds - ok
16:11:24.0607 0x01e8 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
16:11:24.0638 0x01e8 VerifierExt - ok
16:11:24.0701 0x01e8 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
16:11:24.0763 0x01e8 vhdmp - ok
16:11:24.0810 0x01e8 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
16:11:24.0826 0x01e8 viaide - ok
16:11:24.0841 0x01e8 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:11:24.0872 0x01e8 vmbus - ok
16:11:24.0888 0x01e8 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
16:11:24.0904 0x01e8 VMBusHID - ok
16:11:24.0966 0x01e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
16:11:25.0029 0x01e8 vmicguestinterface - ok
16:11:25.0060 0x01e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
16:11:25.0107 0x01e8 vmicheartbeat - ok
16:11:25.0138 0x01e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
16:11:25.0201 0x01e8 vmickvpexchange - ok
16:11:25.0247 0x01e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll
16:11:25.0294 0x01e8 vmicrdv - ok
16:11:25.0326 0x01e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll
16:11:25.0388 0x01e8 vmicshutdown - ok
16:11:25.0419 0x01e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll
16:11:25.0466 0x01e8 vmictimesync - ok
16:11:25.0513 0x01e8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll
16:11:25.0560 0x01e8 vmicvss - ok
16:11:25.0591 0x01e8 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:11:25.0622 0x01e8 volmgr - ok
16:11:25.0638 0x01e8 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:11:25.0685 0x01e8 volmgrx - ok
16:11:25.0732 0x01e8 [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:11:25.0779 0x01e8 volsnap - ok
16:11:25.0810 0x01e8 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys
16:11:25.0826 0x01e8 vpci - ok
16:11:25.0841 0x01e8 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:11:25.0888 0x01e8 vsmraid - ok
16:11:25.0982 0x01e8 [ F972436B5ED08069A1E7D623B77C226A, FA01505B5EC392ADE55019C22588D2F3608CBF9A6B03A44203F3587D372F8342 ] VSPerfDrv110 C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
16:11:25.0997 0x01e8 VSPerfDrv110 - ok
16:11:26.0107 0x01e8 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\Windows\system32\vssvc.exe
16:11:26.0216 0x01e8 VSS - ok
16:11:26.0310 0x01e8 [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
16:11:26.0326 0x01e8 VSStandardCollectorService140 - ok
16:11:26.0372 0x01e8 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
16:11:26.0404 0x01e8 VSTXRAID - ok
16:11:26.0435 0x01e8 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:11:26.0451 0x01e8 vwifibus - ok
16:11:26.0497 0x01e8 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:11:26.0529 0x01e8 vwififlt - ok
16:11:26.0529 0x01e8 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:11:26.0560 0x01e8 vwifimp - ok
16:11:26.0607 0x01e8 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll
16:11:26.0669 0x01e8 W32Time - ok
16:11:26.0716 0x01e8 [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc C:\Windows\system32\inetsrv\w3logsvc.dll
16:11:26.0747 0x01e8 w3logsvc - ok
16:11:26.0763 0x01e8 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
16:11:26.0794 0x01e8 WacomPen - ok
16:11:26.0841 0x01e8 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
16:11:26.0888 0x01e8 WAS - ok
16:11:27.0013 0x01e8 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\Windows\system32\wbengine.exe
16:11:27.0138 0x01e8 wbengine - ok
16:11:27.0232 0x01e8 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:11:27.0279 0x01e8 WbioSrvc - ok
16:11:27.0310 0x01e8 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
16:11:27.0357 0x01e8 Wcmsvc - ok
16:11:27.0388 0x01e8 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:11:27.0435 0x01e8 wcncsvc - ok
16:11:27.0451 0x01e8 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:11:27.0466 0x01e8 WcsPlugInService - ok
16:11:27.0513 0x01e8 [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
16:11:27.0529 0x01e8 WdBoot - ok
16:11:27.0623 0x01e8 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:11:27.0701 0x01e8 Wdf01000 - ok
16:11:27.0716 0x01e8 [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
16:11:27.0763 0x01e8 WdFilter - ok
16:11:27.0794 0x01e8 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:11:27.0826 0x01e8 WdiServiceHost - ok
16:11:27.0841 0x01e8 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:11:27.0888 0x01e8 WdiSystemHost - ok
16:11:27.0919 0x01e8 [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
16:11:27.0951 0x01e8 WdNisDrv - ok
16:11:27.0982 0x01e8 WdNisSvc - ok
16:11:27.0998 0x01e8 [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient C:\Windows\System32\webclnt.dll
16:11:28.0060 0x01e8 WebClient - ok
16:11:28.0091 0x01e8 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll
16:11:28.0123 0x01e8 Wecsvc - ok
16:11:28.0138 0x01e8 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
16:11:28.0169 0x01e8 WEPHOSTSVC - ok
16:11:28.0185 0x01e8 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:11:28.0248 0x01e8 wercplsupport - ok
16:11:28.0263 0x01e8 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\Windows\System32\WerSvc.dll
16:11:28.0310 0x01e8 WerSvc - ok
16:11:28.0341 0x01e8 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
16:11:28.0373 0x01e8 WFPLWFS - ok
16:11:28.0388 0x01e8 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll
16:11:28.0419 0x01e8 WiaRpc - ok
16:11:28.0435 0x01e8 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:11:28.0466 0x01e8 WIMMount - ok
16:11:28.0466 0x01e8 WinDefend - ok
16:11:28.0544 0x01e8 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
16:11:28.0607 0x01e8 WinHttpAutoProxySvc - ok
16:11:28.0685 0x01e8 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:11:28.0748 0x01e8 Winmgmt - ok
16:11:28.0919 0x01e8 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\Windows\system32\WsmSvc.dll
16:11:29.0091 0x01e8 WinRM - ok
16:11:29.0216 0x01e8 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:11:29.0248 0x01e8 WinUsb - ok
16:11:29.0279 0x01e8 [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
16:11:29.0294 0x01e8 WirelessButtonDriver - ok
16:11:29.0404 0x01e8 [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc C:\Windows\System32\wlansvc.dll
16:11:29.0529 0x01e8 WlanSvc - ok
16:11:29.0638 0x01e8 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\Windows\system32\wlidsvc.dll
16:11:29.0763 0x01e8 wlidsvc - ok
16:11:29.0779 0x01e8 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
16:11:29.0810 0x01e8 WmiAcpi - ok
16:11:29.0841 0x01e8 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:11:29.0873 0x01e8 wmiApSrv - ok
16:11:29.0904 0x01e8 WMPNetworkSvc - ok
16:11:29.0935 0x01e8 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
16:11:29.0982 0x01e8 Wof - ok
16:11:30.0091 0x01e8 [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
16:11:30.0216 0x01e8 workfolderssvc - ok
16:11:30.0248 0x01e8 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
16:11:30.0279 0x01e8 wpcfltr - ok
16:11:30.0310 0x01e8 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:11:30.0341 0x01e8 WPCSvc - ok
16:11:30.0357 0x01e8 [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:11:30.0388 0x01e8 WPDBusEnum - ok
16:11:30.0419 0x01e8 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
16:11:30.0435 0x01e8 WpdUpFltr - ok
16:11:30.0451 0x01e8 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:11:30.0482 0x01e8 ws2ifsl - ok
16:11:30.0513 0x01e8 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\Windows\System32\wscsvc.dll
16:11:30.0544 0x01e8 wscsvc - ok
16:11:30.0560 0x01e8 WSearch - ok
16:11:30.0779 0x01e8 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\Windows\System32\WSService.dll
16:11:31.0060 0x01e8 WSService - ok
16:11:31.0341 0x01e8 [ E66AC3CA92FC471BFE69F61549193A64, E2DD7EA4ED164EE8FB07546896BE743734B04DE4C9480E84231901CB2C63F31C ] wuauserv C:\Windows\system32\wuaueng.dll
16:11:31.0576 0x01e8 wuauserv - ok
16:11:31.0716 0x01e8 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:11:31.0748 0x01e8 WudfPf - ok
16:11:31.0779 0x01e8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
16:11:31.0826 0x01e8 WUDFRd - ok
16:11:31.0841 0x01e8 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:11:31.0873 0x01e8 wudfsvc - ok
16:11:31.0888 0x01e8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:31.0935 0x01e8 WUDFWpdFs - ok
16:11:31.0951 0x01e8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:31.0982 0x01e8 WUDFWpdMtp - ok
16:11:32.0044 0x01e8 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll
16:11:32.0107 0x01e8 WwanSvc - ok
16:11:32.0123 0x01e8 ================ Scan global ===============================
16:11:32.0154 0x01e8 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
16:11:32.0201 0x01e8 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
16:11:32.0248 0x01e8 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
16:11:32.0294 0x01e8 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe
16:11:32.0326 0x01e8 [ Global ] - ok
16:11:32.0326 0x01e8 ================ Scan MBR ==================================
16:11:32.0326 0x01e8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:11:32.0513 0x01e8 \Device\Harddisk0\DR0 - ok
16:11:32.0513 0x01e8 ================ Scan VBR ==================================
16:11:32.0544 0x01e8 [ BF67C470D88A8CA3790F6B74212A7B4B ] \Device\Harddisk0\DR0\Partition1
16:11:32.0560 0x01e8 \Device\Harddisk0\DR0\Partition1 - ok
16:11:32.0576 0x01e8 [ 3B7F2E14A6BA40FBFB54C5D4F26E1EA1 ] \Device\Harddisk0\DR0\Partition2
16:11:32.0591 0x01e8 \Device\Harddisk0\DR0\Partition2 - ok
16:11:32.0607 0x01e8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
16:11:32.0607 0x01e8 \Device\Harddisk0\DR0\Partition3 - ok
16:11:32.0623 0x01e8 [ 1BFBEF2D3EEA2D18FFE8D51DF9B7A71A ] \Device\Harddisk0\DR0\Partition4
16:11:32.0654 0x01e8 \Device\Harddisk0\DR0\Partition4 - ok
16:11:32.0685 0x01e8 [ 2E2C1B546D5AE976372B392875ECD833 ] \Device\Harddisk0\DR0\Partition5
16:11:32.0748 0x01e8 \Device\Harddisk0\DR0\Partition5 - ok
16:11:32.0748 0x01e8 ================ Scan generic autorun ======================
16:11:32.0826 0x01e8 [ D12A47CAEF1B206C4D146071F4B98414, A7C07586329DA3522C23D968B7F4299A89AA91E76EF4D81D990005080DB3A136 ] C:\Windows\system32\igfxtray.exe
16:11:32.0857 0x01e8 IgfxTray - ok
16:11:32.0919 0x01e8 [ BA965C365535211EC17EF3D6C763C9D8, 8B62E63ABDD5A2F32A01291B7799968D63101F1AF9D9F593E8D221BE32F7EA8D ] C:\Windows\system32\hkcmd.exe
16:11:32.0982 0x01e8 HotKeysCmds - ok
16:11:33.0044 0x01e8 [ 0F4FA8D2DDF1A52C3643E6B615842295, 26EE396963B7F379FFC44164256A5C26EB58FE6D2D6B4CB775E83CEEBB396D71 ] C:\Windows\system32\igfxpers.exe
16:11:33.0123 0x01e8 Persistence - ok
16:11:33.0248 0x01e8 [ EF5712B507FD449C062782A5CF39F4C3, 720FCB02E5B5344BCB54117135CB416E30A603BCB55A9C3173809AD502353B72 ] C:\Program Files\IDT\WDM\sttray64.exe
16:11:33.0388 0x01e8 SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
16:11:33.0388 0x01e8 SysTrayApp ( UnsignedFile.Multi.Generic ) - warning
16:11:33.0591 0x01e8 [ 88DA2E50CBCD4C062632EE34923C5913, A0EEFC404049798B2319C90F8FB3A9A42323204DB89182F7A968B8723F913B79 ] C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
16:11:33.0841 0x01e8 SimplePass - ok
16:11:33.0873 0x01e8 [ B5F08FCC816B933D8EC1FACCE62B2A12, 950A1764E90EE11BCC033C30BD823855AA92E62479AF6ECA762F491FF670A125 ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
16:11:33.0888 0x01e8 OPBHOBroker - ok
16:11:33.0919 0x01e8 [ 1C8F76268DE368A288C6AFB2F00F348F, CB25D1332C694CD460038FC2A5CD1D223AEECBBEDD1768B0F6727219EEF16ABA ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
16:11:33.0935 0x01e8 OPBHOBrokerDesktop - ok
16:11:33.0935 0x01e8 SynTPEnh - ok
16:11:33.0998 0x01e8 [ 56C262B2CFDE9A101455CE6A60762C6C, 66504DC72530E788962CF7D88EE14804098CE52675BA3143A291694D31036E10 ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
16:11:34.0013 0x01e8 AccelerometerSysTrayApplet - ok
16:11:34.0107 0x01e8 [ E2043ABD9E13E1B7BF74B1D05E15AA47, B59953E4F2392858601551A4FA2024742B99E6AF48D71C3155548C97E25A1FA9 ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
16:11:34.0185 0x01e8 HPMessageService - ok
16:11:34.0279 0x01e8 [ 3405A4A63018892F31E61C01E9A0313E, 49B2102C3593270DAD15548D1FB2C7E36A65419AA7AE057AB1F0B6A80365B1F6 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
16:11:34.0294 0x01e8 Avira SystrayStartTrigger - ok
16:11:34.0544 0x01e8 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
16:11:34.0607 0x01e8 avgnt - ok
16:11:35.0044 0x01e8 [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
16:11:35.0576 0x01e8 CCleaner Monitoring - ok
16:11:35.0669 0x01e8 Skype - ok
16:11:35.0716 0x01e8 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
16:11:35.0716 0x01e8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
16:11:35.0763 0x01e8 Win FW state via NFP2: enabled ( trusted )
16:11:35.0763 0x01e8 ============================================================
16:11:35.0763 0x01e8 Scan finished
16:11:35.0763 0x01e8 ============================================================
16:11:35.0779 0x0bc0 Detected object count: 7
16:11:35.0779 0x0bc0 Actual detected object count: 7
16:12:11.0232 0x0bc0 Cachedrv server ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0232 0x0bc0 Cachedrv server ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:12:11.0232 0x0bc0 fussvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0232 0x0bc0 fussvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:12:11.0232 0x0bc0 Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0232 0x0bc0 Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:12:11.0248 0x0bc0 omniserv ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0248 0x0bc0 omniserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:12:11.0248 0x0bc0 STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0248 0x0bc0 STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:12:11.0248 0x0bc0 Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0248 0x0bc0 Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:12:11.0248 0x0bc0 SysTrayApp ( UnsignedFile.Multi.Generic ) - skipped by user
16:12:11.0248 0x0bc0 SysTrayApp ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
11.12.2015, 20:20
| #5 |
| /// TB-Ausbilder | Istartpageing.com Virus auf Rechner Servus, bekomme ich auf meine Frage auch noch eine Antwort?  |
|
11.12.2015, 20:54
| #6 |
| | Istartpageing.com Virus auf Rechner Keine Probleme mehr mit Browsern. |
|
11.12.2015, 21:00
| #7 |
| /// TB-Ausbilder | Istartpageing.com Virus auf Rechner Servus, ok, dann entfernen wir noch die letzten Reste und kontrollieren noch: Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Bitte poste mit deiner nächsten Antwort
|
|
11.12.2015, 21:42
| #8 |
| | Istartpageing.com Virus auf Rechner Hier die Fixlist und HitmanPro - Eset folgt morgen: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-12-2015
durchgeführt von Anni Blask (2015-12-11 21:23:01) Run:1
Gestartet von C:\Users\Anni Blask\Downloads
Geladene Profile: Anni Blask & (Verfügbare Profile: Anni Blask)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
"HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2899336889-42798528-283681265-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende von CMD: =========
EmptyTemp: => 3.5 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 21:23:13 ====
Code:
ATTFilter
|
|
12.12.2015, 11:09
| #9 |
| /// TB-Ausbilder | Istartpageing.com Virus auf Rechner Ok, dann warte ich noch auf ESET. |
|
12.12.2015, 13:13
| #10 |
| | Istartpageing.com Virus auf Rechner Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3aebc41d2284d444b2ae7bf169f08f0b
# end=init
# utc_time=2015-12-11 05:51:46
# local_time=2015-12-11 06:51:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 27155
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3aebc41d2284d444b2ae7bf169f08f0b
# end=updated
# utc_time=2015-12-11 06:04:57
# local_time=2015-12-11 07:04:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3aebc41d2284d444b2ae7bf169f08f0b
# end=init
# utc_time=2015-12-12 08:29:39
# local_time=2015-12-12 09:29:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 27161
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3aebc41d2284d444b2ae7bf169f08f0b
# end=updated
# utc_time=2015-12-12 08:30:57
# local_time=2015-12-12 09:30:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3aebc41d2284d444b2ae7bf169f08f0b
# engine=27161
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-12 12:04:36
# local_time=2015-12-12 01:04:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1702083 40360660 0 0
# scanned=262481
# found=0
# cleaned=0
# scan_time=12818
|
|
12.12.2015, 16:06
| #11 | ||||||||
| /// TB-Ausbilder | Istartpageing.com Virus auf Rechner Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
15.12.2015, 17:54
| #12 |
| /// TB-Ausbilder | Istartpageing.com Virus auf Rechner Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
und 
und speichere die Logdatei auf Deinem Desktop.
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
