| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Makrovirus "Berger Antriebstechnik"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.01.2016, 16:59
| #1 |
| |  Makrovirus "Berger Antriebstechnik" Hallo Helfer, am 19.12.15 habe ich eine mail mit dem Betreff "Bestellung" von der Firma Berges Antriebstechnik erhalten. Im Anhang befand sich ein word-Dokument, welches ich dummerweise geöffnet habe (ohne Textinhalt).Im Anschluß email gelöscht und Rechner Neustart. Habe dann erst zwei tage später erfahren dass ev. ein Makrovirus im Anhang beigefügt war. Habe in dieser Zeit öfters mal mit Word gearbeitet und einmal auch onlinebanking getätigt. einziges problem Adobe Reader hat nicht mehr funktioniert. ev wegen update da es nach Neustart wieder gut war weitere Probleme sind keine aufgetaucht bin dann nach langer suche ohne brauchbare Ergebnisse glücklicher weise auf euer Board gestoße. Jürgen , deeprybka hatte am 23.12.2015 die gleiche Anfrage und da sie auch für mich als Laie gut beschrieben waren bin ich den Anweisungen von ihm gefolgt. meinen Virenscanner (Avira free antivirus Produktversion 15.0.15.129 03.12.2015) Spybot zusätzlich überprüft. FRST 64bit erzeugt Adw Cleaner Protokoll Adw Cleaner ausgeführt TDSSKiller + Protokoll Anti-Malware ESTE Onlinescanner Problem: Wie kann ich sicher sein, dass ich mir keine Schadsoftware eingefangen habe? Welchen Schaden kann ein möglicher Trojaner anrichten? Könnte es beim Online-banking gefährlich werden?habe es ja benutzt (1-2 Tage danach) Sollte ich den Zugang von meiner Bank sperren lassen. Wäre über eine helfende Hand dankbar Mit freundlichen Grüßen Andreas Im Absatz FRST (die Erste) Addition ( die Erste) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
durchgeführt von Andreas (Administrator) auf OLIVER (04-01-2016 17:12:16)
Gestartet von C:\Users\Andreas\Downloads
Geladene Profile: Andreas (Verfügbare Profile: Andreas & MSSQL$SQLEXPRESS)
Platform: Windows 8.1 Pro with Media Center (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
() C:\Program Files (x86)\Weka\WEKA Launcher\launcherservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13677784 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [WekaUpdateCenter] => C:\Program Files (x86)\Common Files\Weka\Update Manager\WekaUpdateManager.exe [198000 2012-03-01] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-18] (Electronic Arts)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2014-12-04] ()
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Spybot-S&D Cleaning] => C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe [960688 2015-02-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Policies\Explorer: []
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\MountPoints2: {0301ea6d-eaec-11e3-8040-c48508d4a372} - "F:\iStudio.exe"
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-24]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-03-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0CBAE8C9-0F58-427E-817D-95609070D6E2}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{C1373ACE-7D17-460E-98DE-31CEBF2DCF1E}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> DefaultScope {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL =
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> {B42DCA7D-7E55-4A79-85A0-AF94DD339325} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=BE0EFC29-92E5-4442-96C9-0FD1F9FC59C0&apn_sauid=5E7F585B-735A-4CF9-A53E-9AC092CDBF73
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL =
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-13] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-13] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default
FF NewTab: hxxps://www.google.de/
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-19] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Tools\Media\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2015-01-23] ( )
FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Andreas\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\askcom.xml [2013-02-08]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\englische-ergebnisse.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\gmx-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\lastminute.xml [2014-04-10]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\webde-suche.xml [2014-06-05]
FF Extension: Garmin Communicator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-06-22]
FF Extension: GMX MailCheck - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\mailcheck@gmx.net [2015-12-17]
FF Extension: Avira Browser Safety - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\abs@avira.com [2015-12-31]
FF Extension: Adblock Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-01-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-09] [ist nicht signiert]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S4 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2013-12-26] (Autodesk)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [64848 2012-08-06] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 launcherservice; C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe [140288 2010-03-03] () [Datei ist nicht signiert]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-18] (Electronic Arts)
S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS)
R2 SDScannerService; C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [24400 2012-08-06] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [73552 2012-08-06] (Condusiv Technologies)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS)
R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [33488 2014-03-03] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 SBIOSIO; \??\C:\Users\Andreas\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-04 17:12 - 2016-01-04 17:12 - 00028010 _____ C:\Users\Andreas\Downloads\FRST.txt
2016-01-04 17:11 - 2016-01-04 17:12 - 00000000 ____D C:\FRST
2016-01-04 17:10 - 2016-01-04 17:11 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2016-01-04 17:04 - 2016-01-04 17:04 - 00000000 ____D C:\AdwCleaner
2016-01-04 17:01 - 2016-01-04 17:01 - 01745920 _____ C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
2016-01-04 16:39 - 2016-01-04 16:45 - 00000000 ____D C:\Users\Andreas\Documents\A Desktopdateien
2016-01-04 15:13 - 2016-01-04 15:13 - 00052697 _____ C:\Users\Andreas\Downloads\RE_3100134490_8753513655_20160101.pdf
2015-12-29 18:47 - 2015-12-29 18:47 - 00532721 _____ C:\Users\Andreas\Downloads\Rechnung Elmar Lorch Neckarhalde 24.pdf
2015-12-29 17:44 - 2015-12-29 17:44 - 01976669 _____ C:\Users\Andreas\Downloads\Angebot Herrn Lorch Neckarhalde 24.pdf
2015-12-29 16:39 - 2015-12-29 16:39 - 01413613 _____ C:\Users\Andreas\Downloads\Rechnung Fam.Baltzer-Noak Giebelfenster.pdf
2015-12-29 16:36 - 2015-12-29 16:36 - 02689619 _____ C:\Users\Andreas\Downloads\Rundbogenfenster Neckarhalde 24.pdf
2015-12-29 10:10 - 2015-12-29 10:10 - 00122897 _____ C:\Users\Andreas\Downloads\schoenbuchhalbmarathon2013.pdf
2015-12-29 10:03 - 2015-12-29 10:03 - 00068182 _____ C:\Users\Andreas\Downloads\2007-05-13-Leinfelden-Echterdingen-07-05-13-schoenbuch-pdf.pdf
2015-12-28 16:27 - 2015-12-28 16:27 - 03614157 _____ C:\Users\Andreas\Downloads\2015Bilder-Fenster.pdf
2015-12-25 13:38 - 2015-12-25 13:38 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-25 13:38 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-25 13:34 - 2015-12-25 13:34 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-12-25 13:34 - 2015-12-25 13:34 - 00002019 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-12-25 13:34 - 2015-12-25 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-12-25 13:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-12-25 10:37 - 2015-12-25 10:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-12-25 10:33 - 2015-12-25 10:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Andreas\Downloads\spybot-2.4.40.exe
2015-12-23 19:24 - 2015-12-23 19:39 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\.minecraft
2015-12-23 19:24 - 2015-12-23 19:24 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft(1).exe
2015-12-23 19:24 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\java
2015-12-23 19:21 - 2015-12-23 20:19 - 00001470 _____ C:\Users\Andreas\Downloads\nativelog.txt
2015-12-23 19:21 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\Downloads\game
2015-12-23 19:21 - 2015-12-23 19:21 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft.exe
2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\tools
2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\runtime
2015-12-23 14:17 - 2015-12-23 14:17 - 00049289 _____ C:\Users\Andreas\Downloads\VR-GewinnSparen_13202006_vom_23.11.2015_20151223021734.pdf
2015-12-23 14:17 - 2015-12-23 14:17 - 00049195 _____ C:\Users\Andreas\Downloads\Mitteilung_13202006_vom_23.11.2015_20151223021732.pdf
2015-12-23 09:49 - 2015-12-23 09:49 - 00171255 _____ C:\Users\Andreas\Downloads\271183.pdf
2015-12-22 15:03 - 2015-12-22 15:03 - 00366243 _____ C:\Users\Andreas\Downloads\ViewProductAttachment-OpenFile
2015-12-22 11:23 - 2015-12-22 11:23 - 05601627 _____ C:\Users\Andreas\Downloads\kf_694_18-03-2015.pdf
2015-12-22 10:44 - 2015-12-22 10:44 - 00564782 _____ C:\Users\Andreas\Downloads\kf_614_hst_13-07-2012_06-03-2013_18-03-2015_18-03-2015.pdf
2015-12-22 10:36 - 2015-12-22 10:36 - 05513745 _____ C:\Users\Andreas\Downloads\bestellformular_kunststofffenster_28.05.2015_10-06-2015.pdf
2015-12-21 15:05 - 2015-12-21 15:05 - 00244231 _____ C:\Users\Andreas\Downloads\051001besonderer-einsatz-und-verarbeitung-farbiger-profile(1).pdf
2015-12-21 13:00 - 2015-12-21 13:00 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth(1).pdf
2015-12-21 11:34 - 2015-12-21 11:34 - 01597571 _____ C:\Users\Andreas\Downloads\Senioren_und_soziallagenbezogene_Gesundheitsfoerderung_und_Praevention(1).pdf
2015-12-21 11:29 - 2015-12-21 11:29 - 00434271 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen Teil 2.pdf
2015-12-16 10:38 - 2015-12-16 10:38 - 05821280 _____ C:\Users\Andreas\Downloads\3._arn_in-kurven_07-10-2014(1).pdf
2015-12-16 10:35 - 2015-12-16 10:35 - 03807865 _____ C:\Users\Andreas\Downloads\4._arna_in-kurven_07-10-2014(1).pdf
2015-12-16 10:29 - 2015-12-16 10:29 - 01977655 _____ C:\Users\Andreas\Downloads\2._arei_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03305335 _____ C:\Users\Andreas\Downloads\1._are_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03277743 _____ C:\Users\Andreas\Downloads\6._arr_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03121460 _____ C:\Users\Andreas\Downloads\5._arnr_in-kurven_07-10-2014(1).pdf
2015-12-16 10:25 - 2015-12-16 10:25 - 09742494 _____ C:\Users\Andreas\Downloads\ahf_95_classic_art_09-11-2015.pdf
2015-12-15 09:32 - 2015-12-15 09:32 - 00053266 _____ C:\Users\Andreas\Downloads\Kontoauszug_13202006__Nr.0112015_vom_30.11.2015_20151215093238.pdf
2015-12-15 09:31 - 2015-12-15 09:31 - 00058584 _____ C:\Users\Andreas\Downloads\Kontoauszug_1334000__Nr.0112015_vom_30.11.2015_20151215093143.pdf
2015-12-14 17:11 - 2015-12-14 17:11 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016(1).pdf
2015-12-14 13:43 - 2015-12-14 13:43 - 00730987 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz WESTANSICHT Alt 5.1akt Kopie v2016_powermacg5.pdf
2015-12-14 13:42 - 2015-12-14 13:42 - 00533986 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf
2015-12-14 13:40 - 2015-12-14 13:40 - 01366764 _____ C:\Users\Andreas\Downloads\04.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel.pdf
2015-12-14 13:40 - 2015-12-14 13:40 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf
2015-12-14 13:38 - 2015-12-14 13:38 - 01369220 _____ C:\Users\Andreas\Downloads\07.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel(1).pdf
2015-12-14 11:29 - 2015-12-14 11:29 - 00031481 _____ C:\Users\Andreas\Downloads\WTPG_teilweise_Selbstverantwortung.pdf
2015-12-14 11:28 - 2015-12-14 11:28 - 00042419 _____ C:\Users\Andreas\Downloads\WTPG_ambulant_betreute_WG.pdf
2015-12-14 11:25 - 2015-12-14 11:25 - 00129521 _____ C:\Users\Andreas\Downloads\WTPG_6.pdf
2015-12-14 11:24 - 2015-12-14 11:24 - 00405000 _____ C:\Users\Andreas\Downloads\WTPG_5.pdf
2015-12-14 11:23 - 2015-12-14 11:23 - 00662282 _____ C:\Users\Andreas\Downloads\WTPG_4.pdf
2015-12-14 11:22 - 2015-12-14 11:22 - 00580358 _____ C:\Users\Andreas\Downloads\WTPG_3.pdf
2015-12-14 11:21 - 2015-12-14 11:21 - 00410389 _____ C:\Users\Andreas\Downloads\WTPG_2.pdf
2015-12-14 11:20 - 2015-12-14 11:20 - 00323803 _____ C:\Users\Andreas\Downloads\WTPG_1.pdf
2015-12-14 11:16 - 2015-12-14 11:16 - 00273829 _____ C:\Users\Andreas\Downloads\beratung_karl.pdf
2015-12-14 11:16 - 2015-12-14 11:16 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab(1).pdf
2015-12-14 11:11 - 2015-12-14 11:11 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab.pdf
2015-12-14 11:08 - 2015-12-14 11:08 - 00357129 _____ C:\Users\Andreas\Downloads\falkenroth.pdf
2015-12-14 11:06 - 2015-12-14 11:06 - 00252951 _____ C:\Users\Andreas\Downloads\siegert.pdf
2015-12-14 11:02 - 2015-12-14 11:02 - 00212266 _____ C:\Users\Andreas\Downloads\stationaere_a_hilfe_hirt.pdf
2015-12-14 11:00 - 2015-12-14 11:00 - 00400182 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen_Teil2(1).pdf
2015-12-14 09:35 - 2015-12-14 09:35 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth.pdf
2015-12-10 09:18 - 2015-12-10 09:18 - 05507334 _____ C:\Users\Andreas\Downloads\bestellformular_aluminium-kunststoff-fenster_neu_2015_18-08-2015.pdf
2015-12-09 11:54 - 2015-12-09 11:54 - 00224529 _____ C:\Users\Andreas\Downloads\illbruck_de-de-tp652-.ab.01.10.15-web(1).pdf
2015-12-09 09:08 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 09:08 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 09:08 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-12-09 09:08 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-12-09 09:08 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 09:08 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-12-09 09:08 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 09:08 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-12-09 09:08 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 09:08 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 09:08 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-09 09:08 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 09:08 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-12-09 09:08 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-12-09 09:08 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-09 09:08 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-09 09:08 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-09 09:08 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-12-09 09:08 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-09 09:08 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-09 09:08 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-12-09 09:08 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 09:08 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 09:08 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 09:08 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 09:08 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-09 09:08 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-12-09 09:08 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-12-09 09:08 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-12-09 09:08 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-12-09 09:08 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 09:08 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-09 09:08 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 09:08 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 09:08 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-09 09:08 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-12-09 09:08 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-09 09:08 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-09 09:08 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-12-09 09:08 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 09:07 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 09:07 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 09:07 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-09 09:07 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-09 09:07 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-09 09:07 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-09 09:07 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 09:07 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-12-09 09:07 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-12-09 09:07 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 09:07 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 09:07 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 09:07 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 09:07 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-09 09:07 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-09 09:07 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-09 09:07 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-12-09 09:07 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-12-09 09:07 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-09 09:07 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-12-09 09:07 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-12-09 09:07 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-12-09 09:07 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-12-09 09:07 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-12-09 09:07 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-12-09 09:07 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-12-09 09:07 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 09:07 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 09:07 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-12-09 09:07 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-12-09 09:07 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 09:07 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-12-09 09:07 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 09:07 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 09:07 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 09:07 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 09:07 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 09:07 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-09 09:07 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 09:07 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-12-09 09:07 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 09:07 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2015-12-09 09:07 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 09:07 - 2015-10-11 07:34 - 00462168 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00443224 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00092504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00027992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-12-09 09:07 - 2015-10-10 19:41 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-12-09 09:07 - 2015-10-10 19:41 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2015-12-09 09:07 - 2015-10-10 19:40 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys
2015-12-09 09:07 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-12-09 09:07 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2015-12-09 09:07 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2015-12-09 09:07 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-12-09 09:07 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-09 09:07 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-12-09 09:07 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-12-08 13:29 - 2015-12-08 13:29 - 00244231 _____ C:\Users\Andreas\Downloads\051001besonderer-einsatz-und-verarbeitung-farbiger-profile.pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 02303160 _____ C:\Users\Andreas\Downloads\akf_724_s_13-08-2015(3).pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 01215831 _____ C:\Users\Andreas\Downloads\7._akf_kopplungen_03-08-2015(2).pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 00891194 _____ C:\Users\Andreas\Downloads\8._akf_verbreiterungen_03-08-2015(1).pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 00882530 _____ C:\Users\Andreas\Downloads\6._akf_anschluesse_03-08-2015(2).pdf
2015-12-08 10:54 - 2015-12-08 10:54 - 00659654 _____ C:\Users\Andreas\Downloads\Frühlingspost 2015(1).pdf
2015-12-08 10:27 - 2015-12-08 10:27 - 05234506 _____ C:\Users\Andreas\Downloads\ggt-preisliste-web(1).pdf
2015-12-08 10:04 - 2015-12-08 10:04 - 00948210 _____ C:\Users\Andreas\Downloads\PREISLISTE 2015(1).pdf
2015-12-08 10:01 - 2015-12-08 10:01 - 00799222 _____ C:\Users\Andreas\Downloads\produktbersicht 2014.pdf
2015-12-08 09:58 - 2015-12-08 09:58 - 00806638 _____ C:\Users\Andreas\Downloads\Newsletter Oktober 2015(2).pdf
2015-12-08 08:52 - 2015-12-08 08:52 - 01369220 _____ C:\Users\Andreas\Downloads\07.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel.pdf
2015-12-07 12:06 - 2015-12-07 12:06 - 00599138 _____ C:\Users\Andreas\Downloads\op2015(1).pdf
2015-12-07 12:04 - 2015-12-07 12:04 - 00659654 _____ C:\Users\Andreas\Downloads\Frühlingspost 2015.pdf
2015-12-07 12:03 - 2015-12-07 12:03 - 00806638 _____ C:\Users\Andreas\Downloads\Newsletter Oktober 2015(1).pdf
2015-12-07 12:02 - 2015-12-07 12:02 - 00599138 _____ C:\Users\Andreas\Downloads\op2015.pdf
2015-12-07 11:27 - 2015-12-07 11:27 - 01553776 _____ C:\Users\Andreas\Downloads\Matrix_Essstörungen1.pdf
2015-12-07 11:27 - 2015-12-07 11:27 - 00028416 _____ C:\Users\Andreas\Downloads\Leitfaden HA.pdf
2015-12-07 11:08 - 2015-12-07 11:08 - 00304596 _____ C:\Users\Andreas\Downloads\Hausarbeit FERTIG.pdf
2015-12-07 11:00 - 2015-12-07 11:00 - 02629019 _____ C:\Users\Andreas\Downloads\Wißmann2010(1).pdf
2015-12-07 10:59 - 2015-12-07 10:59 - 00490323 _____ C:\Users\Andreas\Downloads\demenz_bausteine_14-2012(1).pdf
2015-12-07 10:57 - 2015-12-07 10:57 - 02629019 _____ C:\Users\Andreas\Downloads\Wißmann2010.pdf
2015-12-07 10:54 - 2015-12-07 10:55 - 06132873 _____ C:\Users\Andreas\Downloads\Michell-Auli2011.pdf
2015-12-07 10:50 - 2015-12-07 10:50 - 00490323 _____ C:\Users\Andreas\Downloads\demenz_bausteine_14-2012.pdf
2015-12-07 10:46 - 2015-12-07 10:46 - 00400182 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen_Teil2.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-04 17:11 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-04 16:11 - 2013-12-26 16:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-04 16:11 - 2013-02-18 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-04 15:59 - 2014-02-04 18:18 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-04 11:16 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-01 13:14 - 2013-09-30 05:14 - 02044468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-01 13:14 - 2013-09-30 04:58 - 00872284 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-01 13:14 - 2013-09-30 04:58 - 00193862 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-31 11:17 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-31 11:05 - 2012-11-29 13:22 - 00000000 ____D C:\Users\Andreas\AppData\Local\Adobe
2015-12-29 15:03 - 2013-08-27 23:56 - 00033280 ___SH C:\Users\Andreas\Thumbs.db
2015-12-28 10:36 - 2012-11-29 12:12 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3658493019-1111599900-2463904087-1003
2015-12-28 10:12 - 2012-08-24 02:35 - 00000000 ____D C:\ProgramData\WinClon
2015-12-28 10:09 - 2015-05-03 14:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-28 10:09 - 2014-01-27 20:36 - 00000000 __RDO C:\Users\Andreas\SkyDrive
2015-12-28 10:08 - 2013-11-25 22:32 - 00000000 ____D C:\Users\Andreas
2015-12-26 15:31 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-26 09:48 - 2015-04-19 06:58 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-26 09:48 - 2015-04-19 06:58 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-25 13:37 - 2014-06-22 12:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-25 13:34 - 2013-01-01 16:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-25 10:40 - 2013-08-22 14:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2015-12-23 15:38 - 2014-02-06 16:14 - 00000000 ____D C:\ProgramData\CanonIJ
2015-12-23 09:40 - 2014-02-26 12:00 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2015-12-21 11:24 - 2013-02-23 19:59 - 00000000 ____D C:\ProgramData\Origin
2015-12-21 09:47 - 2013-10-06 13:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-21 09:47 - 2012-12-31 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-14 09:55 - 2012-12-18 13:06 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\ISSPLUS
2015-12-14 09:52 - 2012-12-18 12:59 - 00000000 ____D C:\MoveIT
2015-12-11 11:05 - 2013-01-26 19:44 - 00677376 ___SH C:\Users\Andreas\Desktop\Thumbs.db
2015-12-11 10:39 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-12-11 09:49 - 2013-08-22 15:44 - 05429400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 09:35 - 2014-08-24 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 09:35 - 2013-01-01 17:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 09:34 - 2014-08-24 20:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 09:34 - 2014-08-24 20:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 09:32 - 2013-09-16 15:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-09 09:26 - 2012-12-17 19:31 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-07 09:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-03 18:34 - 2015-11-03 18:35 - 98892838 _____ () C:\Program Files (x86)\BeamNG-Techdemo-0.3-setup.zip
2012-11-29 12:05 - 2014-03-10 10:59 - 0142434 _____ () C:\Users\Andreas\AppData\Roaming\AbsoluteReminder.xml
2014-03-03 09:25 - 2014-03-03 09:25 - 0001167 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt
2014-03-03 09:25 - 2014-03-03 09:25 - 0000000 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-12-26 18:42 - 2014-06-22 13:11 - 0007607 _____ () C:\Users\Andreas\AppData\Local\Resmon.ResmonCfg
2014-11-03 11:28 - 2014-11-03 11:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-24 02:39 - 2012-08-08 05:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-08-24 02:39 - 2012-08-07 11:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml
2015-01-01 21:37 - 2015-01-01 21:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Andreas\AppData\Local\Temp\avgnt.exe
C:\Users\Andreas\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-28 10:36
==================== Ende von FRST.txt ============================
Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von Andreas (2016-01-04 17:13:04)
Gestartet von C:\Users\Andreas\Downloads
Windows 8.1 Pro with Media Center (X64) (2013-11-26 08:00:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3658493019-1111599900-2463904087-500 - Administrator - Disabled)
Andreas (S-1-5-21-3658493019-1111599900-2463904087-1003 - Administrator - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-3658493019-1111599900-2463904087-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3658493019-1111599900-2463904087-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
AMU (HKLM-x32\...\de.a2c.bafa.antragsmanager.unternehmer) (Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle)
AMU (x32 Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle) Hidden
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
AutoCAD 2009 - Deutsch (HKLM\...\AutoCAD 2009 - Deutsch) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - Deutsch (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
BeamNG-Techdemo-0.3 (remove only) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\BeamNG-Techdemo-0.3) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX870 series Benutzerregistrierung (HKLM-x32\...\Canon MX870 series Benutzerregistrierung) (Version: - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.9.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.10.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER Einnahme-Überschussrechnung 2013 pro (HKLM-x32\...\Einnahme-Überschussrechnung 2013 pro_is1) (Version: 1.0 - DATA BECKER GmbH & Co. KG)
DiRT (HKLM-x32\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Free Studio version 5.9.0.1212 (HKLM-x32\...\Free Studio_is1) (Version: 5.9.0.1212 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPS Master 2.0.14 (HKLM-x32\...\GPS Master_is1) (Version: 1.0 - GPS Master)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Handwerksbüro X22-Datenübernahme (HKLM-x32\...\{AF7E45F7-DAF6-4DEF-B439-B334D7F43942}) (Version: 1.00.0076 - WEKA)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{B506207A-C977-48B6-A14F-2C7E98EF0BE4}) (Version: 1.0.26 - Condusiv Technologies)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-Bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2012 (HKLM\...\{7647B46D-D4E6-43A5-AC9D-0BAA28C63271}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\MyFreeCodec) (Version: - )
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero 8 (HKLM-x32\...\{BE282C23-5484-47FF-B2C1-EBEA5C891031}) (Version: 8.3.29 - Nero AG)
Nero BackItUp 12 Essentials (HKLM-x32\...\{0E3368AC-FB29-4C5E-938E-FA11C12D035E}) (Version: 12.0.01200 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Panzer Elite Action - Dunes Of War (HKLM-x32\...\{577D1191-A6DF-4534-8D97-805BCBAC5D1D}_is1) (Version: - Nordic Games)
Panzer Elite Action - Fields Of Glory (HKLM-x32\...\{1DDAD87D-576E-43DE-8814-65ACC87CFED6}_is1) (Version: - Nordic Games)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)
phonostar-Player Version 3.03.5 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.14 - Samsung Electronics CO., LTD.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
sirAdos Datenmanager Januar 2014 (HKLM-x32\...\{CC9E22A1-8012-493E-9BEC-381189F8F152}) (Version: 1.3.615 - sirAdos)
Snagit 11 (HKLM-x32\...\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}) (Version: 11.0.0 - TechSmith Corporation)
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version: 2.27 - NCH Software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (HKLM-x32\...\{1A4C9497-7D4B-466D-8D3A-FE0D925386DC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.0.0 - Synaptics Incorporated)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version: - Atari)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VRally3 (HKLM-x32\...\VRally3_is1) (Version: - )
WEKA DATANORM 3.6 (HKLM-x32\...\{124C8673-FB8C-426D-A5BA-2A7400EC5994}) (Version: - )
WEKA Handwerksbüro 1.22.1.1 (HKLM-x32\...\weka-hwb-X22) (Version: X22 - WEKA)
WEKA Handwerksbüro X22 - 11.14 (HKLM-x32\...\de.bwso.hwb.Hwb.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (HKLM-x32\...\de.bwso.hwb.HwbMulti.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA Handwerksbüro X22 - 11.14 (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA LauncherService 1.2 (HKLM-x32\...\3599-1427-7716-9681) (Version: - )
WEKA Update Center (HKLM-x32\...\{A8217164-542A-4C4B-9031-2AB445CA314A}) (Version: 1.00.00.0003 - WEKA MEDIA GmbH & Co. KG)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Windows-Treiberpaket - Sunplus (SPCP825K) Ports (07/01/2010 1.0.9.0) (HKLM\...\20986CDBFBCA238AA12329A115B1CC9D88E9C06C) (Version: 07/01/2010 1.0.9.0 - Sunplus)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
XnView 1.99.6 (HKLM-x32\...\XnView_is1) (Version: 1.99.6 - Gougelet Pierre-e)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {064796D5-6EFE-4B6D-A6F2-C50AFB733BF4} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-08-06] (SEC)
Task: {066FD32E-526F-4152-8F54-1896683DE177} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {0C478103-75E9-47F3-B24C-99AEDD11111E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1C0C6668-0270-462C-A41A-BA63A59A5CC5} - System32\Tasks\fvw3_1zl0tlux => C:\windows\TEMP\fvw3_k81mor7p.bat
Task: {1D4B8A78-1690-435C-8D6B-2E52F1CF5528} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-08-18] (Samsung Electronics CO., LTD.)
Task: {23B69281-D5F6-4E21-89D0-2B63E4A1F11E} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {34E6A3BC-6282-4F88-8D82-823135A2C919} - System32\Tasks\fvw3_av2pyhbc => C:\windows\TEMP\fvw3_p3h8wcih.bat
Task: {39F4E803-4332-40D3-85BE-4DB071C9B32C} - System32\Tasks\{63161025-A1C7-4386-A44C-B193CF3D00E5} => pcalua.exe -a C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb\GMX_MailCheck_ClickOnce.exe -d C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb
Task: {3A2ED25E-2FB1-46B4-87D0-539222DA8DDD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {4BBDF6D8-ED26-4E8F-B6A1-99762E238F32} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {5384A262-92B6-48EC-AF30-C5A370864CE8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {7BBAED33-F6CB-43A7-B397-FB3CBF40962F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {8C6FBA75-C331-4694-B87A-BC734E21936F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-andreas-woelfle@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {911C4932-0B21-48B1-8C62-6859B7C1FB98} - System32\Tasks\fvw3_1mwm5xo4 => C:\windows\TEMP\fvw3_rqztrkf1.bat
Task: {91D39EA6-AD37-4EA8-8E1F-4468910D3869} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-19] (Adobe Systems Incorporated)
Task: {98987C6A-1276-41DD-AD76-25123DA08F20} - System32\Tasks\fvw3_kcm2lata => C:\windows\TEMP\fvw3_qgb9ejzg.bat
Task: {99BE832F-AC40-4DD1-9661-5C22AEED9282} - System32\Tasks\fvw3_dx9jiowd => C:\windows\TEMP\fvw3_o9bredg3.bat
Task: {9C5A89A8-0063-45EB-BC35-7259812BE801} - System32\Tasks\fvw3_rov77k4o => C:\windows\TEMP\fvw3_48r36voi.bat
Task: {ACD48289-DE50-487C-8893-DFC82D9C97CA} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C9A2E220-897F-4F25-9014-D2A5A02F6026} - System32\Tasks\fvw3_ubbskhag => C:\windows\TEMP\fvw3_mhsqjyso.bat
Task: {CE69CB7B-E9EF-46E5-B27E-57A383D83D3A} - System32\Tasks\fvw3_emppjlpd => C:\windows\TEMP\fvw3_y820i7ze.bat
Task: {E2C1EFFF-A1B3-46F2-AEB1-0E4979FC84B6} - System32\Tasks\fvw3_fc8bp7ib => C:\windows\TEMP\fvw3_xw12iuq6.bat
Task: {EF2D71FE-5E65-4B9C-B410-05659FAA692D} - System32\Tasks\fvw3_9c6qebtr => C:\windows\TEMP\fvw3_smop7nzg.bat
Task: {EFA6F466-F044-40BE-BBD3-A23D567E8AE7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F5256FB0-D739-4735-AA28-844B82416C50} - System32\Tasks\fvw3_y8u0cpcj => C:\windows\TEMP\fvw3_i81jm8r1.bat
Task: {F938041D-0CFD-43E5-945C-D3D0646C07D8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F94F8D43-48EC-4A5C-9FCC-DA90725F1D07} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-11-03 11:25 - 2013-11-11 04:27 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2008-09-09 11:22 - 2008-09-09 11:22 - 00022016 _____ () C:\WINDOWS\System32\sst1cl6.dll
2014-02-04 18:18 - 2009-09-08 13:12 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-01-15 16:47 - 2010-03-03 15:03 - 00140288 _____ () C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Tools\Media\Notepad++\NppShell_05.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-17 11:09 - 2014-12-04 10:38 - 00042496 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2014-08-24 20:36 - 2014-04-08 08:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-10-10 20:35 - 2014-10-10 20:35 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2016-01-04 17:01 - 2016-01-04 17:01 - 01745920 _____ () C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
2015-01-15 16:47 - 2015-01-15 16:47 - 00109056 _____ () C:\Program Files (x86)\Weka\WEKA Launcher\.install4j\i4jinst.dll
2015-12-25 13:34 - 2014-05-13 12:04 - 00109400 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00167768 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00416600 _____ () C:\Tools\System\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-25 13:34 - 2012-08-23 10:38 - 00574840 _____ () C:\Tools\System\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-25 13:34 - 2012-04-03 17:06 - 00565640 _____ () C:\Tools\System\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-08-24 20:36 - 2014-04-08 08:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext.dll
2014-11-03 11:29 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2014-03-09 12:10 - 00000900 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SDScannerService => 3
MSCONFIG\Services: SDUpdateService => 3
MSCONFIG\Services: SDWSCService => 3
HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "WekaUpdateCenter"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "AdobeBridge"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E57D093D-23BE-4F77-9FE9-6F2955099C74}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{022638D9-68C7-499E-8779-8BE231349811}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{3D94CD91-C46E-4257-AFB4-0AC6D4F792EE}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [UDP Query User{969D4125-127F-4843-BBA4-49E1BC41023C}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [TCP Query User{5FFCF8EC-A5E2-4CE1-A792-034E7A7248C1}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [{776E44D0-898E-459F-85B7-8951E9B2CD19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{446FFFFD-EF97-43D6-9283-1469B1F6D4E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{023E90DA-A9F5-4CE8-9DA5-AF65B6C2C5F3}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{C6840099-6C64-44AB-A765-5AEF62C06543}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{214D6990-8124-46C8-8BCA-A462010E23C1}] => (Allow) LPort=1900
FirewallRules: [{D379275B-B611-47CF-8C8E-4028C1DA0DC5}] => (Allow) LPort=2869
FirewallRules: [{B1E7914B-EE0B-4F90-B3FF-4A2D94020834}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B246AA25-94FA-44A0-BC33-B1AD84A64E38}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{66A6F094-3B80-40EB-B0F9-99B5B90DFAD9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{A9F3D847-5291-47E6-AD52-8A96DB503987}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [UDP Query User{41F7081D-4F8B-40E6-A5E0-9A2A5A99D644}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [TCP Query User{929F69C4-02A4-4371-AB84-FB1B08F470A7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9470EF6A-5F5B-45AE-B64C-CD53059503DB}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{73DD42E9-6DF5-4A56-9F8C-583639E0220E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{8B514598-2843-4118-B8F8-A0BDFCD35C27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{076DD059-1B7F-4E05-85C5-0FEFB9936868}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{55DA511A-CB94-43EF-B4C3-1226496AB4AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{7C5F8CAD-BA1E-49FE-B784-53BCCFC25C64}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{477D68FA-4343-4154-AEF2-D2CD027D8371}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{82747307-574E-4A60-B87A-969FBB0DCD1F}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{A70959CA-E670-41D3-B8D9-CA5FCDE02931}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{8DFED69A-677D-4CE5-A94D-0CE3292050D8}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{4B0F9AF1-F2E2-45B7-8492-CA47D123C10B}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{53204618-E591-4E3E-9C81-7080EB3FADC1}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{29DB62F4-6B27-497A-ACC5-1D5B2BF4A030}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{7D4EAA75-92E8-4F64-9882-6CA933D6480D}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{65313E84-34CD-4458-911A-2E040EBCC83A}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{E6A62001-1882-4154-AE24-D087E855B823}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{F05B8AD7-125C-41C1-A20A-40ED1BCADCC2}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [{2C909032-398A-46FD-83DC-AF39131A4992}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{1BF29DAA-7BF1-4CF2-8931-524E317EFAA3}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{805A1286-AE32-4CFF-8ADF-1330A5A7F6B6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{9ECC36F3-66E0-4E25-B7EF-089877F027EA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{0F5E95A8-4C95-4D6B-A648-1EF18AC74769}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{51DB62F3-E033-4AD7-AF11-DF595A68E2A1}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{1D2CB13A-75DB-4331-A1C6-BA8E785770B9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{1FA25717-7A9B-4494-BB83-870162589F35}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{909D2F1E-2B6D-40A5-BAA1-72A4906B9E94}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{79A5F39A-F6B3-4322-8268-F9A9F570716F}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9A3F8BCA-6DE5-410E-96F1-980515C8A785}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{FE127B2E-61C4-4065-9527-97EC6617CE8D}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{C2F5BF75-9441-4FB1-A14A-ABA89AC8EBD5}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{850B8798-B0F4-4F90-9BEF-63F1805A6087}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{47E06B7E-4B60-4444-B042-E6FA577CF60F}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{F1D1C2F1-0914-48A3-8D2D-FE8F739BC850}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [UDP Query User{8A4B326C-BEEB-43FB-AC27-35A9E634A181}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [{FD9BEC80-8F7F-48D5-8438-4431993E9183}] => (Allow) LPort=50248
FirewallRules: [{92CB16C5-48FA-499A-A0A7-B70C2B873F9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1605453B-F84D-48AC-9238-8679CF8B2AC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50078D83-F3B9-4EDC-AD6F-67799BF08033}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{773EB3DD-0783-4DA9-AB05-02F13862A106}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{00052CCD-CDB8-4B0F-9FF5-65D19FDA6EA5}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{8761E1F7-DFA1-4AB5-981C-05E69D18C334}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{2C7F9478-3AC9-434D-8795-916B542A168E}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{B98E81AB-784F-403B-81DD-F5FA9751A26C}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{1BA3AEE4-31E5-4E4A-83FC-49EA4D02F651}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [UDP Query User{5E43DE58-3515-488D-82B8-255F65925A5F}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [{B5DCD1E8-5162-4A8D-929F-04DD8C7A7D7B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{861976C2-A93A-44A3-B0F6-88C2733725B0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{255F4592-3F05-42CA-8F0F-47212DAF4CA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EEA4923D-649A-46C4-B6B7-1A625426D849}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2347BA7F-8A58-48F0-A589-58DE813740E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81E26DFC-D188-48B6-9550-A7D4A4F5B198}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
31-12-2015 11:16:39 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/31/2015 12:34:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/31/2015 12:29:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0x7e8
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5
Error: (12/31/2015 11:22:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/28/2015 11:42:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/28/2015 10:37:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/28/2015 10:12:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0xfb8
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5
Error: (12/28/2015 10:08:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 16.1.0.0, Zeitstempel: 0x521e80f5
Name des fehlerhaften Moduls: MurocApi.dll, Version: 16.1.0.0, Zeitstempel: 0x521e7ff7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026570
ID des fehlerhaften Prozesses: 0x534
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5
Error: (12/28/2015 10:07:52 AM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (12/28/2015 10:07:52 AM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (12/25/2015 02:05:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Systemfehler:
=============
Error: (01/01/2016 01:12:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.
Error: (01/01/2016 01:11:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.
Error: (01/01/2016 01:11:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.
Error: (12/28/2015 10:12:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/26/2015 03:31:05 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
Error: (12/26/2015 03:31:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 26.12.2015 um 00:10:29 unerwartet heruntergefahren.
Error: (12/25/2015 10:40:31 AM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
Error: (12/23/2015 03:06:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (12/23/2015 09:37:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/23/2015 09:35:46 AM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8079.39 MB
Verfügbarer physikalischer RAM: 4048.39 MB
Summe virtueller Speicher: 10383.39 MB
Verfügbarer virtueller Speicher: 5523.41 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:378.94 GB) (Free:147.67 GB) NTFS
Drive d: (Daten) (Fixed) (Total:292.97 GB) (Free:161.07 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 50960A65)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
08.01.2016, 10:29
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Makrovirus "Berger Antriebstechnik" Die aktuellen Schädlinge in Word-Dateien sind Erpresser (ransoms) die deine Daten verschlüsseln siehe Gefährliches Duo: Erpressungstrojaner kommt mit Word-Datei | heise Security
__________________Sind deine Daten zerstört/verschlüsselt?
__________________ |
|
08.01.2016, 14:51
| #3 |
| | Makrovirus "Berger Antriebstechnik" Hallo,
__________________Habe mir gerade den link angeschaut und das viedeo dazu das ganze macht mir nun doch große Sorgen und Angst habe einige verschiedene Dateien angeschaut weder zerstört noch verschlüssel wie schon erwähnt war nur im ersten moment der Adobe Reader der nicht funktioniert hat Tags darauf nach neustart war er wieder ok Sollte ich möglichst bald einen Backab auf eine externe Festplatte machen oder besteht die gefahr das schadhafte Dateien die festplatt befallen? Kann man davon ausgehen daß ich mir mit dem öffnen dieser dok datei (geöffnet und nach ca 3-4 sekunden wieder geschlossen) automatisch ein Makrovirus geholt habe? Kann ein Helfer aus den verschiedenen Protokollen die ich aus den folgenden Scannern habe herausfinden ob da überhaupt was auf dem Rechner ist FRST 64bit erzeugt Adw Cleaner Protokoll Adw Cleaner ausgeführt TDSSKiller + Protokoll Anti-Malware ESTE Onlinescanner Protokolle würde ich reinstellen wenn sich einer meldet mit freundlichen Grüßen Andreas |
|
08.01.2016, 15:08
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Makrovirus "Berger Antriebstechnik" Ja, poste bitte alle Logs  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.01.2016, 19:20
| #5 |
| | Makrovirus "Berger Antriebstechnik" Hallo, erst mal ein Dankeschön das hier einer ist der mir weiterhelfen kann Habe mir eben noch eine Backup-Platte besorgt So ich habe jetzt alle Protokolle zusammen und werde sie nacheinander posten Es kann recht viel werden da ich manche scanns habe 2x laufen lassen Ich hoffe ihr habt da den Durchblick da ich mit den Produkollen rein garnichts anfangen kann Ich nehme auch an daß da hir und da noch rest Mülldateien vorhanden sind Aber bei email anhängen habe ich bis dato eigentlich nie etwas fragwürdiges geöffnet Also erstes FRST+Addition schon gepostet im ersten beitrag Code:
ATTFilter # AdwCleaner v5.027 - Bericht erstellt am 04/01/2016 um 17:04:22
# Aktualisiert am 30/12/2015 von Xplode
# Datenbank : 2015-12-30.1 [Server]
# Betriebssystem : Windows 8.1 Pro with Media Center (x64)
# Benutzername : Andreas - OLIVER
# Gestartet von : C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner Gefunden : C:\Program Files (x86)\myfree codec
Ordner Gefunden : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden : C:\ProgramData\Ask
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gefunden : C:\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers
***** [ Dateien ] *****
Datei Gefunden : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml
Datei Gefunden : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\Askcom.xml
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Myfree Codec
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Description
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B42DCA7D-7E55-4A79-85A0-AF94DD339325}
***** [ Internetbrowser ] *****
[C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
[C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.order.1", "Ask.com");
[C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "");
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2956 Bytes] ##########
Code:
ATTFilter # AdwCleaner v5.027 - Bericht erstellt am 04/01/2016 um 17:52:03
# Aktualisiert am 30/12/2015 von Xplode
# Datenbank : 2015-12-30.1 [Server]
# Betriebssystem : Windows 8.1 Pro with Media Center (x64)
# Benutzername : Andreas - OLIVER
# Gestartet von : C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec
[-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
[-] Ordner Gelöscht : C:\ProgramData\Ask
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml
[-] Datei Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\Askcom.xml
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Description
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B42DCA7D-7E55-4A79-85A0-AF94DD339325}
***** [ Internetbrowser ] *****
[-] [C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3310 Bytes] ##########
Code:
ATTFilter C:\Program Files (x86)\myfree codec\1.0b beta\avcodec-52.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\avcodec-52.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\avcore-0.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\avcore-0.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\avformat-52.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\avformat-52.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\avutil-50.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\avutil-50.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\FF_MPEG.DLL->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\FF_MPEG.DLL.vir
C:\Program Files (x86)\myfree codec\1.0b beta\FF_MPEG.INI->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\FF_MPEG.INI.vir
C:\Program Files (x86)\myfree codec\1.0b beta\MyFree.ax->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\MyFree.ax.vir
C:\Program Files (x86)\myfree codec\1.0b beta\pthreadGC2.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\pthreadGC2.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\swscale-0.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\swscale-0.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\TG_EVRC.DLL->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\TG_EVRC.DLL.vir
C:\Program Files (x86)\myfree codec\1.0b beta\TG_MMX.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\TG_MMX.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\TG_QCELP.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\TG_QCELP.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\TG_VRESIZE.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\TG_VRESIZE.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\TG_WMVP.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\TG_WMVP.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\uninstall.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\uninstall.exe.vir
C:\Program Files (x86)\myfree codec\1.0b beta\XVID-CORE\xvid.ax->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\XVID-CORE\xvid.ax.vir
C:\Program Files (x86)\myfree codec\1.0b beta\XVID-CORE\xvidcore.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\XVID-CORE\xvidcore.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\AC-3\ac3dx.ax->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\AC-3\ac3dx.ax.vir
C:\Program Files (x86)\myfree codec\1.0b beta\AC-3\liba52.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\AC-3\liba52.dll.vir
C:\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec\1.0b beta\Uninstall.lnk->C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec\1.0b beta\Uninstall.lnk.vir
C:\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm->C:\AdwCleaner\Quarantine\C\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm.vir
C:\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers\freeytvdownloader.htm->C:\AdwCleaner\Quarantine\C\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers\freeytvdownloader.htm.vir
C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml->C:\AdwCleaner\Quarantine\C\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml.vir
C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\Askcom.xml->C:\AdwCleaner\Quarantine\C\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\Askcom.xml.vir
[CODE]17:26:43.0373 0x1f5c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 17:26:43.0373 0x1f5c UEFI system 17:27:23.0367 0x1f5c ============================================================ 17:27:23.0367 0x1f5c Current date / time: 2016/01/04 17:27:23.0367 17:27:23.0367 0x1f5c SystemInfo: 17:27:23.0367 0x1f5c 17:27:23.0367 0x1f5c OS Version: 6.3.9600 ServicePack: 0.0 17:27:23.0367 0x1f5c Product type: Workstation 17:27:23.0367 0x1f5c ComputerName: OLIVER 17:27:23.0367 0x1f5c UserName: Andreas 17:27:23.0367 0x1f5c Windows directory: C:\WINDOWS 17:27:23.0367 0x1f5c System windows directory: C:\WINDOWS 17:27:23.0367 0x1f5c Running under WOW64 17:27:23.0367 0x1f5c Processor architecture: Intel x64 17:27:23.0367 0x1f5c Number of processors: 4 17:27:23.0367 0x1f5c Page size: 0x1000 17:27:23.0367 0x1f5c Boot type: Normal boot 17:27:23.0367 0x1f5c ============================================================ 17:27:23.0951 0x1f5c KLMD registered as C:\WINDOWS\system32\drivers\37226856.sys 17:27:24.0466 0x1f5c System UUID: {14213991-BD6C-C597-0C07-B5A934EF09F8} 17:27:25.0533 0x1f5c Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:27:25.0579 0x1f5c ============================================================ 17:27:25.0579 0x1f5c \Device\Harddisk0\DR0: 17:27:25.0579 0x1f5c GPT partitions: 17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D2EE9E62-8450-43C6-9E1F-5D8E7CB4241A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000 17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {959B4564-8338-47E7-9CBC-6FB02C36D795}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000 17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {26EEE887-6542-41EC-8FC6-A0772B36D6AF}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000 17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C457E945-495B-40A8-921C-BC3B1A18CD6E}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x2F5E0001 17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {80DA5BB7-84DA-4C1C-A36B-011C102EB589}, Name: , StartLBA 0x2F7B1000, BlocksNum 0xAF000 17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {514DEC35-ABFC-450A-BE91-7DC537C7C79F}, Name: Basic data partition, StartLBA 0x2F860000, BlocksNum 0x249EF800 17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C7D1520F-5523-4CBA-89AF-4B2375ACEF5C}, Name: Basic data partition, StartLBA 0x5424F801, BlocksNum 0x30F6800 17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0D1B812C-3112-484F-4173-636C65706975}, Name: Basic data partition, StartLBA 0x57346001, BlocksNum 0x200000 17:27:25.0579 0x1f5c MBR partitions: 17:27:25.0579 0x1f5c ============================================================ 17:27:25.0611 0x1f5c C: <-> \Device\Harddisk0\DR0\Partition4 17:27:25.0642 0x1f5c D: <-> \Device\Harddisk0\DR0\Partition6 17:27:25.0642 0x1f5c ============================================================ 17:27:25.0642 0x1f5c Initialize success 17:27:25.0642 0x1f5c ============================================================ 17:27:38.0361 0x1f6c ============================================================ 17:27:38.0361 0x1f6c Scan started 17:27:38.0361 0x1f6c Mode: Manual; 17:27:38.0361 0x1f6c ============================================================ 17:27:38.0361 0x1f6c KSN ping started 17:27:40.0748 0x1f6c KSN ping finished: true 17:27:43.0151 0x1f6c ================ Scan system memory ======================== 17:27:43.0151 0x1f6c System memory - ok 17:27:43.0151 0x1f6c ================ Scan services ============================= 17:27:43.0338 0x1f6c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 17:27:43.0338 0x1f6c 1394ohci - ok 17:27:43.0354 0x1f6c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 17:27:43.0354 0x1f6c 3ware - ok 17:27:43.0385 0x1f6c [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\WINDOWS\system32\drivers\acedrv11.sys 17:27:43.0385 0x1f6c acedrv11 - ok 17:27:43.0428 0x1f6c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 17:27:43.0428 0x1f6c ACPI - ok 17:27:43.0444 0x1f6c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 17:27:43.0444 0x1f6c acpiex - ok 17:27:43.0475 0x1f6c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 17:27:43.0475 0x1f6c acpipagr - ok 17:27:43.0507 0x1f6c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 17:27:43.0507 0x1f6c AcpiPmi - ok 17:27:43.0507 0x1f6c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 17:27:43.0522 0x1f6c acpitime - ok 17:27:43.0596 0x1f6c [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 17:27:43.0596 0x1f6c AdobeARMservice - ok 17:27:43.0736 0x1f6c [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 17:27:43.0752 0x1f6c AdobeFlashPlayerUpdateSvc - ok 17:27:43.0814 0x1f6c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 17:27:43.0846 0x1f6c ADP80XX - ok 17:27:43.0877 0x1f6c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 17:27:43.0877 0x1f6c AeLookupSvc - ok 17:27:43.0924 0x1f6c [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys 17:27:43.0939 0x1f6c AFD - ok 17:27:43.0955 0x1f6c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 17:27:43.0955 0x1f6c agp440 - ok 17:27:44.0002 0x1f6c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 17:27:44.0002 0x1f6c ahcache - ok 17:27:44.0049 0x1f6c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe 17:27:44.0049 0x1f6c ALG - ok 17:27:44.0080 0x1f6c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 17:27:44.0096 0x1f6c AmdK8 - ok 17:27:44.0111 0x1f6c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 17:27:44.0111 0x1f6c AmdPPM - ok 17:27:44.0142 0x1f6c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 17:27:44.0142 0x1f6c amdsata - ok 17:27:44.0174 0x1f6c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 17:27:44.0174 0x1f6c amdsbs - ok 17:27:44.0189 0x1f6c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 17:27:44.0189 0x1f6c amdxata - ok 17:27:44.0221 0x1f6c [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys 17:27:44.0221 0x1f6c AMPPAL - ok 17:27:44.0299 0x1f6c [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 17:27:44.0314 0x1f6c AMPPALR3 - ok 17:27:44.0408 0x1f6c [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe 17:27:44.0424 0x1f6c AntiVirMailService - ok 17:27:44.0465 0x1f6c [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 17:27:44.0465 0x1f6c AntiVirSchedulerService - ok 17:27:44.0481 0x1f6c [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 17:27:44.0497 0x1f6c AntiVirService - ok 17:27:44.0544 0x1f6c [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 17:27:44.0559 0x1f6c AntiVirWebService - ok 17:27:44.0596 0x1f6c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys 17:27:44.0596 0x1f6c AppID - ok 17:27:44.0627 0x1f6c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 17:27:44.0627 0x1f6c AppIDSvc - ok 17:27:44.0674 0x1f6c [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll 17:27:44.0674 0x1f6c Appinfo - ok 17:27:44.0721 0x1f6c [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 17:27:44.0721 0x1f6c AppMgmt - ok 17:27:44.0768 0x1f6c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 17:27:44.0799 0x1f6c AppReadiness - ok 17:27:44.0846 0x1f6c [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 17:27:44.0862 0x1f6c AppXSvc - ok 17:27:44.0909 0x1f6c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 17:27:44.0909 0x1f6c arcsas - ok 17:27:44.0924 0x1f6c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 17:27:44.0924 0x1f6c atapi - ok 17:27:44.0971 0x1f6c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 17:27:44.0971 0x1f6c AudioEndpointBuilder - ok 17:27:45.0034 0x1f6c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 17:27:45.0049 0x1f6c Audiosrv - ok 17:27:45.0112 0x1f6c [ F431DC5D94F4B2FDBC927655D8A9B10E, FA16A95E5B83D08F0FD76FDAB03FC7CD4B6917BFE15F2F1D9F3B781F6A1888D8 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe 17:27:45.0112 0x1f6c Autodesk Content Service - ok 17:27:45.0174 0x1f6c [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe 17:27:45.0190 0x1f6c Autodesk Licensing Service - ok 17:27:45.0221 0x1f6c [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 17:27:45.0221 0x1f6c avgntflt - ok 17:27:45.0252 0x1f6c [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 17:27:45.0268 0x1f6c avipbb - ok 17:27:45.0299 0x1f6c [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 17:27:45.0315 0x1f6c Avira.ServiceHost - ok 17:27:45.0331 0x1f6c [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 17:27:45.0331 0x1f6c avkmgr - ok 17:27:45.0362 0x1f6c [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys 17:27:45.0362 0x1f6c avnetflt - ok 17:27:45.0393 0x1f6c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 17:27:45.0393 0x1f6c AxInstSV - ok 17:27:45.0440 0x1f6c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 17:27:45.0440 0x1f6c b06bdrv - ok 17:27:45.0456 0x1f6c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 17:27:45.0456 0x1f6c BasicDisplay - ok 17:27:45.0500 0x1f6c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 17:27:45.0500 0x1f6c BasicRender - ok 17:27:45.0515 0x1f6c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 17:27:45.0515 0x1f6c bcmfn2 - ok 17:27:45.0546 0x1f6c [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 17:27:45.0562 0x1f6c BDESVC - ok 17:27:45.0578 0x1f6c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys 17:27:45.0578 0x1f6c Beep - ok 17:27:45.0634 0x1f6c [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\WINDOWS\System32\bfe.dll 17:27:45.0634 0x1f6c BFE - ok 17:27:45.0697 0x1f6c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll 17:27:45.0712 0x1f6c BITS - ok 17:27:45.0822 0x1f6c [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 17:27:45.0853 0x1f6c Bluetooth Device Monitor - ok 17:27:45.0884 0x1f6c [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 17:27:45.0900 0x1f6c Bluetooth OBEX Service - ok 17:27:45.0931 0x1f6c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 17:27:45.0931 0x1f6c bowser - ok 17:27:45.0978 0x1f6c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 17:27:45.0994 0x1f6c BrokerInfrastructure - ok 17:27:46.0025 0x1f6c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll 17:27:46.0040 0x1f6c Browser - ok 17:27:46.0072 0x1f6c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 17:27:46.0087 0x1f6c BthAvrcpTg - ok 17:27:46.0134 0x1f6c [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 17:27:46.0134 0x1f6c BthEnum - ok 17:27:46.0165 0x1f6c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 17:27:46.0181 0x1f6c BthHFEnum - ok 17:27:46.0181 0x1f6c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 17:27:46.0181 0x1f6c bthhfhid - ok 17:27:46.0244 0x1f6c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 17:27:46.0244 0x1f6c BthHFSrv - ok 17:27:46.0306 0x1f6c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys 17:27:46.0306 0x1f6c BthLEEnum - ok 17:27:46.0337 0x1f6c [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 17:27:46.0353 0x1f6c BTHMODEM - ok 17:27:46.0384 0x1f6c [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys 17:27:46.0384 0x1f6c BthPan - ok 17:27:46.0462 0x1f6c [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys 17:27:46.0478 0x1f6c BTHPORT - ok 17:27:46.0526 0x1f6c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll 17:27:46.0528 0x1f6c bthserv - ok 17:27:46.0541 0x1f6c [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 17:27:46.0541 0x1f6c BTHSSecurityMgr - ok 17:27:46.0588 0x1f6c [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys 17:27:46.0603 0x1f6c BTHUSB - ok 17:27:46.0640 0x1f6c [ 4428C299BE7B9841ECFA82044B69FA6A, F8AB607D6CACBF2DDE3C392F9756B9F32CB99664A75F3140365CB916450660EC ] btmaux C:\WINDOWS\system32\DRIVERS\btmaux.sys 17:27:46.0643 0x1f6c btmaux - ok 17:27:46.0665 0x1f6c [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys 17:27:46.0696 0x1f6c btmhsf - ok 17:27:46.0712 0x1f6c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 17:27:46.0712 0x1f6c cdfs - ok 17:27:46.0728 0x1f6c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 17:27:46.0743 0x1f6c cdrom - ok 17:27:46.0759 0x1f6c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 17:27:46.0759 0x1f6c CertPropSvc - ok 17:27:46.0790 0x1f6c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 17:27:46.0790 0x1f6c circlass - ok 17:27:46.0853 0x1f6c [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 17:27:46.0853 0x1f6c CLFS - ok 17:27:46.0900 0x1f6c [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 17:27:46.0900 0x1f6c CLVirtualDrive - ok 17:27:46.0931 0x1f6c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 17:27:46.0946 0x1f6c CmBatt - ok 17:27:46.0978 0x1f6c [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\WINDOWS\system32\Drivers\cng.sys 17:27:46.0993 0x1f6c CNG - ok 17:27:47.0009 0x1f6c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 17:27:47.0009 0x1f6c CompositeBus - ok 17:27:47.0009 0x1f6c COMSysApp - ok 17:27:47.0025 0x1f6c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys 17:27:47.0025 0x1f6c condrv - ok 17:27:47.0040 0x1dac Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService 17:27:47.0118 0x1f6c [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 17:27:47.0118 0x1f6c cphs - ok 17:27:47.0150 0x1f6c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 17:27:47.0150 0x1f6c CryptSvc - ok 17:27:47.0196 0x1f6c [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\WINDOWS\system32\drivers\csc.sys 17:27:47.0196 0x1f6c CSC - ok 17:27:47.0228 0x1f6c [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\WINDOWS\System32\cscsvc.dll 17:27:47.0243 0x1f6c CscService - ok 17:27:47.0275 0x1f6c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys 17:27:47.0275 0x1f6c dam - ok 17:27:47.0353 0x1f6c [ 5A639B2B630B572FFE9B72448A8A514D, C61C72BC85AD4E2A2AD12E1404601B5FFC26AABB0D9D9CDF48D926443FF91F50 ] DBService C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe 17:27:47.0353 0x1f6c DBService - ok 17:27:47.0431 0x1f6c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 17:27:47.0447 0x1f6c DcomLaunch - ok 17:27:47.0493 0x1f6c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll 17:27:47.0493 0x1f6c defragsvc - ok 17:27:47.0540 0x1f6c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 17:27:47.0556 0x1f6c DeviceAssociationService - ok 17:27:47.0593 0x1f6c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 17:27:47.0593 0x1f6c DeviceInstall - ok 17:27:47.0609 0x1f6c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 17:27:47.0609 0x1f6c Dfsc - ok 17:27:47.0640 0x1f6c [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys 17:27:47.0640 0x1f6c dg_ssudbus - ok 17:27:47.0697 0x1f6c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 17:27:47.0713 0x1f6c Dhcp - ok 17:27:47.0775 0x1f6c [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 17:27:47.0791 0x1f6c DiagTrack - ok 17:27:47.0838 0x1f6c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys 17:27:47.0838 0x1f6c disk - ok 17:27:47.0885 0x1f6c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 17:27:47.0885 0x1f6c dmvsc - ok 17:27:47.0932 0x1f6c [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 17:27:47.0932 0x1f6c Dnscache - ok 17:27:47.0963 0x1f6c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 17:27:47.0979 0x1f6c dot3svc - ok 17:27:48.0010 0x1f6c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll 17:27:48.0010 0x1f6c DPS - ok 17:27:48.0041 0x1f6c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 17:27:48.0041 0x1f6c drmkaud - ok 17:27:48.0072 0x1f6c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 17:27:48.0088 0x1f6c DsmSvc - ok 17:27:48.0135 0x1f6c [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 17:27:48.0166 0x1f6c DXGKrnl - ok 17:27:48.0182 0x1f6c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll 17:27:48.0182 0x1f6c Eaphost - ok 17:27:48.0307 0x1f6c [ E8A3102296B412EBE14801733474816B, 5B88E0A8DE37D09E6A8E86347E7F69BACF9C87B2C053A92518DE60852728BDEC ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe 17:27:48.0322 0x0db4 Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb 17:27:48.0338 0x1f6c Easy Launcher - ok 17:27:48.0447 0x1f6c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 17:27:48.0494 0x1f6c ebdrv - ok 17:27:48.0526 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe 17:27:48.0526 0x1f6c EFS - ok 17:27:48.0630 0x1f6c [ 44C5F3F4B70D1C8D21C90E724E249796, 49B31B9E7E45A2E42BDA803D9CDC3837E0CB73A1E1E6DA00CF4282573D60526F ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe 17:27:48.0646 0x1f6c ehRecvr - ok 17:27:48.0662 0x1f6c [ 8EFB35A528A48D682C5322A5A07D4352, 5886991ECA449C48A89A3BB2950468EA7CCBD0998774C4C77A1194866827D267 ] ehSched C:\WINDOWS\ehome\ehsched.exe 17:27:48.0662 0x1f6c ehSched - ok 17:27:48.0693 0x1f6c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 17:27:48.0693 0x1f6c EhStorClass - ok 17:27:48.0709 0x1f6c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 17:27:48.0709 0x1f6c EhStorTcgDrv - ok 17:27:48.0724 0x1f6c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 17:27:48.0724 0x1f6c ErrDev - ok 17:27:48.0773 0x1f6c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll 17:27:48.0789 0x1f6c EventSystem - ok 17:27:48.0867 0x1f6c [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 17:27:48.0867 0x1f6c EvtEng - ok 17:27:48.0914 0x1f6c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 17:27:48.0914 0x1f6c exfat - ok 17:27:48.0929 0x1f6c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 17:27:48.0929 0x1f6c fastfat - ok 17:27:49.0054 0x1f6c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe 17:27:49.0054 0x1f6c Fax - ok 17:27:49.0070 0x1f6c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 17:27:49.0070 0x1f6c fdc - ok 17:27:49.0101 0x1f6c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 17:27:49.0101 0x1f6c fdPHost - ok 17:27:49.0132 0x1f6c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 17:27:49.0132 0x1f6c FDResPub - ok 17:27:49.0164 0x1f6c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 17:27:49.0164 0x1f6c fhsvc - ok 17:27:49.0210 0x1f6c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 17:27:49.0210 0x1f6c FileInfo - ok 17:27:49.0257 0x1f6c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 17:27:49.0257 0x1f6c Filetrace - ok 17:27:49.0367 0x1f6c [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 17:27:49.0382 0x1f6c FLEXnet Licensing Service 64 - ok 17:27:49.0398 0x1f6c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 17:27:49.0398 0x1f6c flpydisk - ok 17:27:49.0429 0x1f6c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 17:27:49.0445 0x1f6c FltMgr - ok 17:27:49.0507 0x1f6c [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\WINDOWS\system32\FntCache.dll 17:27:49.0539 0x1dac Object send P2P result: true 17:27:49.0539 0x1dac Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService 17:27:49.0539 0x1f6c FontCache - ok 17:27:49.0668 0x1f6c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 17:27:49.0668 0x1f6c FontCache3.0.0.0 - ok 17:27:49.0699 0x1f6c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 17:27:49.0715 0x1f6c FsDepends - ok 17:27:49.0748 0x1f6c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 17:27:49.0750 0x1f6c Fs_Rec - ok 17:27:49.0772 0x1f6c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 17:27:49.0788 0x1f6c fvevol - ok 17:27:49.0803 0x1f6c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 17:27:49.0803 0x1f6c FxPPM - ok 17:27:49.0835 0x1f6c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 17:27:49.0835 0x1f6c gagp30kx - ok 17:27:49.0866 0x1f6c [ E99CF7AD8704278B7C8A8FB84BE4B3B6, F269C385513903385FDADC0E57325234062CF790484ADEFF206B20DEAFC69952 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe 17:27:49.0882 0x1f6c Garmin Core Update Service - ok 17:27:49.0913 0x1f6c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 17:27:49.0913 0x1f6c gencounter - ok 17:27:49.0944 0x1f6c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 17:27:49.0944 0x1f6c GPIOClx0101 - ok 17:27:50.0007 0x1f6c [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 17:27:50.0022 0x1f6c gpsvc - ok 17:27:50.0069 0x1f6c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 17:27:50.0069 0x1f6c HDAudBus - ok 17:27:50.0100 0x1f6c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 17:27:50.0100 0x1f6c HidBatt - ok 17:27:50.0147 0x1f6c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 17:27:50.0147 0x1f6c HidBth - ok 17:27:50.0163 0x1f6c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 17:27:50.0178 0x1f6c hidi2c - ok 17:27:50.0210 0x1f6c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 17:27:50.0210 0x1f6c HidIr - ok 17:27:50.0241 0x1f6c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll 17:27:50.0257 0x1f6c hidserv - ok 17:27:50.0272 0x1f6c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 17:27:50.0272 0x1f6c HidUsb - ok 17:27:50.0319 0x1f6c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 17:27:50.0319 0x1f6c hkmsvc - ok 17:27:50.0350 0x1f6c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 17:27:50.0366 0x1f6c HomeGroupListener - ok 17:27:50.0413 0x1f6c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 17:27:50.0413 0x1f6c HomeGroupProvider - ok 17:27:50.0444 0x1f6c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 17:27:50.0444 0x1f6c HpSAMD - ok 17:27:50.0507 0x1f6c [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 17:27:50.0538 0x1f6c HTTP - ok 17:27:50.0569 0x1f6c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 17:27:50.0569 0x1f6c hwpolicy - ok 17:27:50.0632 0x1f6c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 17:27:50.0632 0x1f6c hyperkbd - ok 17:27:50.0647 0x1f6c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 17:27:50.0647 0x1f6c HyperVideo - ok 17:27:50.0690 0x1f6c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 17:27:50.0690 0x1f6c i8042prt - ok 17:27:50.0706 0x1f6c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 17:27:50.0706 0x1f6c iaLPSSi_GPIO - ok 17:27:50.0737 0x1f6c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 17:27:50.0737 0x1f6c iaLPSSi_I2C - ok 17:27:50.0768 0x0db4 Object send P2P result: true 17:27:50.0768 0x0db4 Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost 17:27:50.0809 0x1f6c [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 17:27:50.0825 0x1f6c iaStorA - ok 17:27:50.0856 0x1f6c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 17:27:50.0872 0x1f6c iaStorAV - ok 17:27:50.0919 0x1f6c [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 17:27:50.0919 0x1f6c IAStorDataMgrSvc - ok 17:27:50.0950 0x1f6c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 17:27:50.0966 0x1f6c iaStorV - ok 17:27:50.0997 0x1f6c [ 23E22B130EFE5A225E279467BE146317, 2302C119FE9C57F3A71DFE504489423B6F7140E2DFF5D501883AD971CB671CB4 ] iBtFltCoex C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys 17:27:50.0997 0x1f6c iBtFltCoex - ok 17:27:50.0997 0x1f6c IEEtwCollectorService - ok 17:27:51.0138 0x1f6c [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 17:27:51.0200 0x1f6c igfx - ok 17:27:51.0231 0x1f6c [ C5B04409186A27409BD069580208A6D3, CAD4B07EB498BBDF730A8362BFDF02CF3A40B28001097CB8DBB5BE20D79581BA ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 17:27:51.0231 0x1f6c IJPLMSVC - ok 17:27:51.0278 0x1f6c [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\WINDOWS\System32\ikeext.dll 17:27:51.0294 0x1f6c IKEEXT - ok 17:27:51.0325 0x1f6c [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys 17:27:51.0325 0x1f6c intaud_WaveExtensible - ok 17:27:51.0466 0x1f6c [ E3FEE528E5E232BB173E07E5AA29406A, AC0E6862CEC92933C64EA716D81598247A8BCDB346FCE3780C6083D80F07FA3F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 17:27:51.0528 0x1f6c IntcAzAudAddService - ok 17:27:51.0575 0x1f6c [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 17:27:51.0575 0x1f6c IntcDAud - ok 17:27:51.0622 0x1f6c [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 17:27:51.0638 0x1f6c Intel(R) Capability Licensing Service Interface - ok 17:27:51.0684 0x1f6c [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 17:27:51.0716 0x1f6c Intel(R) Capability Licensing Service TCP IP Interface - ok 17:27:51.0774 0x1f6c [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe 17:27:51.0789 0x1f6c Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok 17:27:51.0831 0x1f6c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 17:27:51.0831 0x1f6c intelide - ok 17:27:51.0862 0x1f6c [ A4DE7F75F20762A1C360E48B36F3B498, D194B7E16837E5AE7F0E3FC3B0F9A5CB2E1F7D4C2D5BDC6AC6D3DF09CE5334C1 ] IntelliMemory C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe 17:27:51.0862 0x1f6c IntelliMemory - ok 17:27:51.0894 0x1f6c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 17:27:51.0894 0x1f6c intelpep - ok 17:27:51.0925 0x1f6c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 17:27:51.0925 0x1f6c intelppm - ok 17:27:51.0925 0x1f6c [ 188D1B5837948CE932353C1FB26BF301, 5E08144063D3AE3AD2D5285DA524BC862971303533BFA18ED6BC49476C029A28 ] intmfs C:\WINDOWS\system32\DRIVERS\intmfs.sys 17:27:51.0925 0x1f6c intmfs - ok 17:27:51.0941 0x1f6c [ EB0169B38D94A4BC575724ABBA58DF36, F8FA133813595B48E220499C3841BD11E2127B3BEE52A0988EFD5502877AE0A2 ] intmsd C:\WINDOWS\system32\DRIVERS\intmsd.sys 17:27:51.0941 0x1f6c intmsd - ok 17:27:51.0972 0x1f6c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 17:27:51.0972 0x1f6c IpFilterDriver - ok 17:27:52.0003 0x1dac Object send P2P result: true 17:27:52.0003 0x1dac Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService 17:27:52.0019 0x1f6c [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 17:27:52.0034 0x1f6c iphlpsvc - ok 17:27:52.0081 0x1f6c [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 17:27:52.0081 0x1f6c IPMIDRV - ok 17:27:52.0144 0x1f6c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 17:27:52.0159 0x1f6c IPNAT - ok 17:27:52.0175 0x1f6c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 17:27:52.0175 0x1f6c IRENUM - ok 17:27:52.0237 0x1f6c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 17:27:52.0237 0x1f6c isapnp - ok 17:27:52.0284 0x1f6c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 17:27:52.0284 0x1f6c iScsiPrt - ok 17:27:52.0378 0x1f6c [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe 17:27:52.0394 0x1f6c iumsvc - ok 17:27:52.0425 0x1f6c [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 17:27:52.0425 0x1f6c iwdbus - ok 17:27:52.0472 0x1f6c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 17:27:52.0472 0x1f6c jhi_service - ok 17:27:52.0487 0x1f6c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 17:27:52.0487 0x1f6c kbdclass - ok 17:27:52.0519 0x1f6c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 17:27:52.0534 0x1f6c kbdhid - ok 17:27:52.0550 0x1f6c [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys 17:27:52.0550 0x1f6c kbldfltr - ok 17:27:52.0581 0x1f6c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 17:27:52.0581 0x1f6c kdnic - ok 17:27:52.0597 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe 17:27:52.0597 0x1f6c KeyIso - ok 17:27:52.0644 0x1f6c [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 17:27:52.0644 0x1f6c KSecDD - ok 17:27:52.0691 0x1f6c [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 17:27:52.0691 0x1f6c KSecPkg - ok 17:27:52.0706 0x1f6c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 17:27:52.0706 0x1f6c ksthunk - ok 17:27:52.0737 0x1f6c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 17:27:52.0737 0x1f6c KtmRm - ok 17:27:52.0796 0x1f6c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 17:27:52.0796 0x1f6c LanmanServer - ok 17:27:52.0843 0x1f6c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 17:27:52.0861 0x1f6c LanmanWorkstation - ok 17:27:52.0917 0x1f6c [ 4B778E7F0389963BAE8A0AE0370496CC, 4E27D6E62B09B9D4A125545BC44A5124EBA49C6E5CA7A5E9392CE1220A57D59C ] launcherservice C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe 17:27:52.0917 0x1f6c launcherservice - ok 17:27:52.0963 0x1f6c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 17:27:52.0963 0x1f6c lfsvc - ok 17:27:52.0995 0x1f6c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 17:27:52.0995 0x1f6c lltdio - ok 17:27:53.0026 0x1f6c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 17:27:53.0026 0x1f6c lltdsvc - ok 17:27:53.0073 0x1f6c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 17:27:53.0073 0x1f6c lmhosts - ok 17:27:53.0120 0x1f6c [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 17:27:53.0135 0x1f6c LMS - ok 17:27:53.0167 0x1f6c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 17:27:53.0167 0x1f6c LSI_SAS - ok 17:27:53.0182 0x1f6c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 17:27:53.0198 0x1f6c LSI_SAS2 - ok 17:27:53.0213 0x0db4 Object send P2P result: true 17:27:53.0213 0x0db4 Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt 17:27:53.0213 0x1f6c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 17:27:53.0213 0x1f6c LSI_SAS3 - ok 17:27:53.0229 0x1f6c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 17:27:53.0229 0x1f6c LSI_SSS - ok 17:27:53.0292 0x1f6c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll 17:27:53.0307 0x1f6c LSM - ok 17:27:53.0338 0x1f6c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 17:27:53.0338 0x1f6c luafv - ok 17:27:53.0370 0x1f6c [ 9D2252224DF2213E1B44FA608E6A1D14, E2C644C5FDCCA7BD2547ADC110FDDB26EA91C734AB53CD4196266C746BFDFAA4 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll 17:27:53.0370 0x1f6c Mcx2Svc - ok 17:27:53.0417 0x1f6c [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe 17:27:53.0432 0x1f6c MDM - ok 17:27:53.0463 0x1f6c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys 17:27:53.0479 0x1f6c megasas - ok 17:27:53.0495 0x1f6c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 17:27:53.0510 0x1f6c megasr - ok 17:27:53.0526 0x1f6c [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 17:27:53.0526 0x1f6c MEIx64 - ok 17:27:53.0557 0x1f6c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll 17:27:53.0557 0x1f6c MMCSS - ok 17:27:53.0588 0x1f6c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys 17:27:53.0588 0x1f6c Modem - ok 17:27:53.0604 0x1f6c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 17:27:53.0604 0x1f6c monitor - ok 17:27:53.0620 0x1f6c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 17:27:53.0620 0x1f6c mouclass - ok 17:27:53.0635 0x1f6c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 17:27:53.0651 0x1f6c mouhid - ok 17:27:53.0682 0x1f6c [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 17:27:53.0682 0x1f6c mountmgr - ok 17:27:53.0729 0x1f6c [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 17:27:53.0745 0x1f6c MozillaMaintenance - ok 17:27:53.0776 0x1f6c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 17:27:53.0776 0x1f6c mpsdrv - ok 17:27:53.0862 0x1f6c [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 17:27:53.0878 0x1f6c MpsSvc - ok 17:27:53.0903 0x1f6c [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 17:27:53.0903 0x1f6c MRxDAV - ok 17:27:53.0950 0x1f6c [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 17:27:53.0966 0x1f6c mrxsmb - ok 17:27:53.0997 0x1f6c [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 17:27:54.0013 0x1f6c mrxsmb10 - ok 17:27:54.0029 0x1f6c [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 17:27:54.0029 0x1f6c mrxsmb20 - ok 17:27:54.0060 0x1f6c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 17:27:54.0060 0x1f6c MsBridge - ok 17:27:54.0107 0x1f6c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe 17:27:54.0107 0x1f6c MSDTC - ok 17:27:54.0154 0x1f6c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 17:27:54.0154 0x1f6c Msfs - ok 17:27:54.0185 0x1f6c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 17:27:54.0200 0x1f6c msgpiowin32 - ok 17:27:54.0216 0x1f6c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 17:27:54.0216 0x1f6c mshidkmdf - ok 17:27:54.0232 0x1f6c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 17:27:54.0232 0x1f6c mshidumdf - ok 17:27:54.0247 0x1f6c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 17:27:54.0247 0x1f6c msisadrv - ok 17:27:54.0279 0x1f6c [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 17:27:54.0279 0x1f6c MSiSCSI - ok 17:27:54.0294 0x1f6c msiserver - ok 17:27:54.0325 0x1f6c [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll 17:27:54.0325 0x1f6c MsKeyboardFilter - ok 17:27:54.0357 0x1f6c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 17:27:54.0357 0x1f6c MSKSSRV - ok 17:27:54.0388 0x1f6c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 17:27:54.0388 0x1f6c MsLldp - ok 17:27:54.0419 0x1f6c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 17:27:54.0419 0x1f6c MSPCLOCK - ok 17:27:54.0435 0x1dac Object send P2P result: true 17:27:54.0450 0x1dac Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService 17:27:54.0450 0x1f6c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 17:27:54.0450 0x1f6c MSPQM - ok 17:27:54.0482 0x1f6c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 17:27:54.0497 0x1f6c MsRPC - ok 17:27:54.0529 0x1f6c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 17:27:54.0529 0x1f6c mssmbios - ok 17:27:54.0591 0x1f6c [ 3AE13C9869B7CE1135BCF21C0AAA68ED, 3E917376199B13523DFB4FCC445583D9DF0606AD0A6A02B111D8A3EE6B71E117 ] MSSQL$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe 17:27:54.0607 0x1f6c MSSQL$SQLEXPRESS - ok 17:27:54.0622 0x1f6c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 17:27:54.0622 0x1f6c MSTEE - ok 17:27:54.0638 0x1f6c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 17:27:54.0638 0x1f6c MTConfig - ok 17:27:54.0669 0x1f6c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys 17:27:54.0685 0x1f6c Mup - ok 17:27:54.0716 0x1f6c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 17:27:54.0716 0x1f6c mvumis - ok 17:27:54.0763 0x1f6c [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 17:27:54.0779 0x1f6c MyWiFiDHCPDNS - ok 17:27:54.0831 0x1f6c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll 17:27:54.0839 0x1f6c napagent - ok 17:27:54.0902 0x1f6c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 17:27:54.0918 0x1f6c NativeWifiP - ok 17:27:54.0959 0x1f6c [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe 17:27:54.0975 0x1f6c NAUpdate - ok 17:27:55.0006 0x1f6c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 17:27:55.0022 0x1f6c NcaSvc - ok 17:27:55.0053 0x1f6c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll 17:27:55.0053 0x1f6c NcbService - ok 17:27:55.0069 0x1f6c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 17:27:55.0084 0x1f6c NcdAutoSetup - ok 17:27:55.0147 0x1f6c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 17:27:55.0178 0x1f6c NDIS - ok 17:27:55.0209 0x1f6c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 17:27:55.0209 0x1f6c NdisCap - ok 17:27:55.0241 0x1f6c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 17:27:55.0241 0x1f6c NdisImPlatform - ok 17:27:55.0256 0x1f6c [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 17:27:55.0256 0x1f6c NdisTapi - ok 17:27:55.0288 0x1f6c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 17:27:55.0303 0x1f6c Ndisuio - ok 17:27:55.0319 0x1f6c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 17:27:55.0319 0x1f6c NdisVirtualBus - ok 17:27:55.0334 0x1f6c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 17:27:55.0350 0x1f6c NdisWan - ok 17:27:55.0366 0x1f6c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 17:27:55.0366 0x1f6c NdisWanLegacy - ok 17:27:55.0397 0x1f6c [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 17:27:55.0397 0x1f6c NDProxy - ok 17:27:55.0444 0x1f6c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 17:27:55.0444 0x1f6c Ndu - ok 17:27:55.0491 0x1f6c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 17:27:55.0491 0x1f6c NetBIOS - ok 17:27:55.0538 0x1f6c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 17:27:55.0553 0x1f6c NetBT - ok 17:27:55.0553 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe 17:27:55.0569 0x1f6c Netlogon - ok 17:27:55.0600 0x1f6c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll 17:27:55.0616 0x1f6c Netman - ok 17:27:55.0647 0x0db4 Object send P2P result: true 17:27:55.0663 0x1f6c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 17:27:55.0663 0x1f6c netprofm - ok 17:27:55.0725 0x1f6c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:27:55.0725 0x1f6c NetTcpPortSharing - ok 17:27:55.0772 0x1f6c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys 17:27:55.0772 0x1f6c netvsc - ok 17:27:55.0910 0x1f6c [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64 C:\WINDOWS\system32\DRIVERS\Netwew00.sys 17:27:55.0957 0x1f6c NETwNe64 - ok 17:27:55.0988 0x1f6c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 17:27:56.0003 0x1f6c NlaSvc - ok 17:27:56.0092 0x1f6c [ EBA1B4BF2E2375ABDADEDB649F283541, 8B27AE794678C55791F95F34E67E12BAD5BE753F812C49D6511BB657CF453B52 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe 17:27:56.0107 0x1f6c NMIndexingService - ok 17:27:56.0139 0x1f6c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 17:27:56.0139 0x1f6c Npfs - ok 17:27:56.0170 0x1f6c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 17:27:56.0170 0x1f6c npsvctrig - ok 17:27:56.0201 0x1f6c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll 17:27:56.0201 0x1f6c nsi - ok 17:27:56.0217 0x1f6c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 17:27:56.0217 0x1f6c nsiproxy - ok 17:27:56.0295 0x1f6c [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 17:27:56.0342 0x1f6c Ntfs - ok 17:27:56.0373 0x1f6c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys 17:27:56.0373 0x1f6c Null - ok 17:27:56.0654 0x1f6c [ C769B999721DEF6E59FF579AEDFB2693, 05FC56F88515787533BC8E14A8556BDC3FE0B50AC9EB51C8C0A2187FA1761C89 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 17:27:56.0810 0x1f6c nvlddmkm - ok 17:27:56.0873 0x1f6c [ 1C7CF80FE7E4B18BC46EA5C7ADC7339C, 671D634E8AF33DAF8E926CDE0C54A10142A989D8358E2827A7EB78026D25763B ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys 17:27:56.0873 0x1f6c nvpciflt - ok 17:27:56.0908 0x1dac Object send P2P result: true 17:27:56.0914 0x1f6c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 17:27:56.0930 0x1f6c nvraid - ok 17:27:56.0946 0x1f6c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 17:27:56.0946 0x1f6c nvstor - ok 17:27:56.0977 0x1f6c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 17:27:56.0977 0x1f6c nv_agp - ok 17:27:57.0049 0x1f6c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 17:27:57.0065 0x1f6c odserv - ok 17:27:57.0174 0x1f6c [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe 17:27:57.0190 0x1f6c Origin Client Service - ok 17:27:57.0221 0x1f6c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:27:57.0221 0x1f6c ose - ok 17:27:57.0268 0x1f6c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 17:27:57.0268 0x1f6c p2pimsvc - ok 17:27:57.0315 0x1f6c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll 17:27:57.0331 0x1f6c p2psvc - ok 17:27:57.0346 0x1f6c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys 17:27:57.0346 0x1f6c Parport - ok 17:27:57.0378 0x1f6c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 17:27:57.0378 0x1f6c partmgr - ok 17:27:57.0424 0x1f6c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 17:27:57.0440 0x1f6c PcaSvc - ok 17:27:57.0471 0x1f6c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys 17:27:57.0471 0x1f6c pci - ok 17:27:57.0487 0x1f6c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 17:27:57.0487 0x1f6c pciide - ok 17:27:57.0503 0x1f6c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 17:27:57.0503 0x1f6c pcmcia - ok 17:27:57.0503 0x1f6c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 17:27:57.0518 0x1f6c pcw - ok 17:27:57.0549 0x1f6c [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 17:27:57.0549 0x1f6c pdc - ok 17:27:57.0565 0x1f6c [ 958754A37C85E18EB53FA2139787113C, A58B39CFD7B0A36EA12965A24A384B7B1E2A980CA8D2F33B72FA72B00E68EC0C ] pe3ah4nc C:\WINDOWS\system32\drivers\pe3ah4nc.sys 17:27:57.0565 0x1f6c pe3ah4nc - ok 17:27:57.0612 0x1f6c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 17:27:57.0628 0x1f6c PEAUTH - ok 17:27:57.0721 0x1f6c [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll 17:27:57.0753 0x1f6c PeerDistSvc - ok 17:27:57.0878 0x1f6c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 17:27:57.0878 0x1f6c PerfHost - ok 17:27:57.0965 0x1f6c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll 17:27:57.0981 0x1f6c pla - ok 17:27:58.0012 0x1f6c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 17:27:58.0028 0x1f6c PlugPlay - ok 17:27:58.0059 0x1f6c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 17:27:58.0059 0x1f6c PNRPAutoReg - ok 17:27:58.0093 0x1f6c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 17:27:58.0100 0x1f6c PNRPsvc - ok 17:27:58.0132 0x1f6c [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 17:27:58.0132 0x1f6c PolicyAgent - ok 17:27:58.0179 0x1f6c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll 17:27:58.0179 0x1f6c Power - ok 17:27:58.0195 0x1f6c pr2ah4nc - ok 17:27:58.0382 0x1f6c [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 17:27:58.0413 0x1f6c PrintNotify - ok 17:27:58.0476 0x1f6c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys 17:27:58.0476 0x1f6c Processor - ok 17:27:58.0523 0x1f6c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll 17:27:58.0523 0x1f6c ProfSvc - ok 17:27:58.0554 0x1f6c [ 0E998144E0C05AFFBB6CC66B5999958C, 6EED570FCBDD4FD9746C5E72AB83261D826CF68A54411FD82DF917DADAF23FD7 ] ps6ah4nc C:\WINDOWS\system32\drivers\ps6ah4nc.sys 17:27:58.0554 0x1f6c ps6ah4nc - ok 17:27:58.0601 0x1f6c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 17:27:58.0601 0x1f6c Psched - ok 17:27:58.0632 0x1f6c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll 17:27:58.0648 0x1f6c QWAVE - ok 17:27:58.0663 0x1f6c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 17:27:58.0663 0x1f6c QWAVEdrv - ok 17:27:58.0695 0x1f6c [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini C:\WINDOWS\System32\drivers\RadioHIDMini.sys 17:27:58.0695 0x1f6c RadioHIDMini - ok 17:27:58.0710 0x1f6c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 17:27:58.0710 0x1f6c RasAcd - ok 17:27:58.0741 0x1f6c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll 17:27:58.0757 0x1f6c RasAuto - ok 17:27:58.0804 0x1f6c [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll 17:27:58.0804 0x1f6c RasMan - ok 17:27:58.0851 0x1f6c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 17:27:58.0851 0x1f6c RasPppoe - ok 17:27:58.0882 0x1f6c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 17:27:58.0882 0x1f6c rdbss - ok 17:27:58.0913 0x1f6c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 17:27:58.0913 0x1f6c rdpbus - ok 17:27:58.0945 0x1f6c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 17:27:58.0945 0x1f6c RDPDR - ok 17:27:58.0976 0x1f6c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 17:27:58.0976 0x1f6c RdpVideoMiniport - ok 17:27:59.0008 0x1f6c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 17:27:59.0008 0x1f6c rdyboost - ok 17:27:59.0054 0x1f6c [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 17:27:59.0070 0x1f6c ReFS - ok 17:27:59.0175 0x1f6c [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 17:27:59.0175 0x1f6c RegSrvc - ok 17:27:59.0221 0x1f6c [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 17:27:59.0237 0x1f6c RemoteAccess - ok 17:27:59.0268 0x1f6c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 17:27:59.0268 0x1f6c RemoteRegistry - ok 17:27:59.0315 0x1f6c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 17:27:59.0315 0x1f6c RFCOMM - ok 17:27:59.0362 0x1f6c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 17:27:59.0362 0x1f6c RpcEptMapper - ok 17:27:59.0393 0x1f6c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe 17:27:59.0409 0x1f6c RpcLocator - ok 17:27:59.0503 0x1f6c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll 17:27:59.0503 0x1f6c RpcSs - ok 17:27:59.0550 0x1f6c [ 5AA85332CB1694871B2F0704E0FC9113, 18E11C4E966DEE53FA0E482C55769A35C6C746EB3347DF171A1978D22BC7990B ] RsFx0200 C:\WINDOWS\system32\DRIVERS\RsFx0200.sys 17:27:59.0550 0x1f6c RsFx0200 - ok 17:27:59.0581 0x1f6c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 17:27:59.0581 0x1f6c rspndr - ok 17:27:59.0612 0x1f6c [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 17:27:59.0628 0x1f6c RTL8168 - ok 17:27:59.0643 0x1f6c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 17:27:59.0643 0x1f6c s3cap - ok 17:27:59.0675 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe 17:27:59.0675 0x1f6c SamSs - ok 17:27:59.0800 0x1f6c SBIOSIO - ok 17:27:59.0831 0x1f6c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 17:27:59.0831 0x1f6c sbp2port - ok 17:27:59.0862 0x1f6c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 17:27:59.0878 0x1f6c SCardSvr - ok 17:27:59.0909 0x1f6c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 17:27:59.0909 0x1f6c ScDeviceEnum - ok 17:27:59.0956 0x1f6c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 17:27:59.0956 0x1f6c scfilter - ok 17:28:00.0003 0x1f6c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll 17:28:00.0026 0x1f6c Schedule - ok 17:28:00.0042 0x1f6c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 17:28:00.0058 0x1f6c SCPolicySvc - ok 17:28:00.0073 0x1f6c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 17:28:00.0089 0x1f6c sdbus - ok 17:28:00.0193 0x1f6c [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe 17:28:00.0224 0x1f6c SDScannerService - ok 17:28:00.0255 0x1f6c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 17:28:00.0255 0x1f6c sdstor - ok 17:28:00.0365 0x1f6c [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe 17:28:00.0380 0x1f6c SDUpdateService - ok 17:28:00.0412 0x1f6c [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe 17:28:00.0412 0x1f6c SDWSCService - ok 17:28:00.0443 0x1f6c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 17:28:00.0443 0x1f6c secdrv - ok 17:28:00.0474 0x1f6c [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll 17:28:00.0474 0x1f6c seclogon - ok 17:28:00.0505 0x1f6c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll 17:28:00.0505 0x1f6c SENS - ok 17:28:00.0552 0x1f6c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 17:28:00.0552 0x1f6c SensrSvc - ok 17:28:00.0584 0x1f6c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 17:28:00.0584 0x1f6c SerCx - ok 17:28:00.0615 0x1f6c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 17:28:00.0630 0x1f6c SerCx2 - ok 17:28:00.0646 0x1f6c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 17:28:00.0646 0x1f6c Serenum - ok 17:28:00.0662 0x1f6c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys 17:28:00.0662 0x1f6c Serial - ok 17:28:00.0693 0x1f6c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 17:28:00.0693 0x1f6c sermouse - ok 17:28:00.0740 0x1f6c [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll 17:28:00.0756 0x1f6c SessionEnv - ok 17:28:00.0802 0x1f6c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 17:28:00.0802 0x1f6c sfloppy - ok 17:28:00.0834 0x1f6c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 17:28:00.0834 0x1f6c SharedAccess - ok 17:28:00.0881 0x1f6c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 17:28:00.0881 0x1f6c ShellHWDetection - ok 17:28:00.0912 0x1f6c [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm C:\WINDOWS\system32\DRIVERS\silabenm.sys 17:28:00.0912 0x1f6c silabenm - ok 17:28:00.0927 0x1f6c [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser C:\WINDOWS\system32\DRIVERS\silabser.sys 17:28:00.0943 0x1f6c silabser - ok 17:28:00.0959 0x1f6c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 17:28:00.0959 0x1f6c SiSRaid2 - ok 17:28:00.0974 0x1f6c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 17:28:00.0974 0x1f6c SiSRaid4 - ok 17:28:01.0006 0x1f6c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll 17:28:01.0021 0x1f6c smphost - ok 17:28:01.0037 0x1f6c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 17:28:01.0037 0x1f6c SNMPTRAP - ok 17:28:01.0079 0x1f6c [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 17:28:01.0095 0x1f6c spaceport - ok 17:28:01.0110 0x1f6c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 17:28:01.0110 0x1f6c SpbCx - ok 17:28:01.0183 0x1f6c [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe 17:28:01.0183 0x1f6c Spooler - ok 17:28:01.0371 0x1f6c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe 17:28:01.0464 0x1f6c sppsvc - ok 17:28:01.0574 0x1f6c [ B70FAF0C7C5737AA6973E14B45477730, 48D835D64D36A46BD2ED6080A0D733B92960DA3EA459005F536587BB19B16A7E ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 17:28:01.0574 0x1f6c SQLAgent$SQLEXPRESS - ok 17:28:01.0668 0x1f6c [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 17:28:01.0668 0x1f6c SQLBrowser - ok 17:28:01.0683 0x1f6c [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 17:28:01.0683 0x1f6c SQLWriter - ok 17:28:01.0730 0x1f6c [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 17:28:01.0746 0x1f6c srv - ok 17:28:01.0777 0x1f6c [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 17:28:01.0793 0x1f6c srv2 - ok 17:28:01.0808 0x1f6c [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 17:28:01.0808 0x1f6c srvnet - ok 17:28:01.0839 0x1f6c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 17:28:01.0855 0x1f6c SSDPSRV - ok 17:28:01.0886 0x1f6c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 17:28:01.0902 0x1f6c SstpSvc - ok 17:28:01.0918 0x1f6c [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 17:28:01.0918 0x1f6c ssudmdm - ok 17:28:02.0043 0x1f6c [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe 17:28:02.0058 0x1f6c ss_conn_service - ok 17:28:02.0095 0x1f6c [ 30D7CE5C0B812BAF4F2FB5F47820C76A, 5C9D67637485F67A720D8582D54D880D8364108C593A020682D4695397284989 ] stdriver C:\WINDOWS\system32\DRIVERS\stdriverx64.sys 17:28:02.0096 0x1f6c stdriver - ok 17:28:02.0146 0x1f6c [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 17:28:02.0161 0x1f6c Steam Client Service - ok 17:28:02.0203 0x1f6c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 17:28:02.0203 0x1f6c stexstor - ok 17:28:02.0250 0x1f6c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll 17:28:02.0250 0x1f6c stisvc - ok 17:28:02.0266 0x1f6c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 17:28:02.0266 0x1f6c storahci - ok 17:28:02.0297 0x1f6c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 17:28:02.0297 0x1f6c storflt - ok 17:28:02.0329 0x1f6c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 17:28:02.0329 0x1f6c stornvme - ok 17:28:02.0360 0x1f6c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll 17:28:02.0360 0x1f6c StorSvc - ok 17:28:02.0391 0x1f6c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 17:28:02.0407 0x1f6c storvsc - ok 17:28:02.0438 0x1f6c [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys 17:28:02.0438 0x1f6c storvsp - ok 17:28:02.0485 0x1f6c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll 17:28:02.0485 0x1f6c svsvc - ok 17:28:02.0532 0x1f6c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys 17:28:02.0532 0x1f6c swenum - ok 17:28:02.0672 0x1f6c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 17:28:02.0688 0x1f6c SwitchBoard - ok 17:28:02.0735 0x1f6c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll 17:28:02.0750 0x1f6c swprv - ok 17:28:02.0829 0x1f6c SWUpdateService - ok 17:28:02.0891 0x1f6c [ 092506B413EA5CCA425B31DCC776D2DC, D9DAB4299657BFD7F176C94F988FD8359E2CE62071457AF5F7EF3722FD3EC0A8 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 17:28:02.0907 0x1f6c SynTP - ok 17:28:02.0969 0x1f6c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll 17:28:02.0985 0x1f6c SysMain - ok 17:28:03.0016 0x1f6c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 17:28:03.0016 0x1f6c SystemEventsBroker - ok 17:28:03.0047 0x1f6c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 17:28:03.0047 0x1f6c TabletInputService - ok 17:28:03.0079 0x1f6c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 17:28:03.0094 0x1f6c TapiSrv - ok 17:28:03.0187 0x1f6c [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 17:28:03.0218 0x1f6c Tcpip - ok 17:28:03.0384 0x1f6c [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 17:28:03.0415 0x1f6c TCPIP6 - ok 17:28:03.0431 0x1f6c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 17:28:03.0431 0x1f6c tcpipreg - ok 17:28:03.0478 0x1f6c [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 17:28:03.0478 0x1f6c tdx - ok 17:28:03.0509 0x1f6c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 17:28:03.0509 0x1f6c terminpt - ok 17:28:03.0572 0x1f6c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll 17:28:03.0587 0x1f6c TermService - ok 17:28:03.0619 0x1f6c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll 17:28:03.0634 0x1f6c Themes - ok 17:28:03.0650 0x1f6c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll 17:28:03.0650 0x1f6c THREADORDER - ok 17:28:03.0665 0x1f6c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 17:28:03.0681 0x1f6c TimeBroker - ok 17:28:03.0712 0x1f6c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys 17:28:03.0712 0x1f6c TPM - ok 17:28:03.0744 0x1f6c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll 17:28:03.0744 0x1f6c TrkWks - ok 17:28:03.0806 0x1f6c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 17:28:03.0822 0x1f6c TrustedInstaller - ok 17:28:03.0853 0x1f6c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 17:28:03.0853 0x1f6c TsUsbFlt - ok 17:28:03.0884 0x1f6c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 17:28:03.0884 0x1f6c TsUsbGD - ok 17:28:03.0931 0x1f6c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 17:28:03.0931 0x1f6c tunnel - ok 17:28:03.0962 0x1f6c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 17:28:03.0962 0x1f6c uagp35 - ok 17:28:03.0994 0x1f6c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 17:28:03.0994 0x1f6c UASPStor - ok 17:28:04.0041 0x1f6c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 17:28:04.0056 0x1f6c UCX01000 - ok 17:28:04.0119 0x1f6c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 17:28:04.0119 0x1f6c udfs - ok 17:28:04.0134 0x1f6c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 17:28:04.0134 0x1f6c UEFI - ok 17:28:04.0177 0x1f6c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 17:28:04.0193 0x1f6c UI0Detect - ok 17:28:04.0208 0x1f6c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 17:28:04.0208 0x1f6c uliagpkx - ok 17:28:04.0240 0x1f6c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 17:28:04.0240 0x1f6c umbus - ok 17:28:04.0281 0x1f6c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 17:28:04.0281 0x1f6c UmPass - ok 17:28:04.0328 0x1f6c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 17:28:04.0328 0x1f6c UmRdpService - ok 17:28:04.0375 0x1f6c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll 17:28:04.0391 0x1f6c upnphost - ok 17:28:04.0438 0x1f6c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 17:28:04.0438 0x1f6c usbccgp - ok 17:28:04.0484 0x1f6c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 17:28:04.0484 0x1f6c usbcir - ok 17:28:04.0531 0x1f6c [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 17:28:04.0531 0x1f6c usbehci - ok 17:28:04.0578 0x1f6c [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 17:28:04.0594 0x1f6c usbhub - ok 17:28:04.0609 0x1f6c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 17:28:04.0625 0x1f6c USBHUB3 - ok 17:28:04.0641 0x1f6c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 17:28:04.0641 0x1f6c usbohci - ok 17:28:04.0672 0x1f6c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 17:28:04.0688 0x1f6c usbprint - ok 17:28:04.0719 0x1f6c [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys 17:28:04.0719 0x1f6c usbscan - ok 17:28:04.0766 0x1f6c [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 17:28:04.0766 0x1f6c USBSTOR - ok 17:28:04.0797 0x1f6c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 17:28:04.0797 0x1f6c usbuhci - ok 17:28:04.0844 0x1f6c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 17:28:04.0844 0x1f6c usbvideo - ok 17:28:04.0875 0x1f6c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 17:28:04.0875 0x1f6c USBXHCI - ok 17:28:04.0922 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe 17:28:04.0922 0x1f6c VaultSvc - ok 17:28:04.0953 0x1f6c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 17:28:04.0953 0x1f6c vdrvroot - ok |
|
08.01.2016, 19:25
| #6 |
| | Makrovirus "Berger Antriebstechnik" Nochmals TDSS Killer muß ihn Aufteilen Code:
ATTFilter 17:26:43.0373 0x1f5c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:26:43.0373 0x1f5c UEFI system
17:27:23.0367 0x1f5c ============================================================
17:27:23.0367 0x1f5c Current date / time: 2016/01/04 17:27:23.0367
17:27:23.0367 0x1f5c SystemInfo:
17:27:23.0367 0x1f5c
17:27:23.0367 0x1f5c OS Version: 6.3.9600 ServicePack: 0.0
17:27:23.0367 0x1f5c Product type: Workstation
17:27:23.0367 0x1f5c ComputerName: OLIVER
17:27:23.0367 0x1f5c UserName: Andreas
17:27:23.0367 0x1f5c Windows directory: C:\WINDOWS
17:27:23.0367 0x1f5c System windows directory: C:\WINDOWS
17:27:23.0367 0x1f5c Running under WOW64
17:27:23.0367 0x1f5c Processor architecture: Intel x64
17:27:23.0367 0x1f5c Number of processors: 4
17:27:23.0367 0x1f5c Page size: 0x1000
17:27:23.0367 0x1f5c Boot type: Normal boot
17:27:23.0367 0x1f5c ============================================================
17:27:23.0951 0x1f5c KLMD registered as C:\WINDOWS\system32\drivers\37226856.sys
17:27:24.0466 0x1f5c System UUID: {14213991-BD6C-C597-0C07-B5A934EF09F8}
17:27:25.0533 0x1f5c Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:27:25.0579 0x1f5c ============================================================
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0:
17:27:25.0579 0x1f5c GPT partitions:
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D2EE9E62-8450-43C6-9E1F-5D8E7CB4241A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {959B4564-8338-47E7-9CBC-6FB02C36D795}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {26EEE887-6542-41EC-8FC6-A0772B36D6AF}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C457E945-495B-40A8-921C-BC3B1A18CD6E}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x2F5E0001
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {80DA5BB7-84DA-4C1C-A36B-011C102EB589}, Name: , StartLBA 0x2F7B1000, BlocksNum 0xAF000
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {514DEC35-ABFC-450A-BE91-7DC537C7C79F}, Name: Basic data partition, StartLBA 0x2F860000, BlocksNum 0x249EF800
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C7D1520F-5523-4CBA-89AF-4B2375ACEF5C}, Name: Basic data partition, StartLBA 0x5424F801, BlocksNum 0x30F6800
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0D1B812C-3112-484F-4173-636C65706975}, Name: Basic data partition, StartLBA 0x57346001, BlocksNum 0x200000
17:27:25.0579 0x1f5c MBR partitions:
17:27:25.0579 0x1f5c ============================================================
17:27:25.0611 0x1f5c C: <-> \Device\Harddisk0\DR0\Partition4
17:27:25.0642 0x1f5c D: <-> \Device\Harddisk0\DR0\Partition6
17:27:25.0642 0x1f5c ============================================================
17:27:25.0642 0x1f5c Initialize success
17:27:25.0642 0x1f5c ============================================================
17:27:38.0361 0x1f6c ============================================================
17:27:38.0361 0x1f6c Scan started
17:27:38.0361 0x1f6c Mode: Manual;
17:27:38.0361 0x1f6c ============================================================
17:27:38.0361 0x1f6c KSN ping started
17:27:40.0748 0x1f6c KSN ping finished: true
17:27:43.0151 0x1f6c ================ Scan system memory ========================
17:27:43.0151 0x1f6c System memory - ok
17:27:43.0151 0x1f6c ================ Scan services =============================
17:27:43.0338 0x1f6c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
17:27:43.0338 0x1f6c 1394ohci - ok
17:27:43.0354 0x1f6c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
17:27:43.0354 0x1f6c 3ware - ok
17:27:43.0385 0x1f6c [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\WINDOWS\system32\drivers\acedrv11.sys
17:27:43.0385 0x1f6c acedrv11 - ok
17:27:43.0428 0x1f6c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
17:27:43.0428 0x1f6c ACPI - ok
17:27:43.0444 0x1f6c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
17:27:43.0444 0x1f6c acpiex - ok
17:27:43.0475 0x1f6c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
17:27:43.0475 0x1f6c acpipagr - ok
17:27:43.0507 0x1f6c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
17:27:43.0507 0x1f6c AcpiPmi - ok
17:27:43.0507 0x1f6c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
17:27:43.0522 0x1f6c acpitime - ok
17:27:43.0596 0x1f6c [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:27:43.0596 0x1f6c AdobeARMservice - ok
17:27:43.0736 0x1f6c [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:27:43.0752 0x1f6c AdobeFlashPlayerUpdateSvc - ok
17:27:43.0814 0x1f6c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:27:43.0846 0x1f6c ADP80XX - ok
17:27:43.0877 0x1f6c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
17:27:43.0877 0x1f6c AeLookupSvc - ok
17:27:43.0924 0x1f6c [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
17:27:43.0939 0x1f6c AFD - ok
17:27:43.0955 0x1f6c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
17:27:43.0955 0x1f6c agp440 - ok
17:27:44.0002 0x1f6c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:27:44.0002 0x1f6c ahcache - ok
17:27:44.0049 0x1f6c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
17:27:44.0049 0x1f6c ALG - ok
17:27:44.0080 0x1f6c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
17:27:44.0096 0x1f6c AmdK8 - ok
17:27:44.0111 0x1f6c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
17:27:44.0111 0x1f6c AmdPPM - ok
17:27:44.0142 0x1f6c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
17:27:44.0142 0x1f6c amdsata - ok
17:27:44.0174 0x1f6c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
17:27:44.0174 0x1f6c amdsbs - ok
17:27:44.0189 0x1f6c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
17:27:44.0189 0x1f6c amdxata - ok
17:27:44.0221 0x1f6c [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys
17:27:44.0221 0x1f6c AMPPAL - ok
17:27:44.0299 0x1f6c [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
17:27:44.0314 0x1f6c AMPPALR3 - ok
17:27:44.0408 0x1f6c [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:27:44.0424 0x1f6c AntiVirMailService - ok
17:27:44.0465 0x1f6c [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:27:44.0465 0x1f6c AntiVirSchedulerService - ok
17:27:44.0481 0x1f6c [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:27:44.0497 0x1f6c AntiVirService - ok
17:27:44.0544 0x1f6c [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:27:44.0559 0x1f6c AntiVirWebService - ok
17:27:44.0596 0x1f6c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
17:27:44.0596 0x1f6c AppID - ok
17:27:44.0627 0x1f6c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
17:27:44.0627 0x1f6c AppIDSvc - ok
17:27:44.0674 0x1f6c [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
17:27:44.0674 0x1f6c Appinfo - ok
17:27:44.0721 0x1f6c [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:27:44.0721 0x1f6c AppMgmt - ok
17:27:44.0768 0x1f6c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
17:27:44.0799 0x1f6c AppReadiness - ok
17:27:44.0846 0x1f6c [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
17:27:44.0862 0x1f6c AppXSvc - ok
17:27:44.0909 0x1f6c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
17:27:44.0909 0x1f6c arcsas - ok
17:27:44.0924 0x1f6c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
17:27:44.0924 0x1f6c atapi - ok
17:27:44.0971 0x1f6c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:27:44.0971 0x1f6c AudioEndpointBuilder - ok
17:27:45.0034 0x1f6c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
17:27:45.0049 0x1f6c Audiosrv - ok
17:27:45.0112 0x1f6c [ F431DC5D94F4B2FDBC927655D8A9B10E, FA16A95E5B83D08F0FD76FDAB03FC7CD4B6917BFE15F2F1D9F3B781F6A1888D8 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
17:27:45.0112 0x1f6c Autodesk Content Service - ok
17:27:45.0174 0x1f6c [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
17:27:45.0190 0x1f6c Autodesk Licensing Service - ok
17:27:45.0221 0x1f6c [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:27:45.0221 0x1f6c avgntflt - ok
17:27:45.0252 0x1f6c [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:27:45.0268 0x1f6c avipbb - ok
17:27:45.0299 0x1f6c [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:27:45.0315 0x1f6c Avira.ServiceHost - ok
17:27:45.0331 0x1f6c [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:27:45.0331 0x1f6c avkmgr - ok
17:27:45.0362 0x1f6c [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
17:27:45.0362 0x1f6c avnetflt - ok
17:27:45.0393 0x1f6c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
17:27:45.0393 0x1f6c AxInstSV - ok
17:27:45.0440 0x1f6c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
17:27:45.0440 0x1f6c b06bdrv - ok
17:27:45.0456 0x1f6c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:27:45.0456 0x1f6c BasicDisplay - ok
17:27:45.0500 0x1f6c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
17:27:45.0500 0x1f6c BasicRender - ok
17:27:45.0515 0x1f6c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
17:27:45.0515 0x1f6c bcmfn2 - ok
17:27:45.0546 0x1f6c [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
17:27:45.0562 0x1f6c BDESVC - ok
17:27:45.0578 0x1f6c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:27:45.0578 0x1f6c Beep - ok
17:27:45.0634 0x1f6c [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\WINDOWS\System32\bfe.dll
17:27:45.0634 0x1f6c BFE - ok
17:27:45.0697 0x1f6c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
17:27:45.0712 0x1f6c BITS - ok
17:27:45.0822 0x1f6c [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:27:45.0853 0x1f6c Bluetooth Device Monitor - ok
17:27:45.0884 0x1f6c [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:27:45.0900 0x1f6c Bluetooth OBEX Service - ok
17:27:45.0931 0x1f6c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
17:27:45.0931 0x1f6c bowser - ok
17:27:45.0978 0x1f6c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:27:45.0994 0x1f6c BrokerInfrastructure - ok
17:27:46.0025 0x1f6c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
17:27:46.0040 0x1f6c Browser - ok
17:27:46.0072 0x1f6c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:27:46.0087 0x1f6c BthAvrcpTg - ok
17:27:46.0134 0x1f6c [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
17:27:46.0134 0x1f6c BthEnum - ok
17:27:46.0165 0x1f6c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
17:27:46.0181 0x1f6c BthHFEnum - ok
17:27:46.0181 0x1f6c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
17:27:46.0181 0x1f6c bthhfhid - ok
17:27:46.0244 0x1f6c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
17:27:46.0244 0x1f6c BthHFSrv - ok
17:27:46.0306 0x1f6c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys
17:27:46.0306 0x1f6c BthLEEnum - ok
17:27:46.0337 0x1f6c [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
17:27:46.0353 0x1f6c BTHMODEM - ok
17:27:46.0384 0x1f6c [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
17:27:46.0384 0x1f6c BthPan - ok
17:27:46.0462 0x1f6c [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
17:27:46.0478 0x1f6c BTHPORT - ok
17:27:46.0526 0x1f6c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
17:27:46.0528 0x1f6c bthserv - ok
17:27:46.0541 0x1f6c [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
17:27:46.0541 0x1f6c BTHSSecurityMgr - ok
17:27:46.0588 0x1f6c [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:27:46.0603 0x1f6c BTHUSB - ok
17:27:46.0640 0x1f6c [ 4428C299BE7B9841ECFA82044B69FA6A, F8AB607D6CACBF2DDE3C392F9756B9F32CB99664A75F3140365CB916450660EC ] btmaux C:\WINDOWS\system32\DRIVERS\btmaux.sys
17:27:46.0643 0x1f6c btmaux - ok
17:27:46.0665 0x1f6c [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys
17:27:46.0696 0x1f6c btmhsf - ok
17:27:46.0712 0x1f6c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:27:46.0712 0x1f6c cdfs - ok
17:27:46.0728 0x1f6c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
17:27:46.0743 0x1f6c cdrom - ok
17:27:46.0759 0x1f6c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
17:27:46.0759 0x1f6c CertPropSvc - ok
17:27:46.0790 0x1f6c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
17:27:46.0790 0x1f6c circlass - ok
17:27:46.0853 0x1f6c [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
17:27:46.0853 0x1f6c CLFS - ok
17:27:46.0900 0x1f6c [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
17:27:46.0900 0x1f6c CLVirtualDrive - ok
17:27:46.0931 0x1f6c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
17:27:46.0946 0x1f6c CmBatt - ok
17:27:46.0978 0x1f6c [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\WINDOWS\system32\Drivers\cng.sys
17:27:46.0993 0x1f6c CNG - ok
17:27:47.0009 0x1f6c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
17:27:47.0009 0x1f6c CompositeBus - ok
17:27:47.0009 0x1f6c COMSysApp - ok
17:27:47.0025 0x1f6c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
17:27:47.0025 0x1f6c condrv - ok
17:27:47.0040 0x1dac Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
17:27:47.0118 0x1f6c [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:27:47.0118 0x1f6c cphs - ok
17:27:47.0150 0x1f6c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
17:27:47.0150 0x1f6c CryptSvc - ok
17:27:47.0196 0x1f6c [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\WINDOWS\system32\drivers\csc.sys
17:27:47.0196 0x1f6c CSC - ok
17:27:47.0228 0x1f6c [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\WINDOWS\System32\cscsvc.dll
17:27:47.0243 0x1f6c CscService - ok
17:27:47.0275 0x1f6c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
17:27:47.0275 0x1f6c dam - ok
17:27:47.0353 0x1f6c [ 5A639B2B630B572FFE9B72448A8A514D, C61C72BC85AD4E2A2AD12E1404601B5FFC26AABB0D9D9CDF48D926443FF91F50 ] DBService C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
17:27:47.0353 0x1f6c DBService - ok
17:27:47.0431 0x1f6c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:27:47.0447 0x1f6c DcomLaunch - ok
17:27:47.0493 0x1f6c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
17:27:47.0493 0x1f6c defragsvc - ok
17:27:47.0540 0x1f6c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:27:47.0556 0x1f6c DeviceAssociationService - ok
17:27:47.0593 0x1f6c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
17:27:47.0593 0x1f6c DeviceInstall - ok
17:27:47.0609 0x1f6c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
17:27:47.0609 0x1f6c Dfsc - ok
17:27:47.0640 0x1f6c [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:27:47.0640 0x1f6c dg_ssudbus - ok
17:27:47.0697 0x1f6c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
17:27:47.0713 0x1f6c Dhcp - ok
17:27:47.0775 0x1f6c [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
17:27:47.0791 0x1f6c DiagTrack - ok
17:27:47.0838 0x1f6c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
17:27:47.0838 0x1f6c disk - ok
17:27:47.0885 0x1f6c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
17:27:47.0885 0x1f6c dmvsc - ok
17:27:47.0932 0x1f6c [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:27:47.0932 0x1f6c Dnscache - ok
17:27:47.0963 0x1f6c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
17:27:47.0979 0x1f6c dot3svc - ok
17:27:48.0010 0x1f6c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
17:27:48.0010 0x1f6c DPS - ok
17:27:48.0041 0x1f6c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:27:48.0041 0x1f6c drmkaud - ok
17:27:48.0072 0x1f6c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
17:27:48.0088 0x1f6c DsmSvc - ok
17:27:48.0135 0x1f6c [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:27:48.0166 0x1f6c DXGKrnl - ok
17:27:48.0182 0x1f6c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
17:27:48.0182 0x1f6c Eaphost - ok
17:27:48.0307 0x1f6c [ E8A3102296B412EBE14801733474816B, 5B88E0A8DE37D09E6A8E86347E7F69BACF9C87B2C053A92518DE60852728BDEC ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
17:27:48.0322 0x0db4 Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
17:27:48.0338 0x1f6c Easy Launcher - ok
17:27:48.0447 0x1f6c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
17:27:48.0494 0x1f6c ebdrv - ok
17:27:48.0526 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
17:27:48.0526 0x1f6c EFS - ok
17:27:48.0630 0x1f6c [ 44C5F3F4B70D1C8D21C90E724E249796, 49B31B9E7E45A2E42BDA803D9CDC3837E0CB73A1E1E6DA00CF4282573D60526F ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
17:27:48.0646 0x1f6c ehRecvr - ok
17:27:48.0662 0x1f6c [ 8EFB35A528A48D682C5322A5A07D4352, 5886991ECA449C48A89A3BB2950468EA7CCBD0998774C4C77A1194866827D267 ] ehSched C:\WINDOWS\ehome\ehsched.exe
17:27:48.0662 0x1f6c ehSched - ok
17:27:48.0693 0x1f6c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
17:27:48.0693 0x1f6c EhStorClass - ok
17:27:48.0709 0x1f6c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:27:48.0709 0x1f6c EhStorTcgDrv - ok
17:27:48.0724 0x1f6c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
17:27:48.0724 0x1f6c ErrDev - ok
17:27:48.0773 0x1f6c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
17:27:48.0789 0x1f6c EventSystem - ok
17:27:48.0867 0x1f6c [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:27:48.0867 0x1f6c EvtEng - ok
17:27:48.0914 0x1f6c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
17:27:48.0914 0x1f6c exfat - ok
17:27:48.0929 0x1f6c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
17:27:48.0929 0x1f6c fastfat - ok
17:27:49.0054 0x1f6c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
17:27:49.0054 0x1f6c Fax - ok
17:27:49.0070 0x1f6c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
17:27:49.0070 0x1f6c fdc - ok
17:27:49.0101 0x1f6c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
17:27:49.0101 0x1f6c fdPHost - ok
17:27:49.0132 0x1f6c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
17:27:49.0132 0x1f6c FDResPub - ok
17:27:49.0164 0x1f6c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
17:27:49.0164 0x1f6c fhsvc - ok
17:27:49.0210 0x1f6c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
17:27:49.0210 0x1f6c FileInfo - ok
17:27:49.0257 0x1f6c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
17:27:49.0257 0x1f6c Filetrace - ok
17:27:49.0367 0x1f6c [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
17:27:49.0382 0x1f6c FLEXnet Licensing Service 64 - ok
17:27:49.0398 0x1f6c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
17:27:49.0398 0x1f6c flpydisk - ok
17:27:49.0429 0x1f6c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:27:49.0445 0x1f6c FltMgr - ok
17:27:49.0507 0x1f6c [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\WINDOWS\system32\FntCache.dll
17:27:49.0539 0x1dac Object send P2P result: true
17:27:49.0539 0x1dac Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
17:27:49.0539 0x1f6c FontCache - ok
17:27:49.0668 0x1f6c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:27:49.0668 0x1f6c FontCache3.0.0.0 - ok
17:27:49.0699 0x1f6c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
17:27:49.0715 0x1f6c FsDepends - ok
17:27:49.0748 0x1f6c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:27:49.0750 0x1f6c Fs_Rec - ok
17:27:49.0772 0x1f6c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:27:49.0788 0x1f6c fvevol - ok
17:27:49.0803 0x1f6c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
17:27:49.0803 0x1f6c FxPPM - ok
17:27:49.0835 0x1f6c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
17:27:49.0835 0x1f6c gagp30kx - ok
17:27:49.0866 0x1f6c [ E99CF7AD8704278B7C8A8FB84BE4B3B6, F269C385513903385FDADC0E57325234062CF790484ADEFF206B20DEAFC69952 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
17:27:49.0882 0x1f6c Garmin Core Update Service - ok
17:27:49.0913 0x1f6c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
17:27:49.0913 0x1f6c gencounter - ok
17:27:49.0944 0x1f6c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:27:49.0944 0x1f6c GPIOClx0101 - ok
17:27:50.0007 0x1f6c [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
17:27:50.0022 0x1f6c gpsvc - ok
17:27:50.0069 0x1f6c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
17:27:50.0069 0x1f6c HDAudBus - ok
17:27:50.0100 0x1f6c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
17:27:50.0100 0x1f6c HidBatt - ok
17:27:50.0147 0x1f6c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
17:27:50.0147 0x1f6c HidBth - ok
17:27:50.0163 0x1f6c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
17:27:50.0178 0x1f6c hidi2c - ok
17:27:50.0210 0x1f6c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
17:27:50.0210 0x1f6c HidIr - ok
17:27:50.0241 0x1f6c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
17:27:50.0257 0x1f6c hidserv - ok
17:27:50.0272 0x1f6c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
17:27:50.0272 0x1f6c HidUsb - ok
17:27:50.0319 0x1f6c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
17:27:50.0319 0x1f6c hkmsvc - ok
17:27:50.0350 0x1f6c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:27:50.0366 0x1f6c HomeGroupListener - ok
17:27:50.0413 0x1f6c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:27:50.0413 0x1f6c HomeGroupProvider - ok
17:27:50.0444 0x1f6c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
17:27:50.0444 0x1f6c HpSAMD - ok
17:27:50.0507 0x1f6c [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
17:27:50.0538 0x1f6c HTTP - ok
17:27:50.0569 0x1f6c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
17:27:50.0569 0x1f6c hwpolicy - ok
17:27:50.0632 0x1f6c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
17:27:50.0632 0x1f6c hyperkbd - ok
17:27:50.0647 0x1f6c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:27:50.0647 0x1f6c HyperVideo - ok
17:27:50.0690 0x1f6c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
17:27:50.0690 0x1f6c i8042prt - ok
17:27:50.0706 0x1f6c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:27:50.0706 0x1f6c iaLPSSi_GPIO - ok
17:27:50.0737 0x1f6c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:27:50.0737 0x1f6c iaLPSSi_I2C - ok
17:27:50.0768 0x0db4 Object send P2P result: true
17:27:50.0768 0x0db4 Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
17:27:50.0809 0x1f6c [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
17:27:50.0825 0x1f6c iaStorA - ok
17:27:50.0856 0x1f6c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
17:27:50.0872 0x1f6c iaStorAV - ok
17:27:50.0919 0x1f6c [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:27:50.0919 0x1f6c IAStorDataMgrSvc - ok
17:27:50.0950 0x1f6c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
17:27:50.0966 0x1f6c iaStorV - ok
17:27:50.0997 0x1f6c [ 23E22B130EFE5A225E279467BE146317, 2302C119FE9C57F3A71DFE504489423B6F7140E2DFF5D501883AD971CB671CB4 ] iBtFltCoex C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
17:27:50.0997 0x1f6c iBtFltCoex - ok
17:27:50.0997 0x1f6c IEEtwCollectorService - ok
17:27:51.0138 0x1f6c [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:27:51.0200 0x1f6c igfx - ok
17:27:51.0231 0x1f6c [ C5B04409186A27409BD069580208A6D3, CAD4B07EB498BBDF730A8362BFDF02CF3A40B28001097CB8DBB5BE20D79581BA ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
17:27:51.0231 0x1f6c IJPLMSVC - ok
17:27:51.0278 0x1f6c [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\WINDOWS\System32\ikeext.dll
17:27:51.0294 0x1f6c IKEEXT - ok
17:27:51.0325 0x1f6c [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:27:51.0325 0x1f6c intaud_WaveExtensible - ok
17:27:51.0466 0x1f6c [ E3FEE528E5E232BB173E07E5AA29406A, AC0E6862CEC92933C64EA716D81598247A8BCDB346FCE3780C6083D80F07FA3F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:27:51.0528 0x1f6c IntcAzAudAddService - ok
17:27:51.0575 0x1f6c [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:27:51.0575 0x1f6c IntcDAud - ok
17:27:51.0622 0x1f6c [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:27:51.0638 0x1f6c Intel(R) Capability Licensing Service Interface - ok
17:27:51.0684 0x1f6c [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:27:51.0716 0x1f6c Intel(R) Capability Licensing Service TCP IP Interface - ok
17:27:51.0774 0x1f6c [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
17:27:51.0789 0x1f6c Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok
17:27:51.0831 0x1f6c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
17:27:51.0831 0x1f6c intelide - ok
17:27:51.0862 0x1f6c [ A4DE7F75F20762A1C360E48B36F3B498, D194B7E16837E5AE7F0E3FC3B0F9A5CB2E1F7D4C2D5BDC6AC6D3DF09CE5334C1 ] IntelliMemory C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
17:27:51.0862 0x1f6c IntelliMemory - ok
17:27:51.0894 0x1f6c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
17:27:51.0894 0x1f6c intelpep - ok
17:27:51.0925 0x1f6c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
17:27:51.0925 0x1f6c intelppm - ok
17:27:51.0925 0x1f6c [ 188D1B5837948CE932353C1FB26BF301, 5E08144063D3AE3AD2D5285DA524BC862971303533BFA18ED6BC49476C029A28 ] intmfs C:\WINDOWS\system32\DRIVERS\intmfs.sys
17:27:51.0925 0x1f6c intmfs - ok
17:27:51.0941 0x1f6c [ EB0169B38D94A4BC575724ABBA58DF36, F8FA133813595B48E220499C3841BD11E2127B3BEE52A0988EFD5502877AE0A2 ] intmsd C:\WINDOWS\system32\DRIVERS\intmsd.sys
17:27:51.0941 0x1f6c intmsd - ok
17:27:51.0972 0x1f6c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:27:51.0972 0x1f6c IpFilterDriver - ok
17:27:52.0003 0x1dac Object send P2P result: true
17:27:52.0003 0x1dac Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
17:27:52.0019 0x1f6c [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
17:27:52.0034 0x1f6c iphlpsvc - ok
17:27:52.0081 0x1f6c [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:27:52.0081 0x1f6c IPMIDRV - ok
17:27:52.0144 0x1f6c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
17:27:52.0159 0x1f6c IPNAT - ok
17:27:52.0175 0x1f6c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
17:27:52.0175 0x1f6c IRENUM - ok
17:27:52.0237 0x1f6c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
17:27:52.0237 0x1f6c isapnp - ok
17:27:52.0284 0x1f6c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
17:27:52.0284 0x1f6c iScsiPrt - ok
17:27:52.0378 0x1f6c [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
17:27:52.0394 0x1f6c iumsvc - ok
17:27:52.0425 0x1f6c [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
17:27:52.0425 0x1f6c iwdbus - ok
17:27:52.0472 0x1f6c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:27:52.0472 0x1f6c jhi_service - ok
17:27:52.0487 0x1f6c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
17:27:52.0487 0x1f6c kbdclass - ok
17:27:52.0519 0x1f6c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
17:27:52.0534 0x1f6c kbdhid - ok
17:27:52.0550 0x1f6c [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
17:27:52.0550 0x1f6c kbldfltr - ok
17:27:52.0581 0x1f6c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:27:52.0581 0x1f6c kdnic - ok
17:27:52.0597 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
17:27:52.0597 0x1f6c KeyIso - ok
17:27:52.0644 0x1f6c [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
17:27:52.0644 0x1f6c KSecDD - ok
17:27:52.0691 0x1f6c [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:27:52.0691 0x1f6c KSecPkg - ok
17:27:52.0706 0x1f6c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
17:27:52.0706 0x1f6c ksthunk - ok
17:27:52.0737 0x1f6c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
17:27:52.0737 0x1f6c KtmRm - ok
17:27:52.0796 0x1f6c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
17:27:52.0796 0x1f6c LanmanServer - ok
17:27:52.0843 0x1f6c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:27:52.0861 0x1f6c LanmanWorkstation - ok
17:27:52.0917 0x1f6c [ 4B778E7F0389963BAE8A0AE0370496CC, 4E27D6E62B09B9D4A125545BC44A5124EBA49C6E5CA7A5E9392CE1220A57D59C ] launcherservice C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe
17:27:52.0917 0x1f6c launcherservice - ok
17:27:52.0963 0x1f6c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
17:27:52.0963 0x1f6c lfsvc - ok
17:27:52.0995 0x1f6c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:27:52.0995 0x1f6c lltdio - ok
17:27:53.0026 0x1f6c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
17:27:53.0026 0x1f6c lltdsvc - ok
17:27:53.0073 0x1f6c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
17:27:53.0073 0x1f6c lmhosts - ok
17:27:53.0120 0x1f6c [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:27:53.0135 0x1f6c LMS - ok
17:27:53.0167 0x1f6c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
17:27:53.0167 0x1f6c LSI_SAS - ok
17:27:53.0182 0x1f6c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:27:53.0198 0x1f6c LSI_SAS2 - ok
17:27:53.0213 0x0db4 Object send P2P result: true
17:27:53.0213 0x0db4 Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt
17:27:53.0213 0x1f6c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:27:53.0213 0x1f6c LSI_SAS3 - ok
17:27:53.0229 0x1f6c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
17:27:53.0229 0x1f6c LSI_SSS - ok
17:27:53.0292 0x1f6c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
17:27:53.0307 0x1f6c LSM - ok
17:27:53.0338 0x1f6c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
17:27:53.0338 0x1f6c luafv - ok
17:27:53.0370 0x1f6c [ 9D2252224DF2213E1B44FA608E6A1D14, E2C644C5FDCCA7BD2547ADC110FDDB26EA91C734AB53CD4196266C746BFDFAA4 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
17:27:53.0370 0x1f6c Mcx2Svc - ok
17:27:53.0417 0x1f6c [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
17:27:53.0432 0x1f6c MDM - ok
17:27:53.0463 0x1f6c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
17:27:53.0479 0x1f6c megasas - ok
17:27:53.0495 0x1f6c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
17:27:53.0510 0x1f6c megasr - ok
17:27:53.0526 0x1f6c [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:27:53.0526 0x1f6c MEIx64 - ok
17:27:53.0557 0x1f6c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
17:27:53.0557 0x1f6c MMCSS - ok
17:27:53.0588 0x1f6c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
17:27:53.0588 0x1f6c Modem - ok
17:27:53.0604 0x1f6c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
17:27:53.0604 0x1f6c monitor - ok
17:27:53.0620 0x1f6c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
17:27:53.0620 0x1f6c mouclass - ok
17:27:53.0635 0x1f6c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
17:27:53.0651 0x1f6c mouhid - ok
17:27:53.0682 0x1f6c [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
17:27:53.0682 0x1f6c mountmgr - ok
17:27:53.0729 0x1f6c [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:27:53.0745 0x1f6c MozillaMaintenance - ok
17:27:53.0776 0x1f6c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
17:27:53.0776 0x1f6c mpsdrv - ok
17:27:53.0862 0x1f6c [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
17:27:53.0878 0x1f6c MpsSvc - ok
17:27:53.0903 0x1f6c [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
17:27:53.0903 0x1f6c MRxDAV - ok
17:27:53.0950 0x1f6c [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:27:53.0966 0x1f6c mrxsmb - ok
17:27:53.0997 0x1f6c [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:27:54.0013 0x1f6c mrxsmb10 - ok
17:27:54.0029 0x1f6c [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:27:54.0029 0x1f6c mrxsmb20 - ok
17:27:54.0060 0x1f6c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
17:27:54.0060 0x1f6c MsBridge - ok
17:27:54.0107 0x1f6c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:27:54.0107 0x1f6c MSDTC - ok
17:27:54.0154 0x1f6c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:27:54.0154 0x1f6c Msfs - ok
17:27:54.0185 0x1f6c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:27:54.0200 0x1f6c msgpiowin32 - ok
17:27:54.0216 0x1f6c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:27:54.0216 0x1f6c mshidkmdf - ok
17:27:54.0232 0x1f6c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
17:27:54.0232 0x1f6c mshidumdf - ok
17:27:54.0247 0x1f6c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
17:27:54.0247 0x1f6c msisadrv - ok
17:27:54.0279 0x1f6c [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
17:27:54.0279 0x1f6c MSiSCSI - ok
17:27:54.0294 0x1f6c msiserver - ok
17:27:54.0325 0x1f6c [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
17:27:54.0325 0x1f6c MsKeyboardFilter - ok
17:27:54.0357 0x1f6c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:27:54.0357 0x1f6c MSKSSRV - ok
17:27:54.0388 0x1f6c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:27:54.0388 0x1f6c MsLldp - ok
17:27:54.0419 0x1f6c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:27:54.0419 0x1f6c MSPCLOCK - ok
17:27:54.0435 0x1dac Object send P2P result: true
17:27:54.0450 0x1dac Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
17:27:54.0450 0x1f6c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:27:54.0450 0x1f6c MSPQM - ok
17:27:54.0482 0x1f6c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
17:27:54.0497 0x1f6c MsRPC - ok
17:27:54.0529 0x1f6c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
17:27:54.0529 0x1f6c mssmbios - ok
17:27:54.0591 0x1f6c [ 3AE13C9869B7CE1135BCF21C0AAA68ED, 3E917376199B13523DFB4FCC445583D9DF0606AD0A6A02B111D8A3EE6B71E117 ] MSSQL$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
17:27:54.0607 0x1f6c MSSQL$SQLEXPRESS - ok
17:27:54.0622 0x1f6c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:27:54.0622 0x1f6c MSTEE - ok
17:27:54.0638 0x1f6c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
17:27:54.0638 0x1f6c MTConfig - ok
17:27:54.0669 0x1f6c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
17:27:54.0685 0x1f6c Mup - ok
17:27:54.0716 0x1f6c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
17:27:54.0716 0x1f6c mvumis - ok
17:27:54.0763 0x1f6c [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:27:54.0779 0x1f6c MyWiFiDHCPDNS - ok
17:27:54.0831 0x1f6c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
17:27:54.0839 0x1f6c napagent - ok
17:27:54.0902 0x1f6c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:27:54.0918 0x1f6c NativeWifiP - ok
17:27:54.0959 0x1f6c [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:27:54.0975 0x1f6c NAUpdate - ok
17:27:55.0006 0x1f6c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
17:27:55.0022 0x1f6c NcaSvc - ok
17:27:55.0053 0x1f6c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
17:27:55.0053 0x1f6c NcbService - ok
17:27:55.0069 0x1f6c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
17:27:55.0084 0x1f6c NcdAutoSetup - ok
17:27:55.0147 0x1f6c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
17:27:55.0178 0x1f6c NDIS - ok
17:27:55.0209 0x1f6c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:27:55.0209 0x1f6c NdisCap - ok
17:27:55.0241 0x1f6c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:27:55.0241 0x1f6c NdisImPlatform - ok
17:27:55.0256 0x1f6c [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:27:55.0256 0x1f6c NdisTapi - ok
17:27:55.0288 0x1f6c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:27:55.0303 0x1f6c Ndisuio - ok
17:27:55.0319 0x1f6c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:27:55.0319 0x1f6c NdisVirtualBus - ok
17:27:55.0334 0x1f6c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:27:55.0350 0x1f6c NdisWan - ok
17:27:55.0366 0x1f6c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:27:55.0366 0x1f6c NdisWanLegacy - ok
17:27:55.0397 0x1f6c [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:27:55.0397 0x1f6c NDProxy - ok
17:27:55.0444 0x1f6c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
17:27:55.0444 0x1f6c Ndu - ok
17:27:55.0491 0x1f6c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:27:55.0491 0x1f6c NetBIOS - ok
17:27:55.0538 0x1f6c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:27:55.0553 0x1f6c NetBT - ok
17:27:55.0553 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
17:27:55.0569 0x1f6c Netlogon - ok
17:27:55.0600 0x1f6c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
17:27:55.0616 0x1f6c Netman - ok
17:27:55.0647 0x0db4 Object send P2P result: true
17:27:55.0663 0x1f6c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
17:27:55.0663 0x1f6c netprofm - ok
17:27:55.0725 0x1f6c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:27:55.0725 0x1f6c NetTcpPortSharing - ok
17:27:55.0772 0x1f6c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
17:27:55.0772 0x1f6c netvsc - ok
17:27:55.0910 0x1f6c [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64 C:\WINDOWS\system32\DRIVERS\Netwew00.sys
17:27:55.0957 0x1f6c NETwNe64 - ok
17:27:55.0988 0x1f6c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
17:27:56.0003 0x1f6c NlaSvc - ok
17:27:56.0092 0x1f6c [ EBA1B4BF2E2375ABDADEDB649F283541, 8B27AE794678C55791F95F34E67E12BAD5BE753F812C49D6511BB657CF453B52 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
17:27:56.0107 0x1f6c NMIndexingService - ok
17:27:56.0139 0x1f6c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:27:56.0139 0x1f6c Npfs - ok
17:27:56.0170 0x1f6c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
17:27:56.0170 0x1f6c npsvctrig - ok
17:27:56.0201 0x1f6c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
17:27:56.0201 0x1f6c nsi - ok
17:27:56.0217 0x1f6c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
17:27:56.0217 0x1f6c nsiproxy - ok
17:27:56.0295 0x1f6c [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:27:56.0342 0x1f6c Ntfs - ok
17:27:56.0373 0x1f6c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
17:27:56.0373 0x1f6c Null - ok
17:27:56.0654 0x1f6c [ C769B999721DEF6E59FF579AEDFB2693, 05FC56F88515787533BC8E14A8556BDC3FE0B50AC9EB51C8C0A2187FA1761C89 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:27:56.0810 0x1f6c nvlddmkm - ok
17:27:56.0873 0x1f6c [ 1C7CF80FE7E4B18BC46EA5C7ADC7339C, 671D634E8AF33DAF8E926CDE0C54A10142A989D8358E2827A7EB78026D25763B ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
17:27:56.0873 0x1f6c nvpciflt - ok
17:27:56.0908 0x1dac Object send P2P result: true
17:27:56.0914 0x1f6c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
17:27:56.0930 0x1f6c nvraid - ok
17:27:56.0946 0x1f6c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
17:27:56.0946 0x1f6c nvstor - ok
17:27:56.0977 0x1f6c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
17:27:56.0977 0x1f6c nv_agp - ok
17:27:57.0049 0x1f6c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:27:57.0065 0x1f6c odserv - ok
17:27:57.0174 0x1f6c [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
17:27:57.0190 0x1f6c Origin Client Service - ok
17:27:57.0221 0x1f6c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:27:57.0221 0x1f6c ose - ok
17:27:57.0268 0x1f6c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
17:27:57.0268 0x1f6c p2pimsvc - ok
17:27:57.0315 0x1f6c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
17:27:57.0331 0x1f6c p2psvc - ok
17:27:57.0346 0x1f6c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
17:27:57.0346 0x1f6c Parport - ok
17:27:57.0378 0x1f6c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
17:27:57.0378 0x1f6c partmgr - ok
17:27:57.0424 0x1f6c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
17:27:57.0440 0x1f6c PcaSvc - ok
17:27:57.0471 0x1f6c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
17:27:57.0471 0x1f6c pci - ok
17:27:57.0487 0x1f6c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
17:27:57.0487 0x1f6c pciide - ok
17:27:57.0503 0x1f6c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
17:27:57.0503 0x1f6c pcmcia - ok
17:27:57.0503 0x1f6c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
17:27:57.0518 0x1f6c pcw - ok
17:27:57.0549 0x1f6c [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
17:27:57.0549 0x1f6c pdc - ok
17:27:57.0565 0x1f6c [ 958754A37C85E18EB53FA2139787113C, A58B39CFD7B0A36EA12965A24A384B7B1E2A980CA8D2F33B72FA72B00E68EC0C ] pe3ah4nc C:\WINDOWS\system32\drivers\pe3ah4nc.sys
17:27:57.0565 0x1f6c pe3ah4nc - ok
17:27:57.0612 0x1f6c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
17:27:57.0628 0x1f6c PEAUTH - ok
17:27:57.0721 0x1f6c [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
17:27:57.0753 0x1f6c PeerDistSvc - ok
17:27:57.0878 0x1f6c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
17:27:57.0878 0x1f6c PerfHost - ok
17:27:57.0965 0x1f6c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
17:27:57.0981 0x1f6c pla - ok
17:27:58.0012 0x1f6c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
17:27:58.0028 0x1f6c PlugPlay - ok
17:27:58.0059 0x1f6c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
17:27:58.0059 0x1f6c PNRPAutoReg - ok
17:27:58.0093 0x1f6c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
17:27:58.0100 0x1f6c PNRPsvc - ok
17:27:58.0132 0x1f6c [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
17:27:58.0132 0x1f6c PolicyAgent - ok
17:27:58.0179 0x1f6c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
17:27:58.0179 0x1f6c Power - ok
17:27:58.0195 0x1f6c pr2ah4nc - ok
17:27:58.0382 0x1f6c [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:27:58.0413 0x1f6c PrintNotify - ok
17:27:58.0476 0x1f6c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
17:27:58.0476 0x1f6c Processor - ok
17:27:58.0523 0x1f6c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
17:27:58.0523 0x1f6c ProfSvc - ok
17:27:58.0554 0x1f6c [ 0E998144E0C05AFFBB6CC66B5999958C, 6EED570FCBDD4FD9746C5E72AB83261D826CF68A54411FD82DF917DADAF23FD7 ] ps6ah4nc C:\WINDOWS\system32\drivers\ps6ah4nc.sys
17:27:58.0554 0x1f6c ps6ah4nc - ok
17:27:58.0601 0x1f6c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
17:27:58.0601 0x1f6c Psched - ok
17:27:58.0632 0x1f6c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
17:27:58.0648 0x1f6c QWAVE - ok
17:27:58.0663 0x1f6c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
17:27:58.0663 0x1f6c QWAVEdrv - ok
17:27:58.0695 0x1f6c [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini C:\WINDOWS\System32\drivers\RadioHIDMini.sys
17:27:58.0695 0x1f6c RadioHIDMini - ok
17:27:58.0710 0x1f6c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:27:58.0710 0x1f6c RasAcd - ok
17:27:58.0741 0x1f6c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:27:58.0757 0x1f6c RasAuto - ok
17:27:58.0804 0x1f6c [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:27:58.0804 0x1f6c RasMan - ok
17:27:58.0851 0x1f6c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:27:58.0851 0x1f6c RasPppoe - ok
17:27:58.0882 0x1f6c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:27:58.0882 0x1f6c rdbss - ok
17:27:58.0913 0x1f6c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
17:27:58.0913 0x1f6c rdpbus - ok
17:27:58.0945 0x1f6c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
17:27:58.0945 0x1f6c RDPDR - ok
17:27:58.0976 0x1f6c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:27:58.0976 0x1f6c RdpVideoMiniport - ok
17:27:59.0008 0x1f6c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
17:27:59.0008 0x1f6c rdyboost - ok
17:27:59.0054 0x1f6c [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
17:27:59.0070 0x1f6c ReFS - ok
17:27:59.0175 0x1f6c [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:27:59.0175 0x1f6c RegSrvc - ok
17:27:59.0221 0x1f6c [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:27:59.0237 0x1f6c RemoteAccess - ok
17:27:59.0268 0x1f6c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:27:59.0268 0x1f6c RemoteRegistry - ok
17:27:59.0315 0x1f6c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
17:27:59.0315 0x1f6c RFCOMM - ok
17:27:59.0362 0x1f6c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
17:27:59.0362 0x1f6c RpcEptMapper - ok
17:27:59.0393 0x1f6c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
17:27:59.0409 0x1f6c RpcLocator - ok
17:27:59.0503 0x1f6c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:27:59.0503 0x1f6c RpcSs - ok
17:27:59.0550 0x1f6c [ 5AA85332CB1694871B2F0704E0FC9113, 18E11C4E966DEE53FA0E482C55769A35C6C746EB3347DF171A1978D22BC7990B ] RsFx0200 C:\WINDOWS\system32\DRIVERS\RsFx0200.sys
17:27:59.0550 0x1f6c RsFx0200 - ok
17:27:59.0581 0x1f6c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:27:59.0581 0x1f6c rspndr - ok
17:27:59.0612 0x1f6c [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:27:59.0628 0x1f6c RTL8168 - ok
17:27:59.0643 0x1f6c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
17:27:59.0643 0x1f6c s3cap - ok
17:27:59.0675 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
17:27:59.0675 0x1f6c SamSs - ok
17:27:59.0800 0x1f6c SBIOSIO - ok
17:27:59.0831 0x1f6c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
17:27:59.0831 0x1f6c sbp2port - ok
17:27:59.0862 0x1f6c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
17:27:59.0878 0x1f6c SCardSvr - ok
17:27:59.0909 0x1f6c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
17:27:59.0909 0x1f6c ScDeviceEnum - ok
17:27:59.0956 0x1f6c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:27:59.0956 0x1f6c scfilter - ok
17:28:00.0003 0x1f6c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:28:00.0026 0x1f6c Schedule - ok
17:28:00.0042 0x1f6c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
17:28:00.0058 0x1f6c SCPolicySvc - ok
17:28:00.0073 0x1f6c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
17:28:00.0089 0x1f6c sdbus - ok
17:28:00.0193 0x1f6c [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe
17:28:00.0224 0x1f6c SDScannerService - ok
17:28:00.0255 0x1f6c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
17:28:00.0255 0x1f6c sdstor - ok
17:28:00.0365 0x1f6c [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:28:00.0380 0x1f6c SDUpdateService - ok
17:28:00.0412 0x1f6c [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:28:00.0412 0x1f6c SDWSCService - ok
17:28:00.0443 0x1f6c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
17:28:00.0443 0x1f6c secdrv - ok
17:28:00.0474 0x1f6c [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
17:28:00.0474 0x1f6c seclogon - ok
17:28:00.0505 0x1f6c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
17:28:00.0505 0x1f6c SENS - ok
17:28:00.0552 0x1f6c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
17:28:00.0552 0x1f6c SensrSvc - ok
17:28:00.0584 0x1f6c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
17:28:00.0584 0x1f6c SerCx - ok
17:28:00.0615 0x1f6c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
17:28:00.0630 0x1f6c SerCx2 - ok
17:28:00.0646 0x1f6c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
17:28:00.0646 0x1f6c Serenum - ok
17:28:00.0662 0x1f6c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
17:28:00.0662 0x1f6c Serial - ok
17:28:00.0693 0x1f6c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
17:28:00.0693 0x1f6c sermouse - ok
17:28:00.0740 0x1f6c [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
17:28:00.0756 0x1f6c SessionEnv - ok
17:28:00.0802 0x1f6c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
17:28:00.0802 0x1f6c sfloppy - ok
17:28:00.0834 0x1f6c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:28:00.0834 0x1f6c SharedAccess - ok
17:28:00.0881 0x1f6c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:28:00.0881 0x1f6c ShellHWDetection - ok
17:28:00.0912 0x1f6c [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm C:\WINDOWS\system32\DRIVERS\silabenm.sys
17:28:00.0912 0x1f6c silabenm - ok
17:28:00.0927 0x1f6c [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser C:\WINDOWS\system32\DRIVERS\silabser.sys
17:28:00.0943 0x1f6c silabser - ok
17:28:00.0959 0x1f6c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:28:00.0959 0x1f6c SiSRaid2 - ok
17:28:00.0974 0x1f6c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
17:28:00.0974 0x1f6c SiSRaid4 - ok
17:28:01.0006 0x1f6c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
17:28:01.0021 0x1f6c smphost - ok
17:28:01.0037 0x1f6c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
17:28:01.0037 0x1f6c SNMPTRAP - ok
17:28:01.0079 0x1f6c [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
17:28:01.0095 0x1f6c spaceport - ok
17:28:01.0110 0x1f6c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
17:28:01.0110 0x1f6c SpbCx - ok
17:28:01.0183 0x1f6c [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
17:28:01.0183 0x1f6c Spooler - ok
17:28:01.0371 0x1f6c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
17:28:01.0464 0x1f6c sppsvc - ok
17:28:01.0574 0x1f6c [ B70FAF0C7C5737AA6973E14B45477730, 48D835D64D36A46BD2ED6080A0D733B92960DA3EA459005F536587BB19B16A7E ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:28:01.0574 0x1f6c SQLAgent$SQLEXPRESS - ok
17:28:01.0668 0x1f6c [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:28:01.0668 0x1f6c SQLBrowser - ok
17:28:01.0683 0x1f6c [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:28:01.0683 0x1f6c SQLWriter - ok
17:28:01.0730 0x1f6c [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:28:01.0746 0x1f6c srv - ok
17:28:01.0777 0x1f6c [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
17:28:01.0793 0x1f6c srv2 - ok
17:28:01.0808 0x1f6c [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:28:01.0808 0x1f6c srvnet - ok
17:28:01.0839 0x1f6c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:28:01.0855 0x1f6c SSDPSRV - ok
17:28:01.0886 0x1f6c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
17:28:01.0902 0x1f6c SstpSvc - ok
17:28:01.0918 0x1f6c [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:28:01.0918 0x1f6c ssudmdm - ok
17:28:02.0043 0x1f6c [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
17:28:02.0058 0x1f6c ss_conn_service - ok
17:28:02.0095 0x1f6c [ 30D7CE5C0B812BAF4F2FB5F47820C76A, 5C9D67637485F67A720D8582D54D880D8364108C593A020682D4695397284989 ] stdriver C:\WINDOWS\system32\DRIVERS\stdriverx64.sys
17:28:02.0096 0x1f6c stdriver - ok
17:28:02.0146 0x1f6c [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:28:02.0161 0x1f6c Steam Client Service - ok
17:28:02.0203 0x1f6c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
17:28:02.0203 0x1f6c stexstor - ok
17:28:02.0250 0x1f6c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
17:28:02.0250 0x1f6c stisvc - ok
17:28:02.0266 0x1f6c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
17:28:02.0266 0x1f6c storahci - ok
17:28:02.0297 0x1f6c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
17:28:02.0297 0x1f6c storflt - ok
17:28:02.0329 0x1f6c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
17:28:02.0329 0x1f6c stornvme - ok
17:28:02.0360 0x1f6c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
17:28:02.0360 0x1f6c StorSvc - ok
17:28:02.0391 0x1f6c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
17:28:02.0407 0x1f6c storvsc - ok
17:28:02.0438 0x1f6c [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
17:28:02.0438 0x1f6c storvsp - ok
17:28:02.0485 0x1f6c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
17:28:02.0485 0x1f6c svsvc - ok
17:28:02.0532 0x1f6c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
17:28:02.0532 0x1f6c swenum - ok
17:28:02.0672 0x1f6c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:28:02.0688 0x1f6c SwitchBoard - ok
17:28:02.0735 0x1f6c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
17:28:02.0750 0x1f6c swprv - ok
17:28:02.0829 0x1f6c SWUpdateService - ok
17:28:02.0891 0x1f6c [ 092506B413EA5CCA425B31DCC776D2DC, D9DAB4299657BFD7F176C94F988FD8359E2CE62071457AF5F7EF3722FD3EC0A8 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:28:02.0907 0x1f6c SynTP - ok
17:28:02.0969 0x1f6c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
17:28:02.0985 0x1f6c SysMain - ok
17:28:03.0016 0x1f6c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:28:03.0016 0x1f6c SystemEventsBroker - ok
17:28:03.0047 0x1f6c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:28:03.0047 0x1f6c TabletInputService - ok
17:28:03.0079 0x1f6c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:28:03.0094 0x1f6c TapiSrv - ok
17:28:03.0187 0x1f6c [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
17:28:03.0218 0x1f6c Tcpip - ok
17:28:03.0384 0x1f6c [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:28:03.0415 0x1f6c TCPIP6 - ok
17:28:03.0431 0x1f6c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
17:28:03.0431 0x1f6c tcpipreg - ok
17:28:03.0478 0x1f6c [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
17:28:03.0478 0x1f6c tdx - ok
17:28:03.0509 0x1f6c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
17:28:03.0509 0x1f6c terminpt - ok
17:28:03.0572 0x1f6c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
17:28:03.0587 0x1f6c TermService - ok
17:28:03.0619 0x1f6c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
17:28:03.0634 0x1f6c Themes - ok
17:28:03.0650 0x1f6c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
17:28:03.0650 0x1f6c THREADORDER - ok
17:28:03.0665 0x1f6c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
17:28:03.0681 0x1f6c TimeBroker - ok
17:28:03.0712 0x1f6c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
17:28:03.0712 0x1f6c TPM - ok
17:28:03.0744 0x1f6c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
17:28:03.0744 0x1f6c TrkWks - ok
17:28:03.0806 0x1f6c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:28:03.0822 0x1f6c TrustedInstaller - ok
17:28:03.0853 0x1f6c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
17:28:03.0853 0x1f6c TsUsbFlt - ok
17:28:03.0884 0x1f6c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:28:03.0884 0x1f6c TsUsbGD - ok
17:28:03.0931 0x1f6c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:28:03.0931 0x1f6c tunnel - ok
17:28:03.0962 0x1f6c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
17:28:03.0962 0x1f6c uagp35 - ok
17:28:03.0994 0x1f6c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
17:28:03.0994 0x1f6c UASPStor - ok
17:28:04.0041 0x1f6c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
17:28:04.0056 0x1f6c UCX01000 - ok
17:28:04.0119 0x1f6c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
17:28:04.0119 0x1f6c udfs - ok
17:28:04.0134 0x1f6c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
17:28:04.0134 0x1f6c UEFI - ok
17:28:04.0177 0x1f6c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
17:28:04.0193 0x1f6c UI0Detect - ok
17:28:04.0208 0x1f6c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
17:28:04.0208 0x1f6c uliagpkx - ok
17:28:04.0240 0x1f6c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
17:28:04.0240 0x1f6c umbus - ok
17:28:04.0281 0x1f6c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
17:28:04.0281 0x1f6c UmPass - ok
17:28:04.0328 0x1f6c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
17:28:04.0328 0x1f6c UmRdpService - ok
17:28:04.0375 0x1f6c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:28:04.0391 0x1f6c upnphost - ok
17:28:04.0438 0x1f6c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
17:28:04.0438 0x1f6c usbccgp - ok
17:28:04.0484 0x1f6c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
17:28:04.0484 0x1f6c usbcir - ok
17:28:04.0531 0x1f6c [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
17:28:04.0531 0x1f6c usbehci - ok
17:28:04.0578 0x1f6c [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
17:28:04.0594 0x1f6c usbhub - ok
17:28:04.0609 0x1f6c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
17:28:04.0625 0x1f6c USBHUB3 - ok
17:28:04.0641 0x1f6c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
17:28:04.0641 0x1f6c usbohci - ok
17:28:04.0672 0x1f6c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
17:28:04.0688 0x1f6c usbprint - ok
17:28:04.0719 0x1f6c [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
17:28:04.0719 0x1f6c usbscan - ok
17:28:04.0766 0x1f6c [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:28:04.0766 0x1f6c USBSTOR - ok
17:28:04.0797 0x1f6c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
17:28:04.0797 0x1f6c usbuhci - ok
17:28:04.0844 0x1f6c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
17:28:04.0844 0x1f6c usbvideo - ok
17:28:04.0875 0x1f6c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:28:04.0875 0x1f6c USBXHCI - ok
17:28:04.0922 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
17:28:04.0922 0x1f6c VaultSvc - ok
17:28:04.0953 0x1f6c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
17:28:04.0953 0x1f6c vdrvroot - ok
|
|
08.01.2016, 19:29
| #7 |
| | Makrovirus "Berger Antriebstechnik" Teil 2 Code:
ATTFilter 17:28:05.0000 0x1f6c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe 17:28:05.0031 0x1f6c vds - ok 17:28:05.0047 0x1f6c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 17:28:05.0063 0x1f6c VerifierExt - ok 17:28:05.0094 0x1f6c [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 17:28:05.0109 0x1f6c vhdmp - ok 17:28:05.0141 0x1f6c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 17:28:05.0141 0x1f6c viaide - ok 17:28:05.0156 0x1f6c [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\WINDOWS\System32\drivers\Vid.sys 17:28:05.0156 0x1f6c Vid - ok 17:28:05.0206 0x1f6c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 17:28:05.0211 0x1f6c vmbus - ok 17:28:05.0216 0x1f6c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 17:28:05.0231 0x1f6c VMBusHID - ok 17:28:05.0263 0x1f6c [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys 17:28:05.0263 0x1f6c vmbusr - ok 17:28:05.0320 0x1f6c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 17:28:05.0336 0x1f6c vmicguestinterface - ok 17:28:05.0351 0x1f6c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 17:28:05.0367 0x1f6c vmicheartbeat - ok 17:28:05.0382 0x1f6c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 17:28:05.0398 0x1f6c vmickvpexchange - ok 17:28:05.0414 0x1f6c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 17:28:05.0414 0x1f6c vmicrdv - ok 17:28:05.0429 0x1f6c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 17:28:05.0445 0x1f6c vmicshutdown - ok 17:28:05.0445 0x1f6c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 17:28:05.0461 0x1f6c vmictimesync - ok 17:28:05.0476 0x1f6c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 17:28:05.0476 0x1f6c vmicvss - ok 17:28:05.0508 0x1f6c [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 17:28:05.0508 0x1f6c volmgr - ok 17:28:05.0523 0x1f6c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 17:28:05.0523 0x1f6c volmgrx - ok 17:28:05.0554 0x1f6c [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 17:28:05.0554 0x1f6c volsnap - ok 17:28:05.0570 0x1f6c [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 17:28:05.0586 0x1f6c vpci - ok 17:28:05.0617 0x1f6c [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys 17:28:05.0617 0x1f6c vpcivsp - ok 17:28:05.0664 0x1f6c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 17:28:05.0664 0x1f6c vsmraid - ok 17:28:05.0742 0x1f6c [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe 17:28:05.0758 0x1f6c VSS - ok 17:28:05.0789 0x1f6c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 17:28:05.0789 0x1f6c VSTXRAID - ok 17:28:05.0851 0x1f6c [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 17:28:05.0851 0x1f6c vwifibus - ok 17:28:05.0898 0x1f6c [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys 17:28:05.0898 0x1f6c vwififlt - ok 17:28:05.0914 0x1f6c [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys 17:28:05.0914 0x1f6c vwifimp - ok 17:28:05.0961 0x1f6c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll 17:28:05.0976 0x1f6c W32Time - ok 17:28:05.0992 0x1f6c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 17:28:05.0992 0x1f6c WacomPen - ok 17:28:06.0070 0x1f6c [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe 17:28:06.0086 0x1f6c wbengine - ok 17:28:06.0101 0x1f6c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 17:28:06.0117 0x1f6c WbioSrvc - ok 17:28:06.0164 0x1f6c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 17:28:06.0164 0x1f6c Wcmsvc - ok 17:28:06.0211 0x1f6c [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 17:28:06.0211 0x1f6c wcncsvc - ok 17:28:06.0247 0x1f6c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 17:28:06.0250 0x1f6c WcsPlugInService - ok 17:28:06.0282 0x1f6c [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 17:28:06.0282 0x1f6c WdBoot - ok 17:28:06.0329 0x1f6c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 17:28:06.0329 0x1f6c Wdf01000 - ok 17:28:06.0356 0x1f6c [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 17:28:06.0356 0x1f6c WdFilter - ok 17:28:06.0387 0x1f6c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 17:28:06.0387 0x1f6c WdiServiceHost - ok 17:28:06.0402 0x1f6c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 17:28:06.0402 0x1f6c WdiSystemHost - ok 17:28:06.0434 0x1f6c [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 17:28:06.0434 0x1f6c WdNisDrv - ok 17:28:06.0465 0x1f6c WdNisSvc - ok 17:28:06.0512 0x1f6c [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll 17:28:06.0512 0x1f6c WebClient - ok 17:28:06.0559 0x1f6c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 17:28:06.0559 0x1f6c Wecsvc - ok 17:28:06.0590 0x1f6c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 17:28:06.0590 0x1f6c WEPHOSTSVC - ok 17:28:06.0637 0x1f6c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 17:28:06.0637 0x1f6c wercplsupport - ok 17:28:06.0684 0x1f6c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll 17:28:06.0684 0x1f6c WerSvc - ok 17:28:06.0731 0x1f6c [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 17:28:06.0731 0x1f6c WFPLWFS - ok 17:28:06.0777 0x1f6c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 17:28:06.0777 0x1f6c WiaRpc - ok 17:28:06.0793 0x1f6c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 17:28:06.0793 0x1f6c WIMMount - ok 17:28:06.0793 0x1f6c WinDefend - ok 17:28:06.0856 0x1f6c [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 17:28:06.0871 0x1f6c WinHttpAutoProxySvc - ok 17:28:06.0934 0x1f6c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 17:28:06.0949 0x1f6c Winmgmt - ok 17:28:07.0059 0x1f6c [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 17:28:07.0090 0x1f6c WinRM - ok 17:28:07.0137 0x1f6c [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys 17:28:07.0137 0x1f6c WinUsb - ok 17:28:07.0215 0x1f6c [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 17:28:07.0246 0x1f6c WlanSvc - ok 17:28:07.0288 0x1f6c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 17:28:07.0307 0x1f6c wlidsvc - ok 17:28:07.0338 0x1f6c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 17:28:07.0338 0x1f6c WmiAcpi - ok 17:28:07.0395 0x1f6c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 17:28:07.0395 0x1f6c wmiApSrv - ok 17:28:07.0426 0x1f6c WMPNetworkSvc - ok 17:28:07.0458 0x1f6c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys 17:28:07.0473 0x1f6c Wof - ok 17:28:07.0567 0x1f6c [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 17:28:07.0583 0x1f6c workfolderssvc - ok 17:28:07.0629 0x1f6c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 17:28:07.0629 0x1f6c wpcfltr - ok 17:28:07.0661 0x1f6c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 17:28:07.0661 0x1f6c WPCSvc - ok 17:28:07.0708 0x1f6c [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 17:28:07.0708 0x1f6c WPDBusEnum - ok 17:28:07.0755 0x1f6c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 17:28:07.0755 0x1f6c WpdUpFltr - ok 17:28:07.0770 0x1f6c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 17:28:07.0770 0x1f6c ws2ifsl - ok 17:28:07.0817 0x1f6c [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll 17:28:07.0817 0x1f6c wscsvc - ok 17:28:07.0833 0x1f6c WSearch - ok 17:28:07.0958 0x1f6c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll 17:28:08.0004 0x1f6c WSService - ok 17:28:08.0145 0x1f6c [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv C:\WINDOWS\system32\wuaueng.dll 17:28:08.0192 0x1f6c wuauserv - ok 17:28:08.0239 0x1f6c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 17:28:08.0239 0x1f6c WudfPf - ok 17:28:08.0255 0x1f6c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 17:28:08.0255 0x1f6c WUDFRd - ok 17:28:08.0270 0x1f6c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 17:28:08.0286 0x1f6c wudfsvc - ok 17:28:08.0286 0x1f6c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys 17:28:08.0286 0x1f6c WUDFWpdFs - ok 17:28:08.0301 0x1f6c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys 17:28:08.0301 0x1f6c WUDFWpdMtp - ok 17:28:08.0344 0x1f6c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 17:28:08.0360 0x1f6c WwanSvc - ok 17:28:08.0605 0x1f6c [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 17:28:08.0636 0x1f6c ZeroConfigService - ok 17:28:08.0652 0x1f6c ================ Scan global =============================== 17:28:08.0714 0x1f6c [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll 17:28:08.0761 0x1f6c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll 17:28:08.0808 0x1f6c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll 17:28:08.0839 0x1f6c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe 17:28:08.0855 0x1f6c [ Global ] - ok 17:28:08.0855 0x1f6c ================ Scan MBR ================================== 17:28:08.0855 0x1f6c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 17:28:08.0870 0x1f6c \Device\Harddisk0\DR0 - ok 17:28:08.0870 0x1f6c ================ Scan VBR ================================== 17:28:08.0870 0x1f6c [ 7591C3862CADEFC04C7FCFF91AA2C5C7 ] \Device\Harddisk0\DR0\Partition1 17:28:08.0870 0x1f6c \Device\Harddisk0\DR0\Partition1 - ok 17:28:08.0886 0x1f6c [ D66E2EC064BEFC56862FCB5063933E22 ] \Device\Harddisk0\DR0\Partition2 17:28:08.0902 0x1f6c \Device\Harddisk0\DR0\Partition2 - ok 17:28:08.0917 0x1f6c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3 17:28:08.0917 0x1f6c \Device\Harddisk0\DR0\Partition3 - ok 17:28:08.0917 0x1f6c [ 376F1F914B9D8318E56AB9C0C37963CE ] \Device\Harddisk0\DR0\Partition4 17:28:08.0933 0x1f6c \Device\Harddisk0\DR0\Partition4 - ok 17:28:08.0949 0x1f6c [ 11546C81A511B20E2D20AAA226B037E0 ] \Device\Harddisk0\DR0\Partition5 17:28:08.0964 0x1f6c \Device\Harddisk0\DR0\Partition5 - ok 17:28:08.0980 0x1f6c [ EF3872155CE4634557AEC8EA5A26773D ] \Device\Harddisk0\DR0\Partition6 17:28:08.0995 0x1f6c \Device\Harddisk0\DR0\Partition6 - ok 17:28:09.0027 0x1f6c [ 9101D1594FA0E7022403F0B7804242D6 ] \Device\Harddisk0\DR0\Partition7 17:28:09.0042 0x1f6c \Device\Harddisk0\DR0\Partition7 - ok 17:28:09.0058 0x1f6c [ 0A7DE69C0DC6CDE894E8366DF4E5352C ] \Device\Harddisk0\DR0\Partition8 17:28:09.0058 0x1f6c \Device\Harddisk0\DR0\Partition8 - ok 17:28:09.0058 0x1f6c ================ Scan generic autorun ====================== 17:28:09.0105 0x1f6c [ 51F358BE1583FB3246020E36DEEB3E0F, 23E096D57FF2D45168FF5AFF48C10A2E0A144708CD046B1C4F3897205CC8A147 ] C:\WINDOWS\system32\igfxtray.exe 17:28:09.0105 0x1f6c IgfxTray - ok 17:28:09.0136 0x1f6c [ 1218C5653632440C18ECEA89D1CA4575, AF0E7AA60890C52A257D3501FFE652E95F095407A7C6F6F4F00162A9F7DE7C2D ] C:\WINDOWS\system32\hkcmd.exe 17:28:09.0152 0x1f6c HotKeysCmds - ok 17:28:09.0167 0x1f6c [ CC8EB098AEDF4BC97D3004A182099EED, 6ADFB7CB5047C47D86C769F21191B12D2F3FD3BC96665B4CCFD8C8DA44C64ED9 ] C:\WINDOWS\system32\igfxpers.exe 17:28:09.0183 0x1f6c Persistence - ok 17:28:09.0308 0x1f6c [ E9D228970356F01DB68E531A0F173FB8, B23032DFEA446CF4D5E75D6CC3F049314EC9EB2D4E9BEB1883D4AC4BC2631A6B ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe 17:28:09.0368 0x1f6c CanonMyPrinter - ok 17:28:09.0415 0x1f6c [ 605BB2B2A2171D3F5748F4919E80E6C7, 4EBAAE4E2122048603D058C83E32C56F64F8FB9E7B9BB2F83E659BFFD7CB12EE ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe 17:28:09.0430 0x1f6c CanonSolutionMenu - ok 17:28:09.0471 0x1f6c [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe 17:28:09.0471 0x1f6c AdobeAAMUpdater-1.0 - ok 17:28:09.0550 0x1f6c [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 17:28:09.0550 0x1f6c IAStorIcon - ok 17:28:09.0925 0x1f6c [ 3639BEC808929AA13974D420D4C609F8, 2BCAB4AC5F493D71B9CBADDA0DF8C018C526F06A956D4A140F7BD4531371290D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 17:28:10.0253 0x1f6c RtHDVCpl - ok 17:28:10.0315 0x1f6c [ 690051005AED736DA0F5DD40DA5937DB, FA3CD1CF50EFEE6AAFCAAC4D3FE6699ADB2BD7DCC497CA994AAABD8B45B157E0 ] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe 17:28:10.0331 0x1f6c Autodesk Sync - ok 17:28:10.0331 0x1f6c SynTPEnh - ok 17:28:10.0398 0x1f6c [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe 17:28:10.0401 0x1f6c CLMLServer_For_P2G8 - ok 17:28:10.0419 0x1f6c [ 44C5C8A5DF192FDC4D530F57612FA49C, DD8D69698361CBD042AEB69BC040DAD92BB642429B68A9169247E1A8A96D391D ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe 17:28:10.0419 0x1f6c CLVirtualDrive - ok 17:28:10.0465 0x1f6c [ AE29724E282EDBE7D0F49E9982642EFD, E7637C08A35F1D7AF810500804FAC45557C5598FA887BE26484B50D305213658 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 17:28:10.0465 0x1f6c RemoteControl10 - ok 17:28:10.0554 0x1f6c [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe 17:28:10.0569 0x1f6c Intel AppUp(SM) center - ok 17:28:10.0648 0x1f6c [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 17:28:10.0663 0x1f6c avgnt - ok 17:28:10.0695 0x1f6c [ 12916E0642E92561C98B18A2A2D01B14, 4C28478CFE25E1F29AEF8BA6F2FAF3E6C2B34BF18CA77052813903E10ADDCCD5 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 17:28:10.0695 0x1f6c SunJavaUpdateSched - ok 17:28:10.0757 0x1f6c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 17:28:10.0788 0x1f6c SwitchBoard - ok 17:28:10.0866 0x1f6c [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe 17:28:10.0882 0x1f6c AdobeCS6ServiceManager - ok 17:28:10.0991 0x1f6c [ E4EFC2CDC71E0698CB81A4D60C3FADFF, 0278452E7FE903053A470EFA0C7813E9C43517EC0C8C9E42C5A9A3C99146D06B ] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe 17:28:11.0023 0x1f6c IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok 17:28:11.0179 0x1f6c [ F6B7C701F4AA5F7BBEC8F4BEA47100E2, E04CA6F629693CFAA1632A7B7DD877BDF80133853DC7C9B40D5865B9C196B5E8 ] C:\Program Files (x86)\Origin\Origin.exe 17:28:11.0241 0x1f6c EADM - ok 17:28:11.0351 0x1f6c [ 564CB6EACE4064BB4C7815435D035D6A, 19438A697F589598AAF88D80CC7B51AC832FED9BD2088299C43FAF520854AA42 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe 17:28:11.0382 0x1f6c GarminExpressTrayApp - ok 17:28:11.0443 0x1f6c [ 1E377D64DACD4E4656C86241CE5A1233, F0AE582DBCF2525F580DA6D441B4F24BAE551CD35C0F2B19B2B0127787F2AE3A ] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe 17:28:11.0443 0x1f6c AutoStartNPSAgent - ok 17:28:11.0522 0x1f6c [ F120335CFD86E98967AD5F77905E981D, B401356E48B649070E733F57CBF7092522D5ACE348856EFAE1AA92F7C11DADDB ] C:\Program Files (x86)\Samsung\Kies\Kies.exe 17:28:11.0547 0x1f6c KiesPreload - ok 17:28:11.0578 0x1f6c [ B349B9F81A073CC3774CE2130310C477, 16DEC5F9D329E72BDB6CE704C3C81ADA7ABEE5BC72FE589F1BAAFD0B63D8AB3C ] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe 17:28:11.0578 0x1f6c phonostar-PlayerTimer - ok 17:28:11.0735 0x1f6c [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\Steam.exe 17:28:11.0782 0x1f6c Steam - ok 17:28:11.0860 0x1f6c [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe 17:28:11.0891 0x1f6c SpybotPostWindows10UpgradeReInstall - ok 17:28:12.0063 0x1f6c [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe 17:28:12.0110 0x1f6c Spybot-S&D Cleaning - ok 17:28:12.0297 0x1f6c [ 2EC58592401DF51E46BF79523A5E35F2, 2B3CFC4FD12D2C1DF33E7F815F4453FDBDF4C6672BFE32D038CED0F16398EB46 ] C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe 17:28:12.0313 0x1f6c FlashPlayerUpdate - ok 17:28:12.0313 0x1f6c Waiting for KSN requests completion. In queue: 121 17:28:13.0335 0x1f6c Waiting for KSN requests completion. In queue: 121 17:28:14.0343 0x1f6c Waiting for KSN requests completion. In queue: 121 17:28:15.0363 0x1f6c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated ) 17:28:15.0363 0x1f6c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated ) 17:28:15.0363 0x1f6c Win FW state via NFP2: enabled ( trusted ) 17:28:17.0762 0x1f6c ============================================================ 17:28:17.0762 0x1f6c Scan finished 17:28:17.0762 0x1f6c ============================================================ 17:28:17.0772 0x0e9c Detected object count: 0 17:28:17.0772 0x0e9c Actual detected object count: 0 17:30:11.0440 0x18dc ============================================================ 17:30:11.0440 0x18dc Scan started 17:30:11.0440 0x18dc Mode: Manual; SigCheck; TDLFS; 17:30:11.0440 0x18dc ============================================================ 17:30:11.0440 0x18dc KSN ping started 17:30:13.0782 0x18dc KSN ping finished: true 17:30:14.0351 0x18dc ================ Scan system memory ======================== 17:30:14.0351 0x18dc System memory - ok 17:30:14.0366 0x18dc ================ Scan services ============================= 17:30:14.0554 0x18dc [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 17:30:14.0601 0x18dc 1394ohci - ok 17:30:14.0616 0x18dc [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 17:30:14.0632 0x18dc 3ware - ok 17:30:14.0663 0x18dc [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\WINDOWS\system32\drivers\acedrv11.sys 17:30:14.0679 0x18dc acedrv11 - ok 17:30:14.0726 0x18dc [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 17:30:14.0741 0x18dc ACPI - ok 17:30:14.0741 0x18dc [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 17:30:14.0757 0x18dc acpiex - ok 17:30:14.0788 0x18dc [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 17:30:14.0788 0x18dc acpipagr - ok 17:30:14.0819 0x18dc [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 17:30:14.0835 0x18dc AcpiPmi - ok 17:30:14.0855 0x18dc [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 17:30:14.0861 0x18dc acpitime - ok 17:30:14.0940 0x18dc [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 17:30:14.0962 0x18dc AdobeARMservice - ok 17:30:15.0091 0x18dc [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 17:30:15.0106 0x18dc AdobeFlashPlayerUpdateSvc - ok 17:30:15.0184 0x18dc [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 17:30:15.0200 0x18dc ADP80XX - ok 17:30:15.0231 0x18dc [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 17:30:15.0262 0x18dc AeLookupSvc - ok 17:30:15.0294 0x18dc [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys 17:30:15.0325 0x18dc AFD - ok 17:30:15.0341 0x18dc [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 17:30:15.0356 0x18dc agp440 - ok 17:30:15.0387 0x18dc [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 17:30:15.0387 0x18dc ahcache - ok 17:30:15.0434 0x18dc [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe 17:30:15.0434 0x18dc ALG - ok 17:30:15.0466 0x18dc [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 17:30:15.0481 0x18dc AmdK8 - ok 17:30:15.0497 0x18dc [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 17:30:15.0512 0x18dc AmdPPM - ok 17:30:15.0528 0x18dc [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 17:30:15.0528 0x18dc amdsata - ok 17:30:15.0544 0x18dc [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 17:30:15.0559 0x18dc amdsbs - ok 17:30:15.0575 0x18dc [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 17:30:15.0575 0x18dc amdxata - ok 17:30:15.0622 0x18dc [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys 17:30:15.0622 0x18dc AMPPAL - ok 17:30:15.0716 0x18dc [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 17:30:15.0747 0x18dc AMPPALR3 - ok 17:30:15.0856 0x18dc [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe 17:30:15.0872 0x18dc AntiVirMailService - ok 17:30:15.0872 0x18dc Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService 17:30:18.0516 0x18dc Object send P2P result: true 17:30:18.0594 0x18dc [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 17:30:18.0609 0x18dc AntiVirSchedulerService - ok 17:30:18.0609 0x18dc Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService 17:30:21.0041 0x18dc Object send P2P result: true 17:30:21.0099 0x18dc [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 17:30:21.0131 0x18dc AntiVirService - ok 17:30:21.0131 0x18dc Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService 17:30:23.0557 0x18dc Object send P2P result: true 17:30:23.0651 0x18dc [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 17:30:23.0682 0x18dc AntiVirWebService - ok 17:30:23.0682 0x18dc Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService 17:30:26.0108 0x18dc Object send P2P result: true 17:30:26.0171 0x18dc [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys 17:30:26.0202 0x18dc AppID - ok 17:30:26.0218 0x18dc [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 17:30:26.0249 0x18dc AppIDSvc - ok 17:30:26.0289 0x18dc [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll 17:30:26.0305 0x18dc Appinfo - ok 17:30:26.0352 0x18dc [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 17:30:26.0378 0x18dc AppMgmt - ok 17:30:26.0394 0x18dc [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 17:30:26.0409 0x18dc AppReadiness - ok 17:30:26.0472 0x18dc [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 17:30:26.0503 0x18dc AppXSvc - ok 17:30:26.0550 0x18dc [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 17:30:26.0550 0x18dc arcsas - ok 17:30:26.0566 0x18dc [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 17:30:26.0597 0x18dc atapi - ok 17:30:26.0628 0x18dc [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 17:30:26.0644 0x18dc AudioEndpointBuilder - ok 17:30:26.0706 0x18dc [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 17:30:26.0722 0x18dc Audiosrv - ok 17:30:26.0784 0x18dc [ F431DC5D94F4B2FDBC927655D8A9B10E, FA16A95E5B83D08F0FD76FDAB03FC7CD4B6917BFE15F2F1D9F3B781F6A1888D8 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe 17:30:26.0800 0x18dc Autodesk Content Service - ok 17:30:26.0862 0x18dc [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe 17:30:26.0878 0x18dc Autodesk Licensing Service - ok 17:30:26.0909 0x18dc [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 17:30:26.0925 0x18dc avgntflt - ok 17:30:26.0956 0x18dc [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 17:30:26.0972 0x18dc avipbb - ok 17:30:26.0972 0x18dc Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb 17:30:29.0401 0x18dc Object send P2P result: true 17:30:29.0448 0x18dc [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 17:30:29.0480 0x18dc Avira.ServiceHost - ok 17:30:29.0480 0x18dc Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost 17:30:31.0924 0x18dc Object send P2P result: true 17:30:31.0971 0x18dc [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 17:30:31.0986 0x18dc avkmgr - ok 17:30:32.0018 0x18dc [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys 17:30:32.0033 0x18dc avnetflt - ok 17:30:32.0033 0x18dc Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt 17:30:34.0484 0x18dc Object send P2P result: true 17:30:34.0531 0x18dc [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 17:30:34.0562 0x18dc AxInstSV - ok 17:30:34.0590 0x18dc [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 17:30:34.0621 0x18dc b06bdrv - ok 17:30:34.0637 0x18dc [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 17:30:34.0637 0x18dc BasicDisplay - ok 17:30:34.0678 0x18dc [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 17:30:34.0693 0x18dc BasicRender - ok 17:30:34.0693 0x18dc [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 17:30:34.0709 0x18dc bcmfn2 - ok 17:30:34.0740 0x18dc [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 17:30:34.0756 0x18dc BDESVC - ok 17:30:34.0771 0x18dc [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys 17:30:34.0803 0x18dc Beep - ok 17:30:34.0850 0x18dc [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\WINDOWS\System32\bfe.dll 17:30:34.0881 0x18dc BFE - ok 17:30:34.0959 0x18dc [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll 17:30:34.0975 0x18dc BITS - ok 17:30:35.0100 0x18dc [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 17:30:35.0131 0x18dc Bluetooth Device Monitor - ok 17:30:35.0162 0x18dc [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 17:30:35.0193 0x18dc Bluetooth OBEX Service - ok 17:30:35.0225 0x18dc [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 17:30:35.0240 0x18dc bowser - ok 17:30:35.0271 0x18dc [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 17:30:35.0303 0x18dc BrokerInfrastructure - ok 17:30:35.0350 0x18dc [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll 17:30:35.0381 0x18dc Browser - ok 17:30:35.0396 0x18dc [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 17:30:35.0412 0x18dc BthAvrcpTg - ok 17:30:35.0459 0x18dc [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 17:30:35.0475 0x18dc BthEnum - ok 17:30:35.0506 0x18dc [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 17:30:35.0506 0x18dc BthHFEnum - ok 17:30:35.0537 0x18dc [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 17:30:35.0553 0x18dc bthhfhid - ok 17:30:35.0612 0x18dc [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 17:30:35.0643 0x18dc BthHFSrv - ok 17:30:35.0690 0x18dc [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys 17:30:35.0714 0x18dc BthLEEnum - ok 17:30:35.0748 0x18dc [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 17:30:35.0748 0x18dc BTHMODEM - ok 17:30:35.0779 0x18dc [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys 17:30:35.0795 0x18dc BthPan - ok 17:30:35.0858 0x18dc [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys 17:30:35.0889 0x18dc BTHPORT - ok 17:30:35.0920 0x18dc [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll 17:30:35.0936 0x18dc bthserv - ok 17:30:35.0951 0x18dc [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 17:30:35.0967 0x18dc BTHSSecurityMgr - ok 17:30:36.0029 0x18dc [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys 17:30:36.0045 0x18dc BTHUSB - ok 17:30:36.0092 0x18dc [ 4428C299BE7B9841ECFA82044B69FA6A, F8AB607D6CACBF2DDE3C392F9756B9F32CB99664A75F3140365CB916450660EC ] btmaux C:\WINDOWS\system32\DRIVERS\btmaux.sys 17:30:36.0108 0x18dc btmaux - ok 17:30:36.0154 0x18dc [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys 17:30:36.0170 0x18dc btmhsf - ok 17:30:36.0201 0x18dc [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 17:30:36.0201 0x18dc cdfs - ok 17:30:36.0233 0x18dc [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 17:30:36.0233 0x18dc cdrom - ok 17:30:36.0295 0x18dc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 17:30:36.0326 0x18dc CertPropSvc - ok 17:30:36.0373 0x18dc [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 17:30:36.0389 0x18dc circlass - ok 17:30:36.0436 0x18dc [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 17:30:36.0451 0x18dc CLFS - ok 17:30:36.0483 0x18dc [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 17:30:36.0498 0x18dc CLVirtualDrive - ok 17:30:36.0529 0x18dc [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 17:30:36.0545 0x18dc CmBatt - ok 17:30:36.0576 0x18dc [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\WINDOWS\system32\Drivers\cng.sys 17:30:36.0608 0x18dc CNG - ok 17:30:36.0623 0x18dc [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 17:30:36.0641 0x18dc CompositeBus - ok 17:30:36.0645 0x18dc COMSysApp - ok 17:30:36.0651 0x18dc [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys 17:30:36.0667 0x18dc condrv - ok 17:30:36.0849 0x18dc [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 17:30:36.0865 0x18dc cphs - ok 17:30:36.0911 0x18dc [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 17:30:36.0927 0x18dc CryptSvc - ok 17:30:36.0974 0x18dc [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\WINDOWS\system32\drivers\csc.sys 17:30:37.0005 0x18dc CSC - ok 17:30:37.0036 0x18dc [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\WINDOWS\System32\cscsvc.dll 17:30:37.0068 0x18dc CscService - ok 17:30:37.0115 0x18dc [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys 17:30:37.0130 0x18dc dam - ok 17:30:37.0193 0x18dc [ 5A639B2B630B572FFE9B72448A8A514D, C61C72BC85AD4E2A2AD12E1404601B5FFC26AABB0D9D9CDF48D926443FF91F50 ] DBService C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe 17:30:37.0224 0x18dc DBService - ok 17:30:37.0302 0x18dc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 17:30:37.0318 0x18dc DcomLaunch - ok 17:30:37.0365 0x18dc [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll 17:30:37.0380 0x18dc defragsvc - ok 17:30:37.0411 0x18dc [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 17:30:37.0427 0x18dc DeviceAssociationService - ok 17:30:37.0458 0x18dc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 17:30:37.0474 0x18dc DeviceInstall - ok 17:30:37.0490 0x18dc [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 17:30:37.0505 0x18dc Dfsc - ok 17:30:37.0536 0x18dc [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys 17:30:37.0552 0x18dc dg_ssudbus - ok 17:30:37.0599 0x18dc [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 17:30:37.0646 0x18dc Dhcp - ok 17:30:37.0703 0x18dc [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 17:30:37.0734 0x18dc DiagTrack - ok 17:30:37.0786 0x18dc [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys 17:30:37.0791 0x18dc disk - ok 17:30:37.0822 0x18dc [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 17:30:37.0822 0x18dc dmvsc - ok 17:30:37.0869 0x18dc [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 17:30:37.0885 0x18dc Dnscache - ok 17:30:37.0916 0x18dc [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 17:30:37.0947 0x18dc dot3svc - ok 17:30:37.0978 0x18dc [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll 17:30:38.0010 0x18dc DPS - ok 17:30:38.0041 0x18dc [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 17:30:38.0057 0x18dc drmkaud - ok 17:30:38.0088 0x18dc [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 17:30:38.0119 0x18dc DsmSvc - ok 17:30:38.0197 0x18dc [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 17:30:38.0244 0x18dc DXGKrnl - ok 17:30:38.0260 0x18dc [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll 17:30:38.0260 0x18dc Eaphost - ok 17:30:38.0416 0x18dc [ E8A3102296B412EBE14801733474816B, 5B88E0A8DE37D09E6A8E86347E7F69BACF9C87B2C053A92518DE60852728BDEC ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe 17:30:38.0447 0x18dc Easy Launcher - ok 17:30:38.0572 0x18dc [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 17:30:38.0650 0x18dc ebdrv - ok 17:30:38.0682 0x18dc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe 17:30:38.0697 0x18dc EFS - ok 17:30:38.0787 0x18dc [ 44C5F3F4B70D1C8D21C90E724E249796, 49B31B9E7E45A2E42BDA803D9CDC3837E0CB73A1E1E6DA00CF4282573D60526F ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe 17:30:38.0818 0x18dc ehRecvr - ok 17:30:38.0828 0x18dc [ 8EFB35A528A48D682C5322A5A07D4352, 5886991ECA449C48A89A3BB2950468EA7CCBD0998774C4C77A1194866827D267 ] ehSched C:\WINDOWS\ehome\ehsched.exe 17:30:38.0828 0x18dc ehSched - ok 17:30:38.0875 0x18dc [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 17:30:38.0875 0x18dc EhStorClass - ok 17:30:38.0891 0x18dc [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 17:30:38.0906 0x18dc EhStorTcgDrv - ok 17:30:38.0922 0x18dc [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 17:30:38.0922 0x18dc ErrDev - ok 17:30:38.0969 0x18dc [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll 17:30:38.0984 0x18dc EventSystem - ok 17:30:39.0109 0x18dc [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 17:30:39.0141 0x18dc EvtEng - ok 17:30:39.0188 0x18dc [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 17:30:39.0219 0x18dc exfat - ok 17:30:39.0250 0x18dc [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 17:30:39.0266 0x18dc fastfat - ok 17:30:39.0328 0x18dc [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe 17:30:39.0344 0x18dc Fax - ok 17:30:39.0359 0x18dc [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 17:30:39.0375 0x18dc fdc - ok 17:30:39.0406 0x18dc [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 17:30:39.0406 0x18dc fdPHost - ok 17:30:39.0438 0x18dc [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 17:30:39.0438 0x18dc FDResPub - ok 17:30:39.0484 0x18dc [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 17:30:39.0500 0x18dc fhsvc - ok 17:30:39.0547 0x18dc [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 17:30:39.0563 0x18dc FileInfo - ok 17:30:39.0594 0x18dc [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 17:30:39.0625 0x18dc Filetrace - ok 17:30:39.0703 0x18dc [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 17:30:39.0734 0x18dc FLEXnet Licensing Service 64 - ok 17:30:39.0759 0x18dc [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 17:30:39.0759 0x18dc flpydisk - ok 17:30:39.0790 0x18dc [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 17:30:39.0806 0x18dc FltMgr - ok 17:30:39.0879 0x18dc [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\WINDOWS\system32\FntCache.dll 17:30:39.0925 0x18dc FontCache - ok 17:30:40.0050 0x18dc [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 17:30:40.0066 0x18dc FontCache3.0.0.0 - ok 17:30:40.0113 0x18dc [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 17:30:40.0129 0x18dc FsDepends - ok 17:30:40.0160 0x18dc [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 17:30:40.0175 0x18dc Fs_Rec - ok 17:30:40.0191 0x18dc [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 17:30:40.0222 0x18dc fvevol - ok 17:30:40.0238 0x18dc [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 17:30:40.0238 0x18dc FxPPM - ok 17:30:40.0254 0x18dc [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 17:30:40.0269 0x18dc gagp30kx - ok 17:30:40.0316 0x18dc [ E99CF7AD8704278B7C8A8FB84BE4B3B6, F269C385513903385FDADC0E57325234062CF790484ADEFF206B20DEAFC69952 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe 17:30:40.0332 0x18dc Garmin Core Update Service - ok 17:30:40.0363 0x18dc [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 17:30:40.0379 0x18dc gencounter - ok 17:30:40.0410 0x18dc [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 17:30:40.0425 0x18dc GPIOClx0101 - ok 17:30:40.0488 0x18dc [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 17:30:40.0519 0x18dc gpsvc - ok 17:30:40.0550 0x18dc [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 17:30:40.0550 0x18dc HDAudBus - ok 17:30:40.0582 0x18dc [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 17:30:40.0597 0x18dc HidBatt - ok 17:30:40.0629 0x18dc [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 17:30:40.0644 0x18dc HidBth - ok 17:30:40.0660 0x18dc [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 17:30:40.0660 0x18dc hidi2c - ok 17:30:40.0691 0x18dc [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 17:30:40.0707 0x18dc HidIr - ok 17:30:40.0738 0x18dc [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll 17:30:40.0738 0x18dc hidserv - ok 17:30:40.0769 0x18dc [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 17:30:40.0769 0x18dc HidUsb - ok 17:30:40.0814 0x18dc [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 17:30:40.0830 0x18dc hkmsvc - ok 17:30:40.0877 0x18dc [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 17:30:40.0894 0x18dc HomeGroupListener - ok 17:30:40.0918 0x18dc [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 17:30:40.0934 0x18dc HomeGroupProvider - ok 17:30:40.0965 0x18dc [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 17:30:40.0981 0x18dc HpSAMD - ok 17:30:41.0043 0x18dc [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 17:30:41.0059 0x18dc HTTP - ok 17:30:41.0106 0x18dc [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 17:30:41.0121 0x18dc hwpolicy - ok 17:30:41.0153 0x18dc [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 17:30:41.0153 0x18dc hyperkbd - ok 17:30:41.0168 0x18dc [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 17:30:41.0184 0x18dc HyperVideo - ok 17:30:41.0200 0x18dc [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 17:30:41.0215 0x18dc i8042prt - ok 17:30:41.0231 0x18dc [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 17:30:41.0231 0x18dc iaLPSSi_GPIO - ok 17:30:41.0246 0x18dc [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 17:30:41.0262 0x18dc iaLPSSi_I2C - ok 17:30:41.0293 0x18dc [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 17:30:41.0309 0x18dc iaStorA - ok 17:30:41.0356 0x18dc [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 17:30:41.0387 0x18dc iaStorAV - ok 17:30:41.0434 0x18dc [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 17:30:41.0434 0x18dc IAStorDataMgrSvc - ok 17:30:41.0465 0x18dc [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 17:30:41.0496 0x18dc iaStorV - ok 17:30:41.0528 0x18dc [ 23E22B130EFE5A225E279467BE146317, 2302C119FE9C57F3A71DFE504489423B6F7140E2DFF5D501883AD971CB671CB4 ] iBtFltCoex C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys 17:30:41.0528 0x18dc iBtFltCoex - ok 17:30:41.0543 0x18dc IEEtwCollectorService - ok 17:30:41.0684 0x18dc [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 17:30:41.0793 0x18dc igfx - ok 17:30:41.0836 0x18dc [ C5B04409186A27409BD069580208A6D3, CAD4B07EB498BBDF730A8362BFDF02CF3A40B28001097CB8DBB5BE20D79581BA ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 17:30:41.0852 0x18dc IJPLMSVC - ok 17:30:41.0941 0x18dc [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\WINDOWS\System32\ikeext.dll 17:30:41.0972 0x18dc IKEEXT - ok 17:30:42.0003 0x18dc [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys 17:30:42.0003 0x18dc intaud_WaveExtensible - ok 17:30:42.0159 0x18dc [ E3FEE528E5E232BB173E07E5AA29406A, AC0E6862CEC92933C64EA716D81598247A8BCDB346FCE3780C6083D80F07FA3F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 17:30:42.0238 0x18dc IntcAzAudAddService - ok 17:30:42.0269 0x18dc [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 17:30:42.0284 0x18dc IntcDAud - ok 17:30:42.0363 0x18dc [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 17:30:42.0378 0x18dc Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 ) 17:30:42.0378 0x18dc Detect skipped due to KSN trusted 17:30:42.0378 0x18dc Intel(R) Capability Licensing Service Interface - ok 17:30:42.0409 0x18dc [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 17:30:42.0441 0x18dc Intel(R) Capability Licensing Service TCP IP Interface - ok 17:30:42.0519 0x18dc [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe 17:30:42.0534 0x18dc Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok 17:30:42.0566 0x18dc [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 17:30:42.0581 0x18dc intelide - ok 17:30:42.0628 0x18dc [ A4DE7F75F20762A1C360E48B36F3B498, D194B7E16837E5AE7F0E3FC3B0F9A5CB2E1F7D4C2D5BDC6AC6D3DF09CE5334C1 ] IntelliMemory C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe 17:30:42.0628 0x18dc IntelliMemory - ok 17:30:42.0659 0x18dc [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 17:30:42.0675 0x18dc intelpep - ok 17:30:42.0706 0x18dc [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 17:30:42.0722 0x18dc intelppm - ok 17:30:42.0738 0x18dc [ 188D1B5837948CE932353C1FB26BF301, 5E08144063D3AE3AD2D5285DA524BC862971303533BFA18ED6BC49476C029A28 ] intmfs C:\WINDOWS\system32\DRIVERS\intmfs.sys 17:30:42.0738 0x18dc intmfs - ok 17:30:42.0738 0x18dc [ EB0169B38D94A4BC575724ABBA58DF36, F8FA133813595B48E220499C3841BD11E2127B3BEE52A0988EFD5502877AE0A2 ] intmsd C:\WINDOWS\system32\DRIVERS\intmsd.sys 17:30:42.0753 0x18dc intmsd - ok 17:30:42.0769 0x18dc [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 17:30:42.0784 0x18dc IpFilterDriver - ok 17:30:42.0847 0x18dc [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 17:30:42.0874 0x18dc iphlpsvc - ok 17:30:42.0890 0x18dc [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 17:30:42.0890 0x18dc IPMIDRV - ok 17:30:42.0921 0x18dc [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 17:30:42.0937 0x18dc IPNAT - ok 17:30:42.0952 0x18dc [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 17:30:42.0974 0x18dc IRENUM - ok 17:30:43.0009 0x18dc [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 17:30:43.0041 0x18dc isapnp - ok 17:30:43.0072 0x18dc [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 17:30:43.0087 0x18dc iScsiPrt - ok 17:30:43.0181 0x18dc [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe 17:30:43.0228 0x18dc iumsvc - ok 17:30:43.0259 0x18dc [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 17:30:43.0275 0x18dc iwdbus - ok 17:30:43.0337 0x18dc [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 17:30:43.0353 0x18dc jhi_service - ok 17:30:43.0369 0x18dc [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 17:30:43.0384 0x18dc kbdclass - ok 17:30:43.0416 0x18dc [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 17:30:43.0431 0x18dc kbdhid - ok 17:30:43.0447 0x18dc [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys 17:30:43.0447 0x18dc kbldfltr - ok 17:30:43.0494 0x18dc [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 17:30:43.0509 0x18dc kdnic - ok 17:30:43.0525 0x18dc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe 17:30:43.0541 0x18dc KeyIso - ok 17:30:43.0572 0x18dc [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 17:30:43.0587 0x18dc KSecDD - ok 17:30:43.0634 0x18dc [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 17:30:43.0650 0x18dc KSecPkg - ok 17:30:43.0650 0x18dc [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 17:30:43.0666 0x18dc ksthunk - ok 17:30:43.0681 0x18dc [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 17:30:43.0697 0x18dc KtmRm - ok 17:30:43.0744 0x18dc [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 17:30:43.0759 0x18dc LanmanServer - ok 17:30:43.0806 0x18dc [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 17:30:43.0822 0x18dc LanmanWorkstation - ok 17:30:43.0884 0x18dc [ 4B778E7F0389963BAE8A0AE0370496CC, 4E27D6E62B09B9D4A125545BC44A5124EBA49C6E5CA7A5E9392CE1220A57D59C ] launcherservice C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe 17:30:43.0905 0x18dc launcherservice - detected UnsignedFile.Multi.Generic ( 1 ) 17:30:43.0971 0x18dc launcherservice ( UnsignedFile.Multi.Generic ) - warning 17:30:43.0971 0x18dc Force sending object to P2P due to detect: launcherservice 17:30:46.0435 0x18dc Object send P2P result: true 17:30:48.0885 0x18dc [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 17:30:48.0916 0x18dc lfsvc - ok 17:30:48.0948 0x18dc [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 17:30:48.0963 0x18dc lltdio - ok 17:30:49.0057 0x18dc [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 17:30:49.0090 0x18dc lltdsvc - ok 17:30:49.0115 0x18dc [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 17:30:49.0115 0x18dc lmhosts - ok 17:30:49.0162 0x18dc [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 17:30:49.0177 0x18dc LMS - ok 17:30:49.0219 0x18dc [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 17:30:49.0219 0x18dc LSI_SAS - ok 17:30:49.0234 0x18dc [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 17:30:49.0250 0x18dc LSI_SAS2 - ok 17:30:49.0266 0x18dc [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 17:30:49.0266 0x18dc LSI_SAS3 - ok 17:30:49.0281 0x18dc [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 17:30:49.0297 0x18dc LSI_SSS - ok 17:30:49.0344 0x18dc [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll 17:30:49.0375 0x18dc LSM - ok 17:30:49.0406 0x18dc [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 17:30:49.0422 0x18dc luafv - ok 17:30:49.0453 0x18dc [ 9D2252224DF2213E1B44FA608E6A1D14, E2C644C5FDCCA7BD2547ADC110FDDB26EA91C734AB53CD4196266C746BFDFAA4 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll 17:30:49.0453 0x18dc Mcx2Svc - ok 17:30:49.0500 0x18dc [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe 17:30:49.0516 0x18dc MDM - detected UnsignedFile.Multi.Generic ( 1 ) 17:30:49.0516 0x18dc Detect skipped due to KSN trusted 17:30:49.0516 0x18dc MDM - ok 17:30:49.0547 0x18dc [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys 17:30:49.0563 0x18dc megasas - ok 17:30:49.0578 0x18dc [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 17:30:49.0594 0x18dc megasr - ok 17:30:49.0625 0x18dc [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 17:30:49.0625 0x18dc MEIx64 - ok 17:30:49.0656 0x18dc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll 17:30:49.0672 0x18dc MMCSS - ok 17:30:49.0703 0x18dc [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys 17:30:49.0734 0x18dc Modem - ok 17:30:49.0750 0x18dc [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 17:30:49.0766 0x18dc monitor - ok 17:30:49.0781 0x18dc [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 17:30:49.0781 0x18dc mouclass - ok 17:30:49.0797 0x18dc [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 17:30:49.0813 0x18dc mouhid - ok 17:30:49.0844 0x18dc [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 17:30:49.0859 0x18dc mountmgr - ok 17:30:49.0906 0x18dc [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 17:30:49.0922 0x18dc MozillaMaintenance - ok 17:30:49.0969 0x18dc [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 17:30:49.0984 0x18dc mpsdrv - ok |
|
08.01.2016, 19:47
| #8 |
| | Makrovirus "Berger Antriebstechnik" Teil 3 Code:
ATTFilter 17:30:50.0047 0x18dc [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 17:30:50.0094 0x18dc MpsSvc - ok 17:30:50.0132 0x18dc [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 17:30:50.0137 0x18dc MRxDAV - ok 17:30:50.0184 0x18dc [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 17:30:50.0215 0x18dc mrxsmb - ok 17:30:50.0256 0x18dc [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 17:30:50.0287 0x18dc mrxsmb10 - ok 17:30:50.0302 0x18dc [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 17:30:50.0318 0x18dc mrxsmb20 - ok 17:30:50.0334 0x18dc [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 17:30:50.0349 0x18dc MsBridge - ok 17:30:50.0381 0x18dc [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe 17:30:50.0396 0x18dc MSDTC - ok 17:30:50.0443 0x18dc [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 17:30:50.0474 0x18dc Msfs - ok 17:30:50.0490 0x18dc [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 17:30:50.0506 0x18dc msgpiowin32 - ok 17:30:50.0521 0x18dc [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 17:30:50.0537 0x18dc mshidkmdf - ok 17:30:50.0553 0x18dc [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 17:30:50.0568 0x18dc mshidumdf - ok 17:30:50.0584 0x18dc [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 17:30:50.0584 0x18dc msisadrv - ok 17:30:50.0615 0x18dc [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 17:30:50.0631 0x18dc MSiSCSI - ok 17:30:50.0646 0x18dc msiserver - ok 17:30:50.0662 0x18dc [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll 17:30:50.0677 0x18dc MsKeyboardFilter - ok 17:30:50.0709 0x18dc [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 17:30:50.0724 0x18dc MSKSSRV - ok 17:30:50.0740 0x18dc [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 17:30:50.0756 0x18dc MsLldp - ok 17:30:50.0771 0x18dc [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 17:30:50.0771 0x18dc MSPCLOCK - ok 17:30:50.0787 0x18dc [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 17:30:50.0787 0x18dc MSPQM - ok 17:30:50.0818 0x18dc [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 17:30:50.0834 0x18dc MsRPC - ok 17:30:50.0834 0x18dc [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 17:30:50.0849 0x18dc mssmbios - ok 17:30:50.0928 0x18dc [ 3AE13C9869B7CE1135BCF21C0AAA68ED, 3E917376199B13523DFB4FCC445583D9DF0606AD0A6A02B111D8A3EE6B71E117 ] MSSQL$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe 17:30:50.0943 0x18dc MSSQL$SQLEXPRESS - ok 17:30:50.0974 0x18dc [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 17:30:50.0974 0x18dc MSTEE - ok 17:30:50.0990 0x18dc [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 17:30:50.0990 0x18dc MTConfig - ok 17:30:51.0021 0x18dc [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys 17:30:51.0037 0x18dc Mup - ok 17:30:51.0053 0x18dc [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 17:30:51.0068 0x18dc mvumis - ok 17:30:51.0099 0x18dc [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 17:30:51.0099 0x18dc MyWiFiDHCPDNS - ok 17:30:51.0146 0x18dc [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll 17:30:51.0169 0x18dc napagent - ok 17:30:51.0205 0x18dc [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 17:30:51.0221 0x18dc NativeWifiP - ok 17:30:51.0277 0x18dc [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe 17:30:51.0294 0x18dc NAUpdate - ok 17:30:51.0325 0x18dc [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 17:30:51.0340 0x18dc NcaSvc - ok 17:30:51.0372 0x18dc [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll 17:30:51.0403 0x18dc NcbService - ok 17:30:51.0419 0x18dc [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 17:30:51.0434 0x18dc NcdAutoSetup - ok 17:30:51.0481 0x18dc [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 17:30:51.0512 0x18dc NDIS - ok 17:30:51.0544 0x18dc [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 17:30:51.0559 0x18dc NdisCap - ok 17:30:51.0591 0x18dc [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 17:30:51.0606 0x18dc NdisImPlatform - ok 17:30:51.0637 0x18dc [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 17:30:51.0653 0x18dc NdisTapi - ok 17:30:51.0684 0x18dc [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 17:30:51.0716 0x18dc Ndisuio - ok 17:30:51.0716 0x18dc [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 17:30:51.0731 0x18dc NdisVirtualBus - ok 17:30:51.0762 0x18dc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 17:30:51.0778 0x18dc NdisWan - ok 17:30:51.0778 0x18dc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 17:30:51.0794 0x18dc NdisWanLegacy - ok 17:30:51.0825 0x18dc [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 17:30:51.0841 0x18dc NDProxy - ok 17:30:51.0872 0x18dc [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 17:30:51.0903 0x18dc Ndu - ok 17:30:51.0934 0x18dc [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 17:30:51.0966 0x18dc NetBIOS - ok 17:30:52.0012 0x18dc [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 17:30:52.0028 0x18dc NetBT - ok 17:30:52.0044 0x18dc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe 17:30:52.0044 0x18dc Netlogon - ok 17:30:52.0091 0x18dc [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll 17:30:52.0106 0x18dc Netman - ok 17:30:52.0153 0x18dc [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 17:30:52.0184 0x18dc netprofm - ok 17:30:52.0245 0x18dc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 17:30:52.0245 0x18dc NetTcpPortSharing - ok 17:30:52.0291 0x18dc [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys 17:30:52.0291 0x18dc netvsc - ok 17:30:52.0395 0x18dc [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64 C:\WINDOWS\system32\DRIVERS\Netwew00.sys 17:30:52.0442 0x18dc NETwNe64 - ok 17:30:52.0489 0x18dc [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 17:30:52.0505 0x18dc NlaSvc - ok 17:30:52.0583 0x18dc [ EBA1B4BF2E2375ABDADEDB649F283541, 8B27AE794678C55791F95F34E67E12BAD5BE753F812C49D6511BB657CF453B52 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe 17:30:52.0599 0x18dc NMIndexingService - ok 17:30:52.0645 0x18dc [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 17:30:52.0661 0x18dc Npfs - ok 17:30:52.0692 0x18dc [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 17:30:52.0692 0x18dc npsvctrig - ok 17:30:52.0739 0x18dc [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll 17:30:52.0739 0x18dc nsi - ok 17:30:52.0770 0x18dc [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 17:30:52.0786 0x18dc nsiproxy - ok 17:30:52.0849 0x18dc [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 17:30:52.0895 0x18dc Ntfs - ok 17:30:52.0942 0x18dc [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys 17:30:52.0942 0x18dc Null - ok 17:30:53.0248 0x18dc [ C769B999721DEF6E59FF579AEDFB2693, 05FC56F88515787533BC8E14A8556BDC3FE0B50AC9EB51C8C0A2187FA1761C89 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 17:30:53.0431 0x18dc nvlddmkm - ok 17:30:53.0478 0x18dc [ 1C7CF80FE7E4B18BC46EA5C7ADC7339C, 671D634E8AF33DAF8E926CDE0C54A10142A989D8358E2827A7EB78026D25763B ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys 17:30:53.0478 0x18dc nvpciflt - ok 17:30:53.0525 0x18dc [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 17:30:53.0556 0x18dc nvraid - ok 17:30:53.0572 0x18dc [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 17:30:53.0572 0x18dc nvstor - ok 17:30:53.0587 0x18dc [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 17:30:53.0603 0x18dc nv_agp - ok 17:30:53.0681 0x18dc [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 17:30:53.0697 0x18dc odserv - ok 17:30:53.0806 0x18dc [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe 17:30:53.0853 0x18dc Origin Client Service - ok 17:30:53.0884 0x18dc [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:30:53.0900 0x18dc ose - ok 17:30:53.0962 0x18dc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 17:30:53.0978 0x18dc p2pimsvc - ok 17:30:54.0040 0x18dc [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll 17:30:54.0056 0x18dc p2psvc - ok 17:30:54.0072 0x18dc [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys 17:30:54.0087 0x18dc Parport - ok 17:30:54.0119 0x18dc [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 17:30:54.0119 0x18dc partmgr - ok 17:30:54.0165 0x18dc [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 17:30:54.0181 0x18dc PcaSvc - ok 17:30:54.0212 0x18dc [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys 17:30:54.0228 0x18dc pci - ok 17:30:54.0244 0x18dc [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 17:30:54.0244 0x18dc pciide - ok 17:30:54.0275 0x18dc [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 17:30:54.0288 0x18dc pcmcia - ok 17:30:54.0304 0x18dc [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 17:30:54.0320 0x18dc pcw - ok 17:30:54.0335 0x18dc [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 17:30:54.0351 0x18dc pdc - ok 17:30:54.0367 0x18dc [ 958754A37C85E18EB53FA2139787113C, A58B39CFD7B0A36EA12965A24A384B7B1E2A980CA8D2F33B72FA72B00E68EC0C ] pe3ah4nc C:\WINDOWS\system32\drivers\pe3ah4nc.sys 17:30:54.0367 0x18dc pe3ah4nc - ok 17:30:54.0425 0x18dc [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 17:30:54.0456 0x18dc PEAUTH - ok 17:30:54.0550 0x18dc [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll 17:30:54.0596 0x18dc PeerDistSvc - ok 17:30:54.0706 0x18dc [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 17:30:54.0737 0x18dc PerfHost - ok 17:30:54.0800 0x18dc [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll 17:30:54.0846 0x18dc pla - ok 17:30:54.0862 0x18dc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 17:30:54.0878 0x18dc PlugPlay - ok 17:30:54.0909 0x18dc [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 17:30:54.0925 0x18dc PNRPAutoReg - ok 17:30:54.0940 0x18dc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 17:30:54.0956 0x18dc PNRPsvc - ok 17:30:55.0003 0x18dc [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 17:30:55.0034 0x18dc PolicyAgent - ok 17:30:55.0081 0x18dc [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll 17:30:55.0096 0x18dc Power - ok 17:30:55.0112 0x18dc pr2ah4nc - ok 17:30:55.0268 0x18dc [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 17:30:55.0387 0x18dc PrintNotify - ok 17:30:55.0491 0x18dc [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys 17:30:55.0522 0x18dc Processor - ok 17:30:55.0584 0x18dc [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll 17:30:55.0600 0x18dc ProfSvc - ok 17:30:55.0631 0x18dc [ 0E998144E0C05AFFBB6CC66B5999958C, 6EED570FCBDD4FD9746C5E72AB83261D826CF68A54411FD82DF917DADAF23FD7 ] ps6ah4nc C:\WINDOWS\system32\drivers\ps6ah4nc.sys 17:30:55.0631 0x18dc ps6ah4nc - ok 17:30:55.0663 0x18dc [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 17:30:55.0678 0x18dc Psched - ok 17:30:55.0725 0x18dc [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll 17:30:55.0756 0x18dc QWAVE - ok 17:30:55.0772 0x18dc [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 17:30:55.0788 0x18dc QWAVEdrv - ok 17:30:55.0819 0x18dc [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini C:\WINDOWS\System32\drivers\RadioHIDMini.sys 17:30:55.0819 0x18dc RadioHIDMini - ok 17:30:55.0834 0x18dc [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 17:30:55.0850 0x18dc RasAcd - ok 17:30:55.0881 0x18dc [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll 17:30:55.0897 0x18dc RasAuto - ok 17:30:55.0928 0x18dc [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll 17:30:55.0959 0x18dc RasMan - ok 17:30:55.0991 0x18dc [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 17:30:56.0006 0x18dc RasPppoe - ok 17:30:56.0022 0x18dc [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 17:30:56.0038 0x18dc rdbss - ok 17:30:56.0084 0x18dc [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 17:30:56.0084 0x18dc rdpbus - ok 17:30:56.0100 0x18dc [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 17:30:56.0116 0x18dc RDPDR - ok 17:30:56.0147 0x18dc [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 17:30:56.0163 0x18dc RdpVideoMiniport - ok 17:30:56.0194 0x18dc [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 17:30:56.0225 0x18dc rdyboost - ok 17:30:56.0272 0x18dc [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 17:30:56.0288 0x18dc ReFS - ok 17:30:56.0390 0x18dc [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 17:30:56.0405 0x18dc RegSrvc - ok 17:30:56.0458 0x18dc [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 17:30:56.0478 0x18dc RemoteAccess - ok 17:30:56.0509 0x18dc [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 17:30:56.0525 0x18dc RemoteRegistry - ok 17:30:56.0572 0x18dc [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 17:30:56.0588 0x18dc RFCOMM - ok 17:30:56.0619 0x18dc [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 17:30:56.0619 0x18dc RpcEptMapper - ok 17:30:56.0666 0x18dc [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe 17:30:56.0666 0x18dc RpcLocator - ok 17:30:56.0744 0x18dc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll 17:30:56.0759 0x18dc RpcSs - ok 17:30:56.0791 0x18dc [ 5AA85332CB1694871B2F0704E0FC9113, 18E11C4E966DEE53FA0E482C55769A35C6C746EB3347DF171A1978D22BC7990B ] RsFx0200 C:\WINDOWS\system32\DRIVERS\RsFx0200.sys 17:30:56.0806 0x18dc RsFx0200 - ok 17:30:56.0838 0x18dc [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 17:30:56.0853 0x18dc rspndr - ok 17:30:56.0900 0x18dc [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 17:30:56.0931 0x18dc RTL8168 - ok 17:30:56.0947 0x18dc [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 17:30:56.0963 0x18dc s3cap - ok 17:30:56.0994 0x18dc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe 17:30:56.0994 0x18dc SamSs - ok 17:30:57.0119 0x18dc SBIOSIO - ok 17:30:57.0150 0x18dc [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 17:30:57.0181 0x18dc sbp2port - ok 17:30:57.0213 0x18dc [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 17:30:57.0244 0x18dc SCardSvr - ok 17:30:57.0275 0x18dc [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 17:30:57.0291 0x18dc ScDeviceEnum - ok 17:30:57.0322 0x18dc [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 17:30:57.0322 0x18dc scfilter - ok 17:30:57.0369 0x18dc [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll 17:30:57.0399 0x18dc Schedule - ok 17:30:57.0430 0x18dc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 17:30:57.0430 0x18dc SCPolicySvc - ok 17:30:57.0461 0x18dc [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 17:30:57.0477 0x18dc sdbus - ok 17:30:57.0597 0x18dc [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe 17:30:57.0628 0x18dc SDScannerService - ok 17:30:57.0675 0x18dc [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 17:30:57.0675 0x18dc sdstor - ok 17:30:57.0737 0x18dc [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe 17:30:57.0784 0x18dc SDUpdateService - ok 17:30:57.0800 0x18dc [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe 17:30:57.0816 0x18dc SDWSCService - ok 17:30:57.0847 0x18dc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 17:30:57.0847 0x18dc secdrv - ok 17:30:57.0878 0x18dc [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll 17:30:57.0894 0x18dc seclogon - ok 17:30:57.0925 0x18dc [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll 17:30:57.0941 0x18dc SENS - ok 17:30:57.0972 0x18dc [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 17:30:58.0003 0x18dc SensrSvc - ok 17:30:58.0034 0x18dc [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 17:30:58.0050 0x18dc SerCx - ok 17:30:58.0081 0x18dc [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 17:30:58.0097 0x18dc SerCx2 - ok 17:30:58.0112 0x18dc [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 17:30:58.0128 0x18dc Serenum - ok 17:30:58.0144 0x18dc [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys 17:30:58.0144 0x18dc Serial - ok 17:30:58.0175 0x18dc [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 17:30:58.0191 0x18dc sermouse - ok 17:30:58.0237 0x18dc [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll 17:30:58.0269 0x18dc SessionEnv - ok 17:30:58.0300 0x18dc [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 17:30:58.0300 0x18dc sfloppy - ok 17:30:58.0347 0x18dc [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 17:30:58.0362 0x18dc SharedAccess - ok 17:30:58.0378 0x18dc [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 17:30:58.0409 0x18dc ShellHWDetection - ok 17:30:58.0436 0x18dc [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm C:\WINDOWS\system32\DRIVERS\silabenm.sys 17:30:58.0452 0x18dc silabenm - ok 17:30:58.0467 0x18dc [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser C:\WINDOWS\system32\DRIVERS\silabser.sys 17:30:58.0483 0x18dc silabser - ok 17:30:58.0514 0x18dc [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 17:30:58.0539 0x18dc SiSRaid2 - ok 17:30:58.0555 0x18dc [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 17:30:58.0571 0x18dc SiSRaid4 - ok 17:30:58.0618 0x18dc [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll 17:30:58.0633 0x18dc smphost - ok 17:30:58.0680 0x18dc [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 17:30:58.0696 0x18dc SNMPTRAP - ok 17:30:58.0758 0x18dc [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 17:30:58.0774 0x18dc spaceport - ok 17:30:58.0805 0x18dc [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 17:30:58.0821 0x18dc SpbCx - ok 17:30:58.0868 0x18dc [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe 17:30:58.0914 0x18dc Spooler - ok 17:30:59.0086 0x18dc [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe 17:30:59.0227 0x18dc sppsvc - ok 17:30:59.0305 0x18dc [ B70FAF0C7C5737AA6973E14B45477730, 48D835D64D36A46BD2ED6080A0D733B92960DA3EA459005F536587BB19B16A7E ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 17:30:59.0336 0x18dc SQLAgent$SQLEXPRESS - ok 17:30:59.0399 0x18dc [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 17:30:59.0414 0x18dc SQLBrowser - ok 17:30:59.0430 0x18dc [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 17:30:59.0446 0x18dc SQLWriter - ok 17:30:59.0473 0x18dc [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 17:30:59.0488 0x18dc srv - ok 17:30:59.0520 0x18dc [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 17:30:59.0551 0x18dc srv2 - ok 17:30:59.0551 0x18dc [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 17:30:59.0574 0x18dc srvnet - ok 17:30:59.0593 0x18dc [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 17:30:59.0608 0x18dc SSDPSRV - ok 17:30:59.0640 0x18dc [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 17:30:59.0655 0x18dc SstpSvc - ok 17:30:59.0686 0x18dc [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 17:30:59.0686 0x18dc ssudmdm - ok 17:30:59.0796 0x18dc [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe 17:30:59.0811 0x18dc ss_conn_service - ok 17:30:59.0827 0x18dc [ 30D7CE5C0B812BAF4F2FB5F47820C76A, 5C9D67637485F67A720D8582D54D880D8364108C593A020682D4695397284989 ] stdriver C:\WINDOWS\system32\DRIVERS\stdriverx64.sys 17:30:59.0843 0x18dc stdriver - ok 17:30:59.0890 0x18dc [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 17:30:59.0921 0x18dc Steam Client Service - ok 17:30:59.0952 0x18dc [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 17:30:59.0968 0x18dc stexstor - ok 17:31:00.0015 0x18dc [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll 17:31:00.0046 0x18dc stisvc - ok 17:31:00.0061 0x18dc [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 17:31:00.0061 0x18dc storahci - ok 17:31:00.0093 0x18dc [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 17:31:00.0108 0x18dc storflt - ok 17:31:00.0140 0x18dc [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 17:31:00.0140 0x18dc stornvme - ok 17:31:00.0171 0x18dc [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll 17:31:00.0186 0x18dc StorSvc - ok 17:31:00.0202 0x18dc [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 17:31:00.0218 0x18dc storvsc - ok 17:31:00.0249 0x18dc [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys 17:31:00.0249 0x18dc storvsp - ok 17:31:00.0296 0x18dc [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll 17:31:00.0296 0x18dc svsvc - ok 17:31:00.0327 0x18dc [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys 17:31:00.0343 0x18dc swenum - ok 17:31:00.0421 0x18dc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 17:31:00.0452 0x18dc SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 ) 17:31:00.0452 0x18dc Detect skipped due to KSN trusted 17:31:00.0452 0x18dc SwitchBoard - ok 17:31:00.0504 0x18dc [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll 17:31:00.0524 0x18dc swprv - ok 17:31:00.0612 0x18dc SWUpdateService - ok 17:31:00.0706 0x18dc [ 092506B413EA5CCA425B31DCC776D2DC, D9DAB4299657BFD7F176C94F988FD8359E2CE62071457AF5F7EF3722FD3EC0A8 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 17:31:00.0738 0x18dc SynTP - ok 17:31:00.0800 0x18dc [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll 17:31:00.0831 0x18dc SysMain - ok 17:31:00.0863 0x18dc [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 17:31:00.0878 0x18dc SystemEventsBroker - ok 17:31:00.0894 0x18dc [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 17:31:00.0909 0x18dc TabletInputService - ok 17:31:00.0941 0x18dc [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 17:31:00.0956 0x18dc TapiSrv - ok 17:31:01.0034 0x18dc [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 17:31:01.0081 0x18dc Tcpip - ok 17:31:01.0144 0x18dc [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 17:31:01.0222 0x18dc TCPIP6 - ok 17:31:01.0238 0x18dc [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 17:31:01.0253 0x18dc tcpipreg - ok 17:31:01.0284 0x18dc [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 17:31:01.0300 0x18dc tdx - ok 17:31:01.0331 0x18dc [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 17:31:01.0331 0x18dc terminpt - ok 17:31:01.0394 0x18dc [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll 17:31:01.0409 0x18dc TermService - ok 17:31:01.0441 0x18dc [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll 17:31:01.0456 0x18dc Themes - ok 17:31:01.0488 0x18dc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll 17:31:01.0488 0x18dc THREADORDER - ok 17:31:01.0503 0x18dc [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 17:31:01.0519 0x18dc TimeBroker - ok 17:31:01.0563 0x18dc [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys 17:31:01.0563 0x18dc TPM - ok 17:31:01.0594 0x18dc [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll 17:31:01.0625 0x18dc TrkWks - ok 17:31:01.0697 0x18dc [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 17:31:01.0713 0x18dc TrustedInstaller - ok 17:31:01.0744 0x18dc [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 17:31:01.0760 0x18dc TsUsbFlt - ok 17:31:01.0791 0x18dc [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 17:31:01.0806 0x18dc TsUsbGD - ok 17:31:01.0853 0x18dc [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 17:31:01.0869 0x18dc tunnel - ok 17:31:01.0900 0x18dc [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 17:31:01.0900 0x18dc uagp35 - ok 17:31:01.0916 0x18dc [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 17:31:01.0931 0x18dc UASPStor - ok 17:31:01.0963 0x18dc [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 17:31:01.0978 0x18dc UCX01000 - ok 17:31:02.0025 0x18dc [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 17:31:02.0041 0x18dc udfs - ok 17:31:02.0056 0x18dc [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 17:31:02.0072 0x18dc UEFI - ok 17:31:02.0103 0x18dc [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 17:31:02.0119 0x18dc UI0Detect - ok 17:31:02.0135 0x18dc [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 17:31:02.0135 0x18dc uliagpkx - ok 17:31:02.0150 0x18dc [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 17:31:02.0166 0x18dc umbus - ok 17:31:02.0197 0x18dc [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 17:31:02.0197 0x18dc UmPass - ok 17:31:02.0244 0x18dc [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 17:31:02.0244 0x18dc UmRdpService - ok 17:31:02.0291 0x18dc [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll 17:31:02.0306 0x18dc upnphost - ok 17:31:02.0353 0x18dc [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 17:31:02.0353 0x18dc usbccgp - ok 17:31:02.0400 0x18dc [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 17:31:02.0416 0x18dc usbcir - ok 17:31:02.0463 0x18dc [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 17:31:02.0463 0x18dc usbehci - ok 17:31:02.0494 0x18dc [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 17:31:02.0510 0x18dc usbhub - ok 17:31:02.0541 0x18dc [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 17:31:02.0556 0x18dc USBHUB3 - ok 17:31:02.0584 0x18dc [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 17:31:02.0584 0x18dc usbohci - ok 17:31:02.0631 0x18dc [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 17:31:02.0631 0x18dc usbprint - ok 17:31:02.0662 0x18dc [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys 17:31:02.0688 0x18dc usbscan - ok 17:31:02.0735 0x18dc [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 17:31:02.0735 0x18dc USBSTOR - ok 17:31:02.0782 0x18dc [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 17:31:02.0782 0x18dc usbuhci - ok 17:31:02.0829 0x18dc [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 17:31:02.0844 0x18dc usbvideo - ok 17:31:02.0907 0x18dc [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 17:31:02.0923 0x18dc USBXHCI - ok 17:31:02.0969 0x18dc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe 17:31:02.0969 0x18dc VaultSvc - ok 17:31:03.0016 0x18dc [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 17:31:03.0032 0x18dc vdrvroot - ok 17:31:03.0094 0x18dc [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe 17:31:03.0126 0x18dc vds - ok 17:31:03.0173 0x18dc [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 17:31:03.0173 0x18dc VerifierExt - ok 17:31:03.0219 0x18dc [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 17:31:03.0235 0x18dc vhdmp - ok 17:31:03.0266 0x18dc [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 17:31:03.0282 0x18dc viaide - ok 17:31:03.0282 0x18dc [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\WINDOWS\System32\drivers\Vid.sys 17:31:03.0298 0x18dc Vid - ok 17:31:03.0329 0x18dc [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 17:31:03.0344 0x18dc vmbus - ok 17:31:03.0360 0x18dc [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 17:31:03.0360 0x18dc VMBusHID - ok 17:31:03.0391 0x18dc [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys 17:31:03.0407 0x18dc vmbusr - ok 17:31:03.0454 0x18dc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 17:31:03.0469 0x18dc vmicguestinterface - ok 17:31:03.0485 0x18dc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 17:31:03.0579 0x18dc vmicheartbeat - ok 17:31:03.0594 0x18dc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 17:31:03.0615 0x18dc vmickvpexchange - ok 17:31:03.0622 0x18dc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 17:31:03.0638 0x18dc vmicrdv - ok 17:31:03.0653 0x18dc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 17:31:03.0669 0x18dc vmicshutdown - ok 17:31:03.0685 0x18dc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 17:31:03.0700 0x18dc vmictimesync - ok 17:31:03.0721 0x18dc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 17:31:03.0726 0x18dc vmicvss - ok 17:31:03.0757 0x18dc [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 17:31:03.0773 0x18dc volmgr - ok 17:31:03.0788 0x18dc [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 17:31:03.0804 0x18dc volmgrx - ok 17:31:03.0820 0x18dc [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 17:31:03.0835 0x18dc volsnap - ok 17:31:03.0851 0x18dc [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 17:31:03.0867 0x18dc vpci - ok 17:31:03.0898 0x18dc [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys 17:31:03.0913 0x18dc vpcivsp - ok 17:31:03.0929 0x18dc [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 17:31:03.0945 0x18dc vsmraid - ok 17:31:04.0007 0x18dc [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe 17:31:04.0054 0x18dc VSS - ok 17:31:04.0070 0x18dc [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 17:31:04.0085 0x18dc VSTXRAID - ok 17:31:04.0148 0x18dc [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 17:31:04.0163 0x18dc vwifibus - ok 17:31:04.0210 0x18dc [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys 17:31:04.0226 0x18dc vwififlt - ok 17:31:04.0242 0x18dc [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys 17:31:04.0257 0x18dc vwifimp - ok 17:31:04.0304 0x18dc [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll 17:31:04.0320 0x18dc W32Time - ok 17:31:04.0335 0x18dc [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 17:31:04.0335 0x18dc WacomPen - ok 17:31:04.0429 0x18dc [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe 17:31:04.0460 0x18dc wbengine - ok 17:31:04.0492 0x18dc [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 17:31:04.0507 0x18dc WbioSrvc - ok 17:31:04.0554 0x18dc [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 17:31:04.0570 0x18dc Wcmsvc - ok 17:31:04.0601 0x18dc [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 17:31:04.0617 0x18dc wcncsvc - ok 17:31:04.0655 0x18dc [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 17:31:04.0671 0x18dc WcsPlugInService - ok 17:31:04.0702 0x18dc [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 17:31:04.0718 0x18dc WdBoot - ok 17:31:04.0760 0x18dc [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 17:31:04.0791 0x18dc Wdf01000 - ok 17:31:04.0807 0x18dc [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 17:31:04.0822 0x18dc WdFilter - ok 17:31:04.0854 0x18dc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 17:31:04.0869 0x18dc WdiServiceHost - ok 17:31:04.0869 0x18dc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 17:31:04.0885 0x18dc WdiSystemHost - ok 17:31:04.0916 0x18dc [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 17:31:04.0916 0x18dc WdNisDrv - ok 17:31:04.0947 0x18dc WdNisSvc - ok 17:31:04.0994 0x18dc [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll 17:31:05.0025 0x18dc WebClient - ok 17:31:05.0057 0x18dc [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 17:31:05.0072 0x18dc Wecsvc - ok 17:31:05.0104 0x18dc [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 17:31:05.0119 0x18dc WEPHOSTSVC - ok 17:31:05.0150 0x18dc [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 17:31:05.0182 0x18dc wercplsupport - ok 17:31:05.0197 0x18dc [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll 17:31:05.0213 0x18dc WerSvc - ok 17:31:05.0244 0x18dc [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 17:31:05.0260 0x18dc WFPLWFS - ok 17:31:05.0291 0x18dc [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 17:31:05.0291 0x18dc WiaRpc - ok 17:31:05.0322 0x18dc [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 17:31:05.0338 0x18dc WIMMount - ok 17:31:05.0338 0x18dc WinDefend - ok 17:31:05.0385 0x18dc [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 17:31:05.0792 0x18dc WinHttpAutoProxySvc - ok 17:31:05.0924 0x18dc [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 17:31:06.0237 0x18dc Winmgmt - ok 17:31:06.0502 0x18dc [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 17:31:06.0853 0x18dc WinRM - ok 17:31:06.0900 0x18dc [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys 17:31:07.0181 0x18dc WinUsb - ok 17:31:07.0384 0x18dc [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 17:31:07.0665 0x18dc WlanSvc - ok 17:31:07.0832 0x18dc [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 17:31:08.0187 0x18dc wlidsvc - ok 17:31:08.0218 0x18dc [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 17:31:08.0233 0x18dc WmiAcpi - ok 17:31:08.0280 0x18dc [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 17:31:08.0296 0x18dc wmiApSrv - ok 17:31:08.0312 0x18dc WMPNetworkSvc - ok 17:31:08.0358 0x18dc [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys 17:31:08.0515 0x18dc Wof - ok 17:31:08.0640 0x18dc [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 17:31:08.0671 0x18dc workfolderssvc - ok 17:31:08.0733 0x18dc [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 17:31:08.0733 0x18dc wpcfltr - ok 17:31:08.0765 0x18dc [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 17:31:08.0780 0x18dc WPCSvc - ok 17:31:08.0804 0x18dc [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 17:31:08.0820 0x18dc WPDBusEnum - ok 17:31:08.0866 0x18dc [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 17:31:08.0882 0x18dc WpdUpFltr - ok 17:31:08.0905 0x18dc [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 17:31:08.0909 0x18dc ws2ifsl - ok 17:31:08.0956 0x18dc [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll 17:31:08.0971 0x18dc wscsvc - ok 17:31:08.0971 0x18dc WSearch - ok 17:31:09.0096 0x18dc [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll 17:31:09.0174 0x18dc WSService - ok 17:31:09.0284 0x18dc [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv C:\WINDOWS\system32\wuaueng.dll 17:31:09.0362 0x18dc wuauserv - ok 17:31:09.0409 0x18dc [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 17:31:09.0424 0x18dc WudfPf - ok 17:31:09.0440 0x18dc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 17:31:09.0456 0x18dc WUDFRd - ok 17:31:09.0487 0x18dc [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 17:31:09.0503 0x18dc wudfsvc - ok 17:31:09.0503 0x18dc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys 17:31:09.0518 0x18dc WUDFWpdFs - ok 17:31:09.0518 0x18dc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys 17:31:09.0534 0x18dc WUDFWpdMtp - ok 17:31:09.0565 0x18dc [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 17:31:09.0581 0x18dc WwanSvc - ok 17:31:09.0784 0x18dc [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 17:31:09.0844 0x18dc ZeroConfigService - ok 17:31:09.0859 0x18dc ================ Scan global =============================== 17:31:09.0891 0x18dc [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll 17:31:09.0922 0x18dc [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll 17:31:09.0963 0x18dc [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll 17:31:09.0979 0x18dc [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe 17:31:09.0979 0x18dc [ Global ] - ok 17:31:09.0979 0x18dc ================ Scan MBR ================================== 17:31:09.0994 0x18dc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 17:31:10.0073 0x18dc \Device\Harddisk0\DR0 - ok 17:31:10.0088 0x18dc ================ Scan VBR ================================== 17:31:10.0104 0x18dc [ 7591C3862CADEFC04C7FCFF91AA2C5C7 ] \Device\Harddisk0\DR0\Partition1 17:31:10.0119 0x18dc \Device\Harddisk0\DR0\Partition1 - ok 17:31:10.0135 0x18dc [ D66E2EC064BEFC56862FCB5063933E22 ] \Device\Harddisk0\DR0\Partition2 17:31:10.0151 0x18dc \Device\Harddisk0\DR0\Partition2 - ok 17:31:10.0166 0x18dc [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3 17:31:10.0166 0x18dc \Device\Harddisk0\DR0\Partition3 - ok 17:31:10.0166 0x18dc [ 376F1F914B9D8318E56AB9C0C37963CE ] \Device\Harddisk0\DR0\Partition4 17:31:10.0182 0x18dc \Device\Harddisk0\DR0\Partition4 - ok 17:31:10.0213 0x18dc [ 11546C81A511B20E2D20AAA226B037E0 ] \Device\Harddisk0\DR0\Partition5 17:31:10.0229 0x18dc \Device\Harddisk0\DR0\Partition5 - ok 17:31:10.0229 0x18dc [ EF3872155CE4634557AEC8EA5A26773D ] \Device\Harddisk0\DR0\Partition6 17:31:10.0244 0x18dc \Device\Harddisk0\DR0\Partition6 - ok 17:31:10.0276 0x18dc [ 9101D1594FA0E7022403F0B7804242D6 ] \Device\Harddisk0\DR0\Partition7 17:31:10.0307 0x18dc \Device\Harddisk0\DR0\Partition7 - ok 17:31:10.0338 0x18dc [ 0A7DE69C0DC6CDE894E8366DF4E5352C ] \Device\Harddisk0\DR0\Partition8 17:31:10.0338 0x18dc \Device\Harddisk0\DR0\Partition8 - ok 17:31:10.0338 0x18dc ================ Scan generic autorun ====================== 17:31:10.0432 0x18dc [ 51F358BE1583FB3246020E36DEEB3E0F, 23E096D57FF2D45168FF5AFF48C10A2E0A144708CD046B1C4F3897205CC8A147 ] C:\WINDOWS\system32\igfxtray.exe 17:31:10.0448 0x18dc IgfxTray - ok 17:31:10.0557 0x18dc [ 1218C5653632440C18ECEA89D1CA4575, AF0E7AA60890C52A257D3501FFE652E95F095407A7C6F6F4F00162A9F7DE7C2D ] C:\WINDOWS\system32\hkcmd.exe 17:31:10.0573 0x18dc HotKeysCmds - ok 17:31:10.0744 0x18dc [ CC8EB098AEDF4BC97D3004A182099EED, 6ADFB7CB5047C47D86C769F21191B12D2F3FD3BC96665B4CCFD8C8DA44C64ED9 ] C:\WINDOWS\system32\igfxpers.exe 17:31:10.0776 0x18dc Persistence - ok 17:31:11.0078 0x18dc [ E9D228970356F01DB68E531A0F173FB8, B23032DFEA446CF4D5E75D6CC3F049314EC9EB2D4E9BEB1883D4AC4BC2631A6B ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe 17:31:11.0125 0x18dc CanonMyPrinter - ok 17:31:11.0297 0x18dc [ 605BB2B2A2171D3F5748F4919E80E6C7, 4EBAAE4E2122048603D058C83E32C56F64F8FB9E7B9BB2F83E659BFFD7CB12EE ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe 17:31:11.0313 0x18dc CanonSolutionMenu - ok 17:31:11.0438 0x18dc [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe 17:31:11.0453 0x18dc AdobeAAMUpdater-1.0 - ok 17:31:11.0500 0x18dc [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 17:31:11.0516 0x18dc IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 ) 17:31:11.0516 0x18dc Detect skipped due to KSN trusted 17:31:11.0516 0x18dc IAStorIcon - ok 17:31:12.0146 0x18dc [ 3639BEC808929AA13974D420D4C609F8, 2BCAB4AC5F493D71B9CBADDA0DF8C018C526F06A956D4A140F7BD4531371290D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 17:31:12.0365 0x18dc RtHDVCpl - ok 17:31:12.0459 0x18dc [ 690051005AED736DA0F5DD40DA5937DB, FA3CD1CF50EFEE6AAFCAAC4D3FE6699ADB2BD7DCC497CA994AAABD8B45B157E0 ] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe 17:31:12.0474 0x18dc Autodesk Sync - ok 17:31:12.0474 0x18dc SynTPEnh - ok 17:31:12.0537 0x18dc [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe 17:31:12.0552 0x18dc CLMLServer_For_P2G8 - ok 17:31:12.0584 0x18dc [ 44C5C8A5DF192FDC4D530F57612FA49C, DD8D69698361CBD042AEB69BC040DAD92BB642429B68A9169247E1A8A96D391D ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe 17:31:12.0599 0x18dc CLVirtualDrive - ok 17:31:12.0646 0x18dc [ AE29724E282EDBE7D0F49E9982642EFD, E7637C08A35F1D7AF810500804FAC45557C5598FA887BE26484B50D305213658 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 17:31:12.0646 0x18dc RemoteControl10 - ok 17:31:12.0740 0x18dc [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe 17:31:12.0755 0x18dc Intel AppUp(SM) center - ok 17:31:12.0818 0x18dc [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 17:31:12.0849 0x18dc avgnt - ok 17:31:12.0880 0x18dc [ 12916E0642E92561C98B18A2A2D01B14, 4C28478CFE25E1F29AEF8BA6F2FAF3E6C2B34BF18CA77052813903E10ADDCCD5 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 17:31:12.0896 0x18dc SunJavaUpdateSched - ok 17:31:12.0968 0x18dc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 17:31:12.0999 0x18dc SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 ) 17:31:12.0999 0x18dc Detect skipped due to KSN trusted 17:31:12.0999 0x18dc SwitchBoard - ok 17:31:13.0150 0x18dc [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe 17:31:13.0182 0x18dc AdobeCS6ServiceManager - ok 17:31:13.0291 0x18dc [ E4EFC2CDC71E0698CB81A4D60C3FADFF, 0278452E7FE903053A470EFA0C7813E9C43517EC0C8C9E42C5A9A3C99146D06B ] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe 17:31:13.0322 0x18dc IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok 17:31:13.0463 0x18dc [ F6B7C701F4AA5F7BBEC8F4BEA47100E2, E04CA6F629693CFAA1632A7B7DD877BDF80133853DC7C9B40D5865B9C196B5E8 ] C:\Program Files (x86)\Origin\Origin.exe 17:31:13.0525 0x18dc EADM - ok 17:31:13.0603 0x18dc [ 564CB6EACE4064BB4C7815435D035D6A, 19438A697F589598AAF88D80CC7B51AC832FED9BD2088299C43FAF520854AA42 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe 17:31:13.0635 0x18dc GarminExpressTrayApp - ok 17:31:13.0697 0x18dc [ 1E377D64DACD4E4656C86241CE5A1233, F0AE582DBCF2525F580DA6D441B4F24BAE551CD35C0F2B19B2B0127787F2AE3A ] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe 17:31:13.0713 0x18dc AutoStartNPSAgent - ok 17:31:13.0791 0x18dc [ F120335CFD86E98967AD5F77905E981D, B401356E48B649070E733F57CBF7092522D5ACE348856EFAE1AA92F7C11DADDB ] C:\Program Files (x86)\Samsung\Kies\Kies.exe 17:31:13.0822 0x18dc KiesPreload - ok 17:31:13.0854 0x18dc [ B349B9F81A073CC3774CE2130310C477, 16DEC5F9D329E72BDB6CE704C3C81ADA7ABEE5BC72FE589F1BAAFD0B63D8AB3C ] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe 17:31:13.0854 0x18dc phonostar-PlayerTimer - detected UnsignedFile.Multi.Generic ( 1 ) 17:31:13.0854 0x18dc Detect skipped due to KSN trusted 17:31:13.0854 0x18dc phonostar-PlayerTimer - ok 17:31:13.0992 0x18dc [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\Steam.exe 17:31:14.0039 0x18dc Steam - ok 17:31:14.0159 0x18dc [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe 17:31:14.0174 0x18dc SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 ) 17:31:14.0174 0x18dc Detect skipped due to KSN trusted 17:31:14.0174 0x18dc SpybotPostWindows10UpgradeReInstall - ok 17:31:14.0346 0x18dc [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe 17:31:14.0424 0x18dc Spybot-S&D Cleaning - ok 17:31:14.0612 0x18dc [ 2EC58592401DF51E46BF79523A5E35F2, 2B3CFC4FD12D2C1DF33E7F815F4453FDBDF4C6672BFE32D038CED0F16398EB46 ] C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe 17:31:14.0627 0x18dc FlashPlayerUpdate - ok 17:31:14.0627 0x18dc AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated ) 17:31:14.0627 0x18dc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated ) 17:31:14.0627 0x18dc Win FW state via NFP2: enabled ( trusted ) 17:31:17.0014 0x18dc ============================================================ 17:31:17.0014 0x18dc Scan finished 17:31:17.0014 0x18dc ============================================================ 17:31:17.0014 0x1ba4 Detected object count: 1 17:31:17.0014 0x1ba4 Actual detected object count: 1 17:33:06.0041 0x1ba4 launcherservice ( UnsignedFile.Multi.Generic ) - skipped by user 17:33:06.0041 0x1ba4 launcherservice ( UnsignedFile.Multi.Generic ) - User select action: Skip die Ausführung angeklickt danach nochmals durlaufen lassen dann hat er 7 Dateien gefunden Code:
ATTFilter 19:19:35.0163 0x1844 Scan finished
19:19:35.0163 0x1844 ============================================================
19:19:35.0179 0x0f50 Detected object count: 7
19:19:35.0179 0x0f50 Actual detected object count: 7
19:20:08.0812 0x0f50 Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50 Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:20:08.0812 0x0f50 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:20:08.0812 0x0f50 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:20:08.0812 0x0f50 IAStorIcon ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50 IAStorIcon ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:20:08.0812 0x0f50 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:20:08.0812 0x0f50 phonostar-PlayerTimer ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50 phonostar-PlayerTimer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:20:08.0812 0x0f50 SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50 SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:21:19.0929 0x116c Deinitialize success
Code:
ATTFilter # AdwCleaner v5.028 - Bericht erstellt am 05/01/2016 um 13:31:19
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 8.1 Pro with Media Center (x64)
# Benutzername : Andreas - OLIVER
# Gestartet von : C:\Users\Andreas\Downloads\adwcleaner_5.028(4).exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Description
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.tb.ask.com
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1104 Bytes] ##########
Code:
ATTFilter # AdwCleaner v5.028 - Bericht erstellt am 05/01/2016 um 13:27:46
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 8.1 Pro with Media Center (x64)
# Benutzername : Andreas - OLIVER
# Gestartet von : C:\Users\Andreas\Downloads\adwcleaner_5.028(4).exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Description
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.tb.ask.com
***** [ Internetbrowser ] *****
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [909 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.01.2016 Suchlaufzeit: 16:05 Protokolldatei: antimaleware 05.12. 17.00 Uhr.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.05.04 Rootkit-Datenbank: v2015.12.26.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Andreas Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 427771 Abgelaufene Zeit: 43 Min., 0 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=23fb86eff63a6f4094ee47d1c811e981
# end=init
# utc_time=2016-01-05 04:13:25
# local_time=2016-01-05 05:13:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 27501
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=23fb86eff63a6f4094ee47d1c811e981
# end=updated
# utc_time=2016-01-05 04:16:47
# local_time=2016-01-05 05:16:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=23fb86eff63a6f4094ee47d1c811e981
# engine=27501
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-01-05 07:21:05
# local_time=2016-01-05 08:21:05 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 11484198 59428145 0 0
# scanned=478388
# found=14
# cleaned=0
# scan_time=11057
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=54E15990C12358B8876C804C3C7EE08D96156F85 ft=1 fh=108fb7b57305e57b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\Demo BeamNG Drive - CHIP-Installer(1).exe"
sh=902399D39CADD3051CB940F0F4D740DD2E8D0776 ft=1 fh=064523198c7dc028 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\Demo BeamNG Drive - CHIP-Installer.exe"
sh=DCC1AC6D325239F4B73E4E60B7D0F737B7B3817B ft=1 fh=3a8913d52bf87674 vn="Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\disk-defrag-setup.exe"
sh=9EB9BA4C559B7AEBE059A42A348327FFDE21075A ft=1 fh=c4d55f96e957cfd3 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\LanguageTool-2.8 - CHIP-Installer(1).exe"
sh=64B35B044602337D1C765F3EA7995412403E8F4A ft=1 fh=4162ffcaac94070e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\LanguageTool-2.8 - CHIP-Installer.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\MyPhoneExplorer_1.8.5.exe"
sh=994F86E28C39280086B61C2A549252549BABD46A ft=1 fh=40b5aa8f3d6d4063 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="D:\Download\cpu-z_1.62-setup-en.exe"
sh=13287F94C77CE22E0C11855F6DD07512CC74C105 ft=1 fh=080273d70ec48dd3 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="D:\Download\FreeStudio590.exe"
sh=64131EBCE68286BAAEFAC74F12628EBFC159B7CB ft=1 fh=252d3f247af8095f vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\Download\PDFCreator-1_6_1_setup.exe"
sh=34A619E0795F52DB39262CF86ADCF0D6DF84476A ft=1 fh=5621164713ac1697 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="D:\Download\zafwSetupWeb_102_064_000.exe"
sh=87337331ED3B70706C8E9B91F7C5CE6474110588 ft=1 fh=7ae9f71c25b93d05 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="D:\Download\zaSetupWeb_110_000_020.exe"
sh=EEA83DB49F52CDCC3BDB69A3E3FDF2FD91419233 ft=1 fh=f78ee07fd38aa416 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="D:\Download\Nero 8\Nero 8.3.2.1.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="D:\USB-Grün\MyPhoneExplorer_1.8.5.exe"
Code:
ATTFilter C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\Demo BeamNG Drive - CHIP-Installer(1).exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\Demo BeamNG Drive - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\disk-defrag-setup.exe Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\LanguageTool-2.8 - CHIP-Installer(1).exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\LanguageTool-2.8 - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\MyPhoneExplorer_1.8.5.exe Win32/WebDevAZ.C evtl. unerwünschte Anwendung
D:\Download\cpu-z_1.62-setup-en.exe MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung
D:\Download\FreeStudio590.exe Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung
D:\Download\PDFCreator-1_6_1_setup.exe Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung
D:\Download\zafwSetupWeb_102_064_000.exe Win32/Toolbar.Conduit evtl. unerwünschte Anwendung
D:\Download\zaSetupWeb_110_000_020.exe Win32/Toolbar.Conduit evtl. unerwünschte Anwendung
D:\Download\Nero 8\Nero 8.3.2.1.exe Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung
D:\USB-Grün\MyPhoneExplorer_1.8.5.exe Win32/WebDevAZ.C evtl. unerwünschte Anwendung
|
|
08.01.2016, 19:55
| #9 |
| | Makrovirus "Berger Antriebstechnik" Abschließend noch die letzten FRST von Heute Ich hoffe ich habe soweit alles richtig verstanden und ausgeführt leider etwas viel lese-text geworden mit freundlichen Grüßen Andreas und Dank im Vorraus Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:06-01-2015 durchgeführt von Andreas (Administrator) auf OLIVER (08-01-2016 18:38:40) Gestartet von C:\Users\Andreas\Downloads Geladene Profile: Andreas (Verfügbare Profile: Andreas & MSSQL$SQLEXPRESS) Platform: Windows 8.1 Pro with Media Center (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Farbar) C:\Users\Andreas\Downloads\FRST64(1).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13677784 2014-09-29] (Realtek Semiconductor) HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [NPSStartup] => [X] HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [WekaUpdateCenter] => C:\Program Files (x86)\Common Files\Weka\Update Manager\WekaUpdateManager.exe [198000 2012-03-01] (Haufe-Lexware GmbH & Co. KG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SDTray] => C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-18] (Electronic Arts) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2014-12-04] () HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Spybot-S&D Cleaning] => C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Policies\Explorer: [] HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\MountPoints2: {0301ea6d-eaec-11e3-8040-c48508d4a372} - "F:\iStudio.exe" AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation) AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-11] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-24] ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-03-13] ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe () BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{0CBAE8C9-0F58-427E-817D-95609070D6E2}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{C1373ACE-7D17-460E-98DE-31CEBF2DCF1E}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/ HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> DefaultScope {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL = SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL = BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-13] (Oracle Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-13] (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated) FireFox: ======== FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default FF NewTab: hxxps://www.google.de/ FF Homepage: hxxps://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-19] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-19] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.) FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-13] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-13] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Tools\Media\VLC\npvlc.dll [2012-12-13] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2015-01-23] ( ) FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Andreas\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( ) FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\englische-ergebnisse.xml [2014-06-05] FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\gmx-suche.xml [2014-06-05] FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\lastminute.xml [2014-04-10] FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\webde-suche.xml [2014-06-05] FF Extension: Garmin Communicator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-06-22] FF Extension: GMX MailCheck - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\mailcheck@gmx.net [2015-12-17] FF Extension: Avira Browser Safety - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\abs@avira.com [2015-12-31] FF Extension: Adblock Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-09] [ist nicht signiert] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) S4 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2013-12-26] (Autodesk) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG) R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG) R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.) S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation) R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [64848 2012-08-06] (Condusiv Technologies) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert] R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] () S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-18] (Electronic Arts) S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS) R2 SDScannerService; C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S2 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [24400 2012-08-06] (Condusiv Technologies) R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [73552 2012-08-06] (Condusiv Technologies) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-08] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation) R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS) R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation) R3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [33488 2014-03-03] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 SBIOSIO; \??\C:\Users\Andreas\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-08 18:28 - 2016-01-05 13:30 - 00000991 _____ C:\Users\Andreas\Desktop\AdwCleaner[S3].txt 2016-01-08 18:27 - 2016-01-04 21:18 - 00000987 _____ C:\Users\Andreas\Desktop\AdwCleaner[S2].txt 2016-01-08 18:26 - 2016-01-04 19:21 - 00259818 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_19.17.13_log.txt 2016-01-08 18:25 - 2016-01-04 19:15 - 00514432 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_19.11.15_log.txt 2016-01-07 14:02 - 2016-01-07 14:02 - 00071339 _____ C:\Users\Andreas\Desktop\FRST 07.01.2016 14.00 Uhr.txt 2016-01-07 13:51 - 2016-01-07 13:51 - 00071481 _____ C:\Users\Andreas\Downloads\FRST 07.01.2016.txt 2016-01-07 13:51 - 2016-01-07 13:51 - 00071481 _____ C:\Users\Andreas\Desktop\FRST 07.01.2016.txt 2016-01-07 13:41 - 2016-01-07 13:41 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64(1).exe 2016-01-07 13:39 - 2016-01-07 13:39 - 00004002 _____ C:\Users\Andreas\Desktop\ESTE Online-Scanner log 05.01.2016.txt 2016-01-07 13:28 - 2016-01-07 13:28 - 00003078 _____ C:\Users\Andreas\Desktop\ESET Online Scanner .txt 2016-01-05 17:13 - 2016-01-05 17:13 - 00000000 ____D C:\Program Files (x86)\ESET 2016-01-05 17:11 - 2016-01-05 17:11 - 02870984 _____ (ESET) C:\Users\Andreas\Downloads\esetsmartinstaller_deu.exe 2016-01-05 17:06 - 2016-01-05 17:06 - 00001211 _____ C:\Users\Andreas\Desktop\antimaleware 05.12. 17.00 Uhr.txt 2016-01-05 16:05 - 2016-01-08 18:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-05 16:04 - 2016-01-05 16:04 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-01-05 16:04 - 2016-01-05 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-01-05 16:04 - 2016-01-05 16:04 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-01-05 16:04 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-01-05 16:04 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-01-05 16:04 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-01-05 16:02 - 2016-01-05 16:03 - 22908888 _____ (Malwarebytes ) C:\Users\Andreas\Downloads\mbam-setup-2.2.0.1024(1).exe 2016-01-05 15:51 - 2016-01-05 15:51 - 00004993 _____ C:\Users\Andreas\Desktop\Antimailware 2.txt 2016-01-05 15:51 - 2016-01-05 15:51 - 00001467 _____ C:\Users\Andreas\Desktop\Antimailware 4.txt 2016-01-05 15:51 - 2016-01-05 15:51 - 00001198 _____ C:\Users\Andreas\Desktop\Antimailware 3.txt 2016-01-05 15:50 - 2016-01-05 15:50 - 00001198 _____ C:\Users\Andreas\Desktop\Antimailware 1.txt 2016-01-05 14:36 - 2016-01-05 14:36 - 00001190 _____ C:\Users\Andreas\Desktop\AdwCleaner[C2] 05.01.2016 13.30 Uhr.txt 2016-01-05 13:23 - 2016-01-05 13:23 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(4).exe 2016-01-05 13:20 - 2016-01-05 13:20 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(3).exe 2016-01-05 13:20 - 2016-01-05 13:20 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(2).exe 2016-01-05 13:18 - 2016-01-05 13:18 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(1).exe 2016-01-05 13:16 - 2016-01-05 13:16 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028.exe 2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.22Uhr.txt 2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.21Uhr.txt 2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.20Uhr.txt 2016-01-04 19:17 - 2016-01-04 19:21 - 00259818 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_19.17.13_log.txt 2016-01-04 19:15 - 2016-01-04 19:15 - 00000000 ____D C:\TDSSKiller_Quarantine 2016-01-04 19:11 - 2016-01-04 19:15 - 00514432 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_19.11.15_log.txt 2016-01-04 19:10 - 2016-01-04 19:10 - 00062665 _____ C:\Users\Andreas\Desktop\FRST 19.10 Uhr.txt 2016-01-04 19:10 - 2016-01-04 19:10 - 00057162 _____ C:\Users\Andreas\Desktop\FRST_04-01-2016_17-13-36 19.10 Uhr.txt 2016-01-04 19:02 - 2016-01-04 19:02 - 00001206 _____ C:\Users\Andreas\Desktop\antimaleware 19.00 Uhr.txt 2016-01-04 17:59 - 2016-01-04 17:59 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-04 17:58 - 2016-01-04 17:58 - 22908888 _____ (Malwarebytes ) C:\Users\Andreas\Downloads\mbam-setup-2.2.0.1024.exe 2016-01-04 17:55 - 2016-01-04 17:55 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1]nach Neustart.txt 2016-01-04 17:44 - 2016-01-04 17:44 - 00507278 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_17.26.43_log.txt 2016-01-04 17:26 - 2016-01-04 17:47 - 00757750 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_17.26.43_log.txt 2016-01-04 17:26 - 2016-01-04 17:26 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Andreas\Downloads\tdsskiller.exe 2016-01-04 17:21 - 2016-01-04 17:21 - 00057162 _____ C:\Users\Andreas\Desktop\FRST.txt 2016-01-04 17:21 - 2016-01-04 17:21 - 00003046 _____ C:\Users\Andreas\Desktop\AdwCleaner[S1].txt 2016-01-04 17:19 - 2016-01-04 17:19 - 00061325 _____ C:\Users\Andreas\Desktop\Addition.txt 2016-01-04 17:13 - 2016-01-04 17:13 - 00061325 _____ C:\Users\Andreas\Downloads\Addition.txt 2016-01-04 17:12 - 2016-01-08 18:39 - 00027131 _____ C:\Users\Andreas\Downloads\FRST.txt 2016-01-04 17:11 - 2016-01-08 18:38 - 00000000 ____D C:\FRST 2016-01-04 17:10 - 2016-01-04 17:11 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe 2016-01-04 17:04 - 2016-01-05 13:31 - 00000000 ____D C:\AdwCleaner 2016-01-04 16:39 - 2016-01-08 13:43 - 00000000 ____D C:\Users\Andreas\Documents\A Desktopdateien 2016-01-04 15:13 - 2016-01-04 15:13 - 00052697 _____ C:\Users\Andreas\Downloads\RE_3100134490_8753513655_20160101.pdf 2015-12-29 18:47 - 2015-12-29 18:47 - 00532721 _____ C:\Users\Andreas\Downloads\Rechnung Elmar Lorch Neckarhalde 24.pdf 2015-12-29 17:44 - 2015-12-29 17:44 - 01976669 _____ C:\Users\Andreas\Downloads\Angebot Herrn Lorch Neckarhalde 24.pdf 2015-12-29 16:39 - 2015-12-29 16:39 - 01413613 _____ C:\Users\Andreas\Downloads\Rechnung Fam.Baltzer-Noak Giebelfenster.pdf 2015-12-29 16:36 - 2015-12-29 16:36 - 02689619 _____ C:\Users\Andreas\Downloads\Rundbogenfenster Neckarhalde 24.pdf 2015-12-29 10:10 - 2015-12-29 10:10 - 00122897 _____ C:\Users\Andreas\Downloads\schoenbuchhalbmarathon2013.pdf 2015-12-29 10:03 - 2015-12-29 10:03 - 00068182 _____ C:\Users\Andreas\Downloads\2007-05-13-Leinfelden-Echterdingen-07-05-13-schoenbuch-pdf.pdf 2015-12-28 16:27 - 2015-12-28 16:27 - 03614157 _____ C:\Users\Andreas\Downloads\2015Bilder-Fenster.pdf 2015-12-25 13:38 - 2015-12-25 13:38 - 00000000 ____D C:\Program Files\Common Files\AV 2015-12-25 13:38 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2015-12-25 13:34 - 2015-12-25 13:34 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-12-25 13:34 - 2015-12-25 13:34 - 00002019 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2015-12-25 13:34 - 2015-12-25 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-12-25 13:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe 2015-12-25 10:37 - 2015-12-25 10:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2015-12-25 10:33 - 2015-12-25 10:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Andreas\Downloads\spybot-2.4.40.exe 2015-12-23 19:24 - 2015-12-23 19:39 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\.minecraft 2015-12-23 19:24 - 2015-12-23 19:24 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft(1).exe 2015-12-23 19:24 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\java 2015-12-23 19:21 - 2015-12-23 20:19 - 00001470 _____ C:\Users\Andreas\Downloads\nativelog.txt 2015-12-23 19:21 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\Downloads\game 2015-12-23 19:21 - 2015-12-23 19:21 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft.exe 2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\tools 2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\runtime 2015-12-23 14:17 - 2015-12-23 14:17 - 00049289 _____ C:\Users\Andreas\Downloads\VR-GewinnSparen_13202006_vom_23.11.2015_20151223021734.pdf 2015-12-23 14:17 - 2015-12-23 14:17 - 00049195 _____ C:\Users\Andreas\Downloads\Mitteilung_13202006_vom_23.11.2015_20151223021732.pdf 2015-12-23 09:49 - 2015-12-23 09:49 - 00171255 _____ C:\Users\Andreas\Downloads\271183.pdf 2015-12-22 15:03 - 2015-12-22 15:03 - 00366243 _____ C:\Users\Andreas\Downloads\ViewProductAttachment-OpenFile 2015-12-22 11:23 - 2015-12-22 11:23 - 05601627 _____ C:\Users\Andreas\Downloads\kf_694_18-03-2015.pdf 2015-12-22 10:44 - 2015-12-22 10:44 - 00564782 _____ C:\Users\Andreas\Downloads\kf_614_hst_13-07-2012_06-03-2013_18-03-2015_18-03-2015.pdf 2015-12-22 10:36 - 2015-12-22 10:36 - 05513745 _____ C:\Users\Andreas\Downloads\bestellformular_kunststofffenster_28.05.2015_10-06-2015.pdf 2015-12-21 15:05 - 2015-12-21 15:05 - 00244231 _____ C:\Users\Andreas\Downloads\051001besonderer-einsatz-und-verarbeitung-farbiger-profile(1).pdf 2015-12-21 13:00 - 2015-12-21 13:00 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth(1).pdf 2015-12-21 11:34 - 2015-12-21 11:34 - 01597571 _____ C:\Users\Andreas\Downloads\Senioren_und_soziallagenbezogene_Gesundheitsfoerderung_und_Praevention(1).pdf 2015-12-21 11:29 - 2015-12-21 11:29 - 00434271 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen Teil 2.pdf 2015-12-16 10:38 - 2015-12-16 10:38 - 05821280 _____ C:\Users\Andreas\Downloads\3._arn_in-kurven_07-10-2014(1).pdf 2015-12-16 10:35 - 2015-12-16 10:35 - 03807865 _____ C:\Users\Andreas\Downloads\4._arna_in-kurven_07-10-2014(1).pdf 2015-12-16 10:29 - 2015-12-16 10:29 - 01977655 _____ C:\Users\Andreas\Downloads\2._arei_in-kurven_07-10-2014(1).pdf 2015-12-16 10:27 - 2015-12-16 10:27 - 03305335 _____ C:\Users\Andreas\Downloads\1._are_in-kurven_07-10-2014(1).pdf 2015-12-16 10:27 - 2015-12-16 10:27 - 03277743 _____ C:\Users\Andreas\Downloads\6._arr_in-kurven_07-10-2014(1).pdf 2015-12-16 10:27 - 2015-12-16 10:27 - 03121460 _____ C:\Users\Andreas\Downloads\5._arnr_in-kurven_07-10-2014(1).pdf 2015-12-16 10:25 - 2015-12-16 10:25 - 09742494 _____ C:\Users\Andreas\Downloads\ahf_95_classic_art_09-11-2015.pdf 2015-12-15 09:32 - 2015-12-15 09:32 - 00053266 _____ C:\Users\Andreas\Downloads\Kontoauszug_13202006__Nr.0112015_vom_30.11.2015_20151215093238.pdf 2015-12-15 09:31 - 2015-12-15 09:31 - 00058584 _____ C:\Users\Andreas\Downloads\Kontoauszug_1334000__Nr.0112015_vom_30.11.2015_20151215093143.pdf 2015-12-14 17:11 - 2015-12-14 17:11 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016(1).pdf 2015-12-14 13:43 - 2015-12-14 13:43 - 00730987 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz WESTANSICHT Alt 5.1akt Kopie v2016_powermacg5.pdf 2015-12-14 13:42 - 2015-12-14 13:42 - 00533986 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf 2015-12-14 13:40 - 2015-12-14 13:40 - 01366764 _____ C:\Users\Andreas\Downloads\04.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel.pdf 2015-12-14 13:40 - 2015-12-14 13:40 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf 2015-12-14 13:38 - 2015-12-14 13:38 - 01369220 _____ C:\Users\Andreas\Downloads\07.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel(1).pdf 2015-12-14 11:29 - 2015-12-14 11:29 - 00031481 _____ C:\Users\Andreas\Downloads\WTPG_teilweise_Selbstverantwortung.pdf 2015-12-14 11:28 - 2015-12-14 11:28 - 00042419 _____ C:\Users\Andreas\Downloads\WTPG_ambulant_betreute_WG.pdf 2015-12-14 11:25 - 2015-12-14 11:25 - 00129521 _____ C:\Users\Andreas\Downloads\WTPG_6.pdf 2015-12-14 11:24 - 2015-12-14 11:24 - 00405000 _____ C:\Users\Andreas\Downloads\WTPG_5.pdf 2015-12-14 11:23 - 2015-12-14 11:23 - 00662282 _____ C:\Users\Andreas\Downloads\WTPG_4.pdf 2015-12-14 11:22 - 2015-12-14 11:22 - 00580358 _____ C:\Users\Andreas\Downloads\WTPG_3.pdf 2015-12-14 11:21 - 2015-12-14 11:21 - 00410389 _____ C:\Users\Andreas\Downloads\WTPG_2.pdf 2015-12-14 11:20 - 2015-12-14 11:20 - 00323803 _____ C:\Users\Andreas\Downloads\WTPG_1.pdf 2015-12-14 11:16 - 2015-12-14 11:16 - 00273829 _____ C:\Users\Andreas\Downloads\beratung_karl.pdf 2015-12-14 11:16 - 2015-12-14 11:16 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab(1).pdf 2015-12-14 11:11 - 2015-12-14 11:11 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab.pdf 2015-12-14 11:08 - 2015-12-14 11:08 - 00357129 _____ C:\Users\Andreas\Downloads\falkenroth.pdf 2015-12-14 11:06 - 2015-12-14 11:06 - 00252951 _____ C:\Users\Andreas\Downloads\siegert.pdf 2015-12-14 11:02 - 2015-12-14 11:02 - 00212266 _____ C:\Users\Andreas\Downloads\stationaere_a_hilfe_hirt.pdf 2015-12-14 11:00 - 2015-12-14 11:00 - 00400182 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen_Teil2(1).pdf 2015-12-14 09:35 - 2015-12-14 09:35 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth.pdf 2015-12-10 09:18 - 2015-12-10 09:18 - 05507334 _____ C:\Users\Andreas\Downloads\bestellformular_aluminium-kunststoff-fenster_neu_2015_18-08-2015.pdf 2015-12-09 11:54 - 2015-12-09 11:54 - 00224529 _____ C:\Users\Andreas\Downloads\illbruck_de-de-tp652-.ab.01.10.15-web(1).pdf 2015-12-09 09:08 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-09 09:08 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-09 09:08 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-12-09 09:08 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-12-09 09:08 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-09 09:08 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-12-09 09:08 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-09 09:08 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-12-09 09:08 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-09 09:08 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-12-09 09:08 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-12-09 09:08 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-12-09 09:08 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-12-09 09:08 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-12-09 09:08 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-12-09 09:08 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-12-09 09:08 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-12-09 09:08 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-12-09 09:08 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-12-09 09:08 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-12-09 09:08 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-12-09 09:08 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-09 09:08 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-12-09 09:08 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-12-09 09:08 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-12-09 09:08 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-12-09 09:08 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-12-09 09:08 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-12-09 09:08 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-12-09 09:08 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-12-09 09:08 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-12-09 09:08 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-12-09 09:08 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-12-09 09:08 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-09 09:08 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-12-09 09:08 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-12-09 09:08 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-12-09 09:08 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-12-09 09:08 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-12-09 09:08 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-09 09:07 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-12-09 09:07 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-09 09:07 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-12-09 09:07 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-12-09 09:07 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-12-09 09:07 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-12-09 09:07 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-09 09:07 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll 2015-12-09 09:07 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2015-12-09 09:07 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-09 09:07 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-09 09:07 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-09 09:07 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-09 09:07 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-12-09 09:07 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-12-09 09:07 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-12-09 09:07 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-12-09 09:07 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-12-09 09:07 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-12-09 09:07 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-12-09 09:07 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-12-09 09:07 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-12-09 09:07 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-12-09 09:07 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-12-09 09:07 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-12-09 09:07 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-12-09 09:07 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-09 09:07 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-12-09 09:07 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-12-09 09:07 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-12-09 09:07 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-09 09:07 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-12-09 09:07 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-09 09:07 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-09 09:07 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-09 09:07 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll 2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL 2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL 2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL 2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL 2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL 2015-12-09 09:07 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-12-09 09:07 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2015-12-09 09:07 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-12-09 09:07 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2015-12-09 09:07 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-12-09 09:07 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls 2015-12-09 09:07 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-12-09 09:07 - 2015-10-11 07:34 - 00462168 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-12-09 09:07 - 2015-10-11 07:34 - 00443224 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2015-12-09 09:07 - 2015-10-11 07:34 - 00092504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2015-12-09 09:07 - 2015-10-11 07:34 - 00027992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2015-12-09 09:07 - 2015-10-10 19:41 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2015-12-09 09:07 - 2015-10-10 19:41 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys 2015-12-09 09:07 - 2015-10-10 19:40 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys 2015-12-09 09:07 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2015-12-09 09:07 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2015-12-09 09:07 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2015-12-09 09:07 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2015-12-09 09:07 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-12-09 09:07 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2015-12-09 09:07 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-08 13:45 - 2013-11-25 22:32 - 00000000 ____D C:\Users\Andreas 2016-01-08 13:43 - 2015-02-10 15:31 - 00189952 ___SH C:\Users\Andreas\Documents\Thumbs.db 2016-01-08 13:25 - 2012-08-24 02:35 - 00000000 ____D C:\ProgramData\WinClon 2016-01-08 13:24 - 2012-11-29 13:22 - 00000000 ____D C:\Users\Andreas\AppData\Local\Adobe 2016-01-08 13:23 - 2015-05-03 14:58 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-08 13:23 - 2013-12-26 16:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-08 13:22 - 2014-01-27 20:36 - 00000000 __RDO C:\Users\Andreas\SkyDrive 2016-01-08 13:22 - 2013-02-18 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-08 13:19 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-07 18:55 - 2013-08-22 14:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI 2016-01-07 14:45 - 2012-11-29 12:12 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3658493019-1111599900-2463904087-1003 2016-01-07 13:39 - 2013-01-26 19:44 - 00677376 ___SH C:\Users\Andreas\Desktop\Thumbs.db 2016-01-07 04:18 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-07 04:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-05 13:32 - 2014-10-19 19:39 - 00000000 ____D C:\WINDOWS\Minidump 2016-01-05 13:32 - 2013-05-14 17:31 - 00196143 ____N C:\WINDOWS\Minidump\010516-26390-01.dmp 2016-01-04 19:15 - 2014-02-04 18:18 - 00000000 ____D C:\ProgramData\CanonIJPLM 2016-01-04 18:59 - 2014-09-10 19:21 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieUserList 2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieSiteList 2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieUserList 2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieSiteList 2016-01-04 18:51 - 2015-07-24 12:26 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2016-01-04 18:51 - 2015-07-23 20:48 - 00000000 ____D C:\Program Files\Rockstar Games 2016-01-04 18:01 - 2013-09-30 05:14 - 02044468 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-04 18:01 - 2013-09-30 04:58 - 00872284 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-04 18:01 - 2013-09-30 04:58 - 00193862 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-04 18:01 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2016-01-04 17:13 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-12-31 11:17 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-29 15:03 - 2013-08-27 23:56 - 00033280 ___SH C:\Users\Andreas\Thumbs.db 2015-12-26 09:48 - 2015-04-19 06:58 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-26 09:48 - 2015-04-19 06:58 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-25 13:37 - 2014-06-22 12:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-12-25 13:34 - 2013-01-01 16:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-12-23 15:38 - 2014-02-06 16:14 - 00000000 ____D C:\ProgramData\CanonIJ 2015-12-23 09:40 - 2014-02-26 12:00 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS 2015-12-21 11:24 - 2013-02-23 19:59 - 00000000 ____D C:\ProgramData\Origin 2015-12-21 09:47 - 2013-10-06 13:19 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-21 09:47 - 2012-12-31 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-12-14 09:55 - 2012-12-18 13:06 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\ISSPLUS 2015-12-14 09:52 - 2012-12-18 12:59 - 00000000 ____D C:\MoveIT 2015-12-11 10:39 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2015-12-11 09:49 - 2013-08-22 15:44 - 05429400 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-09 09:35 - 2014-08-24 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-09 09:35 - 2013-01-01 17:01 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-09 09:34 - 2014-08-24 20:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-09 09:34 - 2014-08-24 20:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-09 09:32 - 2013-09-16 15:55 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-12-09 09:26 - 2012-12-17 19:31 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-11-03 18:34 - 2015-11-03 18:35 - 98892838 _____ () C:\Program Files (x86)\BeamNG-Techdemo-0.3-setup.zip 2012-11-29 12:05 - 2014-03-10 10:59 - 0142434 _____ () C:\Users\Andreas\AppData\Roaming\AbsoluteReminder.xml 2014-03-03 09:25 - 2014-03-03 09:25 - 0001167 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt 2014-03-03 09:25 - 2014-03-03 09:25 - 0000000 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2013-12-26 18:42 - 2014-06-22 13:11 - 0007607 _____ () C:\Users\Andreas\AppData\Local\Resmon.ResmonCfg 2014-11-03 11:28 - 2014-11-03 11:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2012-08-24 02:39 - 2012-08-08 05:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe 2012-08-24 02:39 - 2012-08-07 11:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml 2015-01-01 21:37 - 2015-01-01 21:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Einige Dateien in TEMP: ==================== C:\Users\Andreas\AppData\Local\Temp\avgnt.exe C:\Users\Andreas\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-08 14:04 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-01-2015
durchgeführt von Andreas (2016-01-08 18:39:29)
Gestartet von C:\Users\Andreas\Downloads
Windows 8.1 Pro with Media Center (X64) (2013-11-26 08:00:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3658493019-1111599900-2463904087-500 - Administrator - Disabled)
Andreas (S-1-5-21-3658493019-1111599900-2463904087-1003 - Administrator - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-3658493019-1111599900-2463904087-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3658493019-1111599900-2463904087-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
AMU (HKLM-x32\...\de.a2c.bafa.antragsmanager.unternehmer) (Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle)
AMU (x32 Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle) Hidden
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
AutoCAD 2009 - Deutsch (HKLM\...\AutoCAD 2009 - Deutsch) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - Deutsch (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
BeamNG-Techdemo-0.3 (remove only) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\BeamNG-Techdemo-0.3) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX870 series Benutzerregistrierung (HKLM-x32\...\Canon MX870 series Benutzerregistrierung) (Version: - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.9.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.10.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER Einnahme-Überschussrechnung 2013 pro (HKLM-x32\...\Einnahme-Überschussrechnung 2013 pro_is1) (Version: 1.0 - DATA BECKER GmbH & Co. KG)
DiRT (HKLM-x32\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Free Studio version 5.9.0.1212 (HKLM-x32\...\Free Studio_is1) (Version: 5.9.0.1212 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPS Master 2.0.14 (HKLM-x32\...\GPS Master_is1) (Version: 1.0 - GPS Master)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Handwerksbüro X22-Datenübernahme (HKLM-x32\...\{AF7E45F7-DAF6-4DEF-B439-B334D7F43942}) (Version: 1.00.0076 - WEKA)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{B506207A-C977-48B6-A14F-2C7E98EF0BE4}) (Version: 1.0.26 - Condusiv Technologies)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-Bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2012 (HKLM\...\{7647B46D-D4E6-43A5-AC9D-0BAA28C63271}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero 8 (HKLM-x32\...\{BE282C23-5484-47FF-B2C1-EBEA5C891031}) (Version: 8.3.29 - Nero AG)
Nero BackItUp 12 Essentials (HKLM-x32\...\{0E3368AC-FB29-4C5E-938E-FA11C12D035E}) (Version: 12.0.01200 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Panzer Elite Action - Dunes Of War (HKLM-x32\...\{577D1191-A6DF-4534-8D97-805BCBAC5D1D}_is1) (Version: - Nordic Games)
Panzer Elite Action - Fields Of Glory (HKLM-x32\...\{1DDAD87D-576E-43DE-8814-65ACC87CFED6}_is1) (Version: - Nordic Games)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)
phonostar-Player Version 3.03.5 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.14 - Samsung Electronics CO., LTD.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
sirAdos Datenmanager Januar 2014 (HKLM-x32\...\{CC9E22A1-8012-493E-9BEC-381189F8F152}) (Version: 1.3.615 - sirAdos)
Snagit 11 (HKLM-x32\...\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}) (Version: 11.0.0 - TechSmith Corporation)
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version: 2.27 - NCH Software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (HKLM-x32\...\{1A4C9497-7D4B-466D-8D3A-FE0D925386DC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.0.0 - Synaptics Incorporated)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version: - Atari)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VRally3 (HKLM-x32\...\VRally3_is1) (Version: - )
WEKA DATANORM 3.6 (HKLM-x32\...\{124C8673-FB8C-426D-A5BA-2A7400EC5994}) (Version: - )
WEKA Handwerksbüro 1.22.1.1 (HKLM-x32\...\weka-hwb-X22) (Version: X22 - WEKA)
WEKA Handwerksbüro X22 - 11.14 (HKLM-x32\...\de.bwso.hwb.Hwb.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (HKLM-x32\...\de.bwso.hwb.HwbMulti.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA Handwerksbüro X22 - 11.14 (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA LauncherService 1.2 (HKLM-x32\...\3599-1427-7716-9681) (Version: - )
WEKA Update Center (HKLM-x32\...\{A8217164-542A-4C4B-9031-2AB445CA314A}) (Version: 1.00.00.0003 - WEKA MEDIA GmbH & Co. KG)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Windows-Treiberpaket - Sunplus (SPCP825K) Ports (07/01/2010 1.0.9.0) (HKLM\...\20986CDBFBCA238AA12329A115B1CC9D88E9C06C) (Version: 07/01/2010 1.0.9.0 - Sunplus)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
XnView 1.99.6 (HKLM-x32\...\XnView_is1) (Version: 1.99.6 - Gougelet Pierre-e)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05208D44-3084-4240-A7BD-16942B2EF02D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {064796D5-6EFE-4B6D-A6F2-C50AFB733BF4} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-08-06] (SEC)
Task: {066FD32E-526F-4152-8F54-1896683DE177} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {0C478103-75E9-47F3-B24C-99AEDD11111E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1C0C6668-0270-462C-A41A-BA63A59A5CC5} - System32\Tasks\fvw3_1zl0tlux => C:\windows\TEMP\fvw3_k81mor7p.bat
Task: {1D4B8A78-1690-435C-8D6B-2E52F1CF5528} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-08-18] (Samsung Electronics CO., LTD.)
Task: {23B69281-D5F6-4E21-89D0-2B63E4A1F11E} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {271A966B-8197-4093-B9DB-9922655525A8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {34E6A3BC-6282-4F88-8D82-823135A2C919} - System32\Tasks\fvw3_av2pyhbc => C:\windows\TEMP\fvw3_p3h8wcih.bat
Task: {39F4E803-4332-40D3-85BE-4DB071C9B32C} - System32\Tasks\{63161025-A1C7-4386-A44C-B193CF3D00E5} => pcalua.exe -a C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb\GMX_MailCheck_ClickOnce.exe -d C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb
Task: {3A2ED25E-2FB1-46B4-87D0-539222DA8DDD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {7BBAED33-F6CB-43A7-B397-FB3CBF40962F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {8C6FBA75-C331-4694-B87A-BC734E21936F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-andreas-woelfle@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {911C4932-0B21-48B1-8C62-6859B7C1FB98} - System32\Tasks\fvw3_1mwm5xo4 => C:\windows\TEMP\fvw3_rqztrkf1.bat
Task: {91D39EA6-AD37-4EA8-8E1F-4468910D3869} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-19] (Adobe Systems Incorporated)
Task: {98987C6A-1276-41DD-AD76-25123DA08F20} - System32\Tasks\fvw3_kcm2lata => C:\windows\TEMP\fvw3_qgb9ejzg.bat
Task: {99BE832F-AC40-4DD1-9661-5C22AEED9282} - System32\Tasks\fvw3_dx9jiowd => C:\windows\TEMP\fvw3_o9bredg3.bat
Task: {9C5A89A8-0063-45EB-BC35-7259812BE801} - System32\Tasks\fvw3_rov77k4o => C:\windows\TEMP\fvw3_48r36voi.bat
Task: {AC11F914-50F2-4825-ADAF-67935759C791} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {ACD48289-DE50-487C-8893-DFC82D9C97CA} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C9A2E220-897F-4F25-9014-D2A5A02F6026} - System32\Tasks\fvw3_ubbskhag => C:\windows\TEMP\fvw3_mhsqjyso.bat
Task: {CE69CB7B-E9EF-46E5-B27E-57A383D83D3A} - System32\Tasks\fvw3_emppjlpd => C:\windows\TEMP\fvw3_y820i7ze.bat
Task: {E2C1EFFF-A1B3-46F2-AEB1-0E4979FC84B6} - System32\Tasks\fvw3_fc8bp7ib => C:\windows\TEMP\fvw3_xw12iuq6.bat
Task: {EF2D71FE-5E65-4B9C-B410-05659FAA692D} - System32\Tasks\fvw3_9c6qebtr => C:\windows\TEMP\fvw3_smop7nzg.bat
Task: {F5256FB0-D739-4735-AA28-844B82416C50} - System32\Tasks\fvw3_y8u0cpcj => C:\windows\TEMP\fvw3_i81jm8r1.bat
Task: {F938041D-0CFD-43E5-945C-D3D0646C07D8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F94F8D43-48EC-4A5C-9FCC-DA90725F1D07} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-11-03 11:25 - 2013-11-11 04:27 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2008-09-09 11:22 - 2008-09-09 11:22 - 00022016 _____ () C:\WINDOWS\System32\sst1cl6.dll
2014-02-04 18:18 - 2009-09-08 13:12 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Tools\Media\Notepad++\NppShell_05.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-17 11:09 - 2014-12-04 10:38 - 00042496 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2014-08-24 20:36 - 2014-04-08 08:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-10-10 20:35 - 2014-10-10 20:35 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2015-12-25 13:34 - 2014-05-13 12:04 - 00109400 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00167768 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00416600 _____ () C:\Tools\System\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-25 13:34 - 2012-08-23 10:38 - 00574840 _____ () C:\Tools\System\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-25 13:34 - 2012-04-03 17:06 - 00565640 _____ () C:\Tools\System\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-11-03 11:29 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-08-24 20:36 - 2014-04-08 08:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\09433235.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\09433235.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2014-03-09 12:10 - 00000900 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SDScannerService => 3
MSCONFIG\Services: SDUpdateService => 3
MSCONFIG\Services: SDWSCService => 3
HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "WekaUpdateCenter"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "AdobeBridge"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E57D093D-23BE-4F77-9FE9-6F2955099C74}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{022638D9-68C7-499E-8779-8BE231349811}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{3D94CD91-C46E-4257-AFB4-0AC6D4F792EE}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [UDP Query User{969D4125-127F-4843-BBA4-49E1BC41023C}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [TCP Query User{5FFCF8EC-A5E2-4CE1-A792-034E7A7248C1}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [{776E44D0-898E-459F-85B7-8951E9B2CD19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{446FFFFD-EF97-43D6-9283-1469B1F6D4E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{023E90DA-A9F5-4CE8-9DA5-AF65B6C2C5F3}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{C6840099-6C64-44AB-A765-5AEF62C06543}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{214D6990-8124-46C8-8BCA-A462010E23C1}] => (Allow) LPort=1900
FirewallRules: [{D379275B-B611-47CF-8C8E-4028C1DA0DC5}] => (Allow) LPort=2869
FirewallRules: [{B1E7914B-EE0B-4F90-B3FF-4A2D94020834}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B246AA25-94FA-44A0-BC33-B1AD84A64E38}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{66A6F094-3B80-40EB-B0F9-99B5B90DFAD9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{A9F3D847-5291-47E6-AD52-8A96DB503987}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [UDP Query User{41F7081D-4F8B-40E6-A5E0-9A2A5A99D644}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [TCP Query User{929F69C4-02A4-4371-AB84-FB1B08F470A7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9470EF6A-5F5B-45AE-B64C-CD53059503DB}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{73DD42E9-6DF5-4A56-9F8C-583639E0220E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{8B514598-2843-4118-B8F8-A0BDFCD35C27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{076DD059-1B7F-4E05-85C5-0FEFB9936868}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{55DA511A-CB94-43EF-B4C3-1226496AB4AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{7C5F8CAD-BA1E-49FE-B784-53BCCFC25C64}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{477D68FA-4343-4154-AEF2-D2CD027D8371}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{82747307-574E-4A60-B87A-969FBB0DCD1F}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{A70959CA-E670-41D3-B8D9-CA5FCDE02931}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{8DFED69A-677D-4CE5-A94D-0CE3292050D8}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{4B0F9AF1-F2E2-45B7-8492-CA47D123C10B}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{53204618-E591-4E3E-9C81-7080EB3FADC1}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{29DB62F4-6B27-497A-ACC5-1D5B2BF4A030}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{7D4EAA75-92E8-4F64-9882-6CA933D6480D}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{65313E84-34CD-4458-911A-2E040EBCC83A}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{E6A62001-1882-4154-AE24-D087E855B823}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{F05B8AD7-125C-41C1-A20A-40ED1BCADCC2}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [{2C909032-398A-46FD-83DC-AF39131A4992}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{1BF29DAA-7BF1-4CF2-8931-524E317EFAA3}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{805A1286-AE32-4CFF-8ADF-1330A5A7F6B6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{9ECC36F3-66E0-4E25-B7EF-089877F027EA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{0F5E95A8-4C95-4D6B-A648-1EF18AC74769}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{51DB62F3-E033-4AD7-AF11-DF595A68E2A1}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{1D2CB13A-75DB-4331-A1C6-BA8E785770B9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{1FA25717-7A9B-4494-BB83-870162589F35}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{909D2F1E-2B6D-40A5-BAA1-72A4906B9E94}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{79A5F39A-F6B3-4322-8268-F9A9F570716F}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9A3F8BCA-6DE5-410E-96F1-980515C8A785}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{FE127B2E-61C4-4065-9527-97EC6617CE8D}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{C2F5BF75-9441-4FB1-A14A-ABA89AC8EBD5}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{850B8798-B0F4-4F90-9BEF-63F1805A6087}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{47E06B7E-4B60-4444-B042-E6FA577CF60F}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{F1D1C2F1-0914-48A3-8D2D-FE8F739BC850}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [UDP Query User{8A4B326C-BEEB-43FB-AC27-35A9E634A181}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [{FD9BEC80-8F7F-48D5-8438-4431993E9183}] => (Allow) LPort=50248
FirewallRules: [{92CB16C5-48FA-499A-A0A7-B70C2B873F9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1605453B-F84D-48AC-9238-8679CF8B2AC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50078D83-F3B9-4EDC-AD6F-67799BF08033}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{773EB3DD-0783-4DA9-AB05-02F13862A106}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{00052CCD-CDB8-4B0F-9FF5-65D19FDA6EA5}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{8761E1F7-DFA1-4AB5-981C-05E69D18C334}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{2C7F9478-3AC9-434D-8795-916B542A168E}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{B98E81AB-784F-403B-81DD-F5FA9751A26C}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{1BA3AEE4-31E5-4E4A-83FC-49EA4D02F651}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [UDP Query User{5E43DE58-3515-488D-82B8-255F65925A5F}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [{B5DCD1E8-5162-4A8D-929F-04DD8C7A7D7B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{861976C2-A93A-44A3-B0F6-88C2733725B0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{255F4592-3F05-42CA-8F0F-47212DAF4CA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EEA4923D-649A-46C4-B6B7-1A625426D849}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2347BA7F-8A58-48F0-A589-58DE813740E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81E26DFC-D188-48B6-9550-A7D4A4F5B198}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
08-01-2016 13:58:31 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/08/2016 01:44:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/08/2016 01:24:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0x14a0
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5
Error: (01/08/2016 01:20:11 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (01/08/2016 01:20:11 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (01/07/2016 04:04:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0x1174
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5
Error: (01/07/2016 01:40:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/07/2016 01:40:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/07/2016 01:37:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/07/2016 04:25:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/07/2016 04:20:16 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Systemfehler:
=============
Error: (01/08/2016 01:20:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/08/2016 01:20:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (01/08/2016 01:19:07 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
Error: (01/07/2016 06:54:02 PM) (Source: volmgr) (EventID: 45) (User: )
Description: Das System konnte den Treiber für das Speicherabbild nicht laden.
Error: (01/05/2016 05:15:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (01/05/2016 05:15:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Andreas\AppData\Local\Temp\ehdrv.sys
Error: (01/05/2016 05:15:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (01/05/2016 05:15:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Andreas\AppData\Local\Temp\ehdrv.sys
Error: (01/05/2016 05:15:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (01/05/2016 05:15:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Andreas\AppData\Local\Temp\ehdrv.sys
======== Speicherinformationen ====
Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 80%
Installierter physikalischer RAM: 8079.39 MB
Verfügbarer physikalischer RAM: 1555.91 MB
Summe virtueller Speicher: 16271.39 MB
Verfügbarer virtueller Speicher: 8967.11 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:378.94 GB) (Free:146.22 GB) NTFS
Drive d: (Daten) (Fixed) (Total:292.97 GB) (Free:161.07 GB) NTFS
== MBR & Partitionstabelle ==
Disk: 0 (Size: 698.6 GB) (Disk ID: 50960A65)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
09.01.2016, 07:05
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Makrovirus "Berger Antriebstechnik"Zitat:
Lesestoff:Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.01.2016, 22:06
| #11 |
| | Makrovirus "Berger Antriebstechnik" Hallo cosinus, Danke für die Info Adobe Programm war drauf und wurde komplett deinstaliert Adobe Reader XI , Adobe Air und Adobe Flash player wurde beibehalten Neue FRST und Addition hänge ich an (allerdings ist der Info-Code den du mir als hinweis gegeben hast noch immer vorhanden) noch zur info: email mit dok-word Dokument wurde nicht am 19.12.2015 geöffnet sondern vermutlich 21.12 oder 22.12.2015 da habe ich im Download-Ordner ein unbekante Datei gefunden ViewProduktAttrachment-OpenFile 22.12.2015 15:03 Datei 358KB Mit freundlichen Grüßen Andreas Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:06-01-2015 durchgeführt von Andreas (Administrator) auf OLIVER (09-01-2016 21:32:21) Gestartet von C:\Users\Andreas\Downloads Geladene Profile: Andreas (Verfügbare Profile: Andreas & MSSQL$SQLEXPRESS) Platform: Windows 8.1 Pro with Media Center (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Farbar) C:\Users\Andreas\Downloads\FRST64(1).exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13677784 2014-09-29] (Realtek Semiconductor) HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [NPSStartup] => [X] HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [WekaUpdateCenter] => C:\Program Files (x86)\Common Files\Weka\Update Manager\WekaUpdateManager.exe [198000 2012-03-01] (Haufe-Lexware GmbH & Co. KG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SDTray] => C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-18] (Electronic Arts) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2014-12-04] () HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Spybot-S&D Cleaning] => C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.) HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Policies\Explorer: [] HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\MountPoints2: {0301ea6d-eaec-11e3-8040-c48508d4a372} - "F:\iStudio.exe" AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation) AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-11] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-24] ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-03-13] ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe () BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{0CBAE8C9-0F58-427E-817D-95609070D6E2}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{C1373ACE-7D17-460E-98DE-31CEBF2DCF1E}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/ HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> DefaultScope {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL = SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL = BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-13] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-13] (Oracle Corporation) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.) FireFox: ======== FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default FF NewTab: hxxps://www.google.de/ FF Homepage: hxxps://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-19] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-19] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.) FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-13] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-13] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Tools\Media\VLC\npvlc.dll [2012-12-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2015-01-23] ( ) FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Andreas\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( ) FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\englische-ergebnisse.xml [2014-06-05] FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\gmx-suche.xml [2014-06-05] FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\lastminute.xml [2014-04-10] FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\webde-suche.xml [2014-06-05] FF Extension: Garmin Communicator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-06-22] FF Extension: GMX MailCheck - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\mailcheck@gmx.net [2015-12-17] FF Extension: Avira Browser Safety - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\abs@avira.com [2015-12-31] FF Extension: Adblock Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) S4 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2013-12-26] (Autodesk) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG) R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG) R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.) S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation) R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [64848 2012-08-06] (Condusiv Technologies) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert] R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] () S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-18] (Electronic Arts) S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS) R2 SDScannerService; C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S2 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [24400 2012-08-06] (Condusiv Technologies) R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [73552 2012-08-06] (Condusiv Technologies) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-09] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation) R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS) R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation) R3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [33488 2014-03-03] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 SBIOSIO; \??\C:\Users\Andreas\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-09 21:32 - 2016-01-09 21:32 - 00058453 _____ C:\Users\Andreas\Downloads\Addition 09.01.2016 21.00Uhr.txt 2016-01-09 21:32 - 2016-01-09 21:32 - 00000000 ___SH C:\DkHyperbootSync 2016-01-09 21:24 - 2016-01-09 21:24 - 00045783 _____ C:\Users\Andreas\Desktop\FRST 09.01.2016 21.00Uhr.txt 2016-01-08 18:43 - 2016-01-08 18:43 - 00059770 _____ C:\Users\Andreas\Desktop\FRST 08.01.2016 18.40 Uhr.txt 2016-01-08 18:41 - 2016-01-08 18:41 - 00059912 _____ C:\Users\Andreas\Desktop\FRST 08.01.2016.txt 2016-01-08 18:40 - 2016-01-08 18:40 - 00061335 _____ C:\Users\Andreas\Desktop\Addition 08.01.2016.txt 2016-01-08 18:28 - 2016-01-05 13:30 - 00000991 _____ C:\Users\Andreas\Desktop\AdwCleaner[S3].txt 2016-01-08 18:27 - 2016-01-04 21:18 - 00000987 _____ C:\Users\Andreas\Desktop\AdwCleaner[S2].txt 2016-01-08 18:26 - 2016-01-04 19:21 - 00259818 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_19.17.13_log.txt 2016-01-08 18:25 - 2016-01-04 19:15 - 00514432 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_19.11.15_log.txt 2016-01-07 14:02 - 2016-01-07 14:02 - 00071339 _____ C:\Users\Andreas\Desktop\FRST 07.01.2016 14.00 Uhr.txt 2016-01-07 13:51 - 2016-01-07 13:51 - 00071481 _____ C:\Users\Andreas\Downloads\FRST 07.01.2016.txt 2016-01-07 13:51 - 2016-01-07 13:51 - 00071481 _____ C:\Users\Andreas\Desktop\FRST 07.01.2016.txt 2016-01-07 13:41 - 2016-01-07 13:41 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64(1).exe 2016-01-07 13:39 - 2016-01-07 13:39 - 00004002 _____ C:\Users\Andreas\Desktop\ESTE Online-Scanner log 05.01.2016.txt 2016-01-07 13:28 - 2016-01-07 13:28 - 00003078 _____ C:\Users\Andreas\Desktop\ESET Online Scanner .txt 2016-01-05 17:13 - 2016-01-05 17:13 - 00000000 ____D C:\Program Files (x86)\ESET 2016-01-05 17:11 - 2016-01-05 17:11 - 02870984 _____ (ESET) C:\Users\Andreas\Downloads\esetsmartinstaller_deu.exe 2016-01-05 17:06 - 2016-01-05 17:06 - 00001211 _____ C:\Users\Andreas\Desktop\antimaleware 05.12. 17.00 Uhr.txt 2016-01-05 16:05 - 2016-01-09 21:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-05 16:04 - 2016-01-05 16:04 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-01-05 16:04 - 2016-01-05 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-01-05 16:04 - 2016-01-05 16:04 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-01-05 16:04 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-01-05 16:04 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-01-05 16:04 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-01-05 16:02 - 2016-01-05 16:03 - 22908888 _____ (Malwarebytes ) C:\Users\Andreas\Downloads\mbam-setup-2.2.0.1024(1).exe 2016-01-05 15:51 - 2016-01-05 15:51 - 00004993 _____ C:\Users\Andreas\Desktop\Antimailware 2.txt 2016-01-05 15:51 - 2016-01-05 15:51 - 00001467 _____ C:\Users\Andreas\Desktop\Antimailware 4.txt 2016-01-05 15:51 - 2016-01-05 15:51 - 00001198 _____ C:\Users\Andreas\Desktop\Antimailware 3.txt 2016-01-05 15:50 - 2016-01-05 15:50 - 00001198 _____ C:\Users\Andreas\Desktop\Antimailware 1.txt 2016-01-05 14:36 - 2016-01-05 14:36 - 00001190 _____ C:\Users\Andreas\Desktop\AdwCleaner[C2] 05.01.2016 13.30 Uhr.txt 2016-01-05 13:23 - 2016-01-05 13:23 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(4).exe 2016-01-05 13:20 - 2016-01-05 13:20 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(3).exe 2016-01-05 13:20 - 2016-01-05 13:20 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(2).exe 2016-01-05 13:18 - 2016-01-05 13:18 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(1).exe 2016-01-05 13:16 - 2016-01-05 13:16 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028.exe 2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.22Uhr.txt 2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.21Uhr.txt 2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.20Uhr.txt 2016-01-04 19:17 - 2016-01-04 19:21 - 00259818 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_19.17.13_log.txt 2016-01-04 19:15 - 2016-01-04 19:15 - 00000000 ____D C:\TDSSKiller_Quarantine 2016-01-04 19:11 - 2016-01-04 19:15 - 00514432 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_19.11.15_log.txt 2016-01-04 19:10 - 2016-01-04 19:10 - 00062665 _____ C:\Users\Andreas\Desktop\FRST 19.10 Uhr.txt 2016-01-04 19:10 - 2016-01-04 19:10 - 00057162 _____ C:\Users\Andreas\Desktop\FRST_04-01-2016_17-13-36 19.10 Uhr.txt 2016-01-04 19:02 - 2016-01-04 19:02 - 00001206 _____ C:\Users\Andreas\Desktop\antimaleware 19.00 Uhr.txt 2016-01-04 17:59 - 2016-01-04 17:59 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-04 17:58 - 2016-01-04 17:58 - 22908888 _____ (Malwarebytes ) C:\Users\Andreas\Downloads\mbam-setup-2.2.0.1024.exe 2016-01-04 17:55 - 2016-01-04 17:55 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1]nach Neustart.txt 2016-01-04 17:44 - 2016-01-04 17:44 - 00507278 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_17.26.43_log.txt 2016-01-04 17:26 - 2016-01-04 17:47 - 00757750 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_17.26.43_log.txt 2016-01-04 17:26 - 2016-01-04 17:26 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Andreas\Downloads\tdsskiller.exe 2016-01-04 17:21 - 2016-01-04 17:21 - 00057162 _____ C:\Users\Andreas\Desktop\FRST.txt 2016-01-04 17:21 - 2016-01-04 17:21 - 00003046 _____ C:\Users\Andreas\Desktop\AdwCleaner[S1].txt 2016-01-04 17:19 - 2016-01-04 17:19 - 00061325 _____ C:\Users\Andreas\Desktop\Addition.txt 2016-01-04 17:13 - 2016-01-09 21:08 - 00058453 _____ C:\Users\Andreas\Downloads\Addition.txt 2016-01-04 17:12 - 2016-01-09 21:32 - 00024973 _____ C:\Users\Andreas\Downloads\FRST.txt 2016-01-04 17:11 - 2016-01-09 21:32 - 00000000 ____D C:\FRST 2016-01-04 17:10 - 2016-01-04 17:11 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe 2016-01-04 17:04 - 2016-01-05 13:31 - 00000000 ____D C:\AdwCleaner 2016-01-04 16:39 - 2016-01-08 13:43 - 00000000 ____D C:\Users\Andreas\Documents\A Desktopdateien 2016-01-04 15:13 - 2016-01-04 15:13 - 00052697 _____ C:\Users\Andreas\Downloads\RE_3100134490_8753513655_20160101.pdf 2015-12-29 18:47 - 2015-12-29 18:47 - 00532721 _____ C:\Users\Andreas\Downloads\Rechnung Elmar Lorch Neckarhalde 24.pdf 2015-12-29 17:44 - 2015-12-29 17:44 - 01976669 _____ C:\Users\Andreas\Downloads\Angebot Herrn Lorch Neckarhalde 24.pdf 2015-12-29 16:39 - 2015-12-29 16:39 - 01413613 _____ C:\Users\Andreas\Downloads\Rechnung Fam.Baltzer-Noak Giebelfenster.pdf 2015-12-29 16:36 - 2015-12-29 16:36 - 02689619 _____ C:\Users\Andreas\Downloads\Rundbogenfenster Neckarhalde 24.pdf 2015-12-29 10:10 - 2015-12-29 10:10 - 00122897 _____ C:\Users\Andreas\Downloads\schoenbuchhalbmarathon2013.pdf 2015-12-29 10:03 - 2015-12-29 10:03 - 00068182 _____ C:\Users\Andreas\Downloads\2007-05-13-Leinfelden-Echterdingen-07-05-13-schoenbuch-pdf.pdf 2015-12-28 16:27 - 2015-12-28 16:27 - 03614157 _____ C:\Users\Andreas\Downloads\2015Bilder-Fenster.pdf 2015-12-25 13:38 - 2015-12-25 13:38 - 00000000 ____D C:\Program Files\Common Files\AV 2015-12-25 13:38 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2015-12-25 13:34 - 2015-12-25 13:34 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-12-25 13:34 - 2015-12-25 13:34 - 00002019 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2015-12-25 13:34 - 2015-12-25 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-12-25 13:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe 2015-12-25 10:37 - 2015-12-25 10:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2015-12-25 10:33 - 2015-12-25 10:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Andreas\Downloads\spybot-2.4.40.exe 2015-12-23 19:24 - 2015-12-23 19:39 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\.minecraft 2015-12-23 19:24 - 2015-12-23 19:24 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft(1).exe 2015-12-23 19:24 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\java 2015-12-23 19:21 - 2015-12-23 20:19 - 00001470 _____ C:\Users\Andreas\Downloads\nativelog.txt 2015-12-23 19:21 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\Downloads\game 2015-12-23 19:21 - 2015-12-23 19:21 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft.exe 2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\tools 2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\runtime 2015-12-23 14:17 - 2015-12-23 14:17 - 00049289 _____ C:\Users\Andreas\Downloads\VR-GewinnSparen_13202006_vom_23.11.2015_20151223021734.pdf 2015-12-23 14:17 - 2015-12-23 14:17 - 00049195 _____ C:\Users\Andreas\Downloads\Mitteilung_13202006_vom_23.11.2015_20151223021732.pdf 2015-12-23 09:49 - 2015-12-23 09:49 - 00171255 _____ C:\Users\Andreas\Downloads\271183.pdf 2015-12-22 15:03 - 2015-12-22 15:03 - 00366243 _____ C:\Users\Andreas\Downloads\ViewProductAttachment-OpenFile 2015-12-22 11:23 - 2015-12-22 11:23 - 05601627 _____ C:\Users\Andreas\Downloads\kf_694_18-03-2015.pdf 2015-12-22 10:44 - 2015-12-22 10:44 - 00564782 _____ C:\Users\Andreas\Downloads\kf_614_hst_13-07-2012_06-03-2013_18-03-2015_18-03-2015.pdf 2015-12-22 10:36 - 2015-12-22 10:36 - 05513745 _____ C:\Users\Andreas\Downloads\bestellformular_kunststofffenster_28.05.2015_10-06-2015.pdf 2015-12-21 15:05 - 2015-12-21 15:05 - 00244231 _____ C:\Users\Andreas\Downloads\051001besonderer-einsatz-und-verarbeitung-farbiger-profile(1).pdf 2015-12-21 13:00 - 2015-12-21 13:00 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth(1).pdf 2015-12-21 11:34 - 2015-12-21 11:34 - 01597571 _____ C:\Users\Andreas\Downloads\Senioren_und_soziallagenbezogene_Gesundheitsfoerderung_und_Praevention(1).pdf 2015-12-21 11:29 - 2015-12-21 11:29 - 00434271 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen Teil 2.pdf 2015-12-16 10:38 - 2015-12-16 10:38 - 05821280 _____ C:\Users\Andreas\Downloads\3._arn_in-kurven_07-10-2014(1).pdf 2015-12-16 10:35 - 2015-12-16 10:35 - 03807865 _____ C:\Users\Andreas\Downloads\4._arna_in-kurven_07-10-2014(1).pdf 2015-12-16 10:29 - 2015-12-16 10:29 - 01977655 _____ C:\Users\Andreas\Downloads\2._arei_in-kurven_07-10-2014(1).pdf 2015-12-16 10:27 - 2015-12-16 10:27 - 03305335 _____ C:\Users\Andreas\Downloads\1._are_in-kurven_07-10-2014(1).pdf 2015-12-16 10:27 - 2015-12-16 10:27 - 03277743 _____ C:\Users\Andreas\Downloads\6._arr_in-kurven_07-10-2014(1).pdf 2015-12-16 10:27 - 2015-12-16 10:27 - 03121460 _____ C:\Users\Andreas\Downloads\5._arnr_in-kurven_07-10-2014(1).pdf 2015-12-16 10:25 - 2015-12-16 10:25 - 09742494 _____ C:\Users\Andreas\Downloads\ahf_95_classic_art_09-11-2015.pdf 2015-12-15 09:32 - 2015-12-15 09:32 - 00053266 _____ C:\Users\Andreas\Downloads\Kontoauszug_13202006__Nr.0112015_vom_30.11.2015_20151215093238.pdf 2015-12-15 09:31 - 2015-12-15 09:31 - 00058584 _____ C:\Users\Andreas\Downloads\Kontoauszug_1334000__Nr.0112015_vom_30.11.2015_20151215093143.pdf 2015-12-14 17:11 - 2015-12-14 17:11 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016(1).pdf 2015-12-14 13:43 - 2015-12-14 13:43 - 00730987 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz WESTANSICHT Alt 5.1akt Kopie v2016_powermacg5.pdf 2015-12-14 13:42 - 2015-12-14 13:42 - 00533986 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf 2015-12-14 13:40 - 2015-12-14 13:40 - 01366764 _____ C:\Users\Andreas\Downloads\04.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel.pdf 2015-12-14 13:40 - 2015-12-14 13:40 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf 2015-12-14 13:38 - 2015-12-14 13:38 - 01369220 _____ C:\Users\Andreas\Downloads\07.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel(1).pdf 2015-12-14 11:29 - 2015-12-14 11:29 - 00031481 _____ C:\Users\Andreas\Downloads\WTPG_teilweise_Selbstverantwortung.pdf 2015-12-14 11:28 - 2015-12-14 11:28 - 00042419 _____ C:\Users\Andreas\Downloads\WTPG_ambulant_betreute_WG.pdf 2015-12-14 11:25 - 2015-12-14 11:25 - 00129521 _____ C:\Users\Andreas\Downloads\WTPG_6.pdf 2015-12-14 11:24 - 2015-12-14 11:24 - 00405000 _____ C:\Users\Andreas\Downloads\WTPG_5.pdf 2015-12-14 11:23 - 2015-12-14 11:23 - 00662282 _____ C:\Users\Andreas\Downloads\WTPG_4.pdf 2015-12-14 11:22 - 2015-12-14 11:22 - 00580358 _____ C:\Users\Andreas\Downloads\WTPG_3.pdf 2015-12-14 11:21 - 2015-12-14 11:21 - 00410389 _____ C:\Users\Andreas\Downloads\WTPG_2.pdf 2015-12-14 11:20 - 2015-12-14 11:20 - 00323803 _____ C:\Users\Andreas\Downloads\WTPG_1.pdf 2015-12-14 11:16 - 2015-12-14 11:16 - 00273829 _____ C:\Users\Andreas\Downloads\beratung_karl.pdf 2015-12-14 11:16 - 2015-12-14 11:16 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab(1).pdf 2015-12-14 11:11 - 2015-12-14 11:11 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab.pdf 2015-12-14 11:08 - 2015-12-14 11:08 - 00357129 _____ C:\Users\Andreas\Downloads\falkenroth.pdf 2015-12-14 11:06 - 2015-12-14 11:06 - 00252951 _____ C:\Users\Andreas\Downloads\siegert.pdf 2015-12-14 11:02 - 2015-12-14 11:02 - 00212266 _____ C:\Users\Andreas\Downloads\stationaere_a_hilfe_hirt.pdf 2015-12-14 11:00 - 2015-12-14 11:00 - 00400182 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen_Teil2(1).pdf 2015-12-14 09:35 - 2015-12-14 09:35 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth.pdf 2015-12-10 09:18 - 2015-12-10 09:18 - 05507334 _____ C:\Users\Andreas\Downloads\bestellformular_aluminium-kunststoff-fenster_neu_2015_18-08-2015.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-09 21:27 - 2012-08-24 02:31 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-01-09 21:08 - 2013-09-30 05:14 - 02044468 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-09 21:08 - 2013-09-30 04:58 - 00872284 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-09 21:08 - 2013-09-30 04:58 - 00193862 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-09 21:08 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2016-01-09 21:08 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2016-01-09 21:06 - 2012-11-29 12:12 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3658493019-1111599900-2463904087-1003 2016-01-09 21:04 - 2012-08-24 02:35 - 00000000 ____D C:\ProgramData\WinClon 2016-01-09 21:02 - 2015-05-03 14:58 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-09 21:02 - 2014-01-27 20:36 - 00000000 __RDO C:\Users\Andreas\SkyDrive 2016-01-09 21:01 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-09 21:00 - 2013-08-22 15:44 - 05431544 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-01-09 19:29 - 2013-11-25 22:32 - 00000000 ____D C:\Users\Andreas 2016-01-09 13:57 - 2014-03-09 12:48 - 00000000 ____D C:\Program Files\Common Files\Adobe 2016-01-09 12:29 - 2012-11-29 13:22 - 00000000 ____D C:\Users\Andreas\AppData\Local\Adobe 2016-01-09 12:21 - 2013-02-18 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-08 13:43 - 2015-02-10 15:31 - 00189952 ___SH C:\Users\Andreas\Documents\Thumbs.db 2016-01-08 13:23 - 2013-12-26 16:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-07 18:55 - 2013-08-22 14:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI 2016-01-07 13:39 - 2013-01-26 19:44 - 00677376 ___SH C:\Users\Andreas\Desktop\Thumbs.db 2016-01-07 04:18 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-07 04:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-05 13:32 - 2014-10-19 19:39 - 00000000 ____D C:\WINDOWS\Minidump 2016-01-05 13:32 - 2013-05-14 17:31 - 00196143 ____N C:\WINDOWS\Minidump\010516-26390-01.dmp 2016-01-04 19:15 - 2014-02-04 18:18 - 00000000 ____D C:\ProgramData\CanonIJPLM 2016-01-04 18:59 - 2014-09-10 19:21 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieUserList 2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieSiteList 2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieUserList 2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieSiteList 2016-01-04 18:51 - 2015-07-24 12:26 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2016-01-04 18:51 - 2015-07-23 20:48 - 00000000 ____D C:\Program Files\Rockstar Games 2015-12-31 11:17 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-29 15:03 - 2013-08-27 23:56 - 00033280 ___SH C:\Users\Andreas\Thumbs.db 2015-12-26 09:48 - 2015-04-19 06:58 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-26 09:48 - 2015-04-19 06:58 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-25 13:37 - 2014-06-22 12:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-12-25 13:34 - 2013-01-01 16:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-12-23 15:38 - 2014-02-06 16:14 - 00000000 ____D C:\ProgramData\CanonIJ 2015-12-23 09:40 - 2014-02-26 12:00 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS 2015-12-21 11:24 - 2013-02-23 19:59 - 00000000 ____D C:\ProgramData\Origin 2015-12-21 09:47 - 2013-10-06 13:19 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-21 09:47 - 2012-12-31 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-12-14 09:55 - 2012-12-18 13:06 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\ISSPLUS 2015-12-14 09:52 - 2012-12-18 12:59 - 00000000 ____D C:\MoveIT 2015-12-11 10:39 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-11-03 18:34 - 2015-11-03 18:35 - 98892838 _____ () C:\Program Files (x86)\BeamNG-Techdemo-0.3-setup.zip 2012-11-29 12:05 - 2014-03-10 10:59 - 0142434 _____ () C:\Users\Andreas\AppData\Roaming\AbsoluteReminder.xml 2014-03-03 09:25 - 2014-03-03 09:25 - 0001167 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt 2014-03-03 09:25 - 2014-03-03 09:25 - 0000000 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2013-12-26 18:42 - 2014-06-22 13:11 - 0007607 _____ () C:\Users\Andreas\AppData\Local\Resmon.ResmonCfg 2014-11-03 11:28 - 2014-11-03 11:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2012-08-24 02:39 - 2012-08-08 05:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe 2012-08-24 02:39 - 2012-08-07 11:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml 2015-01-01 21:37 - 2015-01-01 21:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Einige Dateien in TEMP: ==================== C:\Users\Andreas\AppData\Local\Temp\avgnt.exe C:\Users\Andreas\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-09 14:15 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-01-2015
durchgeführt von Andreas (2016-01-09 21:32:52)
Gestartet von C:\Users\Andreas\Downloads
Windows 8.1 Pro with Media Center (X64) (2013-11-26 08:00:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3658493019-1111599900-2463904087-500 - Administrator - Disabled)
Andreas (S-1-5-21-3658493019-1111599900-2463904087-1003 - Administrator - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-3658493019-1111599900-2463904087-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3658493019-1111599900-2463904087-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
AMU (HKLM-x32\...\de.a2c.bafa.antragsmanager.unternehmer) (Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle)
AMU (x32 Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle) Hidden
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
AutoCAD 2009 - Deutsch (HKLM\...\AutoCAD 2009 - Deutsch) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - Deutsch (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
BeamNG-Techdemo-0.3 (remove only) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\BeamNG-Techdemo-0.3) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX870 series Benutzerregistrierung (HKLM-x32\...\Canon MX870 series Benutzerregistrierung) (Version: - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.9.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.10.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER Einnahme-Überschussrechnung 2013 pro (HKLM-x32\...\Einnahme-Überschussrechnung 2013 pro_is1) (Version: 1.0 - DATA BECKER GmbH & Co. KG)
DiRT (HKLM-x32\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Free Studio version 5.9.0.1212 (HKLM-x32\...\Free Studio_is1) (Version: 5.9.0.1212 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPS Master 2.0.14 (HKLM-x32\...\GPS Master_is1) (Version: 1.0 - GPS Master)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Handwerksbüro X22-Datenübernahme (HKLM-x32\...\{AF7E45F7-DAF6-4DEF-B439-B334D7F43942}) (Version: 1.00.0076 - WEKA)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{B506207A-C977-48B6-A14F-2C7E98EF0BE4}) (Version: 1.0.26 - Condusiv Technologies)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-Bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2012 (HKLM\...\{7647B46D-D4E6-43A5-AC9D-0BAA28C63271}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero 8 (HKLM-x32\...\{BE282C23-5484-47FF-B2C1-EBEA5C891031}) (Version: 8.3.29 - Nero AG)
Nero BackItUp 12 Essentials (HKLM-x32\...\{0E3368AC-FB29-4C5E-938E-FA11C12D035E}) (Version: 12.0.01200 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Panzer Elite Action - Dunes Of War (HKLM-x32\...\{577D1191-A6DF-4534-8D97-805BCBAC5D1D}_is1) (Version: - Nordic Games)
Panzer Elite Action - Fields Of Glory (HKLM-x32\...\{1DDAD87D-576E-43DE-8814-65ACC87CFED6}_is1) (Version: - Nordic Games)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)
phonostar-Player Version 3.03.5 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.14 - Samsung Electronics CO., LTD.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
sirAdos Datenmanager Januar 2014 (HKLM-x32\...\{CC9E22A1-8012-493E-9BEC-381189F8F152}) (Version: 1.3.615 - sirAdos)
Snagit 11 (HKLM-x32\...\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}) (Version: 11.0.0 - TechSmith Corporation)
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version: 2.27 - NCH Software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (HKLM-x32\...\{1A4C9497-7D4B-466D-8D3A-FE0D925386DC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.0.0 - Synaptics Incorporated)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version: - Atari)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VRally3 (HKLM-x32\...\VRally3_is1) (Version: - )
WEKA DATANORM 3.6 (HKLM-x32\...\{124C8673-FB8C-426D-A5BA-2A7400EC5994}) (Version: - )
WEKA Handwerksbüro 1.22.1.1 (HKLM-x32\...\weka-hwb-X22) (Version: X22 - WEKA)
WEKA Handwerksbüro X22 - 11.14 (HKLM-x32\...\de.bwso.hwb.Hwb.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (HKLM-x32\...\de.bwso.hwb.HwbMulti.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA Handwerksbüro X22 - 11.14 (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA LauncherService 1.2 (HKLM-x32\...\3599-1427-7716-9681) (Version: - )
WEKA Update Center (HKLM-x32\...\{A8217164-542A-4C4B-9031-2AB445CA314A}) (Version: 1.00.00.0003 - WEKA MEDIA GmbH & Co. KG)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Windows-Treiberpaket - Sunplus (SPCP825K) Ports (07/01/2010 1.0.9.0) (HKLM\...\20986CDBFBCA238AA12329A115B1CC9D88E9C06C) (Version: 07/01/2010 1.0.9.0 - Sunplus)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
XnView 1.99.6 (HKLM-x32\...\XnView_is1) (Version: 1.99.6 - Gougelet Pierre-e)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Tools\CAD\AutoCAD_2009\acadficn.dll (Autodesk, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {064796D5-6EFE-4B6D-A6F2-C50AFB733BF4} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-08-06] (SEC)
Task: {066FD32E-526F-4152-8F54-1896683DE177} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {0C478103-75E9-47F3-B24C-99AEDD11111E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1C0C6668-0270-462C-A41A-BA63A59A5CC5} - System32\Tasks\fvw3_1zl0tlux => C:\windows\TEMP\fvw3_k81mor7p.bat
Task: {1D4B8A78-1690-435C-8D6B-2E52F1CF5528} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-08-18] (Samsung Electronics CO., LTD.)
Task: {23B69281-D5F6-4E21-89D0-2B63E4A1F11E} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {271A966B-8197-4093-B9DB-9922655525A8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {34E6A3BC-6282-4F88-8D82-823135A2C919} - System32\Tasks\fvw3_av2pyhbc => C:\windows\TEMP\fvw3_p3h8wcih.bat
Task: {39F4E803-4332-40D3-85BE-4DB071C9B32C} - System32\Tasks\{63161025-A1C7-4386-A44C-B193CF3D00E5} => pcalua.exe -a C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb\GMX_MailCheck_ClickOnce.exe -d C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb
Task: {3A2ED25E-2FB1-46B4-87D0-539222DA8DDD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {7BBAED33-F6CB-43A7-B397-FB3CBF40962F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {911C4932-0B21-48B1-8C62-6859B7C1FB98} - System32\Tasks\fvw3_1mwm5xo4 => C:\windows\TEMP\fvw3_rqztrkf1.bat
Task: {91D39EA6-AD37-4EA8-8E1F-4468910D3869} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-19] (Adobe Systems Incorporated)
Task: {98987C6A-1276-41DD-AD76-25123DA08F20} - System32\Tasks\fvw3_kcm2lata => C:\windows\TEMP\fvw3_qgb9ejzg.bat
Task: {99BE832F-AC40-4DD1-9661-5C22AEED9282} - System32\Tasks\fvw3_dx9jiowd => C:\windows\TEMP\fvw3_o9bredg3.bat
Task: {9C5A89A8-0063-45EB-BC35-7259812BE801} - System32\Tasks\fvw3_rov77k4o => C:\windows\TEMP\fvw3_48r36voi.bat
Task: {ACD48289-DE50-487C-8893-DFC82D9C97CA} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C362B08D-711C-4074-A298-C8177623B9A1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C9A2E220-897F-4F25-9014-D2A5A02F6026} - System32\Tasks\fvw3_ubbskhag => C:\windows\TEMP\fvw3_mhsqjyso.bat
Task: {CE69CB7B-E9EF-46E5-B27E-57A383D83D3A} - System32\Tasks\fvw3_emppjlpd => C:\windows\TEMP\fvw3_y820i7ze.bat
Task: {E2C1EFFF-A1B3-46F2-AEB1-0E4979FC84B6} - System32\Tasks\fvw3_fc8bp7ib => C:\windows\TEMP\fvw3_xw12iuq6.bat
Task: {EF2D71FE-5E65-4B9C-B410-05659FAA692D} - System32\Tasks\fvw3_9c6qebtr => C:\windows\TEMP\fvw3_smop7nzg.bat
Task: {F31F35FB-106B-41EF-BEC5-085AA9AA9D9A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F5256FB0-D739-4735-AA28-844B82416C50} - System32\Tasks\fvw3_y8u0cpcj => C:\windows\TEMP\fvw3_i81jm8r1.bat
Task: {F938041D-0CFD-43E5-945C-D3D0646C07D8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F94F8D43-48EC-4A5C-9FCC-DA90725F1D07} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-11-03 11:25 - 2013-11-11 04:27 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2008-09-09 11:22 - 2008-09-09 11:22 - 00022016 _____ () C:\WINDOWS\System32\sst1cl6.dll
2014-02-04 18:18 - 2009-09-08 13:12 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext_64.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-17 11:09 - 2014-12-04 10:38 - 00042496 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2014-08-24 20:36 - 2014-04-08 08:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-10-10 20:35 - 2014-10-10 20:35 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2015-12-25 13:34 - 2014-05-13 12:04 - 00109400 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00167768 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00416600 _____ () C:\Tools\System\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-25 13:34 - 2012-08-23 10:38 - 00574840 _____ () C:\Tools\System\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-25 13:34 - 2012-04-03 17:06 - 00565640 _____ () C:\Tools\System\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-24 20:36 - 2014-04-08 08:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2014-11-03 11:29 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\09433235.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\09433235.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2014-03-09 12:10 - 00000900 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SDScannerService => 3
MSCONFIG\Services: SDUpdateService => 3
MSCONFIG\Services: SDWSCService => 3
HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "WekaUpdateCenter"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "AdobeBridge"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E57D093D-23BE-4F77-9FE9-6F2955099C74}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{022638D9-68C7-499E-8779-8BE231349811}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{3D94CD91-C46E-4257-AFB4-0AC6D4F792EE}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [UDP Query User{969D4125-127F-4843-BBA4-49E1BC41023C}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [TCP Query User{5FFCF8EC-A5E2-4CE1-A792-034E7A7248C1}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [{776E44D0-898E-459F-85B7-8951E9B2CD19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{446FFFFD-EF97-43D6-9283-1469B1F6D4E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{023E90DA-A9F5-4CE8-9DA5-AF65B6C2C5F3}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{C6840099-6C64-44AB-A765-5AEF62C06543}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{214D6990-8124-46C8-8BCA-A462010E23C1}] => (Allow) LPort=1900
FirewallRules: [{D379275B-B611-47CF-8C8E-4028C1DA0DC5}] => (Allow) LPort=2869
FirewallRules: [{B1E7914B-EE0B-4F90-B3FF-4A2D94020834}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B246AA25-94FA-44A0-BC33-B1AD84A64E38}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{66A6F094-3B80-40EB-B0F9-99B5B90DFAD9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{A9F3D847-5291-47E6-AD52-8A96DB503987}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [UDP Query User{41F7081D-4F8B-40E6-A5E0-9A2A5A99D644}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [TCP Query User{929F69C4-02A4-4371-AB84-FB1B08F470A7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9470EF6A-5F5B-45AE-B64C-CD53059503DB}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{73DD42E9-6DF5-4A56-9F8C-583639E0220E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{8B514598-2843-4118-B8F8-A0BDFCD35C27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{076DD059-1B7F-4E05-85C5-0FEFB9936868}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{55DA511A-CB94-43EF-B4C3-1226496AB4AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{7C5F8CAD-BA1E-49FE-B784-53BCCFC25C64}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{477D68FA-4343-4154-AEF2-D2CD027D8371}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{82747307-574E-4A60-B87A-969FBB0DCD1F}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{A70959CA-E670-41D3-B8D9-CA5FCDE02931}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{8DFED69A-677D-4CE5-A94D-0CE3292050D8}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{4B0F9AF1-F2E2-45B7-8492-CA47D123C10B}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{53204618-E591-4E3E-9C81-7080EB3FADC1}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{29DB62F4-6B27-497A-ACC5-1D5B2BF4A030}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{7D4EAA75-92E8-4F64-9882-6CA933D6480D}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{65313E84-34CD-4458-911A-2E040EBCC83A}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{E6A62001-1882-4154-AE24-D087E855B823}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{F05B8AD7-125C-41C1-A20A-40ED1BCADCC2}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [{2C909032-398A-46FD-83DC-AF39131A4992}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{1BF29DAA-7BF1-4CF2-8931-524E317EFAA3}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{805A1286-AE32-4CFF-8ADF-1330A5A7F6B6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{9ECC36F3-66E0-4E25-B7EF-089877F027EA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{0F5E95A8-4C95-4D6B-A648-1EF18AC74769}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{51DB62F3-E033-4AD7-AF11-DF595A68E2A1}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{1D2CB13A-75DB-4331-A1C6-BA8E785770B9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{1FA25717-7A9B-4494-BB83-870162589F35}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{909D2F1E-2B6D-40A5-BAA1-72A4906B9E94}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{79A5F39A-F6B3-4322-8268-F9A9F570716F}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9A3F8BCA-6DE5-410E-96F1-980515C8A785}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{FE127B2E-61C4-4065-9527-97EC6617CE8D}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{C2F5BF75-9441-4FB1-A14A-ABA89AC8EBD5}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{850B8798-B0F4-4F90-9BEF-63F1805A6087}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{47E06B7E-4B60-4444-B042-E6FA577CF60F}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{F1D1C2F1-0914-48A3-8D2D-FE8F739BC850}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [UDP Query User{8A4B326C-BEEB-43FB-AC27-35A9E634A181}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [{FD9BEC80-8F7F-48D5-8438-4431993E9183}] => (Allow) LPort=50248
FirewallRules: [{92CB16C5-48FA-499A-A0A7-B70C2B873F9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1605453B-F84D-48AC-9238-8679CF8B2AC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50078D83-F3B9-4EDC-AD6F-67799BF08033}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{773EB3DD-0783-4DA9-AB05-02F13862A106}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{00052CCD-CDB8-4B0F-9FF5-65D19FDA6EA5}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{8761E1F7-DFA1-4AB5-981C-05E69D18C334}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{2C7F9478-3AC9-434D-8795-916B542A168E}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{B98E81AB-784F-403B-81DD-F5FA9751A26C}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{1BA3AEE4-31E5-4E4A-83FC-49EA4D02F651}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [UDP Query User{5E43DE58-3515-488D-82B8-255F65925A5F}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [{B5DCD1E8-5162-4A8D-929F-04DD8C7A7D7B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{861976C2-A93A-44A3-B0F6-88C2733725B0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{255F4592-3F05-42CA-8F0F-47212DAF4CA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EEA4923D-649A-46C4-B6B7-1A625426D849}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2347BA7F-8A58-48F0-A589-58DE813740E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81E26DFC-D188-48B6-9550-A7D4A4F5B198}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
08-01-2016 13:58:31 Geplanter Prüfpunkt
09-01-2016 21:27:16 Removed Adobe Help Manager
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/09/2016 09:06:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/09/2016 09:01:49 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (01/09/2016 09:01:49 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (01/09/2016 07:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 16.1.0.0, Zeitstempel: 0x521e80f5
Name des fehlerhaften Moduls: MurocApi.dll, Version: 16.1.0.0, Zeitstempel: 0x521e7ff7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026570
ID des fehlerhaften Prozesses: 0xf50
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5
Error: (01/09/2016 07:30:13 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (01/09/2016 07:30:13 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (01/09/2016 02:04:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0x19f8
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5
Error: (01/09/2016 02:00:22 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (01/09/2016 02:00:22 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).
Error: (01/09/2016 01:02:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Systemfehler:
=============
Error: (01/09/2016 09:00:37 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
Error: (01/09/2016 07:31:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/09/2016 07:29:06 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
Error: (01/09/2016 07:29:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.01.2016 um 18:39:50 unerwartet heruntergefahren.
Error: (01/09/2016 01:59:22 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
Error: (01/09/2016 12:21:13 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
Error: (01/08/2016 01:20:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/08/2016 01:20:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (01/08/2016 01:19:07 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.
Error: (01/07/2016 06:54:02 PM) (Source: volmgr) (EventID: 45) (User: )
Description: Das System konnte den Treiber für das Speicherabbild nicht laden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 76%
Installierter physikalischer RAM: 8079.39 MB
Verfügbarer physikalischer RAM: 1887.52 MB
Summe virtueller Speicher: 16271.39 MB
Verfügbarer virtueller Speicher: 9481.27 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:378.94 GB) (Free:145.91 GB) NTFS
Drive d: (Daten) (Fixed) (Total:292.97 GB) (Free:161.07 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 50960A65)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
10.01.2016, 11:59
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Makrovirus "Berger Antriebstechnik" Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.01.2016, 16:15
| #13 |
| | Makrovirus "Berger Antriebstechnik" Hallo cosinus, Danke für deine Hilfe Bin deinen Anweisungen gefolgt Habe - Malwarebytes Anti-Rootkit- durchlaufen lassen Ergebnis -kein Befund--Siehe Anhang Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.01.10.02
rootkit: v2016.01.09.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18125
Andreas :: OLIVER [administrator]
10.01.2016 22:09:33
mbar-log-2016-01-10 (22-09-33).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 426796
Time elapsed: 40 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.01.11.02
rootkit: v2016.01.09.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18125
Andreas :: OLIVER [administrator]
11.01.2016 14:16:20
mbar-log-2016-01-11 (14-16-20).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 426920
Time elapsed: 44 minute(s), 11 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Fall 1: Kann es vielleicht sein daß mit dem öffnen der dok-Datei so ein Erpressungstrojaner gar nicht mit gekommen ist Fall 2: Trojaner wurde gefunden und gelöscht von einem Programm welches ich benutzt habe zB Adw-cleaner Fall 3: Trojaner hält sich noch versteckt Am Rechner selbst merke ich keine Veränderungen alles soweit in Ordnung Mir ist wohl bekannt daß es keine absolute gewissheit gibt außer halt Neu Instalation Aber es würde mich schon beruhigen wenn so erfahrene Leute wie ihr, die sich mit solchen Trojanern auskennen die analyse erstellen "möglichstes getan - sieht soweit gut aus" Kann ich gefahrenlos Sicherungskopien von meinen Daten machen (Word/Exel/PDF/Bilder)? Sollte ich beim onlinebanking änderungen vornehmen(habe jetzt SMS-Tan) gibt ja auch Tan-codierungsgeräte für zuhause Was mache ich mit den gefundenen Dateien aus TDSS_Killer Ich hoffe ich strapaziere deine Freie-Zeit nicht allzusehr Mit freundlichen Grüßen Andreas |
|
| Themen zu Makrovirus "Berger Antriebstechnik" |
| antivirus, avira, bergers antriebstechnik, bonjour, canon, desktop, device driver, dnsapi.dll, doc-datei, ebanking, email, excel, failed, firefox, flash player, frage, google, homepage, makroviren, mozilla, mp3, problem, realtek, registry, safer networking, scan, schadsoftware eingefangen, senioren, svchost.exe, system, trojaner, updates, usb, windows, wiso |
