| |
| |||||||
Log-Analyse und Auswertung: "nbi cleaner" ist wieder/noch daWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
11.02.2016, 22:16
| #16 |
 |  "nbi cleaner" ist wieder/noch da FRST3 FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von Heinz (ACHTUNG: der Benutzer ist kein Administrator) auf PANDORA (10-02-2016 22:53:53)
Gestartet von D:\Sicherung\Downloads\Microsoft\MalwareTools\FarbarRST
Geladene Profile: Heinz (Verfügbare Profile: Rudolf & Heinz)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> a2service.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> armsvc.exe
konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe
konnte nicht auf den Prozess zugreifen -> CCDMonitorService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> Agent.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> HeciServer.exe
konnte nicht auf den Prozess zugreifen -> IpOverUsbSvc.exe
konnte nicht auf den Prozess zugreifen -> Jhi_service.exe
konnte nicht auf den Prozess zugreifen -> TodoBackupService.exe
konnte nicht auf den Prozess zugreifen -> mdm.exe
konnte nicht auf den Prozess zugreifen -> mysqld.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> sqlwriter.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> vds.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WUDFHost.exe
konnte nicht auf den Prozess zugreifen -> dasHost.exe
konnte nicht auf den Prozess zugreifen -> RIconMan.exe
konnte nicht auf den Prozess zugreifen -> LMS.exe
konnte nicht auf den Prozess zugreifen -> NASvc.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
konnte nicht auf den Prozess zugreifen -> UNS.exe
konnte nicht auf den Prozess zugreifen -> SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(The Eraser Project) D:\Program Files\Eraser\Eraser.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe
(Adobe Systems Inc.) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
konnte nicht auf den Prozess zugreifen -> FNPLicensingService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
konnte nicht auf den Prozess zugreifen -> ePowerSvc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [Eraser] => D:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [Classic Start Menu] => C:\Programme\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9235928 2016-01-27] (Emsisoft Ltd)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Watch] => "H:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe"
HKLM-x32\...\Run: [EaseUs Tray] => "H:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe"
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596016 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-09] (Google Inc.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-09-17] ()
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2016-02-09]
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2016-02-09]
ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-02-09]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk [2016-02-09]
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-02-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2016-02-09]
ShortcutTarget: Microsoft Office.lnk -> D:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-02-09]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B3CAEEBF-3743-4152-A0F7-CCF641E2A859}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {DED4D168-AEEE-4E0C-B699-36A9A320ED5E} hxxp://de.cyberlink.com/prog/win8/js/UpdateAdvisor.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default
FF Homepage: hxxp://de.msn.com/
FF NetworkProxy: "backup.ftp", "127.0.0.1"
FF NetworkProxy: "backup.ftp_port", 4001
FF NetworkProxy: "backup.socks", "127.0.0.1"
FF NetworkProxy: "backup.socks_port", 4001
FF NetworkProxy: "backup.ssl", "127.0.0.1"
FF NetworkProxy: "backup.ssl_port", 4001
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @java.com/DTPlugin,version=11.74.2 -> D:\Program Files\Java\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.74.2 -> D:\Program Files\Java\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/1&1 Internet-Radio-Player -> D:\Program Files\1&1 Internet-Radio-Player\npphonostarDetectNP.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/phonostar-Player -> D:\Program Files\Internet-Radio-Player\phonostar-Player\npphonostarDetectNP.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Proxy Selector - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\proxyselector@mozilla.org.xpi [2015-06-04]
FF Extension: Webpage Snapshot - Snapilicious.com - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\admin@snapilicious.com.xpi [2015-06-04]
FF Extension: FoxyProxy Standard - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\foxyproxy@eric.h.jung [2015-06-04]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\artur.dubovoy@gmail.com [2016-01-26]
FF Extension: Hotspot Shield Free VPN Proxy – Unblock Sites - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\hotspot-shield@anchorfree.com.xpi [2015-11-03] [ist nicht signiert]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\ich@maltegoetz.de.xpi [2015-08-09]
FF Extension: YouTube Unblocker - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\youtubeunblocker__web@unblocker.yt [2015-12-04]
FF Extension: unity player - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{05cfb51c-ba6e-41f7-89b3-a96f5c837a87}.xpi [2015-09-22] [ist nicht signiert]
FF Extension: YouTube High Definition - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-02-03]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-01-08]
FF Extension: Video DownloadHelper - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: mpeg4 manager free - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{df4bd301-ee66-4f5e-a6e0-25ddf2bf381e}.xpi [2016-01-01] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-07-29]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-02]
CHR Extension: (Google Docs) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google-Suche) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-05-23]
CHR Extension: (TV für Google Chrome™) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe [2016-01-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Google Mail) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
Opera:
=======
StartMenuInternet: (HKLM) Opera - D:\Program Files\Opera\Opera.exe
StartMenuInternet: (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004) Opera - "C:\Users\Heinz\AppData\Local\Programs\Opera x64\Opera.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10963864 2016-01-27] (Emsisoft Ltd)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-28] (Adobe Systems) [Datei ist nicht signiert]
R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-08-18] (Apple Inc.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-21] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R3 hpqcxs08; D:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2011-04-29] (Hewlett-Packard Co.)
R2 hpqddsvc; D:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2011-04-29] (Hewlett-Packard Co.)
R2 HPSLPSVC; C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo)
R2 lmhosts; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MySQL; D:\Programme\MariaDB 10.1\bin\mysqld.exe [13470536 2015-12-23] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NlaSvc; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-09] (Emsisoft Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
R1 vmm; C:\WINDOWS\system32\Treiber\vmm.sys [294248 2016-01-29] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 cpuz137; \??\D:\Program Files\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 15:56 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 15:56 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-10 15:56 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 15:56 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 15:56 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 15:56 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 15:56 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 15:56 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 14:46 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 14:46 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 14:46 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 14:46 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 14:46 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-10 14:46 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-10 14:44 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-10 14:44 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 14:44 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 14:44 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-10 14:44 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-10 14:44 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-02-10 14:44 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 14:44 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-10 14:44 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-02-10 14:44 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-10 14:44 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-10 14:44 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-10 14:44 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-10 14:44 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 14:44 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 14:44 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-02-10 14:44 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-02-10 14:44 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-02-10 14:44 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-10 14:44 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-10 14:44 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-10 14:44 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-02-10 14:44 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 14:44 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-02-10 14:44 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 14:44 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 14:44 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 14:44 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 14:44 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 14:44 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 14:44 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 14:44 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-02-10 14:44 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 14:43 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-02-10 14:43 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-10 14:43 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 14:43 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 14:43 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-02-10 14:43 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-02-10 14:43 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 14:43 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-02-10 14:43 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 14:43 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-02-10 14:43 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 14:43 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-02-10 14:43 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 14:43 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-02-10 14:43 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 14:43 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 14:43 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-02-10 14:43 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-02-10 14:43 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2016-02-10 14:43 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 14:43 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 14:43 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-10 14:43 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-02-10 14:43 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-02-10 14:43 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-02-10 14:43 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-02-10 14:43 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2016-02-10 14:43 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2016-02-10 14:42 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-10 14:42 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 14:42 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-02-10 14:42 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-02-10 14:42 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-02-10 14:42 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-02-10 14:42 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-02-10 14:42 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-02-10 14:42 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-02-10 14:42 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-02-10 14:42 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-02-10 14:42 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-02-10 14:42 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-02-10 14:42 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-02-10 13:08 - 2016-02-10 13:08 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-10 13:08 - 2016-02-10 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 22:43 - 2016-02-09 23:20 - 00000000 __RHD C:\ESD
2016-02-09 22:40 - 2016-02-09 22:40 - 00010214 _____ C:\TDSSKiller.3.1.0.9_09.02.2016_22.40.39_log.txt
2016-02-07 15:10 - 2016-02-09 22:40 - 00000876 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-02-05 18:16 - 2016-02-05 18:16 - 399414055 _____ C:\WINDOWS\MEMORY.DMP
2016-02-05 18:16 - 2016-02-05 18:16 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-04 16:12 - 2016-01-19 17:40 - 00965440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2016-02-04 16:12 - 2016-01-19 17:40 - 00138904 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2016-02-04 13:04 - 2016-02-04 13:04 - 00000000 ____D C:\ProgramData\Emsisoft
2016-02-04 12:50 - 2016-02-09 22:40 - 00000960 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-02-04 12:50 - 2016-02-04 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-02-04 12:49 - 2016-02-10 22:54 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-02-02 16:42 - 2016-02-02 16:42 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\VSRevoGroup
2016-02-02 16:36 - 2016-02-09 22:39 - 00000928 _____ C:\Users\Rudolf\Desktop\Revo Uninstaller.lnk
2016-02-02 16:36 - 2016-02-02 16:36 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-02-02 16:31 - 2016-02-02 16:34 - 00235990 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_16.31.34_log.txt
2016-02-02 16:24 - 2016-02-02 16:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-02-02 16:21 - 2016-02-02 16:25 - 00237812 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_16.21.01_log.txt
2016-02-02 13:53 - 2016-02-02 13:58 - 00236786 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_13.53.27_log.txt
2016-01-29 13:49 - 2016-02-09 22:40 - 00001635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
2016-01-29 13:49 - 2016-01-29 17:29 - 00000000 ____D C:\WINDOWS\system32\Treiber
2016-01-27 18:21 - 2016-01-27 18:21 - 00000894 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\MySQL Client (MariaDB 10.1 (x64)).lnk
2016-01-27 10:41 - 2016-01-27 10:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 00:02 - 2016-01-27 00:02 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-26 22:00 - 2016-02-10 22:53 - 00000000 ____D C:\FRST
2016-01-26 21:05 - 2016-01-26 21:05 - 00000079 _____ C:\WINDOWS\wininit.ini
2016-01-26 17:48 - 2016-01-26 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strawberry Perl (64-bit)
2016-01-26 17:38 - 2016-02-07 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-01-26 16:36 - 2016-01-26 16:36 - 00001468 _____ C:\Users\Heinz\Desktop\WinMD5.lnk
2016-01-25 18:51 - 2016-02-07 15:16 - 00000000 ____D C:\Users\Heinz\VirtualBox VMs
2016-01-25 17:38 - 2016-02-10 19:25 - 00000000 ____D C:\Users\Heinz\.VirtualBox
2016-01-25 17:27 - 2016-01-25 17:27 - 00000000 ____D C:\MATS
2016-01-19 17:40 - 2016-01-19 17:40 - 00194976 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2016-01-19 17:40 - 2016-01-19 17:40 - 00117768 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2016-01-17 12:35 - 2016-01-18 00:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-14 17:48 - 2016-02-10 12:09 - 00000000 ____D C:\Users\Heinz\.oracle_jre_usage
2016-01-14 17:45 - 2016-01-14 17:45 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\HeidiSQL
2016-01-14 17:43 - 2016-02-09 22:40 - 00001170 _____ C:\Users\Public\Desktop\HeidiSQL.lnk
2016-01-14 17:43 - 2016-01-14 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MariaDB 10.1 (x64)
2016-01-14 16:26 - 2016-02-09 22:40 - 00000715 _____ C:\Users\Public\Desktop\Notepad++ 6.8.8.lnk
2016-01-13 22:48 - 2016-01-12 20:40 - 00001576 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Win Media Player.lnk
2016-01-12 21:26 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-12 21:26 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 21:26 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-12 21:26 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 21:26 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 21:26 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 21:26 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 21:26 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-12 21:26 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 21:26 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 21:26 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 21:26 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 21:26 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 21:26 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 21:26 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 21:26 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-12 21:26 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 21:26 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 21:26 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 21:26 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 21:26 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 21:26 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 21:25 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 21:25 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-11 22:15 - 2016-01-11 22:15 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\MySQL
2016-01-11 21:58 - 2016-01-11 21:58 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Oracle
2016-01-11 21:54 - 2016-01-11 22:31 - 00000000 ____D C:\ProgramData\MySQL
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 22:54 - 2013-12-26 15:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-10 22:45 - 2013-12-21 21:49 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-10 22:45 - 2013-12-21 21:49 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-10 21:31 - 2013-12-24 15:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ClassicShell
2016-02-10 20:52 - 2013-12-21 21:50 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 20:16 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-10 20:16 - 2013-08-22 15:44 - 01027912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-10 19:32 - 2015-04-15 16:58 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-10 19:32 - 2013-11-14 08:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 19:32 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-02-10 19:32 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-02-10 16:06 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-10 16:01 - 2013-12-20 16:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 15:57 - 2013-12-20 16:06 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 14:39 - 2015-11-11 12:08 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 14:39 - 2015-11-11 12:08 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-10 12:12 - 2014-03-26 18:26 - 00000000 ____D C:\Users\Rudolf\.nbi
2016-02-10 11:55 - 2015-08-30 14:14 - 00000000 ____D C:\Users\Rudolf\.oracle_jre_usage
2016-02-10 10:31 - 2014-10-31 10:35 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\ClassicShell
2016-02-10 10:31 - 2013-12-21 14:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\CrashDumps
2016-02-10 10:28 - 2013-11-14 08:27 - 01886820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-10 10:28 - 2013-11-14 08:11 - 00807630 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-10 10:28 - 2013-11-14 08:11 - 00177182 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-10 10:25 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-10 10:23 - 2013-12-24 17:22 - 00000000 ___DO C:\Users\Rudolf\SkyDrive
2016-02-09 23:51 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Heinz
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieUserList
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieSiteList
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieBrowserModeList
2016-02-09 22:53 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-09 22:40 - 2015-12-26 17:55 - 00000851 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-02-09 22:40 - 2015-12-26 17:55 - 00000789 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-02-09 22:40 - 2015-11-23 13:04 - 00000777 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-02-09 22:40 - 2015-11-23 13:04 - 00000777 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-02-09 22:40 - 2015-11-21 17:13 - 00001017 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-02-09 22:40 - 2015-10-31 11:47 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-09 22:40 - 2015-10-31 11:47 - 00002075 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-02-09 22:40 - 2015-09-26 14:47 - 00001556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-02-09 22:40 - 2015-09-26 14:35 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002779 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002719 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002687 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002649 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2016-02-09 22:40 - 2015-07-15 21:55 - 00002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-02-09 22:40 - 2015-05-30 10:37 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-09 22:40 - 2015-04-20 14:37 - 00000707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-02-09 22:40 - 2015-02-22 19:36 - 00001096 _____ C:\Users\Public\Desktop\paint.net.lnk
2016-02-09 22:40 - 2015-02-08 17:33 - 00002597 _____ C:\Users\Public\Desktop\WorldWide Telescope.lnk
2016-02-09 22:40 - 2015-01-31 12:52 - 00000823 _____ C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk
2016-02-09 22:40 - 2015-01-31 11:04 - 00001122 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-02-09 22:40 - 2014-12-26 22:10 - 00001142 _____ C:\Users\Public\Desktop\Free Dailymotion Download.lnk
2016-02-09 22:40 - 2014-08-13 15:59 - 00001989 _____ C:\Users\Public\Desktop\FinePixViewer.lnk
2016-02-09 22:40 - 2014-08-07 15:19 - 00001895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-02-09 22:40 - 2014-08-07 15:05 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-02-09 22:40 - 2014-08-05 08:11 - 00001109 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2016-02-09 22:40 - 2014-08-05 08:11 - 00000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2016-02-09 22:40 - 2014-05-17 16:09 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.1.lnk
2016-02-09 22:40 - 2014-05-17 16:09 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.1.lnk
2016-02-09 22:40 - 2014-04-23 15:11 - 00000784 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64bits.lnk
2016-02-09 22:40 - 2014-01-28 16:34 - 00002089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-02-09 22:40 - 2014-01-28 16:33 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
2016-02-09 22:40 - 2013-12-25 18:13 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-09 22:40 - 2013-12-25 18:13 - 00001171 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-09 22:40 - 2013-12-22 13:37 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-09 22:40 - 2013-12-22 00:26 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00001885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk
2016-02-09 22:40 - 2013-12-21 15:10 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 5.0.lnk
2016-02-09 22:40 - 2013-12-21 15:04 - 00002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-02-09 22:40 - 2013-12-21 15:03 - 00000765 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS2.lnk
2016-02-09 22:40 - 2013-12-20 16:36 - 00000717 _____ C:\Users\Public\Desktop\WinRAR 3.93.lnk
2016-02-09 22:40 - 2013-12-19 17:02 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-09 22:40 - 2013-09-17 17:06 - 00001927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-02-09 22:39 - 2015-12-18 16:14 - 00000760 _____ C:\Users\Rudolf\Desktop\jEdit.lnk
2016-02-09 22:39 - 2015-11-21 17:31 - 00000877 _____ C:\Users\Rudolf\Desktop\Any Video Converter.lnk
2016-02-09 22:39 - 2015-11-21 16:07 - 00000675 _____ C:\Users\Rudolf\Desktop\Nmap - Zenmap GUI.lnk
2016-02-09 22:39 - 2015-07-22 16:57 - 00001216 _____ C:\Users\Rudolf\Desktop\CrystalDiskInfo.lnk
2016-02-09 22:39 - 2014-10-31 10:42 - 00001178 _____ C:\Users\Rudolf\Desktop\Calculator.lnk
2016-02-09 22:39 - 2014-10-31 10:35 - 00002083 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2016-02-09 22:39 - 2014-08-07 15:19 - 00000787 _____ C:\Users\Rudolf\Desktop\DVD slideshow GUI.lnk
2016-02-09 22:39 - 2014-08-05 08:11 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2016-02-09 22:39 - 2013-12-22 13:54 - 00001468 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-09 22:39 - 2013-12-21 21:33 - 00001096 _____ C:\Users\Rudolf\Desktop\RegEdit.lnk
2016-02-09 22:39 - 2013-12-20 20:34 - 00000805 _____ C:\Users\Rudolf\Desktop\ACDSee Trial Version.lnk
2016-02-06 16:03 - 2013-12-21 18:01 - 00000028 _____ C:\WINDOWS\OutLog.txt
2016-02-06 16:03 - 2013-12-21 18:01 - 00000000 _____ C:\WINDOWS\BcdLog.txt
2016-02-06 13:01 - 2013-12-22 12:50 - 00318368 _____ C:\Users\Heinz\AppData\Roaming\GDIPFONTCACHEV1.DAT
2016-02-03 19:34 - 2013-12-26 15:10 - 00000000 ____D C:\Users\Heinz\dwhelper
2016-02-02 16:44 - 2015-11-21 17:13 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Foxit Software
2016-02-02 03:37 - 2013-08-22 16:38 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-31 13:02 - 2014-02-08 22:26 - 00000376 _____ C:\Users\Heinz\Desktop\Live Anmelden.url
2016-01-30 23:41 - 2013-12-22 11:17 - 00000000 ____D C:\Users\Heinz\AppData\Local\Eraser 6
2016-01-28 18:59 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Rudolf
2016-01-27 18:15 - 2015-07-17 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2016-01-26 22:54 - 2013-12-21 15:23 - 00000000 ____D C:\TEMP
2016-01-26 21:05 - 2015-11-28 13:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-26 16:19 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-01-26 16:19 - 2014-01-02 16:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-26 16:19 - 2013-12-22 13:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-01-26 16:15 - 2015-09-26 15:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-01-26 16:14 - 2015-09-26 14:46 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2016-01-26 11:20 - 2015-11-21 16:07 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2016-01-26 11:20 - 2013-12-21 21:18 - 00000000 ____D C:\ProgramData\FLEXnet
2016-01-26 11:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2016-01-25 17:29 - 2014-10-30 12:03 - 00000000 ____D C:\Users\Rudolf\AppData\Local\ElevatedDiagnostics
2016-01-22 02:07 - 2015-01-31 11:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\vlc
2016-01-17 14:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-01-14 16:26 - 2013-12-22 00:10 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Notepad++
2016-01-13 00:23 - 2015-03-11 23:47 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-12 20:40 - 2013-12-19 21:41 - 00001576 _____ C:\Users\Heinz\Desktop\Win Media Player.lnk
2016-01-11 23:37 - 2014-01-02 16:16 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2016-01-11 23:37 - 2014-01-02 16:16 - 00000000 ____D C:\WINDOWS\system32\1033
2016-01-11 23:37 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-11 23:36 - 2015-12-18 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jEdit 5.3.0
2016-01-11 23:36 - 2015-09-26 14:50 - 00000000 ____D C:\Program Files\IIS Express
2016-01-11 23:36 - 2015-09-26 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2016-01-11 23:36 - 2014-01-01 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2016-01-11 23:35 - 2015-09-26 14:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2016-01-11 23:35 - 2013-12-19 17:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-11 23:34 - 2015-09-26 14:50 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-01-11 23:34 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2016-01-11 23:30 - 2016-01-03 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinImage
2016-01-11 23:01 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2016-01-11 22:56 - 2015-09-26 14:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-01-11 22:50 - 2014-01-02 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-26 22:06 - 2015-07-28 21:44 - 0009216 _____ () C:\Users\Heinz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-27 20:52 - 2015-11-27 20:52 - 0001516 _____ () C:\Users\Heinz\AppData\Local\recently-used.xbel
2013-12-21 15:57 - 2015-01-28 12:41 - 0016515 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Heinz\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Heinz\AppData\Local\Temp\npp.6.7.8.2.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.1.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.6.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.8.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\TubeItUpdater.exe
C:\Users\Heinz\AppData\Local\Temp\WatermarkImageSetup.3.5.1.5.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator
==================== Ende von FRST.txt ============================
[/CODE] |
|
11.02.2016, 22:24
| #17 |
| | "nbi cleaner" ist wieder/noch da Der Text, den Sie eingegeben haben, besteht aus 123693 Zeichen und ist damit zu lang. Bitte die Logs auf mehrere Beiträge aufspalten mit maximaler Länge von 120000 Zeichen.
__________________Malwarebytes Admin - 27.01.2016 -1 Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 27.01.2016 Suchlaufzeit: 10:42 Protokolldatei: Anti-Malware-erkannte.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.27.02 Rootkit-Datenbank: v2016.01.20.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Rudolf Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 536834 Abgelaufene Zeit: 38 Min., 18 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 3 PUP.Optional.Elex, C:\ProgramData\IePluginService\PluginService.exe, 1136, , [7b23bc82c2d706302260ae82a8594db3] PUP.Optional.Amonetize, C:\Windows\SysWOW64\nethtsrv.exe, 2040, , [960875c9efaa32048fb114ecfc05748c] PUP.Optional.Amonetize, C:\Windows\SysWOW64\netupdsrv.exe, 1848, , [ecb2f7472a6fe650e15e15eb1be649b7] Module: 1 PUP.Optional.NextLive, C:\Users\Rudolf\AppData\Roaming\newnext.me\nengine.dll, , [c4da4df1cdccc4720ce3a88ebd44659b], Registrierungsschlüssel: 73 PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, , [7b23bc82c2d706302260ae82a8594db3], PUP.Optional.Amonetize, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetHttpService, , [960875c9efaa32048fb114ecfc05748c], PUP.Optional.Amonetize, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ServiceUpdater, , [ecb2f7472a6fe650e15e15eb1be649b7], PUP.Optional.NetFilter, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\nethfdrv, , [c6d8b08e36637fb759c4161580805fa1], PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, , [4b538eb0386112240c636a2025ddeb15], PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, , [4b538eb0386112240c636a2025ddeb15], PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, , [4b538eb0386112240c636a2025ddeb15], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{117270FA-48AC-45BB-9171-B63D1B42A910}, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\dream.capture.1, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\dream.capture, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\dream.capture, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\dream.capture, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\dream.capture.1, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\dream.capture.1, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{117270FA-48AC-45BB-9171-B63D1B42A910}, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Software.Updater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd.1, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Updater.AmiUpd, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd.1, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Updater.AmiUpd.1, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Software.Updater, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4}, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\TYPELIB\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\INTERFACE\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\AmiBs.Installer.1, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\AmiBs.Installer, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\AmiBs.Installer, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\AmiBs.Installer, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\CLASSES\AmiBs.Installer.1, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\AmiBs.Installer.1, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4}, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.MySearchDial, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, , [2d713d010495999d5465d1b623dfe61a], PUP.Optional.MySearchDial, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [2d713d010495999d5465d1b623dfe61a], PUP.Optional.MySearchDial, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [2d713d010495999d5465d1b623dfe61a], PUP.Optional.MySearchDial, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [2d713d010495999d5465d1b623dfe61a], PUP.Optional.MySearchDial, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, , [2d713d010495999d5465d1b623dfe61a], PUP.Optional.MySearchDial, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [9a0471cdfb9e03330cab2067e12109f7], PUP.Optional.MySearchDial, HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [9a0471cdfb9e03330cab2067e12109f7], PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [9a0471cdfb9e03330cab2067e12109f7], PUP.Optional.Amonetize, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}, , [5945e856d8c1290ddd82210a53adce32], PUP.Optional.OffersWizard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\inethnfd, , [98066dd10f8a32042b9508d551b2ff01], PUP.Optional.Qone8.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [45592b133a5fa096a80ad628cb38d42c], PUP.Optional.SoftwareUpdater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AmiUpdXp, , [0b9336085f3ad0669ead80a7c63efe02], PUP.Optional.Qone8.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\qone8Software, , [841aa29c15843afcdb006f2ca85b5aa6], PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\supTab, , [4b53a09ec4d53501735087b054b008f8], PUP.Optional.MySearchDial, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [e2bcbd812a6f0f2776f6e0fc699ad32d], PUP.Optional.Qone8.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [d3cb73cbd1c8ae88ab077a845da6bf41], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, , [920c2e10c4d5c86e5813e94b778df20e], PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, , [d9c52618019854e27b6cce242ad89769], PUP.Optional.IEPluginServices, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginService, , [eeb0ec527a1f1a1cad62844dde25ea16], PUP.Optional.InstallCore, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\InstallCore, , [3c6268d6eeabc472a4f59141c83bd12f], PUP.Optional.PassShow, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\APPDATALOW\SOFTWARE\PassShow, , [a4fa57e74554b97d50adad3157ac3dc3], PUP.Optional.MySearchDial, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF967C35-04B2-4421-9EB3-506D32062635}, , [fea05fdf0396cc6a3137d507ba4937c9], PUP.Optional.Qone8.ShrtCln, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [e5b9cd71fa9f2016149d6e90e51efc04], PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\SEARCHPROTECTINT, , [d5c9b68876239e98f9663bf99074f50b], Registrierungswerte: 18 PUP.Optional.NextLive, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Rudolf\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, , [c4da4df1cdccc4720ce3a88ebd44659b] PUP.Optional.NextLive, HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Rudolf\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, , [c4da4df1cdccc4720ce3a88ebd44659b] PUP.Optional.Qone8.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms}, , [45592b133a5fa096a80ad628cb38d42c] PUP.Optional.Qone8.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms}, , [d3cb73cbd1c8ae88ab077a845da6bf41] PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, , [920c2e10c4d5c86e5813e94b778df20e] PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, kmp, , [97070b330c8d8fa7199c31bc07fc936d] PUP.Optional.NetworkUpdate, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NETHTTPSERVICE|ImagePath, C:\WINDOWS\SysWOW64\nethtsrv.exe, , [3965f44a0d8c61d5469de1fb8e75718f] PUP.Optional.NetworkUpdate, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVICEUPDATER|ImagePath, C:\WINDOWS\SysWOW64\netupdsrv.exe, , [c7d7ae90dbbe0d293ca8518b53b044bc] PUP.Optional.SofTonic, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}|URL, hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=089e8b120000000000007427ea2d679e&r=343, , [0f8f013d6e2b74c204c35496768ddd23] PUP.Optional.SofTonic, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}|FaviconURL, hxxp://search.softonic.com/favicon.ico, , [f8a6b8864f4a7db9e6e1fceefa0947b9] PUP.Optional.MySearchDial, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF967C35-04B2-4421-9EB3-506D32062635}|URL, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0AtB0DyCyBzy0Ezz0BtCtBtN0D0Tzu0SyBtBtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=621360738&ir=, , [fea05fdf0396cc6a3137d507ba4937c9] PUP.Optional.MySearchDial, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF967C35-04B2-4421-9EB3-506D32062635}|TopResultURLFallback, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0AtB0DyCyBzy0Ezz0BtCtBtN0D0Tzu0SyBtBtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=621360738&ir=, , [3e60eb530396c47238304a929a69d52b] PUP.Optional.MySearchDial, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF967C35-04B2-4421-9EB3-506D32062635}|FaviconURL, hxxp://start.mysearchdial.com/favicon.ico, , [910d3e001a7fe551fa6ec7158380ce32] PUP.Optional.MySearchDial, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF967C35-04B2-4421-9EB3-506D32062635}|FaviconURLFallback, hxxp://start.mysearchdial.com/favicon.ico, , [762871cdb0e9c3734127914b24df629e] PUP.Optional.MySearchDial, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF967C35-04B2-4421-9EB3-506D32062635}, Mysearchdial, , [326cbe809dfc7abc0d5bb12bab58639d] PUP.Optional.MySearchDial, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{CF967C35-04B2-4421-9EB3-506D32062635}|DisplayName, Mysearchdial, , [009e2816abeef93db0b85b818b78629e] PUP.Optional.Qone8.ShrtCln, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms}, , [e5b9cd71fa9f2016149d6e90e51efc04] PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\SEARCHPROTECTINT|Install, 1, , [d5c9b68876239e98f9663bf99074f50b] Registrierungsdaten: 11 PUP.Optional.Qone8, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8),,[851943fbb4e5f541f200b2120301629e] Hijack.StartPage, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8, Gut: (www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8),,[98063c028a0f3ff77293f3cc768eb54b] Hijack.StartPage, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8, Gut: (www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8),,[acf22816a1f854e229dc9a2582829b65] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[722c8eb00099da5cf300952f48bc1ee2] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8),,[cfcfec52366364d2797918ac41c342be] Hijack.StartPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8, Gut: (www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8),,[d0ce92ac44553006c83d6e51cc386d93] Hijack.StartPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8, Gut: (www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8),,[9b0315295d3c85b10302d8e71fe5dc24] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[a2fc5ce27722f54139ba5272e51fae52] Hijack.StartPage, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8, Gut: (www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8),,[edb1ce70dfbafe388383ac13e024649c] Hijack.StartPage, HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8, Gut: (www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8),,[5846f04ed4c5c472cb3b27981aea50b0] Hijack.StartPage, HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8, Gut: (www.google.com), Schlecht: (hxxp://start.qone8.com/?type=hp&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8),,[2c7243fb9405d85ee620209f669e738d] Ordner: 144 PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\5745, , [edb186b85544999d7cdbeff37e8431cf], PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\19807, , [16882a14f3a6fa3c9bff677bbe4460a0], PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\29661, , [3d6182bc940554e2fd9d30b2748e01ff], PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config, , [98066dd10f8a32042b9508d551b2ff01], PUP.Optional.Software.Updater, C:\Users\Rudolf\AppData\Local\SwvUpdater, , [6b3345f91e7ba294d4ebd623fa09f10f], PUP.Optional.OpenCandy, C:\Users\Rudolf\AppData\Roaming\OpenCandy, , [287657e7a3f6a3935f2a821f70922dd3], PUP.Optional.OpenCandy, C:\Users\Rudolf\AppData\Roaming\OpenCandy\2045FE95DE0D4ADFBD46ADB579980859, , [287657e7a3f6a3935f2a821f70922dd3], PUP.Optional.OpenCandy, C:\Users\Rudolf\AppData\Roaming\OpenCandy\25AF8F2356484EB899505F54C9DBA74C, , [287657e7a3f6a3935f2a821f70922dd3], PUP.Optional.OpenCandy, C:\Users\Rudolf\AppData\Roaming\OpenCandy\7C2D65EF0DFA42E19B6B13DC814FC5D5, , [287657e7a3f6a3935f2a821f70922dd3], PUP.Optional.SystemSpeedup, C:\Users\Rudolf\AppData\Roaming\Systweak\ssd, , [5a44ca747722ef47839e81246a9814ec], PUP.Optional.IEPluginService, C:\ProgramData\IePluginService, , [613d19255445a690d913edd136cc9967], PUP.Optional.IEPluginService, C:\ProgramData\IePluginService\update, , [613d19255445a690d913edd136cc9967], PUP.Optional.MySpeedDial, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff, , [e9b55be3f5a454e26ba62e97788ac040], PUP.Optional.NextLive, C:\Users\Heinz\AppData\Roaming\newnext.me, , [d4ca4bf3fc9dac8a7bdbcef7768c9f61], PUP.Optional.NextLive, C:\Users\Heinz\AppData\Roaming\newnext.me\cache, , [d4ca4bf3fc9dac8a7bdbcef7768c9f61], PUP.Optional.NextLive, C:\Users\Rudolf\AppData\Roaming\newnext.me, , [277754ea7d1c310572e48045867c28d8], PUP.Optional.NextLive, C:\Users\Rudolf\AppData\Roaming\newnext.me\cache, , [277754ea7d1c310572e48045867c28d8], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\en, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es_419, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-BE, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CA, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CH, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-LU, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it-CH, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pl, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt_BR, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru-MO, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\tr, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\vi, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_CN, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_TW, , [f5a9e05ea2f72b0b32f29a2e1ce6649c], PUP.Optional.SupTab, C:\Users\Rudolf\AppData\Roaming\SupTab, , [613d87b73e5b63d319d0468755ad39c7], PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp, , [039b93abb6e3092dc6ffdaf623df49b7], PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0, , [039b93abb6e3092dc6ffdaf623df49b7], PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\html, , [039b93abb6e3092dc6ffdaf623df49b7], PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\js, , [039b93abb6e3092dc6ffdaf623df49b7], PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins, , [039b93abb6e3092dc6ffdaf623df49b7], PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0, , [039b93abb6e3092dc6ffdaf623df49b7], PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\html, , [039b93abb6e3092dc6ffdaf623df49b7], PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\js, , [039b93abb6e3092dc6ffdaf623df49b7], PUP.Optional.ASK.Gen, C:\Users\Rudolf\AppData\Local\Temp\APN-Stub, , [efafcf6f0d8cb2843749e9ed13eff10f], PUP.Optional.ASK.Gen, C:\Users\Rudolf\AppData\Local\Temp\APN-Stub\Unknown, , [efafcf6f0d8cb2843749e9ed13eff10f], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\SearchProtect, , [9fff29154c4d1a1ca56ee3f506fca65a], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\SearchProtect\Logs, , [9fff29154c4d1a1ca56ee3f506fca65a], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\SearchProtect\SearchProtect, , [9fff29154c4d1a1ca56ee3f506fca65a], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\SearchProtect\SearchProtect\rep, , [9fff29154c4d1a1ca56ee3f506fca65a], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\SearchProtect\SearchProtect\STG, , [9fff29154c4d1a1ca56ee3f506fca65a], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\SysWOW64\SearchProtect, , [ddc153ebcdcc52e4da41fbdded15758b], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\SysWOW64\SearchProtect\Logs, , [ddc153ebcdcc52e4da41fbdded15758b], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\adapter, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\abstractbutton, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\abstractbutton\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\alert, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\alert\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedhtml, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedhtml\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedhtml\html, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedhtml\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedscript, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedscript\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedscript\html, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedscript\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\flare, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\flare\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\flare\icons, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\generic, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\generic\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\link, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\link\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\css, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\html, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\images, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\rss, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\rss\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\thirdparty, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\thirdparty\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\uninstall, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\uninstall\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\weather, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\weather\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\common, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\radio, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\radio\css, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\radio\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\rss, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\rss\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\test, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\topapps, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\topapps\css, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\topapps\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\weather, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\weather\css, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\weather\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\api, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\api\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\api\window, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\moviereviews, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\moviereviews\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\moviereviews\css, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\moviereviews\html, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\moviereviews\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\radio, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\radio\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\radio\css, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\radio\foreground, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\radio\radioWrapper, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\search, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\search\background, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\search\html, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\css, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\html, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\icons, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\native, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\native\libs, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\_metadata, , [59451e208d0c2610d9b35f9135cf9868], PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn, , [59451e208d0c2610d9b35f9135cf9868], Dateien: 401 PUP.Optional.Elex, C:\ProgramData\IePluginService\PluginService.exe, , [7b23bc82c2d706302260ae82a8594db3], PUP.Optional.Amonetize, C:\Windows\SysWOW64\nethtsrv.exe, , [960875c9efaa32048fb114ecfc05748c], PUP.Optional.Amonetize, C:\Windows\SysWOW64\netupdsrv.exe, , [ecb2f7472a6fe650e15e15eb1be649b7], PUP.Optional.NextLive, C:\Users\Rudolf\AppData\Roaming\newnext.me\nengine.dll, , [c4da4df1cdccc4720ce3a88ebd44659b], PUP.Optional.NetFilter, C:\Windows\System32\drivers\nethfdrv.sys, , [c6d8b08e36637fb759c4161580805fa1], PUP.Optional.Amonetize, c:\Users\Rudolf\AppData\Local\5745\updater.exe:typelib, , [67373905eeab4ee825559df6639f7d83], PUP.Optional.Software.Updater, C:\Users\Rudolf\AppData\Local\SwvUpdater\Updater.exe, , [534b52ecc9d09b9bfc434942b052d22e], PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\Temp\is-3KGC7.tmp\sam__2268_il963.exe, , [ccd274ca940590a6d1577111b74bbc44], PUP.Optional.OpenCandy, C:\Users\Rudolf\AppData\Roaming\OpenCandy\25AF8F2356484EB899505F54C9DBA74C\Setupsft_chr_p1v7.exe, , [7d21be806a2fe2544865fc8f9e667b85], PUP.Optional.SupTab, C:\Users\Rudolf\AppData\Roaming\SupTab\SupTab.dll, , [f3abc876782155e17fc3d559b84828d8], PUP.Optional.RegCleanPro, C:\Windows\System32\roboot64.exe, , [2f6f201e9affcb6bb1064c970400b14f], PUP.Optional.Amonetize, C:\Windows\SysWOW64\installd.exe, , [0c9299a5b6e3c37361d84b0102fffc04], PUP.Optional.NetFilter, C:\Windows\SysWOW64\hfnapi.dll, , [c6d82915554483b3536c19b3ac54c838], PUP.Optional.NetFilter, C:\Windows\SysWOW64\hfpapi.dll, , [f4aa7fbf4950f2449488e447b8487f81], PUP.Optional.OpenCandy, C:\Users\Heinz\AppData\Local\Temp\CDBurnerXP-updates\cdbxp_setup_4.5.6.5931.exe, , [86181f1fcccd59ddd582e67548ba39c7], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\Temp\nsy6CEA.exe, , [0e90d9652376b3839d4f565a48b921df], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\Temp\nsz6477.exe, , [2b73ec527920a49286662e829071c23e], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\Temp\nsl6863.exe, , [ebb394aae6b3b482e20a1a96e21f4db3], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\Temp\nsr21B5.exe, , [4f4f71cd7f1a36003ab2b1ffe71a54ac], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\Temp\nss605E.exe, , [cfcfab935b3e56e024c8812f24ddc937], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\Temp\nst6661.exe, , [fda1132b2871181e9f4dbdf347babb45], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\Temp\nsx22C0.exe, , [4d516dd16336da5c13d92e82c93811ef], PUP.Optional.MyPCBackup, C:\Users\Rudolf\AppData\Local\Temp\BackupSetup.exe, , [732bb9850e8bdd59829611d9da2aa55b], PUP.Optional.NextLive, C:\Users\Rudolf\AppData\Local\Temp\Mobogenie_Setup_INT.exe, , [1886dc62d0c94fe7836c0f2761a0ab55], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\Temp\nsc6A97.exe, , [f8a6b787b4e58ea80be1288830d131cf], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\Temp\nse6273.exe, , [fba3a6984554280ea8444d63c53ca35d], PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\Temp\nse678B.exe, , [8a14300efc9dd95d10dc317f15ec9e62], PUP.Optional.InstallCore, C:\Users\Rudolf\AppData\Local\Temp\ICReinstall_FlvPlayerSetup1-2.exe, , [7f1f75c9f2a71f170d912025758c51af], PUP.Optional.RegCleanerPro, C:\Users\Rudolf\AppData\Local\Temp\RegClean10.exe, , [712de6584c4d5bdb298f5548ed13bc44], PUP.Optional.InstallMonetizer, C:\Users\Rudolf\AppData\Local\Temp\WORLD_21_target_5830.exe, , [0b93a29c7227191dfdefe352a25f34cc], PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\Temp\zxupd4024.exe, , [217dae904c4dcf67414ca87c8c75639d], PUP.Optional.InstallMonetizer, C:\Users\Rudolf\AppData\Local\Temp\sam__2268_il963.exe, , [6638bc827a1f82b450c6eabcfa06946c], PUP.Optional.Conduit, C:\Users\Rudolf\AppData\Local\Temp\SearchProtectINT.exe, , [336b6ed07d1cb97d3429171c35cc7888], PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\Temp\upd45807.exe, , [128c97a73c5d0432b2ad919a54ac37c9], PUP.Optional.Conduit, C:\Users\Rudolf\AppData\Local\Temp\nsl1AAA\SpSetup.exe, , [ecb2d866aaef1d19bfa15cd729d86c94], Backdoor.Bot, C:\Users\Rudolf\AppData\Local\Temp\b0c4724b-8cf5-4c7d-8b54-d34f2bbc27d9\android.exe, , [faa46dd16e2b47efb646eacda15fdc24], PUP.Optional.Conduit, C:\Users\Rudolf\AppData\Local\Temp\b0c4724b-8cf5-4c7d-8b54-d34f2bbc27d9\spidentifierimpl.exe, , [faa455e9c2d794a289d551e2857c9868], PUP.Optional.SkyTech, C:\Users\Rudolf\AppData\Local\Temp\fullpackage_temp1398545647\alilog.dll, , [326c94aa07929a9c67e6f444f1102ad6], PUP.Optional.V9.ShrtCln, C:\Users\Rudolf\AppData\Local\Temp\fullpackage_temp1398545647\qSE.exe, , [b3eb37079cfd082e3b3d1cf7ed13639d], PUP.Optional.Elex, C:\Users\Rudolf\AppData\Local\Temp\fullpackage_temp1398545647\tmp\SupTab.exe, , [69355ee0c4d5cb6bb1d1dc5437caef11], Backdoor.Bot, C:\Users\Rudolf\AppData\Local\Temp\android\android.exe, , [6a34f54986133afce3199f184eb243bd], PUP.Optional.InstallMonetizer, C:\Users\Rudolf\AppData\Local\Temp\is-ISGK0.tmp\sam__2268_il104.exe, , [e9b5cc7297022511090d881e23ddfe02], PUP.Optional.OpenCandy, C:\Users\Rudolf\AppData\Local\Temp\is-TMKMV.tmp\OCSetupHlp.dll, , [128c340ac8d11125875610ccc0448878], PUP.Optional.InstallCore, C:\Users\Rudolf\AppData\Local\Temp\is1242154493\28684969_stp.EXE, , [237b5fdfb7e23105bcc5031711f17e82], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nse4A0F.exe, , [e4ba3d013d5c14225993c8e823de4db3], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nseC878.exe, , [0e908cb2d4c52e0844a803ad02ff4fb1], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nseFD94.exe, , [d0ce64da60392610ad3f9917758c4eb2], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsfE6EF.exe, , [900eb6882970979f787410a017ea2ed2], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nshDB46.exe, , [396581bdcccde254a844fdb3cc35fe02], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsm83F0.exe, , [3767cd71d3c676c09f4dc5ebcb361be5], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsn5282.exe, , [ecb2a39b8b0eff378b61139dac55d42c], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsp146.exe, , [68366ad45d3cb77f42aa951b8d748779], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nspC869.exe, , [4a54c975a4f595a18765bcf45fa22bd5], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsqD9C7.exe, , [d2cc2e107a1f85b1eb01d5db679a966a], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsqFE4F.exe, , [75290836ddbc7db9bc30218fc33e5fa1], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsr2A52.exe, , [c9d51f1fa8f192a4d814238d25dc7987], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nssDEA0.exe, , [b1ed4af4831663d3ec00ddd38d741ae6], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nstC62F.exe, , [fca21e20c7d22e085f8d4f6144bd05fb], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nstC630.exe, , [d9c50d310e8b072f37b508a8d03129d7], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nstEE81.exe, , [148a8bb3346569cd8c601997ce336f91], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsu248F.exe, , [a9f5300e43561c1a53998d23867b6a96], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsu99B2.exe, , [c4da8ab4b9e00d295d8fb2fe5ea314ec], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsv2838.exe, , [138b102ed7c261d5a646704005fcea16], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsv408F.exe, , [2f6f2618aaef5ed8bf2d456b728ff30d], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsv4090.exe, , [950970ce0d8c9a9c08e4c0f036cb39c7], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsv4EC8.exe, , [247a92acd8c182b4b33939776b9622de], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsx9304.exe, , [3d614bf302971a1c717b05ab59a807f9], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsyDEFF.exe, , [7e2068d6dbbe85b15498eac6e0215da3], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsz91C0.exe, , [dbc349f56336c07601eb6c4440c136ca], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsa59FD.exe, , [e2bc241a4a4fc670d01cb8f8b44d7e82], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsaD6F9.exe, , [c3db7ac47f1ac86e915b3878e41d6e92], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsc1F00.exe, , [e4ba27174d4c999d67856f41ef1249b7], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsq564C.exe, , [fba3ef4f099040f66587e3cd1be6758b], PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsc1F01.exe, , [861842fcd1c8c571e70505abbf4239c7], PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\5745\Updater.exe, , [5945e856d8c1290ddd82210a53adce32], PUP.Optional.NextLive, C:\Users\Rudolf\AppData\Local\genienext\nengine.dll, , [aaf461dd2e6b43f3d01f9e98dc25fd03], PUP.Optional.StartPage24, C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\ffext_basicvideoext@startpage24.xpi, , [3965013de6b3f93dfc31647dad55ec14], PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\5745\status.cfg, , [edb186b85544999d7cdbeff37e8431cf], PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\5745\Updater.xml, , [edb186b85544999d7cdbeff37e8431cf], PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\19807\Updater.xml, , [16882a14f3a6fa3c9bff677bbe4460a0], PUP.Optional.Amonetize, C:\Users\Rudolf\AppData\Local\29661\Updater.xml, , [3d6182bc940554e2fd9d30b2748e01ff], PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config\ver.xml, , [98066dd10f8a32042b9508d551b2ff01], PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config\data.xml, , [98066dd10f8a32042b9508d551b2ff01], PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, , [98066dd10f8a32042b9508d551b2ff01], PUP.Optional.Software.Updater, C:\Users\Rudolf\AppData\Local\SwvUpdater\Updater.xml, , [6b3345f91e7ba294d4ebd623fa09f10f], PUP.Optional.Software.Updater, C:\Users\Rudolf\AppData\Local\SwvUpdater\status.cfg, , [6b3345f91e7ba294d4ebd623fa09f10f], PUP.Optional.SoftwareUpdater, C:\Windows\Tasks\AmiUpdXp.job, , [b6e8b78780198aacbf897cab64a0a957], PUP.Optional.SoftwareUpdater.A, C:\Windows\System32\Tasks\AmiUpdXp, , [3b631a24772259dd1139bb6cd034c040], PUP.Optional.LSHAREit.Trace, C:\awh770C.tmp, , [fea07fbf60394cea1dbcbe7a8c78b14f], PUP.Optional.LSHAREit.Trace, C:\awhC648.tmp, , [27772d1189101224c217172111f3629e], PUP.Optional.LSHAREit.Trace, C:\awhF98E.tmp, , [a3fbab93bedb06305a7fde5a18ec7888], PUP.Optional.OpenCandy, C:\Users\Rudolf\AppData\Roaming\OpenCandy\2045FE95DE0D4ADFBD46ADB579980859\LenovoSHAREit2.2.2-42715.exe, , [287657e7a3f6a3935f2a821f70922dd3], PUP.Optional.OpenCandy, C:\Users\Rudolf\AppData\Roaming\OpenCandy\7C2D65EF0DFA42E19B6B13DC814FC5D5\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe, , [287657e7a3f6a3935f2a821f70922dd3], PUP.Optional.SystemSpeedup, C:\Users\Rudolf\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, , [5a44ca747722ef47839e81246a9814ec], PUP.Optional.IEPluginService, C:\ProgramData\IePluginService\update\PluginUpdate.exe, , [613d19255445a690d913edd136cc9967], PUP.Optional.MySpeedDial, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\000003.log, , [e9b55be3f5a454e26ba62e97788ac040], PUP.Optional.MySpeedDial, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\CURRENT, , [e9b55be3f5a454e26ba62e97788ac040], PUP.Optional.MySpeedDial, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOCK, , [e9b55be3f5a454e26ba62e97788ac040], PUP.Optional.MySpeedDial, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOG, , [e9b55be3f5a454e26ba62e97788ac040], PUP.Optional.MySpeedDial, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default |
|
11.02.2016, 22:29
| #18 |
| | "nbi cleaner" ist wieder/noch da Malwarebytes Admin - 27.01.2016 -2
__________________Code:
ATTFilter \Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\MANIFEST-000002, , [e9b55be3f5a454e26ba62e97788ac040],
PUP.Optional.NextLive, C:\Users\Heinz\AppData\Roaming\newnext.me\nengine.cookie, , [d4ca4bf3fc9dac8a7bdbcef7768c9f61],
PUP.Optional.NextLive, C:\Users\Heinz\AppData\Roaming\newnext.me\cache\spark.bin, , [d4ca4bf3fc9dac8a7bdbcef7768c9f61],
PUP.Optional.NextLive, C:\Users\Rudolf\AppData\Roaming\newnext.me\nengine.cookie, , [277754ea7d1c310572e48045867c28d8],
PUP.Optional.NextLive, C:\Users\Rudolf\AppData\Roaming\newnext.me\cache\spark.bin, , [277754ea7d1c310572e48045867c28d8],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\background.html, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\index.html, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\manifest.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\style.css, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\default_logo.png, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\icon128.png, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\icon16.png, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\icon48.png, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\loading.gif, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\search.png, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.eot, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.svg, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.ttf, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.woff, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\background.js, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\ga.js, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\inject.js, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\jquery-base.js, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\jquery.autocomplete.js, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\js.js, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\xagainit.js, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\en\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es_419\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-BE\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CA\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CH\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-LU\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it-CH\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pl\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt_BR\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru-MO\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\tr\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\vi\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_CN\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.QuickStart, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_TW\messages.json, , [f5a9e05ea2f72b0b32f29a2e1ce6649c],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\manifest.json, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\priam_icon_128x128.png, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\priam_icon_48x48.png, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\html\background.html, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\js\background.js, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\js\priam.js, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\js\priam_background.js, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\js\priam_chrome.js, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins\PriamNPAPI.dll, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\manifest.json, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\priam_icon_128x128.png, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\priam_icon_48x48.png, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\html\background.html, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\js\background.js, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\js\browserLoad.js, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\js\priam.js, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\js\priam_background.js, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.Wajam, C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.32_0\js\priam_chrome.js, , [039b93abb6e3092dc6ffdaf623df49b7],
PUP.Optional.ASK.Gen, C:\Users\Rudolf\AppData\Local\Temp\APN-Stub\Unknown\Stb0571fc50-be86-44ab-9fad-624d3dcca2b8.log, , [efafcf6f0d8cb2843749e9ed13eff10f],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, , [9fff29154c4d1a1ca56ee3f506fca65a],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\SearchProtect\SearchProtect\STG\Init_660F.tmp, , [9fff29154c4d1a1ca56ee3f506fca65a],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\SearchProtect\SearchProtect\STG\Init_665E.tmp, , [9fff29154c4d1a1ca56ee3f506fca65a],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Rudolf\AppData\Local\SearchProtect\SearchProtect\STG\Init_669D.tmp, , [9fff29154c4d1a1ca56ee3f506fca65a],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\manifest.json, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\spent.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\bg.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\buildVars, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\buildVars.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\companionSW.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\config.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\contentScript.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\contentScript.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\debug.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\debug.jade, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\extension_toolbar_api.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\initWidgetWindow.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\newTabContentScript.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\options.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\spent.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\spent.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\spent2.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\spent2.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\spentJ.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\spentK.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\spentK.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\startup.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\stub.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\stubby.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\superFrame.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\toolbar.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\toolbar.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\toolbarUI.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\toolbarUI.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\toolbarUI.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\url.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\webtooltab.cs.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\adapter\adapterUtil.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\adapter\widget-adapter.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\abstractbutton\background\abstractButton.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\alert\background\alertButton.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedhtml\background\embedHtmlWidget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedhtml\html\embedHtmlTemplate.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedhtml\js\embedHtmlUI.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedscript\background\embedScriptWidget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedscript\html\embedScriptTemplate.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\embedscript\js\embedScriptUI.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\flare\background\FlareWidget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\flare\icons\Icon_Flare_blue.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\flare\icons\Icon_Flare_pink.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\flare\icons\Thumbs.db, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\generic\background\GenericWidget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\link\background\linkButton.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\README.txt, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\background\menuButton.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\css\menuframe.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\html\menuframe.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\images\right_arrow.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\images\right_arrow_white.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\js\jquery-1.7.1.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\js\menuframe.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\js\query-string.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\menu\js\underscore-1.3.1.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\rss\background\RssWidget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\thirdparty\background\thirdPartyWidget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\uninstall\background\uninstallButton.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\components\weather\background\weatherButton.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\bs.30.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\common.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\dynamic.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\enableDetect.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\eventListening.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\global.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\jquery-1.7.1.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\list-interaction.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\messageEventListener.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\navRedirector.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\paramReplacer.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\PartnerId.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\set.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\underscore-1.3.1.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\underscore-1.5.2.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\js\unifiedLogging.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widget-context-1.0.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\common\common.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\common\eventListening.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\common\list-interaction.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\common\set.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\radio\radio-widget.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\radio\css\radio-widget.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\radio\js\radio-custom.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\radio\js\radio-parser.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\radio\js\radio-widget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\rss\rssWidget.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\rss\js\rss-widget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\test\invalid.json, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\test\jquery.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\test\qunit.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\test\qunit.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\test\resource.json, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\test\resource.xml, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\test\testWidget.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\test\testWidget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\topapps\widget.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\topapps\css\widget.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\topapps\js\topapps-config.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\topapps\js\widget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\weather\weatherButton.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\weather\css\weatherButton.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\common\widget-api\widgets\weather\js\weather.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\api\background\ApiBasedWidget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\api\background\widget-api-impl.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\api\window\hiddenWidgetWindow.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\api\window\hiddenWidgetWindow.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\api\window\hiddenWidgetWindowInit.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\api\window\widgetWindow.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\api\window\widgetWindow.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\background\updateSearch.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\background\updateSearchPromptBg.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground\07_buttons2.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground\08_buttons2.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground\defaultSearchModal.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground\tvf_btn_ok.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground\tvf_btn_ok2.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground\tvf_restart_icon.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\defaultSearch\foreground\updateSearchPromptFg.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\moviereviews\background\MovieReviewsWidget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\moviereviews\css\movieReviews.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\moviereviews\html\movieReviews.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\moviereviews\js\movieReviews.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\radio\background\RadioWidget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\radio\css\toolbar-item.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\radio\foreground\button.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\radio\radioWrapper\radioWrapper.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\radio\radioWrapper\radioWrapper.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\search\background\searchBox.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\search\html\searchSuggestions.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\search\html\searchSuggestions.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\search\html\searchSuggestions.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\search\html\searchSuggestionsInit.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\css\supertab.css, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\html\supertab.html, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\js\newtabfork.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\js\reporting.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\js\srchsugg.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\js\supertab.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\js\unifiedLogging.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\components\supertab\js\__utm.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\icons\arrowSprite.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\icons\icon128.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\icons\icon16.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\icons\icon19disabled.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\icons\icon19on.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\icons\icon48.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\icons\tb_icon_search_disappearing_ask.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\223755644.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\223755648.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\223755663.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\223755667.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\223755676.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\223755698.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\224383989.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\down_arrow.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\IDR_PRODUCT_LOGO_16.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\IDR_WEBSTORE_ICON.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\magnifying_glass.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\RadioPlayerSprite.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\search_button.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\tvf_icon_guide.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\tvf_logo.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\images\wrench.png, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\chromeUtils.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\exeManager.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\exeManagerNMD.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\exePackageManager.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\focusManager.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\globalBlacklistManager.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\messaging.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\mutation_summary-min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\mutation_summary.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\nativeMessagingDispatcher.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\newTabInfo.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\newTabInitialize.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\options.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\readLocalStorage.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\reservespacefortoolbar.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\reservespaceifenabled.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\scriptInjector.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\searchContext.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\settingsOverrides.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\toolbarCookieParser.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\toolbarPreinit.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\underscore-1.3.1.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\URILoaderContentScript.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\webTooltabAPI.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\Widget.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\widgetContentScriptInjectee.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\widgetFactory.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\js\widgetWindowManager.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\native\cache.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\native\ce.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\native\debug.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\native\ss.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\native\libs\jquery-1.7.1.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\native\libs\jquery-1.9.1.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\native\libs\underscore-1.5.2.min.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\activePing.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\buttonLogger.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\competitorDnsList.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\console.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\FFPreferencesPersister.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\httpTransport.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\HttpURL.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\internationalSearch.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\LocalStoragePersister.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\MindsparkGlobal.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\MindsparkGlobal.unitTest.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\MindsparkGlobalNotes.txt, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\rsvp-latest.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\searchSuggestLocale.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\testHttpTransport.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\unifiedLogger.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\unifiedLogging.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\universalConsole.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\shared\utils.js, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\_metadata\computed_hashes.json, , [59451e208d0c2610d9b35f9135cf9868],
PUP.Optional.MindSpark, C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn\12.19.8.48470_0\_metadata\verified_contents.json, , [59451e208d0c2610d9b35f9135cf9868],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 27.01.2016 Suchlaufzeit: 18:33 Protokolldatei: Malwarebytes_27-1-2016_19-10.txt Administrator: Nein Version: 2.2.0.1024 Malware-Datenbank: v2016.01.27.05 Rootkit-Datenbank: v2016.01.20.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Lips Tullian Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 433689 Abgelaufene Zeit: 26 Min., 5 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 28.01.2016 Suchlaufzeit: 13:06 Protokolldatei: Malwartebytes_28-1-2016_13-35.txt Administrator: Nein Version: 2.2.0.1024 Malware-Datenbank: v2016.01.28.03 Rootkit-Datenbank: v2016.01.20.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Heinz Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 433600 Abgelaufene Zeit: 25 Min., 3 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.02.2016 Suchlaufzeit: 11:13 Protokolldatei: Malwartebytes_2-2-2016_11-48.txt Administrator: Nein Version: 2.2.0.1024 Malware-Datenbank: v2016.02.02.01 Rootkit-Datenbank: v2016.01.20.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Heinz Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 434239 Abgelaufene Zeit: 30 Min., 35 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
11.02.2016, 22:34
| #19 |
| | "nbi cleaner" ist wieder/noch da TDSSKiller1 Code:
ATTFilter 16:31:34.0155 0x141c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
16:31:34.0155 0x141c UEFI system
16:31:38.0186 0x141c ============================================================
16:31:38.0186 0x141c Current date / time: 2016/02/02 16:31:38.0186
16:31:38.0186 0x141c SystemInfo:
16:31:38.0186 0x141c
16:31:38.0186 0x141c OS Version: 6.3.9600 ServicePack: 0.0
16:31:38.0186 0x141c Product type: Workstation
16:31:38.0186 0x141c ComputerName: PANDORA
16:31:38.0186 0x141c UserName: RudolfAlexander
16:31:38.0186 0x141c Windows directory: C:\WINDOWS
16:31:38.0186 0x141c System windows directory: C:\WINDOWS
16:31:38.0186 0x141c Running under WOW64
16:31:38.0186 0x141c Processor architecture: Intel x64
16:31:38.0186 0x141c Number of processors: 4
16:31:38.0186 0x141c Page size: 0x1000
16:31:38.0186 0x141c Boot type: Normal boot
16:31:38.0186 0x141c ============================================================
16:31:38.0186 0x141c BG loaded
16:31:38.0936 0x141c System UUID: {40227DEC-E4A1-82DB-21C8-4BC061EBCAB4}
16:31:39.0624 0x141c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:31:39.0640 0x141c Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:31:39.0640 0x141c ============================================================
16:31:39.0640 0x141c \Device\Harddisk0\DR0:
16:31:39.0640 0x141c GPT partitions:
16:31:39.0640 0x141c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A3D8D5E5-A985-4072-B5CD-4718B364900F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
16:31:39.0640 0x141c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CE9B2FBF-93EA-44DD-8281-4FCDE0798894}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
16:31:39.0640 0x141c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6FB7C402-4DBB-48D5-ADA4-36B77D0B027D}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
16:31:39.0640 0x141c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B02263C1-4C0F-433D-9872-6CAA8BC19078}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x1BE82000
16:31:39.0640 0x141c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {92A1C2AC-1DDF-4015-B25E-6A85B147A626}, Name: , StartLBA 0x1C020800, BlocksNum 0xAF000
16:31:39.0640 0x141c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2FAE47B0-30E2-4477-8EB4-D6B0454D6340}, Name: Basic data partition, StartLBA 0x1C0CF800, BlocksNum 0x1C0B6800
16:31:39.0640 0x141c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {933C79F5-AB01-46A1-914C-BBA3A6F98478}, Name: Basic data partition, StartLBA 0x38186000, BlocksNum 0x2200000
16:31:39.0640 0x141c MBR partitions:
16:31:39.0640 0x141c \Device\Harddisk1\DR1:
16:31:39.0640 0x141c MBR partitions:
16:31:39.0640 0x141c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F06, BlocksNum 0xED16C60
16:31:39.0671 0x141c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xED1ABB3, BlocksNum 0xEA60903
16:31:39.0686 0x141c \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x1D77B4F5, BlocksNum 0xCD1578B
16:31:39.0702 0x141c \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x2A490CBF, BlocksNum 0xC3B5227
16:31:39.0718 0x141c \Device\Harddisk1\DR1\Partition5: MBR, Type 0xB, StartLBA 0x36845F25, BlocksNum 0x14297E5
16:31:39.0733 0x141c \Device\Harddisk1\DR1\Partition6: MBR, Type 0x7, StartLBA 0x37C6F749, BlocksNum 0x10D664C
16:31:39.0749 0x141c \Device\Harddisk1\DR1\Partition7: MBR, Type 0xB, StartLBA 0x38D45DD4, BlocksNum 0x3F7D04
16:31:39.0765 0x141c \Device\Harddisk1\DR1\Partition8: MBR, Type 0xB, StartLBA 0x3913DB17, BlocksNum 0x41B1CD
16:31:39.0765 0x141c ============================================================
16:31:39.0780 0x141c C: <-> \Device\Harddisk0\DR0\Partition4
16:31:39.0796 0x141c D: <-> \Device\Harddisk0\DR0\Partition6
16:31:39.0874 0x141c E: <-> \Device\Harddisk1\DR1\Partition1
16:31:39.0905 0x141c F: <-> \Device\Harddisk1\DR1\Partition2
16:31:39.0936 0x141c G: <-> \Device\Harddisk1\DR1\Partition3
16:31:39.0983 0x141c H: <-> \Device\Harddisk1\DR1\Partition4
16:31:39.0999 0x141c L: <-> \Device\Harddisk1\DR1\Partition7
16:31:39.0999 0x141c I: <-> \Device\Harddisk1\DR1\Partition5
16:31:40.0030 0x141c J: <-> \Device\Harddisk1\DR1\Partition6
16:31:40.0030 0x141c M: <-> \Device\Harddisk1\DR1\Partition8
16:31:40.0030 0x141c ============================================================
16:31:40.0030 0x141c Initialize success
16:31:40.0030 0x141c ============================================================
16:31:47.0843 0x0f5c ============================================================
16:31:47.0843 0x0f5c Scan started
16:31:47.0843 0x0f5c Mode: Manual; SigCheck; TDLFS;
16:31:47.0843 0x0f5c ============================================================
16:31:47.0843 0x0f5c KSN ping started
16:31:50.0124 0x0f5c KSN ping finished: true
16:31:52.0000 0x0f5c ================ Scan system memory ========================
16:31:52.0000 0x0f5c System memory - ok
16:31:52.0000 0x0f5c ================ Scan services =============================
16:31:52.0156 0x0f5c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
16:31:52.0281 0x0f5c 1394ohci - ok
16:31:52.0296 0x0f5c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
16:31:52.0312 0x0f5c 3ware - ok
16:31:52.0343 0x0f5c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
16:31:52.0375 0x0f5c ACPI - ok
16:31:52.0390 0x0f5c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
16:31:52.0390 0x0f5c acpiex - ok
16:31:52.0406 0x0f5c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
16:31:52.0421 0x0f5c acpipagr - ok
16:31:52.0453 0x0f5c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
16:31:52.0531 0x0f5c AcpiPmi - ok
16:31:52.0546 0x0f5c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
16:31:52.0562 0x0f5c acpitime - ok
16:31:52.0625 0x0f5c [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
16:31:52.0656 0x0f5c Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
16:31:54.0984 0x0f5c Detect skipped due to KSN trusted
16:31:54.0984 0x0f5c Adobe LM Service - ok
16:31:55.0109 0x0f5c [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:31:55.0109 0x0f5c AdobeARMservice - ok
16:31:55.0218 0x0f5c [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:31:55.0218 0x0f5c AdobeFlashPlayerUpdateSvc - ok
16:31:55.0328 0x0f5c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:31:55.0359 0x0f5c ADP80XX - ok
16:31:55.0422 0x0f5c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
16:31:55.0500 0x0f5c AeLookupSvc - ok
16:31:55.0547 0x0f5c [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
16:31:55.0640 0x0f5c AFD - ok
16:31:55.0672 0x0f5c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
16:31:55.0672 0x0f5c agp440 - ok
16:31:55.0718 0x0f5c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:31:55.0812 0x0f5c ahcache - ok
16:31:55.0843 0x0f5c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
16:31:55.0953 0x0f5c ALG - ok
16:31:55.0968 0x0f5c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
16:31:56.0047 0x0f5c AmdK8 - ok
16:31:56.0078 0x0f5c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
16:31:56.0093 0x0f5c AmdPPM - ok
16:31:56.0125 0x0f5c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
16:31:56.0125 0x0f5c amdsata - ok
16:31:56.0140 0x0f5c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
16:31:56.0156 0x0f5c amdsbs - ok
16:31:56.0156 0x0f5c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
16:31:56.0172 0x0f5c amdxata - ok
16:31:56.0203 0x0f5c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
16:31:56.0328 0x0f5c AppID - ok
16:31:56.0359 0x0f5c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
16:31:56.0390 0x0f5c AppIDSvc - ok
16:31:56.0422 0x0f5c [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
16:31:56.0515 0x0f5c Appinfo - ok
16:31:56.0531 0x0f5c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
16:31:56.0609 0x0f5c AppReadiness - ok
16:31:56.0672 0x0f5c [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
16:31:56.0765 0x0f5c AppXSvc - ok
16:31:56.0797 0x0f5c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
16:31:56.0812 0x0f5c arcsas - ok
16:31:56.0922 0x0f5c [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:31:56.0937 0x0f5c aspnet_state - ok
16:31:56.0953 0x0f5c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
16:31:56.0953 0x0f5c atapi - ok
16:31:56.0984 0x0f5c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:31:57.0062 0x0f5c AudioEndpointBuilder - ok
16:31:57.0094 0x0f5c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
16:31:57.0156 0x0f5c Audiosrv - ok
16:31:57.0172 0x0f5c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
16:31:57.0219 0x0f5c AxInstSV - ok
16:31:57.0265 0x0f5c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
16:31:57.0281 0x0f5c b06bdrv - ok
16:31:57.0297 0x0f5c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:31:57.0359 0x0f5c BasicDisplay - ok
16:31:57.0406 0x0f5c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
16:31:57.0515 0x0f5c BasicRender - ok
16:31:57.0609 0x0f5c [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
16:31:57.0625 0x0f5c BBSvc - ok
16:31:57.0640 0x0f5c [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
16:31:57.0640 0x0f5c BBUpdate - ok
16:31:57.0672 0x0f5c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
16:31:57.0703 0x0f5c bcmfn2 - ok
16:31:57.0734 0x0f5c [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
16:31:57.0781 0x0f5c BDESVC - ok
16:31:57.0812 0x0f5c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:31:57.0875 0x0f5c Beep - ok
16:31:57.0922 0x0f5c [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\WINDOWS\System32\bfe.dll
16:31:58.0015 0x0f5c BFE - ok
16:31:58.0062 0x0f5c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
16:31:58.0281 0x0f5c BITS - ok
16:31:58.0328 0x0f5c [ 9DC3EB88894E729E6FBB0B43ACADDD1A, A72B90FD7AB76DCFE360134DD7606F20F9D9E817648D26F4A322289EBBB3D99D ] Bonjour Service C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
16:31:58.0375 0x0f5c Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
16:32:00.0703 0x0f5c Detect skipped due to KSN trusted
16:32:00.0703 0x0f5c Bonjour Service - ok
16:32:00.0719 0x0f5c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
16:32:00.0781 0x0f5c bowser - ok
16:32:00.0828 0x0f5c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:32:00.0922 0x0f5c BrokerInfrastructure - ok
16:32:00.0953 0x0f5c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
16:32:01.0031 0x0f5c Browser - ok
16:32:01.0062 0x0f5c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:32:01.0125 0x0f5c BthAvrcpTg - ok
16:32:01.0156 0x0f5c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
16:32:01.0219 0x0f5c BthHFEnum - ok
16:32:01.0234 0x0f5c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
16:32:01.0266 0x0f5c bthhfhid - ok
16:32:01.0297 0x0f5c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
16:32:01.0344 0x0f5c BthHFSrv - ok
16:32:01.0375 0x0f5c [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
16:32:01.0391 0x0f5c BTHMODEM - ok
16:32:01.0422 0x0f5c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
16:32:01.0484 0x0f5c bthserv - ok
16:32:01.0578 0x0f5c [ 843F5EFF90A988617C5FFD8596A2B571, 69FF9731876E1CBA4BBF00557F0CBC73247165F8EB45F45A55CC0178A7B90D44 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
16:32:01.0625 0x0f5c CCDMonitorService - ok
16:32:01.0656 0x0f5c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:32:01.0734 0x0f5c cdfs - ok
16:32:01.0750 0x0f5c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
16:32:01.0781 0x0f5c cdrom - ok
16:32:01.0812 0x0f5c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
16:32:01.0859 0x0f5c CertPropSvc - ok
16:32:01.0891 0x0f5c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
16:32:01.0922 0x0f5c circlass - ok
16:32:01.0953 0x0f5c [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
16:32:01.0969 0x0f5c CLFS - ok
16:32:02.0016 0x0f5c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
16:32:02.0063 0x0f5c CmBatt - ok
16:32:02.0094 0x0f5c [ C9ACE28CDCD5FF473033A01AA510A184, 8A423D613894EB531C48025A11F1ABB923AFB38070E0A24A8D71909B217CE406 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
16:32:02.0125 0x0f5c CNG - ok
16:32:02.0141 0x0f5c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
16:32:02.0156 0x0f5c CompositeBus - ok
16:32:02.0156 0x0f5c COMSysApp - ok
16:32:02.0188 0x0f5c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
16:32:02.0234 0x0f5c condrv - ok
16:32:02.0297 0x0f5c [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:32:02.0328 0x0f5c cphs - ok
16:32:02.0359 0x0f5c cpuz137 - ok
16:32:02.0438 0x0f5c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
16:32:02.0563 0x0f5c CryptSvc - ok
16:32:02.0609 0x0f5c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
16:32:02.0625 0x0f5c dam - ok
16:32:02.0641 0x075c Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
16:32:02.0656 0x0f5c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:32:02.0750 0x0f5c DcomLaunch - ok
16:32:02.0781 0x0f5c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
16:32:02.0844 0x0f5c defragsvc - ok
16:32:02.0891 0x0f5c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:32:02.0938 0x0f5c DeviceAssociationService - ok
16:32:02.0969 0x0f5c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
16:32:03.0016 0x0f5c DeviceInstall - ok
16:32:03.0047 0x0f5c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
16:32:03.0172 0x0f5c Dfsc - ok
16:32:03.0203 0x0f5c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
16:32:03.0281 0x0f5c Dhcp - ok
16:32:03.0344 0x0f5c [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
16:32:03.0453 0x0f5c DiagTrack - ok
16:32:03.0484 0x0f5c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
16:32:03.0484 0x0f5c disk - ok
16:32:03.0500 0x0f5c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
16:32:03.0578 0x0f5c dmvsc - ok
16:32:03.0609 0x0f5c [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:32:03.0609 0x0f5c Dnscache - ok
16:32:03.0672 0x0f5c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
16:32:03.0734 0x0f5c dot3svc - ok
16:32:03.0781 0x0f5c [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
16:32:03.0781 0x0f5c dot4 - ok
16:32:03.0797 0x0f5c [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
16:32:03.0797 0x0f5c Dot4Print - ok
16:32:03.0813 0x0f5c [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
16:32:03.0813 0x0f5c dot4usb - ok
16:32:03.0844 0x0f5c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
16:32:03.0875 0x0f5c DPS - ok
16:32:03.0906 0x0f5c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:32:03.0906 0x0f5c drmkaud - ok
16:32:03.0953 0x0f5c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
16:32:03.0953 0x0f5c DsmSvc - ok
16:32:04.0031 0x0f5c [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:32:04.0094 0x0f5c DXGKrnl - ok
16:32:04.0125 0x0f5c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
16:32:04.0188 0x0f5c Eaphost - ok
16:32:04.0281 0x0f5c [ 09036ED65D41B334CF541D3F3E982EAB, 7B68E0D732ADA2C15A7C3AEC62105076132F71B653467A793729D893366AA76B ] EaseUS Agent C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
16:32:04.0359 0x0f5c EaseUS Agent - ok
16:32:04.0485 0x0f5c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
16:32:04.0610 0x0f5c ebdrv - ok
16:32:04.0656 0x0f5c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
16:32:04.0656 0x0f5c EFS - ok
16:32:04.0672 0x0f5c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
16:32:04.0688 0x0f5c EhStorClass - ok
16:32:04.0688 0x0f5c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:32:04.0703 0x0f5c EhStorTcgDrv - ok
16:32:04.0735 0x0f5c [ 1B677389760689A11241884C700B48E0, 75EC4D16F3F6004D2697AE25E029B95D8B9611911039777B781C5707DA6048C6 ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys
16:32:04.0750 0x0f5c epmntdrv - ok
16:32:04.0828 0x0f5c [ 138690A45CE2EE341D00A86AFF44D95F, 79230ED8285E5A9FCB7A6C3EFE64E1BAEBC64018394F9E8849A493F4ADA5C006 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
16:32:04.0844 0x0f5c ePowerSvc - ok
16:32:04.0860 0x0f5c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
16:32:04.0875 0x0f5c ErrDev - ok
16:32:04.0922 0x0f5c [ E47A0ECA90AF393983EF30E458606BB5, 1EB07711968ADBAB63A993FC54795DAAA9514F6E58FDED9EE9CA2DA3CCD620E1 ] EUBAKUP C:\WINDOWS\system32\drivers\eubakup.sys
16:32:04.0938 0x0f5c EUBAKUP - ok
16:32:04.0938 0x0f5c [ 17696B5ACDBDFFC7D26C4B56BF132AD5, 3D2499FE2406300357B746AF82F69CBF1A1039B1F2DD755018F2185FDE26EA7E ] EUBKMON C:\WINDOWS\system32\drivers\EUBKMON.sys
16:32:04.0953 0x0f5c EUBKMON - ok
16:32:04.0969 0x0f5c [ FCFD172899D0A026E5BD29F4775BFA76, CC651EAA870D9107B9FAC84B2FA2B8F166C5CA8FBDA803AFBDE07F523FA8C667 ] EUDSKACS C:\Windows\system32\drivers\eudskacs.sys
16:32:05.0000 0x0f5c EUDSKACS - ok
16:32:05.0016 0x0f5c [ 1D866B50C9B1BA3FE90CC81E0DBC0E15, 07606693CA155EC3BA2FEF6B1C70263AD0F6C2935E1C99572BB2152260F33E28 ] EUFDDISK C:\Windows\system32\drivers\EuFdDisk.sys
16:32:05.0031 0x0f5c EUFDDISK - ok
16:32:05.0063 0x0f5c [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys
16:32:05.0078 0x0f5c EuGdiDrv - ok
16:32:05.0110 0x075c Object send P2P result: true
16:32:05.0125 0x0f5c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
16:32:05.0203 0x0f5c EventSystem - ok
16:32:05.0219 0x0f5c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
16:32:05.0281 0x0f5c exfat - ok
16:32:05.0313 0x0f5c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
16:32:05.0328 0x0f5c fastfat - ok
16:32:05.0360 0x0f5c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
16:32:05.0438 0x0f5c Fax - ok
16:32:05.0453 0x0f5c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
16:32:05.0485 0x0f5c fdc - ok
16:32:05.0500 0x0f5c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
16:32:05.0547 0x0f5c fdPHost - ok
16:32:05.0578 0x0f5c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
16:32:05.0610 0x0f5c FDResPub - ok
16:32:05.0641 0x0f5c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
16:32:05.0688 0x0f5c fhsvc - ok
16:32:05.0719 0x0f5c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
16:32:05.0735 0x0f5c FileInfo - ok
16:32:05.0766 0x0f5c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
16:32:05.0781 0x0f5c Filetrace - ok
16:32:05.0875 0x0f5c [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:32:05.0891 0x0f5c FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
16:32:08.0219 0x0f5c Detect skipped due to KSN trusted
16:32:08.0219 0x0f5c FLEXnet Licensing Service - ok
16:32:08.0235 0x0f5c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
16:32:08.0266 0x0f5c flpydisk - ok
16:32:08.0297 0x0f5c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:32:08.0313 0x0f5c FltMgr - ok
16:32:08.0375 0x0f5c [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\WINDOWS\system32\FntCache.dll
16:32:08.0469 0x0f5c FontCache - ok
16:32:08.0578 0x0f5c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:32:08.0578 0x0f5c FontCache3.0.0.0 - ok
16:32:08.0610 0x0f5c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
16:32:08.0625 0x0f5c FsDepends - ok
16:32:08.0657 0x0f5c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:32:08.0657 0x0f5c Fs_Rec - ok
16:32:08.0688 0x0f5c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:32:08.0719 0x0f5c fvevol - ok
16:32:08.0735 0x0f5c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
16:32:08.0750 0x0f5c FxPPM - ok
16:32:08.0766 0x0f5c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
16:32:08.0782 0x0f5c gagp30kx - ok
16:32:08.0813 0x0f5c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
16:32:08.0828 0x0f5c gencounter - ok
16:32:08.0860 0x0f5c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:32:08.0875 0x0f5c GPIOClx0101 - ok
16:32:08.0922 0x0f5c [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
16:32:08.0985 0x0f5c gpsvc - ok
16:32:09.0047 0x0f5c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:32:09.0047 0x0f5c gupdate - ok
16:32:09.0063 0x0f5c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:32:09.0063 0x0f5c gupdatem - ok
16:32:09.0094 0x0f5c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
16:32:09.0203 0x0f5c HDAudBus - ok
16:32:09.0235 0x0f5c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
16:32:09.0266 0x0f5c HidBatt - ok
16:32:09.0297 0x0f5c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
16:32:09.0375 0x0f5c HidBth - ok
16:32:09.0375 0x0f5c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
16:32:09.0375 0x0f5c hidi2c - ok
16:32:09.0407 0x0f5c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
16:32:09.0438 0x0f5c HidIr - ok
16:32:09.0469 0x0f5c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
16:32:09.0547 0x0f5c hidserv - ok
16:32:09.0563 0x0f5c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
16:32:09.0672 0x0f5c HidUsb - ok
16:32:09.0704 0x0f5c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
16:32:09.0750 0x0f5c hkmsvc - ok
16:32:09.0782 0x0f5c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:32:09.0829 0x0f5c HomeGroupListener - ok
16:32:09.0875 0x0f5c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:32:09.0891 0x0f5c HomeGroupProvider - ok
16:32:09.0954 0x0f5c [ 930370725FA0FE272346583A7A7D6BDB, 98195638D548A6E5E574E062FDCF4E5833DDE834399787EC51C340699B6E5E64 ] hpqcxs08 D:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:32:09.0969 0x0f5c hpqcxs08 - ok
16:32:09.0969 0x0f5c [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc D:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:32:09.0985 0x0f5c hpqddsvc - ok
16:32:10.0016 0x0f5c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
16:32:10.0016 0x0f5c HpSAMD - ok
16:32:10.0375 0x0f5c [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Users\RUDOLF~1\AppData\Local\Temp\7zS5C6D\hpslpsvc64.dll
16:32:10.0422 0x0f5c HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
16:32:12.0751 0x0f5c Detect skipped due to KSN trusted
16:32:12.0751 0x0f5c HPSLPSVC - ok
16:32:12.0797 0x0f5c [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
16:32:12.0829 0x0f5c HTTP - ok
16:32:12.0860 0x0f5c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
16:32:12.0876 0x0f5c hwpolicy - ok
16:32:12.0876 0x0f5c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
16:32:12.0907 0x0f5c hyperkbd - ok
16:32:12.0938 0x0f5c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
16:32:12.0938 0x0f5c HyperVideo - ok
16:32:12.0969 0x0f5c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
16:32:13.0047 0x0f5c i8042prt - ok
16:32:13.0047 0x0f5c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:32:13.0047 0x0f5c iaLPSSi_GPIO - ok
16:32:13.0063 0x0f5c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:32:13.0079 0x0f5c iaLPSSi_I2C - ok
16:32:13.0094 0x0f5c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
16:32:13.0126 0x0f5c iaStorAV - ok
16:32:13.0141 0x0f5c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
16:32:13.0157 0x0f5c iaStorV - ok
16:32:13.0282 0x0f5c [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
16:32:13.0344 0x0f5c IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
16:32:15.0673 0x0f5c Detect skipped due to KSN trusted
16:32:15.0673 0x0f5c IconMan_R - ok
16:32:15.0673 0x0f5c IEEtwCollectorService - ok
16:32:15.0813 0x0f5c [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:32:16.0001 0x0f5c igfx - ok
16:32:16.0063 0x0f5c [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\WINDOWS\System32\ikeext.dll
16:32:16.0094 0x0f5c IKEEXT - ok
16:32:16.0110 0x0f5c [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
16:32:16.0110 0x0f5c intaud_WaveExtensible - ok
16:32:16.0235 0x0f5c [ F1A3ECE3809AF333810ED0A872200226, BF1CC3EE64A9BDE41A5139A56016DE79DB87212D130B6024A03206CFCF65AC72 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:32:16.0344 0x0f5c IntcAzAudAddService - ok
16:32:16.0391 0x0f5c [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:32:16.0438 0x0f5c IntcDAud - ok
16:32:16.0501 0x0f5c [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:32:17.0313 0x0f5c Intel(R) Capability Licensing Service Interface - ok
16:32:17.0344 0x0f5c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
16:32:17.0360 0x0f5c intelide - ok
16:32:17.0376 0x0f5c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
16:32:17.0376 0x0f5c intelpep - ok
16:32:17.0391 0x0f5c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
16:32:17.0423 0x0f5c intelppm - ok
16:32:17.0438 0x0f5c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:32:17.0532 0x0f5c IpFilterDriver - ok
16:32:17.0579 0x0f5c [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
16:32:17.0610 0x0f5c iphlpsvc - ok
16:32:17.0641 0x0f5c [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:32:17.0766 0x0f5c IPMIDRV - ok
16:32:17.0798 0x0f5c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
16:32:17.0860 0x0f5c IPNAT - ok
16:32:17.0954 0x0f5c [ B76542085ABAD1AD4E5684F761DFC2EF, C6699B788D6E81E73519433F12BFD3B12C71A5EE2A12810697FE9C4350A179B3 ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
16:32:17.0954 0x0f5c IpOverUsbSvc - ok
16:32:17.0970 0x0f5c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
16:32:18.0001 0x0f5c IRENUM - ok
16:32:18.0032 0x0f5c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
16:32:18.0048 0x0f5c isapnp - ok
16:32:18.0079 0x0f5c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
16:32:18.0095 0x0f5c iScsiPrt - ok
16:32:18.0126 0x0f5c [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
16:32:18.0126 0x0f5c iwdbus - ok
16:32:18.0173 0x0f5c [ 5B7DE9D87B9D2713BDD6A53678DC2A49, E7A0D68FA2ED2730640F40FF59338BE173C8973BFC38286E6320CA332A39C204 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:32:18.0173 0x0f5c jhi_service - ok
16:32:18.0204 0x0f5c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
16:32:18.0204 0x0f5c kbdclass - ok
16:32:18.0220 0x0f5c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
16:32:18.0251 0x0f5c kbdhid - ok
16:32:18.0282 0x0f5c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
16:32:18.0345 0x0f5c kdnic - ok
16:32:18.0376 0x0f5c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
16:32:18.0391 0x0f5c KeyIso - ok
16:32:18.0407 0x0f5c [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
16:32:18.0423 0x0f5c KSecDD - ok
16:32:18.0438 0x0f5c [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:32:18.0454 0x0f5c KSecPkg - ok
16:32:18.0470 0x0f5c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
16:32:18.0485 0x0f5c ksthunk - ok
16:32:18.0516 0x0f5c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
16:32:18.0548 0x0f5c KtmRm - ok
16:32:18.0595 0x0f5c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
16:32:18.0657 0x0f5c LanmanServer - ok
16:32:18.0688 0x0f5c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:32:18.0735 0x0f5c LanmanWorkstation - ok
16:32:18.0782 0x0f5c [ 466D09ACE5DC75439A00AD19618B2306, E7E2A19547B5E9A8CC890A36EA2998286A79CC1449F2EDDE52A57AE531A8B341 ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
16:32:18.0860 0x0f5c Lenovo EasyPlus Hotspot - ok
16:32:18.0891 0x0f5c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
16:32:18.0970 0x0f5c lfsvc - ok
16:32:19.0001 0x0f5c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
16:32:19.0032 0x0f5c lltdio - ok
16:32:19.0063 0x0f5c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
16:32:19.0079 0x0f5c lltdsvc - ok
16:32:19.0110 0x0f5c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
16:32:19.0188 0x0f5c lmhosts - ok
16:32:19.0220 0x0f5c [ E70FD0D2C95F559A17321D831875593D, 57839ADA7CC6606D98B43FC2F4EC6F5E9B75A2F3EC937C11322201128A161E0D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:32:19.0220 0x0f5c LMS - ok
16:32:19.0251 0x0f5c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
16:32:19.0266 0x0f5c LSI_SAS - ok
16:32:19.0282 0x0f5c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
16:32:19.0282 0x0f5c LSI_SAS2 - ok
16:32:19.0298 0x0f5c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
16:32:19.0313 0x0f5c LSI_SAS3 - ok
16:32:19.0313 0x0f5c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
16:32:19.0329 0x0f5c LSI_SSS - ok
16:32:19.0376 0x0f5c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
16:32:19.0485 0x0f5c LSM - ok
16:32:19.0516 0x0f5c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
16:32:19.0610 0x0f5c luafv - ok
16:32:19.0641 0x0f5c [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
16:32:19.0641 0x0f5c MBAMProtector - ok
16:32:19.0704 0x0f5c [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler D:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
16:32:19.0782 0x0f5c MBAMScheduler - ok
16:32:19.0829 0x0f5c [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService D:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
16:32:19.0860 0x0f5c MBAMService - ok
16:32:19.0907 0x0f5c [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
16:32:19.0907 0x0f5c MBAMSwissArmy - ok
16:32:19.0923 0x0f5c [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
16:32:19.0938 0x0f5c MBAMWebAccessControl - ok
16:32:19.0970 0x0f5c [ E416E967E3FB6FB1E9AE12B9C7DAB526, 4849AE6B628D349F64D26CDD638B34E598E7C839335961C6AE39B305765106A3 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
16:32:19.0985 0x0f5c MDM - detected UnsignedFile.Multi.Generic ( 1 )
16:32:22.0313 0x0f5c Detect skipped due to KSN trusted
16:32:22.0313 0x0f5c MDM - ok
16:32:22.0345 0x0f5c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
16:32:22.0360 0x0f5c megasas - ok
16:32:22.0376 0x0f5c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
16:32:22.0392 0x0f5c megasr - ok
16:32:22.0407 0x0f5c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
16:32:22.0423 0x0f5c MEIx64 - ok
16:32:22.0454 0x0f5c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
16:32:22.0517 0x0f5c MMCSS - ok
16:32:22.0548 0x0f5c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
16:32:22.0564 0x0f5c Modem - ok
16:32:22.0579 0x0f5c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
16:32:22.0657 0x0f5c monitor - ok
16:32:22.0689 0x0f5c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
16:32:22.0689 0x0f5c mouclass - ok
16:32:22.0704 0x0f5c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
16:32:22.0751 0x0f5c mouhid - ok
16:32:22.0782 0x0f5c [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
16:32:22.0782 0x0f5c mountmgr - ok
16:32:22.0829 0x0f5c [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:32:22.0845 0x0f5c MozillaMaintenance - ok
16:32:22.0876 0x0f5c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
16:32:22.0939 0x0f5c mpsdrv - ok
16:32:22.0985 0x0f5c [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
16:32:23.0017 0x0f5c MpsSvc - ok
16:32:23.0048 0x0f5c [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
16:32:23.0126 0x0f5c MRxDAV - ok
16:32:23.0142 0x0f5c [ 767087A3646D01EBA4E8DDD903920BD0, 2BFB9018DBAD5805796B4F8B7E7E8094240A06657AC50C4D9287B25F49D27426 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:32:23.0235 0x0f5c mrxsmb - ok
16:32:23.0251 0x0f5c [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:32:23.0360 0x0f5c mrxsmb10 - ok
16:32:23.0376 0x0f5c [ D5EB16B7A8FBD925E5A4F27A653E38C9, B7AADCB7F67D6D3933EB8075DC7D8A48F35D704FE8123C2D447677347DC06379 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:32:23.0392 0x0f5c mrxsmb20 - ok
16:32:23.0439 0x0f5c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
16:32:23.0470 0x0f5c MsBridge - ok
16:32:23.0485 0x0f5c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
16:32:23.0501 0x0f5c MSDTC - ok
16:32:23.0532 0x0f5c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:32:23.0548 0x0f5c Msfs - ok
16:32:23.0579 0x0f5c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:32:23.0579 0x0f5c msgpiowin32 - ok
16:32:23.0595 0x0f5c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:32:23.0610 0x0f5c mshidkmdf - ok
16:32:23.0626 0x0f5c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
16:32:23.0642 0x0f5c mshidumdf - ok
16:32:23.0673 0x0f5c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
16:32:23.0673 0x0f5c msisadrv - ok
16:32:23.0704 0x0f5c [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
16:32:23.0735 0x0f5c MSiSCSI - ok
16:32:23.0735 0x0f5c msiserver - ok
16:32:23.0751 0x0f5c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:32:23.0767 0x0f5c MSKSSRV - ok
16:32:23.0798 0x0f5c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
16:32:23.0860 0x0f5c MsLldp - ok
16:32:23.0876 0x0f5c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:32:23.0892 0x0f5c MSPCLOCK - ok
16:32:23.0907 0x0f5c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:32:23.0907 0x0f5c MSPQM - ok
16:32:23.0939 0x0f5c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
16:32:23.0954 0x0f5c MsRPC - ok
16:32:23.0970 0x0f5c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
16:32:23.0985 0x0f5c mssmbios - ok
16:32:23.0985 0x0f5c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:32:24.0017 0x0f5c MSTEE - ok
16:32:24.0032 0x0f5c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
16:32:24.0048 0x0f5c MTConfig - ok
16:32:24.0079 0x0f5c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
16:32:24.0079 0x0f5c Mup - ok
16:32:24.0095 0x0f5c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
16:32:24.0110 0x0f5c mvumis - ok
16:32:24.0454 0x0f5c [ FD5B8146FB8E7BBB25C3AFE5B4474024, 6B77997118703C0AAE0970C1224A3CD171EEF19376A6E43511701C141897395D ] MySQL D:\Programme\MariaDB 10.1\bin\mysqld.exe
16:32:24.0720 0x0f5c MySQL - ok
16:32:24.0782 0x0f5c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
16:32:24.0814 0x0f5c napagent - ok
16:32:24.0860 0x0f5c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:32:24.0939 0x0f5c NativeWifiP - ok
16:32:25.0001 0x0f5c [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
16:32:25.0017 0x0f5c NAUpdate - ok
16:32:25.0064 0x0f5c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
16:32:25.0126 0x0f5c NcaSvc - ok
16:32:25.0157 0x0f5c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
16:32:25.0220 0x0f5c NcbService - ok
16:32:25.0251 0x0f5c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
16:32:25.0314 0x0f5c NcdAutoSetup - ok
16:32:25.0361 0x0f5c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
16:32:25.0407 0x0f5c NDIS - ok
16:32:25.0454 0x0f5c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
16:32:25.0486 0x0f5c NdisCap - ok
16:32:25.0517 0x0f5c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
16:32:25.0579 0x0f5c NdisImPlatform - ok
16:32:25.0595 0x0f5c [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:32:25.0626 0x0f5c NdisTapi - ok
16:32:25.0673 0x0f5c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:32:25.0720 0x0f5c Ndisuio - ok
16:32:25.0736 0x0f5c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:32:25.0736 0x0f5c NdisVirtualBus - ok
16:32:25.0751 0x0f5c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:32:25.0782 0x0f5c NdisWan - ok
16:32:25.0782 0x0f5c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:32:25.0798 0x0f5c NdisWanLegacy - ok
16:32:25.0829 0x0f5c [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:32:25.0861 0x0f5c NDProxy - ok
16:32:25.0876 0x0f5c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
16:32:25.0954 0x0f5c Ndu - ok
16:32:25.0986 0x0f5c [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
16:32:25.0986 0x0f5c Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:32:28.0314 0x0f5c Detect skipped due to KSN trusted
16:32:28.0314 0x0f5c Net Driver HPZ12 - ok
16:32:28.0345 0x0f5c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:32:28.0392 0x0f5c NetBIOS - ok
16:32:28.0423 0x0f5c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:32:28.0470 0x0f5c NetBT - ok
16:32:28.0501 0x0f5c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
16:32:28.0501 0x0f5c Netlogon - ok
16:32:28.0548 0x0f5c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
16:32:28.0548 0x0f5c Netman - ok
16:32:28.0595 0x0f5c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
16:32:28.0626 0x0f5c netprofm - ok
16:32:28.0720 0x0f5c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:32:28.0751 0x0f5c NetTcpPortSharing - ok
16:32:28.0783 0x0f5c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
16:32:28.0861 0x0f5c netvsc - ok
16:32:28.0876 0x0f5c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
16:32:28.0939 0x0f5c NlaSvc - ok
16:32:28.0970 0x0f5c [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf C:\WINDOWS\system32\drivers\npf.sys
16:32:28.0986 0x0f5c npf - ok
16:32:29.0017 0x0f5c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:32:29.0033 0x0f5c Npfs - ok
16:32:29.0064 0x0f5c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
16:32:29.0111 0x0f5c npsvctrig - ok
16:32:29.0142 0x0f5c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
16:32:29.0251 0x0f5c nsi - ok
16:32:29.0267 0x0f5c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
16:32:29.0298 0x0f5c nsiproxy - ok
16:32:29.0376 0x0f5c [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:32:29.0454 0x0f5c Ntfs - ok
16:32:29.0486 0x0f5c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
16:32:29.0501 0x0f5c Null - ok
16:32:29.0533 0x0f5c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
16:32:29.0564 0x0f5c nvraid - ok
16:32:29.0579 0x0f5c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
16:32:29.0595 0x0f5c nvstor - ok
16:32:29.0595 0x0f5c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
16:32:29.0611 0x0f5c nv_agp - ok
16:32:29.0673 0x0f5c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:32:29.0689 0x0f5c ose - ok
16:32:29.0720 0x0f5c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
16:32:29.0814 0x0f5c p2pimsvc - ok
16:32:29.0861 0x0f5c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
16:32:29.0908 0x0f5c p2psvc - ok
16:32:29.0923 0x0f5c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
16:32:29.0923 0x0f5c Parport - ok
16:32:29.0970 0x0f5c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
16:32:29.0970 0x0f5c partmgr - ok
16:32:30.0017 0x0f5c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
16:32:30.0048 0x0f5c PcaSvc - ok
16:32:30.0079 0x0f5c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
16:32:30.0095 0x0f5c pci - ok
16:32:30.0126 0x0f5c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
16:32:30.0126 0x0f5c pciide - ok
16:32:30.0142 0x0f5c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
16:32:30.0158 0x0f5c pcmcia - ok
16:32:30.0158 0x0f5c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
16:32:30.0173 0x0f5c pcw - ok
16:32:30.0189 0x0f5c [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
16:32:30.0204 0x0f5c pdc - ok
16:32:30.0236 0x0f5c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
16:32:30.0345 0x0f5c PEAUTH - ok
16:32:30.0423 0x0f5c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
16:32:30.0548 0x0f5c PerfHost - ok
16:32:30.0673 0x0f5c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
16:32:30.0751 0x0f5c pla - ok
16:32:30.0783 0x0f5c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
16:32:30.0783 0x0f5c PlugPlay - ok
16:32:30.0814 0x0f5c [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
16:32:30.0845 0x0f5c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:32:33.0205 0x0f5c Detect skipped due to KSN trusted
16:32:33.0205 0x0f5c Pml Driver HPZ12 - ok
16:32:33.0236 0x0f5c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
16:32:33.0252 0x0f5c PNRPAutoReg - ok
16:32:33.0283 0x0f5c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
16:32:33.0298 0x0f5c PNRPsvc - ok
16:32:33.0345 0x0f5c [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\WINDOWS\System32\drivers\point64.sys
16:32:33.0345 0x0f5c Point64 - ok
16:32:33.0377 0x0f5c [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
16:32:33.0408 0x0f5c PolicyAgent - ok
16:32:33.0439 0x0f5c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
16:32:33.0502 0x0f5c Power - ok
16:32:33.0611 0x0f5c [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:32:33.0861 0x0f5c PrintNotify - ok
16:32:33.0908 0x0f5c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
16:32:33.0908 0x0f5c Processor - ok
16:32:33.0939 0x0f5c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
16:32:34.0002 0x0f5c ProfSvc - ok
16:32:34.0033 0x0f5c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
16:32:34.0064 0x0f5c Psched - ok
16:32:34.0095 0x0f5c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
16:32:34.0158 0x0f5c QWAVE - ok
16:32:34.0189 0x0f5c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
16:32:34.0205 0x0f5c QWAVEdrv - ok
16:32:34.0220 0x0f5c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:32:34.0252 0x0f5c RasAcd - ok
16:32:34.0283 0x0f5c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:32:34.0314 0x0f5c RasAuto - ok
16:32:34.0345 0x0f5c [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:32:34.0377 0x0f5c RasMan - ok
16:32:34.0408 0x0f5c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:32:34.0439 0x0f5c RasPppoe - ok
16:32:34.0470 0x0f5c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:32:34.0627 0x0f5c rdbss - ok
16:32:34.0658 0x0f5c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
16:32:34.0736 0x0f5c rdpbus - ok
16:32:34.0752 0x0f5c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
16:32:34.0814 0x0f5c RDPDR - ok
16:32:34.0861 0x0f5c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:32:34.0861 0x0f5c RdpVideoMiniport - ok
16:32:34.0892 0x0f5c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
16:32:34.0908 0x0f5c rdyboost - ok
16:32:34.0939 0x0f5c [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
16:32:34.0970 0x0f5c ReFS - ok
16:32:35.0002 0x0f5c [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:32:35.0017 0x0f5c RemoteAccess - ok
16:32:35.0048 0x0f5c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:32:35.0095 0x0f5c RemoteRegistry - ok
16:32:35.0111 0x0f5c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
16:32:35.0142 0x0f5c RpcEptMapper - ok
16:32:35.0158 0x0f5c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
16:32:35.0173 0x0f5c RpcLocator - ok
16:32:35.0220 0x0f5c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:32:35.0236 0x0f5c RpcSs - ok
16:32:35.0283 0x0f5c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:32:35.0298 0x0f5c rspndr - ok
16:32:35.0330 0x0f5c [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
16:32:35.0345 0x0f5c RSUSBVSTOR - ok
16:32:35.0377 0x0f5c [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
16:32:35.0408 0x0f5c RTL8168 - ok
16:32:35.0423 0x0f5c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
16:32:35.0439 0x0f5c s3cap - ok
16:32:35.0470 0x0f5c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
16:32:35.0486 0x0f5c SamSs - ok
16:32:35.0517 0x0f5c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
16:32:35.0517 0x0f5c sbp2port - ok
16:32:35.0564 0x0f5c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
16:32:35.0580 0x0f5c SCardSvr - ok
16:32:35.0611 0x0f5c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
16:32:35.0627 0x0f5c ScDeviceEnum - ok
16:32:35.0658 0x0f5c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:32:35.0674 0x0f5c scfilter - ok
16:32:35.0736 0x0f5c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:32:35.0814 0x0f5c Schedule - ok
16:32:35.0845 0x0f5c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
16:32:35.0861 0x0f5c SCPolicySvc - ok
16:32:35.0892 0x0f5c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
16:32:35.0908 0x0f5c sdbus - ok
16:32:35.0939 0x0f5c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
16:32:35.0955 0x0f5c sdstor - ok
16:32:35.0986 0x0f5c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
16:32:36.0033 0x0f5c secdrv - ok
16:32:36.0064 0x0f5c [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
16:32:36.0064 0x0f5c seclogon - ok
16:32:36.0111 0x0f5c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
16:32:36.0111 0x0f5c SENS - ok
16:32:36.0142 0x0f5c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsSimulatorDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:32:36.0158 0x0f5c SensorsSimulatorDriver - ok
16:32:36.0220 0x0f5c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
16:32:36.0252 0x0f5c SensrSvc - ok
16:32:36.0299 0x0f5c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
16:32:36.0299 0x0f5c SerCx - ok
16:32:36.0330 0x0f5c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
16:32:36.0345 0x0f5c SerCx2 - ok
16:32:36.0361 0x0f5c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
16:32:36.0377 0x0f5c Serenum - ok
16:32:36.0392 0x0f5c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
16:32:36.0424 0x0f5c Serial - ok
16:32:36.0439 0x0f5c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
16:32:36.0470 0x0f5c sermouse - ok
16:32:36.0517 0x0f5c [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
16:32:36.0580 0x0f5c SessionEnv - ok
16:32:36.0611 0x0f5c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
16:32:36.0642 0x0f5c sfloppy - ok
16:32:36.0674 0x0f5c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:32:36.0705 0x0f5c SharedAccess - ok
16:32:36.0767 0x0f5c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:32:36.0845 0x0f5c ShellHWDetection - ok
16:32:36.0845 0x0f5c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:32:36.0861 0x0f5c SiSRaid2 - ok
16:32:36.0861 0x0f5c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
16:32:36.0877 0x0f5c SiSRaid4 - ok
16:32:36.0908 0x0f5c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
16:32:36.0908 0x0f5c smphost - ok
16:32:36.0939 0x0f5c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
16:32:36.0955 0x0f5c SNMPTRAP - ok
16:32:36.0986 0x0f5c [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
16:32:37.0002 0x0f5c spaceport - ok
16:32:37.0017 0x0f5c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
16:32:37.0017 0x0f5c SpbCx - ok
16:32:37.0080 0x0f5c [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
16:32:37.0174 0x0f5c Spooler - ok
16:32:37.0314 0x0f5c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
16:32:37.0439 0x0f5c sppsvc - ok
16:32:37.0549 0x0f5c [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:32:37.0549 0x0f5c SQLWriter - ok
16:32:37.0595 0x0f5c [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:32:37.0767 0x0f5c srv - ok
16:32:37.0799 0x0f5c [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
16:32:37.0877 0x0f5c srv2 - ok
16:32:37.0892 0x0f5c [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:32:37.0986 0x0f5c srvnet - ok
16:32:38.0017 0x0f5c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:32:38.0049 0x0f5c SSDPSRV - ok
16:32:38.0080 0x0f5c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
16:32:38.0096 0x0f5c SstpSvc - ok
16:32:38.0127 0x0f5c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
16:32:38.0142 0x0f5c stexstor - ok
16:32:38.0189 0x0f5c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
16:32:38.0267 0x0f5c stisvc - ok
16:32:38.0267 0x0f5c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
16:32:38.0283 0x0f5c storahci - ok
16:32:38.0314 0x0f5c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
16:32:38.0314 0x0f5c storflt - ok
16:32:38.0346 0x0f5c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
16:32:38.0346 0x0f5c stornvme - ok
16:32:38.0377 0x0f5c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
16:32:38.0424 0x0f5c StorSvc - ok
16:32:38.0424 0x0f5c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
16:32:38.0439 0x0f5c storvsc - ok
16:32:38.0471 0x0f5c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
16:32:38.0517 0x0f5c svsvc - ok
16:32:38.0549 0x0f5c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
16:32:38.0549 0x0f5c swenum - ok
16:32:38.0611 0x0f5c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
16:32:38.0642 0x0f5c swprv - ok
16:32:38.0705 0x0f5c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
16:32:38.0767 0x0f5c SysMain - ok
16:32:38.0814 0x0f5c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:32:38.0846 0x0f5c SystemEventsBroker - ok
16:32:38.0877 0x0f5c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:32:38.0939 0x0f5c TabletInputService - ok
16:32:38.0971 0x0f5c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:32:39.0002 0x0f5c TapiSrv - ok
16:32:39.0080 0x0f5c [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
16:32:39.0189 0x0f5c Tcpip - ok
16:32:39.0252 0x0f5c [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:32:39.0314 0x0f5c TCPIP6 - ok
16:32:39.0346 0x0f5c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
16:32:39.0439 0x0f5c tcpipreg - ok
16:32:39.0455 0x0f5c [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
16:32:39.0502 0x0f5c tdx - ok
16:32:39.0580 0x0f5c [ 1A4B1847BD8C7079C3A6C873342CC84A, E49E60896C6726EB8F8EE3A443B839AA6A6E802919C7D102DD820AD7C3DDA32C ] Te.Service C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
16:32:39.0611 0x0f5c Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
16:32:41.0939 0x0f5c Detect skipped due to KSN trusted
16:32:41.0939 0x0f5c Te.Service - ok
16:32:41.0971 0x0f5c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
16:32:41.0971 0x0f5c terminpt - ok
16:32:42.0018 0x0f5c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
16:32:42.0064 0x0f5c TermService - ok
16:32:42.0096 0x0f5c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
16:32:42.0096 0x0f5c Themes - ok
16:32:42.0127 0x0f5c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
16:32:42.0143 0x0f5c THREADORDER - ok
16:32:42.0174 0x0f5c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
16:32:42.0221 0x0f5c TimeBroker - ok
16:32:42.0252 0x0f5c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
16:32:42.0268 0x0f5c TPM - ok
16:32:42.0283 0x0f5c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
16:32:42.0283 0x0f5c TrkWks - ok
16:32:42.0330 0x0f5c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:32:42.0393 0x0f5c TrustedInstaller - ok
16:32:42.0408 0x0f5c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
16:32:42.0471 0x0f5c TsUsbFlt - ok
16:32:42.0502 0x0f5c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:32:42.0564 0x0f5c TsUsbGD - ok
16:32:42.0596 0x0f5c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
16:32:42.0643 0x0f5c tunnel - ok
16:32:42.0674 0x0f5c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
16:32:42.0689 0x0f5c uagp35 - ok
16:32:42.0689 0x0f5c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
16:32:42.0705 0x0f5c UASPStor - ok
16:32:42.0736 0x0f5c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
16:32:42.0752 0x0f5c UCX01000 - ok
16:32:42.0783 0x0f5c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
16:32:42.0846 0x0f5c udfs - ok
16:32:42.0846 0x0f5c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
16:32:42.0861 0x0f5c UEFI - ok
16:32:42.0893 0x0f5c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
16:32:42.0908 0x0f5c UI0Detect - ok
16:32:42.0924 0x0f5c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
16:32:42.0924 0x0f5c uliagpkx - ok
16:32:42.0939 0x0f5c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
16:32:42.0955 0x0f5c umbus - ok
16:32:42.0955 0x0f5c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
16:32:42.0971 0x0f5c UmPass - ok
16:32:43.0002 0x0f5c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
16:32:43.0049 0x0f5c UmRdpService - ok
16:32:43.0127 0x0f5c [ C485FB802F6C4A306B8F89BA087E5CA2, DE2E0F4A22D63EC54E23491962282ED3B01C7EB9941774A0C5633A776EAD499A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:32:43.0143 0x0f5c UNS - ok
16:32:43.0189 0x0f5c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:32:43.0221 0x0f5c upnphost - ok
16:32:43.0252 0x0f5c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
16:32:43.0252 0x0f5c usbccgp - ok
16:32:43.0283 0x0f5c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
16:32:43.0346 0x0f5c usbcir - ok
16:32:43.0377 0x0f5c [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
16:32:43.0393 0x0f5c usbehci - ok
16:32:43.0408 0x0f5c [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
16:32:43.0424 0x0f5c usbhub - ok
16:32:43.0455 0x0f5c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
16:32:43.0471 0x0f5c USBHUB3 - ok
16:32:43.0486 0x0f5c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
16:32:43.0549 0x0f5c usbohci - ok
16:32:43.0580 0x0f5c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
16:32:43.0627 0x0f5c usbprint - ok
16:32:43.0643 0x0f5c [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
16:32:43.0690 0x0f5c usbscan - ok
16:32:43.0721 0x0f5c [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:32:43.0736 0x0f5c USBSTOR - ok
16:32:43.0736 0x0f5c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
16:32:43.0768 0x0f5c usbuhci - ok
16:32:43.0815 0x0f5c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:32:43.0815 0x0f5c USBXHCI - ok
16:32:43.0830 0x0f5c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
16:32:43.0830 0x0f5c VaultSvc - ok
16:32:43.0877 0x0f5c [ BC9DE9BAE3A65664B13AF35CE28423EF, 442E4143161601F9E80ECB71BA6BE6E8F8AEA71C6B7837A7849D7A3A265D1194 ] VBoxDrv C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
16:32:43.0908 0x0f5c VBoxDrv - ok
16:32:43.0940 0x0f5c [ 8B61E7B09D27EAAE8BD227A04841BB8B, 225BF9B03E90ED7C4BA92F3E774F46F6CB90D721755930ABABEA255B07C0DD5D ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
16:32:43.0971 0x0f5c VBoxNetAdp - ok
16:32:44.0002 0x0f5c [ A4C430C172C1D7323FBF31B53857502E, BC6E5F70F4875155D648001B29783E858AFB4251CD3F609F3DC6C51F19DF7555 ] VBoxNetLwf C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
16:32:44.0002 0x0f5c VBoxNetLwf - ok
16:32:44.0049 0x0f5c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
16:32:44.0049 0x0f5c vdrvroot - ok
16:32:44.0111 0x0f5c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
16:32:44.0143 0x0f5c vds - ok
16:32:44.0174 0x0f5c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
16:32:44.0190 0x0f5c VerifierExt - ok
16:32:44.0236 0x0f5c [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
16:32:44.0268 0x0f5c vhdmp - ok
16:32:44.0268 0x0f5c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
16:32:44.0283 0x0f5c viaide - ok
16:32:44.0283 0x0f5c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
16:32:44.0299 0x0f5c vmbus - ok
16:32:44.0299 0x0f5c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
16:32:44.0315 0x0f5c VMBusHID - ok
16:32:44.0346 0x0f5c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
16:32:44.0377 0x0f5c vmicguestinterface - ok
16:32:44.0393 0x0f5c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
16:32:44.0408 0x0f5c vmicheartbeat - ok
16:32:44.0424 0x0f5c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
16:32:44.0440 0x0f5c vmickvpexchange - ok
16:32:44.0455 0x0f5c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
16:32:44.0471 0x0f5c vmicrdv - ok
16:32:44.0486 0x0f5c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
16:32:44.0502 0x0f5c vmicshutdown - ok
16:32:44.0518 0x0f5c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
16:32:44.0533 0x0f5c vmictimesync - ok
16:32:44.0549 0x0f5c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
16:32:44.0565 0x0f5c vmicvss - ok
16:32:44.0596 0x0f5c [ B2E25DB5A6A178C056342ABD747B7326, 3B4487B5F400D8B427F052CEBC5135B91282BEA533FAD28B0AA5CCF29E82AE80 ] vmm C:\WINDOWS\system32\Treiber\vmm.sys
16:32:44.0611 0x0f5c vmm - ok
16:32:44.0627 0x0f5c [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
16:32:44.0627 0x0f5c volmgr - ok
16:32:44.0643 0x0f5c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
16:32:44.0658 0x0f5c volmgrx - ok
16:32:44.0705 0x0f5c [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
16:32:44.0721 0x0f5c volsnap - ok
16:32:44.0752 0x0f5c [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
16:32:44.0768 0x0f5c vpci - ok
16:32:44.0783 0x0f5c [ 6BDCA00FC57CC40DA3C8E88B2CEA21AB, 1E7EB923B199ED9ADE6F1DDFC5C1CABE39366D066FC968BBEC518C9146F124CE ] VPCNetS2 C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
16:32:44.0799 0x0f5c VPCNetS2 - ok
16:32:44.0830 0x0f5c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
16:32:44.0830 0x0f5c vsmraid - ok
16:32:44.0893 0x0f5c [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
16:32:44.0971 0x0f5c VSS - ok
16:32:45.0033 0x0f5c [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
16:32:45.0049 0x0f5c VSStandardCollectorService140 - ok
16:32:45.0065 0x0f5c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
16:32:45.0080 0x0f5c VSTXRAID - ok
16:32:45.0143 0x0f5c [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
16:32:45.0268 0x0f5c vwifibus - ok
16:32:45.0299 0x0f5c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
16:32:45.0377 0x0f5c W32Time - ok
16:32:45.0393 0x0f5c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
16:32:45.0424 0x0f5c WacomPen - ok
16:32:45.0486 0x0f5c [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
16:32:45.0565 0x0f5c wbengine - ok
16:32:45.0611 0x0f5c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
16:32:45.0674 0x0f5c WbioSrvc - ok
16:32:45.0705 0x0f5c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
16:32:45.0721 0x0f5c Wcmsvc - ok
16:32:45.0752 0x0f5c [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
16:32:45.0768 0x0f5c wcncsvc - ok
16:32:45.0815 0x0f5c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
16:32:45.0861 0x0f5c WcsPlugInService - ok
16:32:45.0893 0x0f5c [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
16:32:45.0893 0x0f5c WdBoot - ok
16:32:45.0940 0x0f5c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
16:32:45.0971 0x0f5c Wdf01000 - ok
16:32:45.0987 0x0f5c [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
16:32:46.0002 0x0f5c WdFilter - ok
16:32:46.0033 0x0f5c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
16:32:46.0049 0x0f5c WdiServiceHost - ok
16:32:46.0065 0x0f5c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
16:32:46.0065 0x0f5c WdiSystemHost - ok
16:32:46.0096 0x0f5c [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:32:46.0096 0x0f5c WdNisDrv - ok
16:32:46.0127 0x0f5c WdNisSvc - ok
16:32:46.0158 0x0f5c [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll
16:32:46.0205 0x0f5c WebClient - ok
16:32:46.0221 0x0f5c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
16:32:46.0252 0x0f5c Wecsvc - ok
16:32:46.0283 0x0f5c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
16:32:46.0283 0x0f5c WEPHOSTSVC - ok
16:32:46.0315 0x0f5c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
16:32:46.0377 0x0f5c wercplsupport - ok
16:32:46.0408 0x0f5c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
16:32:46.0424 0x0f5c WerSvc - ok
16:32:46.0455 0x0f5c [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
16:32:46.0455 0x0f5c WFPLWFS - ok
16:32:46.0487 0x0f5c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
16:32:46.0502 0x0f5c WiaRpc - ok
16:32:46.0533 0x0f5c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
16:32:46.0533 0x0f5c WIMMount - ok
16:32:46.0533 0x0f5c WinDefend - ok
16:32:46.0580 0x0f5c [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:32:46.0612 0x0f5c WinHttpAutoProxySvc - ok
16:32:46.0674 0x0f5c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:32:46.0768 0x0f5c Winmgmt - ok
16:32:46.0846 0x0f5c [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
16:32:46.0924 0x0f5c WinRM - ok
16:32:46.0955 0x0f5c [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
16:32:47.0018 0x0f5c WinUsb - ok
16:32:47.0065 0x0f5c [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
16:32:47.0096 0x0f5c WlanSvc - ok
16:32:47.0158 0x0f5c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
16:32:47.0205 0x0f5c wlidsvc - ok
16:32:47.0237 0x0f5c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
16:32:47.0252 0x0f5c WmiAcpi - ok
16:32:47.0268 0x0f5c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:32:47.0283 0x0f5c wmiApSrv - ok
16:32:47.0315 0x0f5c WMPNetworkSvc - ok
16:32:47.0346 0x0f5c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
16:32:47.0362 0x0f5c Wof - ok
16:32:47.0408 0x0f5c [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
16:32:47.0533 0x0f5c workfolderssvc - ok
16:32:47.0565 0x0f5c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
16:32:47.0580 0x0f5c wpcfltr - ok
16:32:47.0612 0x0f5c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
16:32:47.0658 0x0f5c WPCSvc - ok
16:32:47.0690 0x0f5c [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
16:32:47.0737 0x0f5c WPDBusEnum - ok
16:32:47.0768 0x0f5c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:32:47.0783 0x0f5c WpdUpFltr - ok
16:32:47.0783 0x0f5c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:32:47.0815 0x0f5c ws2ifsl - ok
16:32:47.0846 0x0f5c [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
16:32:47.0877 0x0f5c wscsvc - ok
16:32:47.0877 0x0f5c WSearch - ok
16:32:47.0987 0x0f5c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
16:32:48.0080 0x0f5c WSService - ok
16:32:48.0205 0x0f5c [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv C:\WINDOWS\system32\wuaueng.dll
16:32:48.0299 0x0f5c wuauserv - ok
16:32:48.0330 0x0f5c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
16:32:48.0346 0x0f5c WudfPf - ok
16:32:48.0377 0x0f5c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
16:32:48.0377 0x0f5c WUDFRd - ok
16:32:48.0408 0x0f5c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
16:32:48.0440 0x0f5c wudfsvc - ok
16:32:48.0440 0x0f5c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
16:32:48.0455 0x0f5c WUDFWpdFs - ok
16:32:48.0455 0x0f5c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
16:32:48.0471 0x0f5c WUDFWpdMtp - ok
16:32:48.0518 0x0f5c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
16:32:48.0565 0x0f5c WwanSvc - ok
16:32:48.0565 0x0f5c ================ Scan global ===============================
16:32:48.0612 0x0f5c [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
16:32:48.0674 0x0f5c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
16:32:48.0705 0x0f5c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
16:32:48.0752 0x0f5c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
16:32:48.0768 0x0f5c [ Global ] - ok
16:32:48.0768 0x0f5c ================ Scan MBR ==================================
16:32:48.0768 0x0f5c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:32:48.0877 0x0f5c \Device\Harddisk0\DR0 - ok
16:32:48.0924 0x0f5c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
16:32:54.0706 0x055c Object required for P2P: [ BC9DE9BAE3A65664B13AF35CE28423EF ] VBoxDrv
16:32:57.0190 0x055c Object send P2P result: true
16:32:57.0253 0x0f5c \Device\Harddisk1\DR1 - ok
16:32:57.0253 0x0f5c ================ Scan VBR ==================================
16:32:57.0268 0x0f5c [ 0E401EE20353C57AED72AA945D4AC452 ] \Device\Harddisk0\DR0\Partition1
16:32:57.0268 0x0f5c \Device\Harddisk0\DR0\Partition1 - ok
16:32:57.0284 0x0f5c [ 412C4F04C6D51700DEC93AC09747C1A1 ] \Device\Harddisk0\DR0\Partition2
16:32:57.0300 0x0f5c \Device\Harddisk0\DR0\Partition2 - ok
16:32:57.0315 0x0f5c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
16:32:57.0315 0x0f5c \Device\Harddisk0\DR0\Partition3 - ok
16:32:57.0331 0x0f5c [ C976C5B02963E594D06D4D5F0F060CE7 ] \Device\Harddisk0\DR0\Partition4
16:32:57.0346 0x0f5c \Device\Harddisk0\DR0\Partition4 - ok
16:32:57.0362 0x0f5c [ 5ED500FA354C818102AB238AFAB4D0F1 ] \Device\Harddisk0\DR0\Partition5
16:32:57.0378 0x0f5c \Device\Harddisk0\DR0\Partition5 - ok
16:32:57.0378 0x0f5c [ 470403338158A7CB112A1E16C7F3A2DF ] \Device\Harddisk0\DR0\Partition6
16:32:57.0393 0x0f5c \Device\Harddisk0\DR0\Partition6 - ok
16:32:57.0409 0x0f5c [ 07325CD235BE861D9DFDA70033053B37 ] \Device\Harddisk0\DR0\Partition7
16:32:57.0425 0x0f5c \Device\Harddisk0\DR0\Partition7 - ok
16:32:57.0471 0x0f5c [ 2BE6FD1835AE190504044107E43DAFC7 ] \Device\Harddisk1\DR1\Partition1
16:32:57.0518 0x0f5c \Device\Harddisk1\DR1\Partition1 - ok
16:32:57.0534 0x0f5c [ 1E9F8AF3B2D5DAF12DF09CF767A6238C ] \Device\Harddisk1\DR1\Partition2
16:32:57.0581 0x0f5c \Device\Harddisk1\DR1\Partition2 - ok
16:32:57.0612 0x0f5c [ E90F40AB4EC96432F6DA3044A2E2D56D ] \Device\Harddisk1\DR1\Partition3
16:32:57.0612 0x0f5c \Device\Harddisk1\DR1\Partition3 - ok
16:32:57.0643 0x0f5c [ 2FBD5E4531EE4D527F953FB2440C8481 ] \Device\Harddisk1\DR1\Partition4
16:32:57.0643 0x0f5c \Device\Harddisk1\DR1\Partition4 - ok
16:32:57.0675 0x0f5c [ 3C581E190C1E885BA1A3D38FC837C268 ] \Device\Harddisk1\DR1\Partition5
16:32:57.0675 0x0f5c \Device\Harddisk1\DR1\Partition5 - ok
16:32:57.0675 0x0f5c [ 1632AC83DC4556DB58BE808CA7872AC0 ] \Device\Harddisk1\DR1\Partition6
16:32:57.0690 0x0f5c \Device\Harddisk1\DR1\Partition6 - ok
16:32:57.0706 0x0f5c [ 1C185D8F16CD5E1BB2812FBC3D8598D8 ] \Device\Harddisk1\DR1\Partition7
16:32:57.0706 0x0f5c \Device\Harddisk1\DR1\Partition7 - ok
16:32:57.0721 0x0f5c [ 0D8C063718B95370F87DBDFCC91CBD06 ] \Device\Harddisk1\DR1\Partition8
16:32:57.0737 0x0f5c \Device\Harddisk1\DR1\Partition8 - ok
16:32:57.0737 0x0f5c ================ Scan generic autorun ======================
16:32:58.0065 0x0f5c [ 9CE8442B63A1E45E317E1B55A00FF441, 580517A62B41FB69F52A725895E25538A0FCA527D9ABC376EF56AEAE5BCC2DB9 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:32:58.0284 0x0f5c RTHDVCPL - ok
16:32:58.0331 0x0f5c [ 51F358BE1583FB3246020E36DEEB3E0F, 23E096D57FF2D45168FF5AFF48C10A2E0A144708CD046B1C4F3897205CC8A147 ] C:\WINDOWS\system32\igfxtray.exe
16:32:58.0331 0x0f5c IgfxTray - ok
16:32:58.0362 0x0f5c [ 1218C5653632440C18ECEA89D1CA4575, AF0E7AA60890C52A257D3501FFE652E95F095407A7C6F6F4F00162A9F7DE7C2D ] C:\WINDOWS\system32\hkcmd.exe
16:32:58.0378 0x0f5c HotKeysCmds - ok
16:32:58.0409 0x0f5c [ CC8EB098AEDF4BC97D3004A182099EED, 6ADFB7CB5047C47D86C769F21191B12D2F3FD3BC96665B4CCFD8C8DA44C64ED9 ] C:\WINDOWS\system32\igfxpers.exe
16:32:58.0425 0x0f5c Persistence - ok
16:32:58.0471 0x0f5c [ 0F77770991308CA1F58F18EED7EBE7B7, 3CB77C6ADAC58EE7F85BD3EA1F7C8218A95BE84B15DB38E39E66BF5CD32B4CE0 ] D:\Program Files\Eraser\Eraser.exe
16:32:58.0503 0x0f5c Eraser - ok
16:32:58.0518 0x0f5c Classic Start Menu - ok
16:32:58.0612 0x0f5c [ E76F43260D050DE1D5370AEF266EB3C8, DB30811E46BB55B03BEE97414A561B8DE2136E16764514CC3A4DF056BD5E0859 ] D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe
16:32:58.0643 0x0f5c EaseUS EPM tray - ok
16:32:58.0675 0x0f5c EaseUs Watch - ok
16:32:58.0675 0x0f5c EaseUs Tray - ok
16:32:58.0737 0x0f5c [ A21E70B4F972CA396A80013D0D436350, EE9C6A43895BBFE901CE8055E166064D1F38F196F4F8342DBED43D9E2A1E855E ] D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
16:32:58.0753 0x0f5c Acrobat Assistant 8.0 - ok
16:32:58.0753 0x0f5c HP Software Update - ok
16:32:58.0815 0x0f5c [ 9CEE13DDCF207923A1849A8371E714E9, F1265E1065AEC5CC1397617F6EB9D6321A1B6B14447D4BA0FE23AC7532675403 ] C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe
16:32:58.0831 0x0f5c Malwarebytes Anti-Malware (cleanup) - ok
16:32:58.0831 0x0f5c {BB908A45-EC0D-4331-9F62-A3A7E52E3F7A} - ok
16:32:58.0831 0x0f5c Report - ok
16:32:58.0878 0x0f5c [ D2626AEB1197BCFD5086E54BFAFC266B, 9436974F439AF26858420E7E4BE6F16E4B3E0FC835574A673206A0B21A44F698 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
16:32:58.0893 0x0f5c GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189 - ok
16:32:58.0956 0x0f5c [ 0049D80BAB72557E9DD09C223FD71E58, AE98C428233E1494A860013638EE1FF1CE609EA17D2EB2D5829757071C273717 ] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
16:32:58.0972 0x0f5c Spotify Web Helper - ok
16:32:59.0003 0x0f5c SpybotPostWindows10UpgradeReInstall - ok
16:32:59.0003 0x0f5c Waiting for KSN requests completion. In queue: 10
16:33:00.0018 0x0f5c Waiting for KSN requests completion. In queue: 10
16:33:01.0034 0x0f5c Waiting for KSN requests completion. In queue: 10
16:33:02.0097 0x0f5c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
16:33:02.0097 0x0f5c Win FW state via NFP2: enabled ( trusted )
16:33:04.0441 0x0f5c ============================================================
16:33:04.0441 0x0f5c Scan finished
16:33:04.0441 0x0f5c ============================================================
16:33:04.0441 0x1520 Detected object count: 0
16:33:04.0441 0x1520 Actual detected object count: 0
|
|
11.02.2016, 22:35
| #20 |
| | "nbi cleaner" ist wieder/noch da TDSSKiller2 Code:
ATTFilter 13:53:27.0790 0x12c0 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:53:27.0790 0x12c0 UEFI system
13:53:35.0946 0x12c0 ============================================================
13:53:35.0946 0x12c0 Current date / time: 2016/02/02 13:53:35.0946
13:53:35.0946 0x12c0 SystemInfo:
13:53:35.0946 0x12c0
13:53:35.0946 0x12c0 OS Version: 6.3.9600 ServicePack: 0.0
13:53:35.0946 0x12c0 Product type: Workstation
13:53:35.0946 0x12c0 ComputerName: PANDORA
13:53:35.0946 0x12c0 UserName: RudolfAlexander
13:53:35.0946 0x12c0 Windows directory: C:\WINDOWS
13:53:35.0946 0x12c0 System windows directory: C:\WINDOWS
13:53:35.0946 0x12c0 Running under WOW64
13:53:35.0946 0x12c0 Processor architecture: Intel x64
13:53:35.0946 0x12c0 Number of processors: 4
13:53:35.0946 0x12c0 Page size: 0x1000
13:53:35.0946 0x12c0 Boot type: Normal boot
13:53:35.0946 0x12c0 ============================================================
13:53:36.0759 0x12c0 KLMD registered as C:\WINDOWS\system32\drivers\89578606.sys
13:53:39.0415 0x12c0 System UUID: {40227DEC-E4A1-82DB-21C8-4BC061EBCAB4}
13:53:40.0384 0x12c0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:53:40.0415 0x12c0 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:53:41.0197 0x12c0 ============================================================
13:53:41.0197 0x12c0 \Device\Harddisk0\DR0:
13:53:41.0212 0x12c0 GPT partitions:
13:53:41.0212 0x12c0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A3D8D5E5-A985-4072-B5CD-4718B364900F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
13:53:41.0212 0x12c0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CE9B2FBF-93EA-44DD-8281-4FCDE0798894}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
13:53:41.0212 0x12c0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6FB7C402-4DBB-48D5-ADA4-36B77D0B027D}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
13:53:41.0212 0x12c0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B02263C1-4C0F-433D-9872-6CAA8BC19078}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x1BE82000
13:53:41.0212 0x12c0 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {92A1C2AC-1DDF-4015-B25E-6A85B147A626}, Name: , StartLBA 0x1C020800, BlocksNum 0xAF000
13:53:41.0212 0x12c0 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2FAE47B0-30E2-4477-8EB4-D6B0454D6340}, Name: Basic data partition, StartLBA 0x1C0CF800, BlocksNum 0x1C0B6800
13:53:41.0212 0x12c0 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {933C79F5-AB01-46A1-914C-BBA3A6F98478}, Name: Basic data partition, StartLBA 0x38186000, BlocksNum 0x2200000
13:53:41.0212 0x12c0 MBR partitions:
13:53:41.0212 0x12c0 \Device\Harddisk1\DR1:
13:53:41.0212 0x12c0 MBR partitions:
13:53:41.0228 0x12c0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F06, BlocksNum 0xED16C60
13:53:41.0243 0x12c0 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xED1ABB3, BlocksNum 0xEA60903
13:53:41.0259 0x12c0 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x1D77B4F5, BlocksNum 0xCD1578B
13:53:41.0275 0x12c0 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x2A490CBF, BlocksNum 0xC3B5227
13:53:41.0290 0x12c0 \Device\Harddisk1\DR1\Partition5: MBR, Type 0xB, StartLBA 0x36845F25, BlocksNum 0x14297E5
13:53:41.0306 0x12c0 \Device\Harddisk1\DR1\Partition6: MBR, Type 0x7, StartLBA 0x37C6F749, BlocksNum 0x10D664C
13:53:41.0322 0x12c0 \Device\Harddisk1\DR1\Partition7: MBR, Type 0xB, StartLBA 0x38D45DD4, BlocksNum 0x3F7D04
13:53:41.0337 0x12c0 \Device\Harddisk1\DR1\Partition8: MBR, Type 0xB, StartLBA 0x3913DB17, BlocksNum 0x41B1CD
13:53:41.0337 0x12c0 ============================================================
13:53:41.0384 0x12c0 C: <-> \Device\Harddisk0\DR0\Partition4
13:53:41.0415 0x12c0 D: <-> \Device\Harddisk0\DR0\Partition6
13:53:41.0478 0x12c0 E: <-> \Device\Harddisk1\DR1\Partition1
13:53:41.0509 0x12c0 F: <-> \Device\Harddisk1\DR1\Partition2
13:53:41.0540 0x12c0 G: <-> \Device\Harddisk1\DR1\Partition3
13:53:41.0587 0x12c0 H: <-> \Device\Harddisk1\DR1\Partition4
13:53:41.0603 0x12c0 L: <-> \Device\Harddisk1\DR1\Partition7
13:53:41.0618 0x12c0 I: <-> \Device\Harddisk1\DR1\Partition5
13:53:41.0650 0x12c0 J: <-> \Device\Harddisk1\DR1\Partition6
13:53:41.0650 0x12c0 M: <-> \Device\Harddisk1\DR1\Partition8
13:53:41.0650 0x12c0 ============================================================
13:53:41.0650 0x12c0 Initialize success
13:53:41.0650 0x12c0 ============================================================
13:54:22.0136 0x0650 ============================================================
13:54:22.0136 0x0650 Scan started
13:54:22.0136 0x0650 Mode: Manual; SigCheck; TDLFS;
13:54:22.0136 0x0650 ============================================================
13:54:22.0136 0x0650 KSN ping started
13:54:24.0480 0x0650 KSN ping finished: true
13:54:27.0152 0x0650 ================ Scan system memory ========================
13:54:27.0152 0x0650 System memory - ok
13:54:27.0152 0x0650 ================ Scan services =============================
13:54:27.0355 0x0650 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
13:54:27.0449 0x0650 1394ohci - ok
13:54:27.0496 0x0650 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
13:54:27.0496 0x0650 3ware - ok
13:54:27.0543 0x0650 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
13:54:27.0558 0x0650 ACPI - ok
13:54:27.0574 0x0650 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
13:54:27.0574 0x0650 acpiex - ok
13:54:27.0590 0x0650 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
13:54:27.0605 0x0650 acpipagr - ok
13:54:27.0636 0x0650 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
13:54:27.0668 0x0650 AcpiPmi - ok
13:54:27.0683 0x0650 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
13:54:27.0683 0x0650 acpitime - ok
13:54:27.0761 0x0650 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
13:54:27.0761 0x0650 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
13:54:30.0105 0x0650 Detect skipped due to KSN trusted
13:54:30.0105 0x0650 Adobe LM Service - ok
13:54:30.0246 0x0650 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:54:30.0246 0x0650 AdobeARMservice - ok
13:54:30.0683 0x0650 [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:54:30.0699 0x0650 AdobeFlashPlayerUpdateSvc - ok
13:54:30.0793 0x0650 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:54:30.0824 0x0650 ADP80XX - ok
13:54:30.0887 0x0650 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
13:54:30.0902 0x0650 AeLookupSvc - ok
13:54:30.0949 0x0650 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
13:54:31.0027 0x0650 AFD - ok
13:54:31.0058 0x0650 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
13:54:31.0074 0x0650 agp440 - ok
13:54:31.0090 0x0650 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:54:31.0105 0x0650 ahcache - ok
13:54:31.0137 0x0650 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
13:54:31.0152 0x0650 ALG - ok
13:54:31.0168 0x0650 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
13:54:31.0199 0x0650 AmdK8 - ok
13:54:31.0230 0x0650 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
13:54:31.0246 0x0650 AmdPPM - ok
13:54:31.0262 0x0650 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
13:54:31.0262 0x0650 amdsata - ok
13:54:31.0277 0x0650 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
13:54:31.0293 0x0650 amdsbs - ok
13:54:31.0293 0x0650 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
13:54:31.0293 0x0650 amdxata - ok
13:54:31.0324 0x0650 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
13:54:31.0340 0x0650 AppID - ok
13:54:31.0387 0x0650 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
13:54:31.0387 0x0650 AppIDSvc - ok
13:54:31.0418 0x0650 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
13:54:31.0434 0x0650 Appinfo - ok
13:54:31.0465 0x0650 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
13:54:31.0480 0x0650 AppReadiness - ok
13:54:31.0543 0x0650 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
13:54:31.0590 0x0650 AppXSvc - ok
13:54:31.0621 0x0650 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
13:54:31.0637 0x0650 arcsas - ok
13:54:31.0746 0x0650 [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:54:31.0746 0x0650 aspnet_state - ok
13:54:31.0777 0x0650 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
13:54:31.0777 0x0650 atapi - ok
13:54:31.0809 0x0650 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:54:31.0840 0x0650 AudioEndpointBuilder - ok
13:54:31.0871 0x0650 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
13:54:31.0887 0x0650 Audiosrv - ok
13:54:31.0934 0x0650 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
13:54:31.0949 0x0650 AxInstSV - ok
13:54:31.0996 0x0650 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
13:54:32.0012 0x0650 b06bdrv - ok
13:54:32.0027 0x0650 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:54:32.0043 0x0650 BasicDisplay - ok
13:54:32.0074 0x0650 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
13:54:32.0090 0x0650 BasicRender - ok
13:54:32.0184 0x0650 [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
13:54:32.0199 0x0650 BBSvc - ok
13:54:32.0215 0x0650 [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
13:54:32.0215 0x0650 BBUpdate - ok
13:54:32.0262 0x0650 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
13:54:32.0277 0x0650 bcmfn2 - ok
13:54:32.0324 0x0650 [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
13:54:32.0340 0x0650 BDESVC - ok
13:54:32.0371 0x0650 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:54:32.0371 0x0650 Beep - ok
13:54:32.0402 0x0650 [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\WINDOWS\System32\bfe.dll
13:54:32.0449 0x0650 BFE - ok
13:54:32.0496 0x0650 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
13:54:32.0527 0x0650 BITS - ok
13:54:32.0574 0x0650 [ 9DC3EB88894E729E6FBB0B43ACADDD1A, A72B90FD7AB76DCFE360134DD7606F20F9D9E817648D26F4A322289EBBB3D99D ] Bonjour Service C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
13:54:32.0574 0x0650 Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
13:54:34.0902 0x0650 Detect skipped due to KSN trusted
13:54:34.0902 0x0650 Bonjour Service - ok
13:54:34.0934 0x0650 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
13:54:34.0949 0x0650 bowser - ok
13:54:34.0981 0x0650 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:54:35.0012 0x0650 BrokerInfrastructure - ok
13:54:35.0059 0x0650 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
13:54:35.0074 0x0650 Browser - ok
13:54:35.0106 0x0650 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:54:35.0121 0x0650 BthAvrcpTg - ok
13:54:35.0152 0x0650 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
13:54:35.0168 0x0650 BthHFEnum - ok
13:54:35.0184 0x0650 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
13:54:35.0184 0x0650 bthhfhid - ok
13:54:35.0199 0x0650 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
13:54:35.0215 0x0650 BthHFSrv - ok
13:54:35.0231 0x0650 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
13:54:35.0246 0x0650 BTHMODEM - ok
13:54:35.0262 0x0650 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
13:54:35.0293 0x0650 bthserv - ok
13:54:35.0387 0x0650 [ 843F5EFF90A988617C5FFD8596A2B571, 69FF9731876E1CBA4BBF00557F0CBC73247165F8EB45F45A55CC0178A7B90D44 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
13:54:35.0465 0x0650 CCDMonitorService - ok
13:54:35.0512 0x0650 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:54:35.0527 0x0650 cdfs - ok
13:54:35.0543 0x0650 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
13:54:35.0559 0x0650 cdrom - ok
13:54:35.0606 0x0650 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
13:54:35.0621 0x0650 CertPropSvc - ok
13:54:35.0652 0x0650 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
13:54:35.0668 0x0650 circlass - ok
13:54:35.0699 0x0650 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
13:54:35.0715 0x0650 CLFS - ok
13:54:35.0731 0x0650 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
13:54:35.0746 0x0650 CmBatt - ok
13:54:35.0777 0x0650 [ C9ACE28CDCD5FF473033A01AA510A184, 8A423D613894EB531C48025A11F1ABB923AFB38070E0A24A8D71909B217CE406 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
13:54:35.0809 0x0650 CNG - ok
13:54:35.0824 0x0650 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
13:54:35.0824 0x0650 CompositeBus - ok
13:54:35.0840 0x0650 COMSysApp - ok
13:54:35.0856 0x0650 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
13:54:35.0856 0x0650 condrv - ok
13:54:35.0918 0x0650 [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
13:54:35.0934 0x0650 cphs - ok
13:54:35.0981 0x0650 cpuz137 - ok
13:54:36.0043 0x0650 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
13:54:36.0059 0x0650 CryptSvc - ok
13:54:36.0106 0x0650 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
13:54:36.0121 0x0650 dam - ok
13:54:36.0168 0x0650 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:54:36.0199 0x0650 DcomLaunch - ok
13:54:36.0231 0x0650 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
13:54:36.0278 0x0650 defragsvc - ok
13:54:36.0309 0x0650 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:54:36.0324 0x0650 DeviceAssociationService - ok
13:54:36.0371 0x0650 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
13:54:36.0403 0x0650 DeviceInstall - ok
13:54:36.0434 0x0650 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
13:54:36.0449 0x0650 Dfsc - ok
13:54:36.0481 0x0650 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
13:54:36.0512 0x0650 Dhcp - ok
13:54:36.0574 0x0650 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
13:54:36.0637 0x0650 DiagTrack - ok
13:54:36.0684 0x0650 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
13:54:36.0684 0x0650 disk - ok
13:54:36.0699 0x0650 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
13:54:36.0746 0x0650 dmvsc - ok
13:54:36.0778 0x0650 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:54:36.0778 0x0650 Dnscache - ok
13:54:36.0809 0x0650 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
13:54:36.0824 0x0650 dot3svc - ok
13:54:36.0856 0x0650 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
13:54:36.0871 0x0650 dot4 - ok
13:54:36.0871 0x0650 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
13:54:36.0887 0x0650 Dot4Print - ok
13:54:36.0887 0x0650 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
13:54:36.0903 0x0650 dot4usb - ok
13:54:36.0934 0x0650 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
13:54:36.0934 0x0650 DPS - ok
13:54:36.0981 0x0650 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:54:36.0981 0x0650 drmkaud - ok
13:54:37.0012 0x0650 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
13:54:37.0028 0x0650 DsmSvc - ok
13:54:37.0106 0x0650 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:54:37.0153 0x0650 DXGKrnl - ok
13:54:37.0184 0x0650 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
13:54:37.0199 0x0650 Eaphost - ok
13:54:37.0278 0x0650 [ 09036ED65D41B334CF541D3F3E982EAB, 7B68E0D732ADA2C15A7C3AEC62105076132F71B653467A793729D893366AA76B ] EaseUS Agent C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
13:54:37.0309 0x0650 EaseUS Agent - ok
13:54:37.0403 0x0650 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
13:54:37.0512 0x0650 ebdrv - ok
13:54:37.0559 0x0650 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
13:54:37.0574 0x0650 EFS - ok
13:54:37.0590 0x0650 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
13:54:37.0590 0x0650 EhStorClass - ok
13:54:37.0606 0x0650 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:54:37.0621 0x0650 EhStorTcgDrv - ok
13:54:37.0653 0x0650 [ 1B677389760689A11241884C700B48E0, 75EC4D16F3F6004D2697AE25E029B95D8B9611911039777B781C5707DA6048C6 ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys
13:54:37.0653 0x0650 epmntdrv - ok
13:54:37.0746 0x0650 [ 138690A45CE2EE341D00A86AFF44D95F, 79230ED8285E5A9FCB7A6C3EFE64E1BAEBC64018394F9E8849A493F4ADA5C006 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
13:54:37.0762 0x0650 ePowerSvc - ok
13:54:37.0778 0x0650 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
13:54:37.0778 0x0650 ErrDev - ok
13:54:37.0824 0x0650 [ E47A0ECA90AF393983EF30E458606BB5, 1EB07711968ADBAB63A993FC54795DAAA9514F6E58FDED9EE9CA2DA3CCD620E1 ] EUBAKUP C:\WINDOWS\system32\drivers\eubakup.sys
13:54:37.0824 0x0650 EUBAKUP - ok
13:54:37.0840 0x0650 [ 17696B5ACDBDFFC7D26C4B56BF132AD5, 3D2499FE2406300357B746AF82F69CBF1A1039B1F2DD755018F2185FDE26EA7E ] EUBKMON C:\WINDOWS\system32\drivers\EUBKMON.sys
13:54:37.0856 0x0650 EUBKMON - ok
13:54:37.0856 0x0650 [ FCFD172899D0A026E5BD29F4775BFA76, CC651EAA870D9107B9FAC84B2FA2B8F166C5CA8FBDA803AFBDE07F523FA8C667 ] EUDSKACS C:\Windows\system32\drivers\eudskacs.sys
13:54:37.0856 0x0650 EUDSKACS - ok
13:54:37.0871 0x0650 [ 1D866B50C9B1BA3FE90CC81E0DBC0E15, 07606693CA155EC3BA2FEF6B1C70263AD0F6C2935E1C99572BB2152260F33E28 ] EUFDDISK C:\Windows\system32\drivers\EuFdDisk.sys
13:54:37.0887 0x0650 EUFDDISK - ok
13:54:37.0918 0x0650 [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys
13:54:37.0918 0x0650 EuGdiDrv - ok
13:54:37.0965 0x0650 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
13:54:37.0981 0x0650 EventSystem - ok
13:54:38.0012 0x0650 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
13:54:38.0043 0x0650 exfat - ok
13:54:38.0074 0x0650 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
13:54:38.0074 0x0650 fastfat - ok
13:54:38.0121 0x0650 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
13:54:38.0168 0x0650 Fax - ok
13:54:38.0168 0x0650 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
13:54:38.0184 0x0650 fdc - ok
13:54:38.0215 0x0650 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
13:54:38.0231 0x0650 fdPHost - ok
13:54:38.0262 0x0650 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
13:54:38.0262 0x0650 FDResPub - ok
13:54:38.0309 0x0650 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
13:54:38.0309 0x0650 fhsvc - ok
13:54:38.0356 0x0650 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
13:54:38.0356 0x0650 FileInfo - ok
13:54:38.0371 0x0650 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
13:54:38.0387 0x0650 Filetrace - ok
13:54:38.0465 0x0650 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:54:38.0481 0x0650 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
13:54:40.0825 0x0650 Detect skipped due to KSN trusted
13:54:40.0825 0x0650 FLEXnet Licensing Service - ok
13:54:40.0840 0x0650 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
13:54:40.0840 0x0650 flpydisk - ok
13:54:40.0887 0x0650 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:54:40.0903 0x0650 FltMgr - ok
13:54:40.0965 0x0650 [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\WINDOWS\system32\FntCache.dll
13:54:41.0028 0x0650 FontCache - ok
13:54:41.0137 0x0650 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:54:41.0137 0x0650 FontCache3.0.0.0 - ok
13:54:41.0168 0x0650 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
13:54:41.0184 0x0650 FsDepends - ok
13:54:41.0215 0x0650 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:54:41.0231 0x0650 Fs_Rec - ok
13:54:41.0247 0x0650 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:54:41.0278 0x0650 fvevol - ok
13:54:41.0293 0x0650 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
13:54:41.0293 0x0650 FxPPM - ok
13:54:41.0309 0x0650 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
13:54:41.0309 0x0650 gagp30kx - ok
13:54:41.0340 0x0650 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
13:54:41.0356 0x0650 gencounter - ok
13:54:41.0372 0x0650 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:54:41.0387 0x0650 GPIOClx0101 - ok
13:54:41.0450 0x0650 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
13:54:41.0497 0x0650 gpsvc - ok
13:54:41.0543 0x0650 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:54:41.0559 0x0650 gupdate - ok
13:54:41.0559 0x0650 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:54:41.0559 0x0650 gupdatem - ok
13:54:41.0590 0x0650 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
13:54:41.0622 0x0650 HDAudBus - ok
13:54:41.0653 0x0650 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
13:54:41.0653 0x0650 HidBatt - ok
13:54:41.0700 0x0650 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
13:54:41.0715 0x0650 HidBth - ok
13:54:41.0715 0x0650 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
13:54:41.0731 0x0650 hidi2c - ok
13:54:41.0747 0x0650 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
13:54:41.0762 0x0650 HidIr - ok
13:54:41.0793 0x0650 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
13:54:41.0809 0x0650 hidserv - ok
13:54:41.0825 0x0650 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
13:54:41.0856 0x0650 HidUsb - ok
13:54:41.0872 0x0650 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
13:54:41.0887 0x0650 hkmsvc - ok
13:54:41.0934 0x0650 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:54:41.0950 0x0650 HomeGroupListener - ok
13:54:41.0981 0x0650 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:54:41.0997 0x0650 HomeGroupProvider - ok
13:54:42.0059 0x0650 [ 930370725FA0FE272346583A7A7D6BDB, 98195638D548A6E5E574E062FDCF4E5833DDE834399787EC51C340699B6E5E64 ] hpqcxs08 D:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
13:54:42.0075 0x0650 hpqcxs08 - ok
13:54:42.0090 0x0650 [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc D:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
13:54:42.0090 0x0650 hpqddsvc - ok
13:54:42.0122 0x0650 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
13:54:42.0137 0x0650 HpSAMD - ok
13:54:42.0278 0x0650 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Users\RUDOLF~1\AppData\Local\Temp\7zS5C6D\hpslpsvc64.dll
13:54:42.0293 0x0650 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
13:54:44.0637 0x0650 Detect skipped due to KSN trusted
13:54:44.0637 0x0650 HPSLPSVC - ok
13:54:44.0684 0x0650 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
13:54:44.0715 0x0650 HTTP - ok
13:54:44.0747 0x0650 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
13:54:44.0762 0x0650 hwpolicy - ok
13:54:44.0762 0x0650 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
13:54:44.0778 0x0650 hyperkbd - ok
13:54:44.0809 0x0650 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
13:54:44.0809 0x0650 HyperVideo - ok
13:54:44.0825 0x0650 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
13:54:44.0840 0x0650 i8042prt - ok
13:54:44.0856 0x0650 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:54:44.0856 0x0650 iaLPSSi_GPIO - ok
13:54:44.0872 0x0650 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:54:44.0872 0x0650 iaLPSSi_I2C - ok
13:54:44.0903 0x0650 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
13:54:44.0919 0x0650 iaStorAV - ok
13:54:44.0934 0x0650 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
13:54:44.0950 0x0650 iaStorV - ok
13:54:45.0075 0x0650 [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
13:54:45.0153 0x0650 IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
13:54:47.0481 0x0650 Detect skipped due to KSN trusted
13:54:47.0481 0x0650 IconMan_R - ok
13:54:47.0481 0x0650 IEEtwCollectorService - ok
13:54:47.0606 0x0650 [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
13:54:47.0731 0x0650 igfx - ok
13:54:47.0794 0x0650 [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\WINDOWS\System32\ikeext.dll
13:54:47.0825 0x0650 IKEEXT - ok
13:54:47.0856 0x0650 [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
13:54:47.0856 0x0650 intaud_WaveExtensible - ok
13:54:47.0981 0x0650 [ F1A3ECE3809AF333810ED0A872200226, BF1CC3EE64A9BDE41A5139A56016DE79DB87212D130B6024A03206CFCF65AC72 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:54:48.0106 0x0650 IntcAzAudAddService - ok
13:54:48.0137 0x0650 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
13:54:48.0169 0x0650 IntcDAud - ok
13:54:48.0263 0x0650 [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:54:48.0294 0x0650 Intel(R) Capability Licensing Service Interface - ok
13:54:48.0325 0x0650 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
13:54:48.0325 0x0650 intelide - ok
13:54:48.0356 0x0650 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
13:54:48.0356 0x0650 intelpep - ok
13:54:48.0372 0x0650 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
13:54:48.0372 0x0650 intelppm - ok
13:54:48.0419 0x0650 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:54:48.0434 0x0650 IpFilterDriver - ok
13:54:48.0481 0x0650 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
13:54:48.0513 0x0650 iphlpsvc - ok
13:54:48.0528 0x0650 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:54:48.0559 0x0650 IPMIDRV - ok
13:54:48.0575 0x0650 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
13:54:48.0606 0x0650 IPNAT - ok
13:54:48.0700 0x0650 [ B76542085ABAD1AD4E5684F761DFC2EF, C6699B788D6E81E73519433F12BFD3B12C71A5EE2A12810697FE9C4350A179B3 ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
13:54:48.0700 0x0650 IpOverUsbSvc - ok
13:54:48.0716 0x0650 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
13:54:48.0731 0x0650 IRENUM - ok
13:54:48.0778 0x0650 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
13:54:48.0778 0x0650 isapnp - ok
13:54:48.0809 0x0650 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
13:54:48.0825 0x0650 iScsiPrt - ok
13:54:48.0872 0x0650 [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
13:54:48.0872 0x0650 iwdbus - ok
13:54:48.0934 0x0650 [ 5B7DE9D87B9D2713BDD6A53678DC2A49, E7A0D68FA2ED2730640F40FF59338BE173C8973BFC38286E6320CA332A39C204 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:54:48.0934 0x0650 jhi_service - ok
13:54:48.0966 0x0650 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
13:54:48.0966 0x0650 kbdclass - ok
13:54:48.0981 0x0650 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
13:54:48.0997 0x0650 kbdhid - ok
13:54:49.0028 0x0650 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
13:54:49.0044 0x0650 kdnic - ok
13:54:49.0075 0x0650 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
13:54:49.0075 0x0650 KeyIso - ok
13:54:49.0106 0x0650 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
13:54:49.0122 0x0650 KSecDD - ok
13:54:49.0153 0x0650 [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:54:49.0153 0x0650 KSecPkg - ok
13:54:49.0169 0x0650 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
13:54:49.0169 0x0650 ksthunk - ok
13:54:49.0216 0x0650 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
13:54:49.0231 0x0650 KtmRm - ok
13:54:49.0263 0x0650 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
13:54:49.0294 0x0650 LanmanServer - ok
13:54:49.0325 0x0650 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:54:49.0341 0x0650 LanmanWorkstation - ok
13:54:49.0388 0x0650 [ 466D09ACE5DC75439A00AD19618B2306, E7E2A19547B5E9A8CC890A36EA2998286A79CC1449F2EDDE52A57AE531A8B341 ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
13:54:49.0419 0x0650 Lenovo EasyPlus Hotspot - ok
13:54:49.0466 0x0650 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
13:54:49.0481 0x0650 lfsvc - ok
13:54:49.0528 0x0650 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
13:54:49.0528 0x0650 lltdio - ok
13:54:49.0544 0x0650 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
13:54:49.0559 0x0650 lltdsvc - ok
13:54:49.0591 0x0650 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
13:54:49.0638 0x0650 lmhosts - ok
13:54:49.0653 0x0650 [ E70FD0D2C95F559A17321D831875593D, 57839ADA7CC6606D98B43FC2F4EC6F5E9B75A2F3EC937C11322201128A161E0D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:54:49.0669 0x0650 LMS - ok
13:54:49.0716 0x0650 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
13:54:49.0716 0x0650 LSI_SAS - ok
13:54:49.0731 0x0650 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
13:54:49.0731 0x0650 LSI_SAS2 - ok
13:54:49.0747 0x0650 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
13:54:49.0763 0x0650 LSI_SAS3 - ok
13:54:49.0778 0x0650 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
13:54:49.0794 0x0650 LSI_SSS - ok
13:54:49.0825 0x01b4 Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
13:54:49.0841 0x0650 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
13:54:49.0872 0x0650 LSM - ok
13:54:49.0903 0x0650 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
13:54:49.0919 0x0650 luafv - ok
13:54:49.0966 0x0650 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:54:49.0966 0x0650 MBAMProtector - ok
13:54:50.0044 0x0650 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler D:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:54:50.0091 0x0650 MBAMScheduler - ok
13:54:50.0122 0x0650 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService D:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
13:54:50.0169 0x0650 MBAMService - ok
13:54:50.0216 0x0650 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:54:50.0231 0x0650 MBAMSwissArmy - ok
13:54:50.0247 0x0650 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
13:54:50.0247 0x0650 MBAMWebAccessControl - ok
13:54:50.0294 0x0650 [ E416E967E3FB6FB1E9AE12B9C7DAB526, 4849AE6B628D349F64D26CDD638B34E598E7C839335961C6AE39B305765106A3 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
13:54:50.0294 0x0650 MDM - detected UnsignedFile.Multi.Generic ( 1 )
13:54:52.0294 0x01b4 Object send P2P result: true
13:54:52.0622 0x0650 Detect skipped due to KSN trusted
13:54:52.0622 0x0650 MDM - ok
13:54:52.0669 0x0650 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
13:54:52.0669 0x0650 megasas - ok
13:54:52.0685 0x0650 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
13:54:52.0716 0x0650 megasr - ok
13:54:52.0731 0x0650 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
13:54:52.0731 0x0650 MEIx64 - ok
13:54:52.0763 0x0650 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
13:54:52.0794 0x0650 MMCSS - ok
13:54:52.0825 0x0650 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
13:54:52.0825 0x0650 Modem - ok
13:54:52.0841 0x0650 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
13:54:52.0856 0x0650 monitor - ok
13:54:52.0872 0x0650 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
13:54:52.0888 0x0650 mouclass - ok
13:54:52.0888 0x0650 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
13:54:52.0919 0x0650 mouhid - ok
13:54:52.0950 0x0650 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
13:54:52.0950 0x0650 mountmgr - ok
13:54:52.0997 0x0650 [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:54:52.0997 0x0650 MozillaMaintenance - ok
13:54:53.0044 0x0650 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
13:54:53.0060 0x0650 mpsdrv - ok
13:54:53.0107 0x0650 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
13:54:53.0138 0x0650 MpsSvc - ok
13:54:53.0169 0x0650 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
13:54:53.0185 0x0650 MRxDAV - ok
13:54:53.0200 0x0650 [ 767087A3646D01EBA4E8DDD903920BD0, 2BFB9018DBAD5805796B4F8B7E7E8094240A06657AC50C4D9287B25F49D27426 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:54:53.0232 0x0650 mrxsmb - ok
13:54:53.0247 0x0650 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:54:53.0278 0x0650 mrxsmb10 - ok
13:54:53.0294 0x0650 [ D5EB16B7A8FBD925E5A4F27A653E38C9, B7AADCB7F67D6D3933EB8075DC7D8A48F35D704FE8123C2D447677347DC06379 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:54:53.0310 0x0650 mrxsmb20 - ok
13:54:53.0341 0x0650 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
13:54:53.0357 0x0650 MsBridge - ok
13:54:53.0372 0x0650 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
13:54:53.0388 0x0650 MSDTC - ok
13:54:53.0419 0x0650 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:54:53.0435 0x0650 Msfs - ok
13:54:53.0466 0x0650 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:54:53.0466 0x0650 msgpiowin32 - ok
13:54:53.0482 0x0650 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:54:53.0482 0x0650 mshidkmdf - ok
13:54:53.0497 0x0650 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
13:54:53.0513 0x0650 mshidumdf - ok
13:54:53.0528 0x0650 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
13:54:53.0544 0x0650 msisadrv - ok
13:54:53.0544 0x0650 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
13:54:53.0560 0x0650 MSiSCSI - ok
13:54:53.0560 0x0650 msiserver - ok
13:54:53.0591 0x0650 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:54:53.0591 0x0650 MSKSSRV - ok
13:54:53.0622 0x0650 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
13:54:53.0638 0x0650 MsLldp - ok
13:54:53.0653 0x0650 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:54:53.0653 0x0650 MSPCLOCK - ok
13:54:53.0669 0x0650 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:54:53.0669 0x0650 MSPQM - ok
13:54:53.0685 0x0650 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
13:54:53.0700 0x0650 MsRPC - ok
13:54:53.0700 0x0650 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
13:54:53.0716 0x0650 mssmbios - ok
13:54:53.0716 0x0650 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:54:53.0732 0x0650 MSTEE - ok
13:54:53.0732 0x0650 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
13:54:53.0747 0x0650 MTConfig - ok
13:54:53.0747 0x0650 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
13:54:53.0763 0x0650 Mup - ok
13:54:53.0778 0x0650 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
13:54:53.0778 0x0650 mvumis - ok
13:54:54.0294 0x0650 [ FD5B8146FB8E7BBB25C3AFE5B4474024, 6B77997118703C0AAE0970C1224A3CD171EEF19376A6E43511701C141897395D ] MySQL D:\Programme\MariaDB 10.1\bin\mysqld.exe
13:54:54.0700 0x0650 MySQL - ok
13:54:54.0763 0x0650 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
13:54:54.0778 0x0650 napagent - ok
13:54:54.0825 0x0650 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:54:54.0857 0x0650 NativeWifiP - ok
13:54:54.0919 0x0650 [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
13:54:54.0935 0x0650 NAUpdate - ok
13:54:54.0982 0x0650 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
13:54:55.0013 0x0650 NcaSvc - ok
13:54:55.0044 0x0650 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
13:54:55.0060 0x0650 NcbService - ok
13:54:55.0091 0x0650 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
13:54:55.0107 0x0650 NcdAutoSetup - ok
13:54:55.0169 0x0650 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
13:54:55.0200 0x0650 NDIS - ok
13:54:55.0232 0x0650 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
13:54:55.0232 0x0650 NdisCap - ok
13:54:55.0278 0x0650 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
13:54:55.0294 0x0650 NdisImPlatform - ok
13:54:55.0325 0x0650 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:54:55.0341 0x0650 NdisTapi - ok
13:54:55.0357 0x0650 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:54:55.0372 0x0650 Ndisuio - ok
13:54:55.0388 0x0650 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:54:55.0388 0x0650 NdisVirtualBus - ok
13:54:55.0404 0x0650 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:54:55.0419 0x0650 NdisWan - ok
13:54:55.0419 0x0650 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:54:55.0435 0x0650 NdisWanLegacy - ok
13:54:55.0466 0x0650 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:54:55.0482 0x0650 NDProxy - ok
13:54:55.0482 0x0650 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
13:54:55.0497 0x0650 Ndu - ok
13:54:55.0529 0x0650 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
13:54:55.0544 0x0650 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:54:57.0872 0x0650 Detect skipped due to KSN trusted
13:54:57.0872 0x0650 Net Driver HPZ12 - ok
13:54:57.0904 0x0650 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:54:57.0904 0x0650 NetBIOS - ok
13:54:57.0919 0x0650 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:54:57.0951 0x0650 NetBT - ok
13:54:57.0951 0x0650 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
13:54:57.0951 0x0650 Netlogon - ok
13:54:57.0997 0x0650 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
13:54:58.0013 0x0650 Netman - ok
13:54:58.0060 0x0650 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
13:54:58.0076 0x0650 netprofm - ok
13:54:58.0169 0x0650 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:54:58.0201 0x0650 NetTcpPortSharing - ok
13:54:58.0247 0x0650 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
13:54:58.0263 0x0650 netvsc - ok
13:54:58.0294 0x0650 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
13:54:58.0326 0x0650 NlaSvc - ok
13:54:58.0357 0x0650 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf C:\WINDOWS\system32\drivers\npf.sys
13:54:58.0357 0x0650 npf - ok
13:54:58.0388 0x0650 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:54:58.0388 0x0650 Npfs - ok
13:54:58.0419 0x0650 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
13:54:58.0435 0x0650 npsvctrig - ok
13:54:58.0482 0x0650 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
13:54:58.0497 0x0650 nsi - ok
13:54:58.0513 0x0650 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
13:54:58.0529 0x0650 nsiproxy - ok
13:54:58.0591 0x0650 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:54:58.0654 0x0650 Ntfs - ok
13:54:58.0685 0x0650 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
13:54:58.0701 0x0650 Null - ok
13:54:58.0716 0x0650 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
13:54:58.0716 0x0650 nvraid - ok
13:54:58.0732 0x0650 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
13:54:58.0747 0x0650 nvstor - ok
13:54:58.0763 0x0650 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
13:54:58.0763 0x0650 nv_agp - ok
13:54:58.0794 0x0650 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:54:58.0810 0x0650 ose - ok
13:54:58.0841 0x0650 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
13:54:58.0872 0x0650 p2pimsvc - ok
13:54:58.0904 0x0650 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
13:54:58.0935 0x0650 p2psvc - ok
13:54:58.0951 0x0650 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
13:54:58.0966 0x0650 Parport - ok
13:54:58.0997 0x0650 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
13:54:59.0013 0x0650 partmgr - ok
13:54:59.0060 0x0650 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
13:54:59.0076 0x0650 PcaSvc - ok
13:54:59.0122 0x0650 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
13:54:59.0138 0x0650 pci - ok
13:54:59.0169 0x0650 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
13:54:59.0169 0x0650 pciide - ok
13:54:59.0185 0x0650 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
13:54:59.0185 0x0650 pcmcia - ok
13:54:59.0201 0x0650 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
13:54:59.0216 0x0650 pcw - ok
13:54:59.0232 0x0650 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
13:54:59.0247 0x0650 pdc - ok
13:54:59.0294 0x0650 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
13:54:59.0310 0x0650 PEAUTH - ok
13:54:59.0388 0x0650 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
13:54:59.0388 0x0650 PerfHost - ok
13:54:59.0497 0x0650 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
13:54:59.0544 0x0650 pla - ok
13:54:59.0591 0x0650 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
13:54:59.0591 0x0650 PlugPlay - ok
13:54:59.0622 0x0650 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
13:54:59.0638 0x0650 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:55:01.0998 0x0650 Detect skipped due to KSN trusted
13:55:01.0998 0x0650 Pml Driver HPZ12 - ok
13:55:02.0044 0x0650 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
13:55:02.0044 0x0650 PNRPAutoReg - ok
13:55:02.0076 0x0650 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
13:55:02.0107 0x0650 PNRPsvc - ok
13:55:02.0138 0x0650 [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\WINDOWS\System32\drivers\point64.sys
13:55:02.0154 0x0650 Point64 - ok
13:55:02.0185 0x0650 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
13:55:02.0201 0x0650 PolicyAgent - ok
13:55:02.0232 0x0650 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
13:55:02.0248 0x0650 Power - ok
13:55:02.0357 0x0650 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:55:02.0451 0x0650 PrintNotify - ok
13:55:02.0498 0x0650 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
13:55:02.0498 0x0650 Processor - ok
13:55:02.0529 0x0650 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
13:55:02.0560 0x0650 ProfSvc - ok
13:55:02.0591 0x0650 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
13:55:02.0607 0x0650 Psched - ok
13:55:02.0638 0x0650 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
13:55:02.0670 0x0650 QWAVE - ok
13:55:02.0701 0x0650 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
13:55:02.0716 0x0650 QWAVEdrv - ok
13:55:02.0716 0x0650 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:55:02.0732 0x0650 RasAcd - ok
13:55:02.0763 0x0650 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:55:02.0779 0x0650 RasAuto - ok
13:55:02.0810 0x0650 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:55:02.0826 0x0650 RasMan - ok
13:55:02.0873 0x0650 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:55:02.0888 0x0650 RasPppoe - ok
13:55:02.0904 0x0650 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:55:02.0935 0x0650 rdbss - ok
13:55:02.0966 0x0650 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
13:55:03.0013 0x0650 rdpbus - ok
13:55:03.0029 0x0650 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
13:55:03.0029 0x0650 RDPDR - ok
13:55:03.0076 0x0650 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:55:03.0076 0x0650 RdpVideoMiniport - ok
13:55:03.0107 0x0650 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
13:55:03.0123 0x0650 rdyboost - ok
13:55:03.0154 0x0650 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
13:55:03.0185 0x0650 ReFS - ok
13:55:03.0216 0x0650 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:55:03.0232 0x0650 RemoteAccess - ok
13:55:03.0263 0x0650 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:55:03.0295 0x0650 RemoteRegistry - ok
13:55:03.0310 0x0650 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
13:55:03.0326 0x0650 RpcEptMapper - ok
13:55:03.0357 0x0650 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
13:55:03.0373 0x0650 RpcLocator - ok
13:55:03.0420 0x0650 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:55:03.0435 0x0650 RpcSs - ok
13:55:03.0466 0x0650 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
13:55:03.0482 0x0650 rspndr - ok
13:55:03.0513 0x0650 [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
13:55:03.0529 0x0650 RSUSBVSTOR - ok
13:55:03.0545 0x0650 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
13:55:03.0576 0x0650 RTL8168 - ok
13:55:03.0576 0x0650 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
13:55:03.0576 0x0650 s3cap - ok
13:55:03.0623 0x0650 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
13:55:03.0623 0x0650 SamSs - ok
13:55:03.0670 0x0650 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
13:55:03.0670 0x0650 sbp2port - ok
13:55:03.0716 0x0650 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
13:55:03.0732 0x0650 SCardSvr - ok
13:55:03.0763 0x0650 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
13:55:03.0763 0x0650 ScDeviceEnum - ok
13:55:03.0795 0x0650 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:55:03.0810 0x0650 scfilter - ok
13:55:03.0873 0x0650 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:55:03.0951 0x0650 Schedule - ok
13:55:03.0982 0x0650 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
13:55:03.0998 0x0650 SCPolicySvc - ok
13:55:04.0029 0x0650 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
13:55:04.0045 0x0650 sdbus - ok
13:55:04.0091 0x0650 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
13:55:04.0091 0x0650 sdstor - ok
13:55:04.0123 0x0650 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
13:55:04.0185 0x0650 secdrv - ok
13:55:04.0216 0x0650 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
13:55:04.0216 0x0650 seclogon - ok
13:55:04.0248 0x0650 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
13:55:04.0263 0x0650 SENS - ok
13:55:04.0279 0x0650 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsSimulatorDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:55:04.0310 0x0650 SensorsSimulatorDriver - ok
13:55:04.0341 0x0650 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
13:55:04.0373 0x0650 SensrSvc - ok
13:55:04.0404 0x0650 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
13:55:04.0404 0x0650 SerCx - ok
13:55:04.0435 0x0650 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
13:55:04.0451 0x0650 SerCx2 - ok
13:55:04.0451 0x0650 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
13:55:04.0466 0x0650 Serenum - ok
13:55:04.0482 0x0650 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
13:55:04.0482 0x0650 Serial - ok
13:55:04.0498 0x0650 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
13:55:04.0513 0x0650 sermouse - ok
13:55:04.0560 0x0650 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
13:55:04.0591 0x0650 SessionEnv - ok
13:55:04.0607 0x0650 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
13:55:04.0607 0x0650 sfloppy - ok
13:55:04.0654 0x0650 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:55:04.0670 0x0650 SharedAccess - ok
13:55:04.0732 0x0650 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:55:04.0748 0x0650 ShellHWDetection - ok
13:55:04.0748 0x0650 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:55:04.0763 0x0650 SiSRaid2 - ok
13:55:04.0779 0x0650 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
13:55:04.0795 0x0650 SiSRaid4 - ok
13:55:04.0810 0x0650 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
13:55:04.0826 0x0650 smphost - ok
13:55:04.0857 0x0650 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
13:55:04.0857 0x0650 SNMPTRAP - ok
13:55:04.0904 0x0650 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
13:55:04.0920 0x0650 spaceport - ok
13:55:04.0951 0x0650 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
13:55:04.0951 0x0650 SpbCx - ok
13:55:04.0998 0x0650 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
13:55:05.0045 0x0650 Spooler - ok
13:55:05.0185 0x0650 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
13:55:05.0388 0x0650 sppsvc - ok
13:55:05.0482 0x0650 [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:55:05.0482 0x0650 SQLWriter - ok
13:55:05.0529 0x0650 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:55:05.0560 0x0650 srv - ok
13:55:05.0592 0x0650 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
13:55:05.0623 0x0650 srv2 - ok
13:55:05.0654 0x0650 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:55:05.0670 0x0650 srvnet - ok
13:55:05.0717 0x0650 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:55:05.0732 0x0650 SSDPSRV - ok
13:55:05.0763 0x0650 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
13:55:05.0779 0x0650 SstpSvc - ok
13:55:05.0810 0x0650 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
13:55:05.0826 0x0650 stexstor - ok
13:55:05.0873 0x0650 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
13:55:05.0920 0x0650 stisvc - ok
13:55:05.0935 0x0650 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
13:55:05.0935 0x0650 storahci - ok
13:55:05.0967 0x0650 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
13:55:05.0967 0x0650 storflt - ok
13:55:05.0998 0x0650 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
13:55:06.0013 0x0650 stornvme - ok
13:55:06.0045 0x0650 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
13:55:06.0060 0x0650 StorSvc - ok
13:55:06.0076 0x0650 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
13:55:06.0076 0x0650 storvsc - ok
13:55:06.0092 0x0650 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
13:55:06.0107 0x0650 svsvc - ok
13:55:06.0138 0x0650 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
13:55:06.0154 0x0650 swenum - ok
13:55:06.0201 0x0650 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
13:55:06.0217 0x0650 swprv - ok
13:55:06.0295 0x0650 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
13:55:06.0326 0x0650 SysMain - ok
13:55:06.0373 0x0650 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:55:06.0388 0x0650 SystemEventsBroker - ok
13:55:06.0420 0x0650 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:55:06.0451 0x0650 TabletInputService - ok
13:55:06.0482 0x0650 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:55:06.0498 0x0650 TapiSrv - ok
13:55:06.0592 0x0650 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
13:55:06.0670 0x0650 Tcpip - ok
13:55:06.0748 0x0650 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:55:06.0795 0x0650 TCPIP6 - ok
13:55:06.0826 0x0650 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
13:55:06.0857 0x0650 tcpipreg - ok
13:55:06.0888 0x0650 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
13:55:06.0888 0x0650 tdx - ok
13:55:06.0982 0x0650 [ 1A4B1847BD8C7079C3A6C873342CC84A, E49E60896C6726EB8F8EE3A443B839AA6A6E802919C7D102DD820AD7C3DDA32C ] Te.Service C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
13:55:06.0998 0x0650 Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
13:55:09.0326 0x0650 Detect skipped due to KSN trusted
13:55:09.0326 0x0650 Te.Service - ok
13:55:09.0357 0x0650 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
13:55:09.0357 0x0650 terminpt - ok
13:55:09.0420 0x0650 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
13:55:09.0451 0x0650 TermService - ok
13:55:09.0482 0x0650 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
13:55:09.0498 0x0650 Themes - ok
13:55:09.0529 0x0650 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
13:55:09.0529 0x0650 THREADORDER - ok
13:55:09.0576 0x0650 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
13:55:09.0592 0x0650 TimeBroker - ok
13:55:09.0623 0x0650 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
13:55:09.0639 0x0650 TPM - ok
13:55:09.0654 0x0650 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
13:55:09.0670 0x0650 TrkWks - ok
13:55:09.0732 0x0650 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:55:09.0732 0x0650 TrustedInstaller - ok
13:55:09.0748 0x0650 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
13:55:09.0764 0x0650 TsUsbFlt - ok
13:55:09.0795 0x0650 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:55:09.0811 0x0650 TsUsbGD - ok
13:55:09.0842 0x0650 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
13:55:09.0857 0x0650 tunnel - ok
13:55:09.0889 0x0650 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
13:55:09.0904 0x0650 uagp35 - ok
13:55:09.0904 0x0650 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
13:55:09.0920 0x0650 UASPStor - ok
13:55:09.0951 0x0650 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
13:55:09.0967 0x0650 UCX01000 - ok
13:55:09.0998 0x0650 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
13:55:10.0029 0x0650 udfs - ok
13:55:10.0029 0x0650 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
13:55:10.0045 0x0650 UEFI - ok
13:55:10.0076 0x0650 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
13:55:10.0092 0x0650 UI0Detect - ok
13:55:10.0107 0x0650 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
13:55:10.0123 0x0650 uliagpkx - ok
13:55:10.0139 0x0650 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
13:55:10.0139 0x0650 umbus - ok
13:55:10.0154 0x0650 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
13:55:10.0154 0x0650 UmPass - ok
13:55:10.0201 0x0650 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
13:55:10.0217 0x0650 UmRdpService - ok
13:55:10.0295 0x0650 [ C485FB802F6C4A306B8F89BA087E5CA2, DE2E0F4A22D63EC54E23491962282ED3B01C7EB9941774A0C5633A776EAD499A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:55:10.0311 0x0650 UNS - ok
13:55:10.0357 0x0650 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:55:10.0373 0x0650 upnphost - ok
13:55:10.0404 0x0650 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
13:55:10.0420 0x0650 usbccgp - ok
13:55:10.0451 0x0650 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
13:55:10.0467 0x0650 usbcir - ok
13:55:10.0498 0x0650 [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
13:55:10.0514 0x0650 usbehci - ok
13:55:10.0529 0x0650 [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
13:55:10.0545 0x0650 usbhub - ok
13:55:10.0576 0x0650 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
13:55:10.0592 0x0650 USBHUB3 - ok
13:55:10.0607 0x0650 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
13:55:10.0623 0x0650 usbohci - ok
13:55:10.0654 0x0650 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
13:55:10.0654 0x0650 usbprint - ok
13:55:10.0686 0x0650 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
13:55:10.0686 0x0650 usbscan - ok
13:55:10.0717 0x0650 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:55:10.0717 0x0650 USBSTOR - ok
13:55:10.0717 0x0650 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
13:55:10.0732 0x0650 usbuhci - ok
13:55:10.0764 0x0650 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:55:10.0764 0x0650 USBXHCI - ok
13:55:10.0779 0x0650 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
13:55:10.0779 0x0650 VaultSvc - ok
13:55:10.0826 0x0650 [ BC9DE9BAE3A65664B13AF35CE28423EF, 442E4143161601F9E80ECB71BA6BE6E8F8AEA71C6B7837A7849D7A3A265D1194 ] VBoxDrv C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
13:55:10.0857 0x0650 VBoxDrv - ok
13:55:10.0873 0x0650 [ 8B61E7B09D27EAAE8BD227A04841BB8B, 225BF9B03E90ED7C4BA92F3E774F46F6CB90D721755930ABABEA255B07C0DD5D ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
13:55:10.0889 0x0650 VBoxNetAdp - ok
13:55:10.0920 0x0650 [ A4C430C172C1D7323FBF31B53857502E, BC6E5F70F4875155D648001B29783E858AFB4251CD3F609F3DC6C51F19DF7555 ] VBoxNetLwf C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
13:55:10.0920 0x0650 VBoxNetLwf - ok
13:55:10.0951 0x0650 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
13:55:10.0967 0x0650 vdrvroot - ok
13:55:11.0029 0x0650 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
13:55:11.0076 0x0650 vds - ok
13:55:11.0123 0x0650 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
13:55:11.0123 0x0650 VerifierExt - ok
13:55:11.0170 0x0650 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
13:55:11.0201 0x0650 vhdmp - ok
13:55:11.0217 0x0650 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
13:55:11.0217 0x0650 viaide - ok
13:55:11.0232 0x0650 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
13:55:11.0248 0x0650 vmbus - ok
13:55:11.0248 0x0650 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
13:55:11.0248 0x0650 VMBusHID - ok
13:55:11.0326 0x0650 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:55:11.0342 0x0650 vmicguestinterface - ok
13:55:11.0357 0x0650 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
13:55:11.0373 0x0650 vmicheartbeat - ok
13:55:11.0389 0x0650 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:55:11.0404 0x0650 vmickvpexchange - ok
13:55:11.0420 0x0650 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
13:55:11.0436 0x0650 vmicrdv - ok
13:55:11.0451 0x0650 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
13:55:11.0467 0x0650 vmicshutdown - ok
13:55:11.0482 0x0650 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
13:55:11.0498 0x0650 vmictimesync - ok
13:55:11.0514 0x0650 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
13:55:11.0529 0x0650 vmicvss - ok
13:55:11.0576 0x0650 [ B2E25DB5A6A178C056342ABD747B7326, 3B4487B5F400D8B427F052CEBC5135B91282BEA533FAD28B0AA5CCF29E82AE80 ] vmm C:\WINDOWS\system32\Treiber\vmm.sys
13:55:11.0592 0x0650 vmm - ok
13:55:11.0607 0x0650 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
13:55:11.0623 0x0650 volmgr - ok
13:55:11.0639 0x0650 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
13:55:11.0654 0x0650 volmgrx - ok
13:55:11.0686 0x0650 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
13:55:11.0701 0x0650 volsnap - ok
13:55:11.0732 0x0650 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
13:55:11.0732 0x0650 vpci - ok
13:55:11.0779 0x0650 [ 6BDCA00FC57CC40DA3C8E88B2CEA21AB, 1E7EB923B199ED9ADE6F1DDFC5C1CABE39366D066FC968BBEC518C9146F124CE ] VPCNetS2 C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
13:55:11.0779 0x0650 VPCNetS2 - ok
13:55:11.0811 0x0650 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
13:55:11.0826 0x0650 vsmraid - ok
13:55:11.0889 0x0650 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
13:55:11.0936 0x0650 VSS - ok
13:55:12.0014 0x0650 [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
13:55:12.0014 0x0650 VSStandardCollectorService140 - ok
13:55:12.0029 0x0650 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
13:55:12.0045 0x0650 VSTXRAID - ok
13:55:12.0107 0x0650 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
13:55:12.0139 0x0650 vwifibus - ok
13:55:12.0170 0x0650 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
13:55:12.0201 0x0650 W32Time - ok
13:55:12.0217 0x0650 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
13:55:12.0233 0x0650 WacomPen - ok
13:55:12.0295 0x0650 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
13:55:12.0358 0x0650 wbengine - ok
13:55:12.0404 0x0650 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
13:55:12.0436 0x0650 WbioSrvc - ok
13:55:12.0467 0x0650 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
13:55:12.0483 0x0650 Wcmsvc - ok
13:55:12.0529 0x0650 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
13:55:12.0545 0x0650 wcncsvc - ok
13:55:12.0592 0x0650 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:55:12.0608 0x0650 WcsPlugInService - ok
13:55:12.0639 0x0650 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
13:55:12.0654 0x0650 WdBoot - ok
13:55:12.0701 0x0650 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
13:55:12.0717 0x0650 Wdf01000 - ok
13:55:12.0748 0x0650 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
13:55:12.0764 0x0650 WdFilter - ok
13:55:12.0779 0x0650 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
13:55:12.0795 0x0650 WdiServiceHost - ok
13:55:12.0811 0x0650 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
13:55:12.0811 0x0650 WdiSystemHost - ok
13:55:12.0826 0x0650 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:55:12.0842 0x0650 WdNisDrv - ok
13:55:12.0873 0x0650 WdNisSvc - ok
13:55:12.0904 0x0650 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll
13:55:12.0920 0x0650 WebClient - ok
13:55:12.0936 0x0650 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
13:55:12.0951 0x0650 Wecsvc - ok
13:55:12.0983 0x0650 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
13:55:12.0998 0x0650 WEPHOSTSVC - ok
13:55:13.0029 0x0650 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
13:55:13.0045 0x0650 wercplsupport - ok
13:55:13.0076 0x0650 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
13:55:13.0076 0x0650 WerSvc - ok
13:55:13.0123 0x0650 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
13:55:13.0123 0x0650 WFPLWFS - ok
13:55:13.0154 0x0650 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
13:55:13.0154 0x0650 WiaRpc - ok
13:55:13.0170 0x0650 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
13:55:13.0186 0x0650 WIMMount - ok
13:55:13.0186 0x0650 WinDefend - ok
13:55:13.0233 0x0650 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:55:13.0264 0x0650 WinHttpAutoProxySvc - ok
13:55:13.0342 0x0650 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:55:13.0373 0x0650 Winmgmt - ok
13:55:13.0451 0x0650 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:55:13.0545 0x0650 WinRM - ok
13:55:13.0576 0x0650 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
13:55:13.0592 0x0650 WinUsb - ok
13:55:13.0654 0x0650 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
13:55:13.0717 0x0650 WlanSvc - ok
13:55:13.0764 0x0650 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
13:55:13.0842 0x0650 wlidsvc - ok
13:55:13.0873 0x0650 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
13:55:13.0889 0x0650 WmiAcpi - ok
13:55:13.0904 0x0650 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:55:13.0920 0x0650 wmiApSrv - ok
13:55:13.0967 0x0650 WMPNetworkSvc - ok
13:55:13.0983 0x0650 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
13:55:13.0998 0x0650 Wof - ok
13:55:14.0045 0x0650 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
13:55:14.0123 0x0650 workfolderssvc - ok
13:55:14.0154 0x0650 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:55:14.0154 0x0650 wpcfltr - ok
13:55:14.0186 0x0650 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
13:55:14.0201 0x0650 WPCSvc - ok
13:55:14.0233 0x0650 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
13:55:14.0248 0x0650 WPDBusEnum - ok
13:55:14.0279 0x0650 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:55:14.0279 0x0650 WpdUpFltr - ok
13:55:14.0295 0x0650 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:55:14.0295 0x0650 ws2ifsl - ok
13:55:14.0342 0x0650 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
13:55:14.0358 0x0650 wscsvc - ok
13:55:14.0373 0x0650 WSearch - ok
13:55:14.0467 0x0650 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
13:55:14.0576 0x0650 WSService - ok
13:55:14.0686 0x0650 [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv C:\WINDOWS\system32\wuaueng.dll
13:55:14.0811 0x0650 wuauserv - ok
13:55:14.0842 0x0650 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
13:55:14.0842 0x0650 WudfPf - ok
13:55:14.0873 0x0650 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
13:55:14.0889 0x0650 WUDFRd - ok
13:55:14.0920 0x0650 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
13:55:14.0936 0x0650 wudfsvc - ok
13:55:14.0936 0x0650 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
13:55:14.0951 0x0650 WUDFWpdFs - ok
13:55:14.0951 0x0650 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
13:55:14.0967 0x0650 WUDFWpdMtp - ok
13:55:14.0998 0x0650 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
13:55:15.0030 0x0650 WwanSvc - ok
13:55:15.0030 0x0650 ================ Scan global ===============================
13:55:15.0076 0x0650 [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
13:55:15.0108 0x0650 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
13:55:15.0139 0x0650 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
13:55:15.0186 0x0650 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
13:55:15.0186 0x0650 [ Global ] - ok
13:55:15.0186 0x0650 ================ Scan MBR ==================================
13:55:15.0201 0x0650 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:55:15.0295 0x0650 \Device\Harddisk0\DR0 - ok
13:55:15.0358 0x0650 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
13:55:17.0264 0x17b0 Object required for P2P: [ BC9DE9BAE3A65664B13AF35CE28423EF ] VBoxDrv
13:55:19.0702 0x17b0 Object send P2P result: true
13:55:24.0858 0x0650 \Device\Harddisk1\DR1 - ok
13:55:24.0858 0x0650 ================ Scan VBR ==================================
13:55:24.0874 0x0650 [ 0E401EE20353C57AED72AA945D4AC452 ] \Device\Harddisk0\DR0\Partition1
13:55:24.0874 0x0650 \Device\Harddisk0\DR0\Partition1 - ok
13:55:24.0889 0x0650 [ 412C4F04C6D51700DEC93AC09747C1A1 ] \Device\Harddisk0\DR0\Partition2
13:55:24.0905 0x0650 \Device\Harddisk0\DR0\Partition2 - ok
13:55:24.0921 0x0650 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
13:55:24.0921 0x0650 \Device\Harddisk0\DR0\Partition3 - ok
13:55:24.0921 0x0650 [ C976C5B02963E594D06D4D5F0F060CE7 ] \Device\Harddisk0\DR0\Partition4
13:55:24.0936 0x0650 \Device\Harddisk0\DR0\Partition4 - ok
13:55:24.0952 0x0650 [ 5ED500FA354C818102AB238AFAB4D0F1 ] \Device\Harddisk0\DR0\Partition5
13:55:24.0968 0x0650 \Device\Harddisk0\DR0\Partition5 - ok
13:55:24.0983 0x0650 [ 470403338158A7CB112A1E16C7F3A2DF ] \Device\Harddisk0\DR0\Partition6
13:55:24.0983 0x0650 \Device\Harddisk0\DR0\Partition6 - ok
13:55:25.0014 0x0650 [ 07325CD235BE861D9DFDA70033053B37 ] \Device\Harddisk0\DR0\Partition7
13:55:25.0030 0x0650 \Device\Harddisk0\DR0\Partition7 - ok
13:55:25.0061 0x0650 [ 2BE6FD1835AE190504044107E43DAFC7 ] \Device\Harddisk1\DR1\Partition1
13:55:25.0124 0x0650 \Device\Harddisk1\DR1\Partition1 - ok
13:55:25.0139 0x0650 [ 1E9F8AF3B2D5DAF12DF09CF767A6238C ] \Device\Harddisk1\DR1\Partition2
13:55:25.0186 0x0650 \Device\Harddisk1\DR1\Partition2 - ok
13:55:25.0202 0x0650 [ E90F40AB4EC96432F6DA3044A2E2D56D ] \Device\Harddisk1\DR1\Partition3
13:55:25.0218 0x0650 \Device\Harddisk1\DR1\Partition3 - ok
13:55:25.0233 0x0650 [ 2FBD5E4531EE4D527F953FB2440C8481 ] \Device\Harddisk1\DR1\Partition4
13:55:25.0249 0x0650 \Device\Harddisk1\DR1\Partition4 - ok
13:55:25.0264 0x0650 [ 3C581E190C1E885BA1A3D38FC837C268 ] \Device\Harddisk1\DR1\Partition5
13:55:25.0264 0x0650 \Device\Harddisk1\DR1\Partition5 - ok
13:55:25.0280 0x0650 [ 1632AC83DC4556DB58BE808CA7872AC0 ] \Device\Harddisk1\DR1\Partition6
13:55:25.0296 0x0650 \Device\Harddisk1\DR1\Partition6 - ok
13:55:25.0311 0x0650 [ 1C185D8F16CD5E1BB2812FBC3D8598D8 ] \Device\Harddisk1\DR1\Partition7
13:55:25.0311 0x0650 \Device\Harddisk1\DR1\Partition7 - ok
13:55:25.0327 0x0650 [ 0D8C063718B95370F87DBDFCC91CBD06 ] \Device\Harddisk1\DR1\Partition8
13:55:25.0343 0x0650 \Device\Harddisk1\DR1\Partition8 - ok
13:55:25.0343 0x0650 ================ Scan generic autorun ======================
13:55:25.0702 0x0650 [ 9CE8442B63A1E45E317E1B55A00FF441, 580517A62B41FB69F52A725895E25538A0FCA527D9ABC376EF56AEAE5BCC2DB9 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:55:26.0046 0x0650 RTHDVCPL - ok
13:55:26.0077 0x0650 [ 51F358BE1583FB3246020E36DEEB3E0F, 23E096D57FF2D45168FF5AFF48C10A2E0A144708CD046B1C4F3897205CC8A147 ] C:\WINDOWS\system32\igfxtray.exe
13:55:26.0093 0x0650 IgfxTray - ok
13:55:26.0108 0x0650 [ 1218C5653632440C18ECEA89D1CA4575, AF0E7AA60890C52A257D3501FFE652E95F095407A7C6F6F4F00162A9F7DE7C2D ] C:\WINDOWS\system32\hkcmd.exe
13:55:26.0139 0x0650 HotKeysCmds - ok
13:55:26.0155 0x0650 [ CC8EB098AEDF4BC97D3004A182099EED, 6ADFB7CB5047C47D86C769F21191B12D2F3FD3BC96665B4CCFD8C8DA44C64ED9 ] C:\WINDOWS\system32\igfxpers.exe
13:55:26.0171 0x0650 Persistence - ok
13:55:26.0218 0x0650 [ 0F77770991308CA1F58F18EED7EBE7B7, 3CB77C6ADAC58EE7F85BD3EA1F7C8218A95BE84B15DB38E39E66BF5CD32B4CE0 ] D:\Program Files\Eraser\Eraser.exe
13:55:26.0233 0x0650 Eraser - ok
13:55:26.0249 0x0650 Classic Start Menu - ok
13:55:26.0358 0x0650 [ E76F43260D050DE1D5370AEF266EB3C8, DB30811E46BB55B03BEE97414A561B8DE2136E16764514CC3A4DF056BD5E0859 ] D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe
13:55:26.0389 0x0650 EaseUS EPM tray - ok
13:55:26.0421 0x0650 EaseUs Watch - ok
13:55:26.0421 0x0650 EaseUs Tray - ok
13:55:26.0483 0x0650 [ A21E70B4F972CA396A80013D0D436350, EE9C6A43895BBFE901CE8055E166064D1F38F196F4F8342DBED43D9E2A1E855E ] D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
13:55:26.0499 0x0650 Acrobat Assistant 8.0 - ok
13:55:26.0499 0x0650 HP Software Update - ok
13:55:26.0561 0x0650 [ 9CEE13DDCF207923A1849A8371E714E9, F1265E1065AEC5CC1397617F6EB9D6321A1B6B14447D4BA0FE23AC7532675403 ] C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe
13:55:26.0561 0x0650 Malwarebytes Anti-Malware (cleanup) - ok
13:55:26.0561 0x0650 Report - ok
13:55:26.0608 0x0650 [ D2626AEB1197BCFD5086E54BFAFC266B, 9436974F439AF26858420E7E4BE6F16E4B3E0FC835574A673206A0B21A44F698 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
13:55:26.0624 0x0650 GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189 - ok
13:55:26.0671 0x0650 [ 0049D80BAB72557E9DD09C223FD71E58, AE98C428233E1494A860013638EE1FF1CE609EA17D2EB2D5829757071C273717 ] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
13:55:26.0702 0x0650 Spotify Web Helper - ok
13:55:26.0780 0x0650 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
13:55:26.0827 0x0650 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
13:55:29.0249 0x0650 SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - warning
13:55:31.0640 0x0650 Waiting for KSN requests completion. In queue: 10
13:55:32.0702 0x0650 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
13:55:32.0718 0x0650 Win FW state via NFP2: enabled ( trusted )
13:55:35.0062 0x0650 ============================================================
13:55:35.0062 0x0650 Scan finished
13:55:35.0062 0x0650 ============================================================
13:55:35.0062 0x1018 Detected object count: 1
13:55:35.0062 0x1018 Actual detected object count: 1
13:57:05.0770 0x1018 SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - skipped by user
13:57:05.0770 0x1018 SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:58:08.0696 0x15f4 Deinitialize success
|
|
11.02.2016, 22:40
| #21 |
| | "nbi cleaner" ist wieder/noch da Und noch ein schöner Screenshot vom ersten Durchlauf von Malwarebytes: |
|
12.02.2016, 10:14
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | "nbi cleaner" ist wieder/noch da Bitte das Log posten undnicht irgendwelche Screenshots
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
12.02.2016, 16:13
| #23 |
| | "nbi cleaner" ist wieder/noch da Ich habe alle gepostet. Der Screenshot gehört zu dem Log (mußte ich aufteilen, weil es zu lang war): Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 27.01.2016 Suchlaufzeit: 10:42 Protokolldatei: Anti-Malware-erkannte.txt Administrator: Ja ... |
|
12.02.2016, 17:46
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "nbi cleaner" ist wieder/noch da Wieso postest du denn ein Screenshot wenn du das Log eh schon längst gepostet hast  das ergibt irgendwie keinen SinnAdware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.02.2016, 20:03
| #25 |
| | "nbi cleaner" ist wieder/noch da AdwCleanerC1.txt AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.033 - Bericht erstellt am 12/02/2016 um 19:19:37
# Aktualisiert am 07/02/2016 von Xplode
# Datenbank : 2016-02-07.2 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Rudolf - PANDORA
# Gestartet von : D:\Sicherung\Downloads\Microsoft\MalwareTools\AdwCleaner_5.033.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\npnkeeiehehhefofiekoflfedgehcdhl
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [NextLive]
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - \AdwCleaner\AdwCleaner[C1].txt - [1130 Bytes] ##########
[/CODE] AdwCleanerS1.txt AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.033 - Bericht erstellt am 12/02/2016 um 19:15:01
# Aktualisiert am 07/02/2016 von Xplode
# Datenbank : 2016-02-07.2 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Rudolf - PANDORA
# Gestartet von : D:\Sicherung\Downloads\Microsoft\MalwareTools\AdwCleaner_5.033.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
Datei Gefunden : C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\npnkeeiehehhefofiekoflfedgehcdhl
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gefunden : HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [NextLive]
***** [ Internetbrowser ] *****
########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [940 Bytes] ##########
[/CODE] JRT.txt Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 8.1 x64
Ran by Rudolf (Administrator) on 12.02.2016 at 19:28:32,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\end (File)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7DE1827-F960-445E-9E13-EF6E99B49D87} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.02.2016 at 19:32:29,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von Rudolf (2016-02-12 19:40:02)
Gestartet von D:\Sicherung\Downloads\Microsoft\MalwareTools\FarbarRST
Windows 8.1 (X64) (2013-12-22 12:53:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2932333098-1933949563-2559224823-500 - Administrator - Disabled)
Gast (S-1-5-21-2932333098-1933949563-2559224823-501 - Limited - Disabled)
Lips Tullian (S-1-5-21-2932333098-1933949563-2559224823-1004 - Limited - Enabled) => C:\Users\Lips Tullian
Rudolf (S-1-5-21-2932333098-1933949563-2559224823-1001 - Administrator - Enabled) => C:\Users\Rudolf
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
ACDSee Trial Version (HKLM-x32\...\ACDSee Trial Version) (Version: - )
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
aDF4de (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version: - )
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop 7.0.1 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Any Video Converter 5.8.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9045 - )
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{87E4F4E2-99A4-44C6-9175-9FF2773E46CF}) (Version: 2.76.0 - Blender Foundation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Buildtools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CodedUITestUAP (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
DVD slideshow GUI 0.9.5.4 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1) (Version: 0.9.5.4 - Tin2tin)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 8.2 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.2 - CHENGDU YIWO Tech Development Co., Ltd)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
F4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Ferramentas do Windows Phone 8.1 para Visual Studio 2015 - PTB (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
FinePixViewer Resource (HKLM-x32\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation)
FinePixViewer Ver.5.5 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.5 - FUJIFILM Corporation)
FinePixViewer YTUPL (HKLM-x32\...\{65EB09A3-993B-401E-8936-C9708CBFAB26}) (Version: 1.0 - FUJIFILM Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Free Dailymotion Download version 1.0.36.1215 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.36.1215 - DVDVideoSoft Ltd.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Greenfish Icon Editor Pro 3.31 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version: - Greenfish Corporation)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - )
Herramientas de Windows Phone 8.1 para Visual Studio 2015 - ESN (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Honeyview (HKLM\...\Honeyview) (Version: 5.05 - Bandisoft.com)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3004 - Acer Incorporated)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
i686-5.2.0-posix-dwarf-rt_v4-rev0 (HKLM-x32\...\i686-5.2.0-posix-dwarf-rt_v4-rev0) (Version: - MinGW-W64)
IDE Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden
JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java SE Development Kit 8 Update 74 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180740}) (Version: 8.0.740.2 - Oracle Corporation)
jEdit 5.3.0 (HKLM\...\jEdit_is1) (Version: 5.3.0 - Contributors)
Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3008 - Acer Incorporated)
Macromedia Director 7 (HKLM-x32\...\Macromedia Director 7) (Version: - )
Macromedia HomeSite 5 (HKLM-x32\...\{74307C3F-EBD4-11D4-A4D9-0010A4C3AFF0}) (Version: - )
MariaDB 10.1 (x64) (HKLM\...\MariaDB 10.1 (x64)) (Version: 10.1.10.0 - MariaDB Corporation Ab)
MariaDB 10.1 (x64) (Version: 10.1.10.0 - MariaDB Corporation Ab) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version: - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 SDK - ENU (HKLM-x32\...\{028a4515-c200-4460-bccf-a9b338b0c0f4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 0.10.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5944afa8-29ae-4a05-ab68-30c0dfab197e}) (Version: 14.0.23107.156 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Tools for Apache Cordova (HKLM-x32\...\{2035a5cc-fa3e-41a8-a718-0feaa2ae94eb}) (Version: 14.0.50902.4 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nástroje Windows Phone 8.1 pro sadu Visual Studio 2015 – CSY (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nmap 7.00 (HKLM-x32\...\Nmap) (Version: - )
Node.js (HKLM-x32\...\{69735668-F8BC-4E9A-839A-4006FDFDD5AC}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation)
Outils Windows Phone*8.1 pour Visual Studio*2015 - FRA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Python Tools 2.2 for Visual Studio 2015 (HKLM-x32\...\{DE3F045F-57D5-4DAF-A479-DB759047966B}) (Version: 2.2.30718.00 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Strawberry Perl (64-bit) (HKLM\...\{C450F47E-72FF-1014-BC43-0A7831843670}) (Version: 5.22.1002 - strawberryperl.com project)
Strumenti di Windows Phone 8.1 per Visual Studio 2015 - ITA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TextPad 7 (HKLM-x32\...\{9F53AC20-2D32-4341-9DA1-29DD40E2199E}) (Version: 7.0.9 - Helios)
Tool zum Entfernen verborgener Daten (HKLM-x32\...\{90F80407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6361.0 - Microsoft Corporation)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TopStyle Lite (Version 3.0) (HKLM-x32\...\TopStyle Lite (Version 3.0)) (Version: 3.1.0 - Bradbury Software, LLC)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VBA (2720) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
Visual C++ für Mobile-Entwicklung (Android-Unterstützung) (HKLM-x32\...\{fd8b6372-b8b3-4a14-bb21-fbc5cb94f7ac}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) (HKLM-x32\...\{8fd9a549-20ac-4daf-8da3-c54b6621ac29}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WorldWide Telescope (HKLM-x32\...\{5AAF8C68-9265-437C-8D9A-06EF98F07C09}) (Version: 5.2.09 - WorldWide Telescope)
Xamarin (HKLM-x32\...\{9D5E4FC0-7E1B-4934-8504-C0958FA73EA5}) (Version: 3.11.837.0 - Xamarin)
???????? Windows Phone 8.1 ??? Visual Studio 2015 — RUS (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
?? Visual Studio 2015 ? Windows Phone 8.1 ?? - ???? (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
??? Visual Studio 2015 ? Windows Phone 8.1 ?? - ???? (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF}\InprocServer32 -> D:\Program Files\Honeyview\HVShell64.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004_Classes\CLSID\{8A791F0C-C63C-4EC5-B97F-FBCE74EDBC54}\InprocServer32 -> D:\Program Files\TextPad 7\System\shellext64.dll (Helios Software Solutions)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {078EFA80-AD26-4EB7-9FBC-61BABE380F92} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {189D723D-E573-4CE3-99E0-41E3A0F86D6A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {26ACE63A-DB78-4A47-BCC0-FEBD78572694} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {3068EB75-C34A-4F77-9F04-265247D9E31D} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2012-09-20] (Acer Incorporated)
Task: {34116E3B-D62F-4516-822A-F2F3B7A7A545} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-02-22] ()
Task: {391B43F1-F366-4062-86C1-D7D73BB41F9A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {57A4F5E8-6299-4677-8159-DE384E3DAFC5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {6BB2A3C3-2232-4C4B-9FBE-57F09C034AA6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {6D6E339E-E6E3-47FB-B6A3-C672E5980696} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7E054B62-EF7E-4F32-83FE-1220F4C4B868} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {86E26DB6-103E-42A4-9148-FB77F52F56AA} - System32\Tasks\{DE9AF5A9-141B-4517-AD9D-B8A020ABC4E2} => pcalua.exe -a "H:\Program Files\Microsoft Office\Office10\WINWORD.EXE" -d "H:\Program Files\Microsoft Office\Office10"
Task: {9859083B-299B-400E-8E40-1556F5BC2913} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {985A9800-009F-46C2-83DF-D756C5577FC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {A248B9BB-088C-4A76-A814-D426C6891E73} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A98A584B-6D4A-4AB0-856B-EB8D1602A022} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {A9FFFC60-0915-460E-AC36-DF68923A0130} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {D152CABF-60AC-42E0-B1DF-5911DA204661} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2932333098-1933949563-2559224823-1004 => C:\Users\Rudolf\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Task: {D7ABF730-50C1-4705-A8D7-E44DD3C07981} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F4BE9417-F3D4-41F6-BD2C-08624C709F4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinGW-W64 project\i686-5.2.0-posix-dwarf-rt_v4-rev0\Run terminal.lnk -> D:\Program Files\mingw-w64\mingw-w64.bat ()
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-12-23 09:21 - 2015-12-23 09:21 - 13470536 _____ () D:\Programme\MariaDB 10.1\bin\mysqld.exe
2013-09-17 17:20 - 2013-02-20 21:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-09-16 13:12 - 2015-09-16 13:12 - 00043480 _____ () D:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2013-12-20 16:35 - 2010-03-15 11:28 - 00052224 _____ () D:\Program Files\WinRAR\rarext64.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () D:\Program Files\Notepad++\NppShell_06.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-04-22 18:28 - 2015-03-14 10:53 - 00107560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-04-22 18:28 - 2015-03-14 10:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-04-22 18:28 - 2015-03-14 10:54 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-04-22 18:28 - 2015-03-14 10:54 - 00759848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00135720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00096808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00137256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2015-04-22 18:28 - 2014-12-14 23:53 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2013-09-17 17:00 - 2012-07-18 19:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15194178.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15194178.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-01-26 22:49 - 2016-01-26 22:49 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
# ::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\Control Panel\Desktop\\Wallpaper -> D:\Bilder\Ablage\MS-Wallpaper\Windows 7 Wallpaper\Extra\nebula_clouds-1280x1024.jpg
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Eigene\BabylonHG.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Acer Remote.lnk"
HKLM\...\StartupApproved\Run32: => "EaseUs Tray"
HKLM\...\StartupApproved\Run32: => "EaseUs Watch"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "1&1 Internet-Radio-PlayerTimer"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{28F014DE-230B-4ACF-85F4-2BBC3BF7E7EA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{3F7AF067-AFDF-4AE0-83A3-5540E5FBF4A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{7440F1F0-425A-436E-A13A-B542BCAAA3EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B40D8E5C-BCEA-4160-814C-E31E19F88B03}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B55976E3-DF67-44B5-98ED-30A5CFDCC9A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FDD9CFEE-2352-40B7-9CC8-FE3191D5F135}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{09196CDB-BC40-445D-9B37-7CFAC14CD519}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1CB97F0E-B47C-44A8-B226-D99724F87BD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A5E80429-ECF5-420E-B98F-B9F097C79910}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{FD179F0B-96BF-48C8-B833-7F6321BEE06C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{98553A38-2649-4D65-9A55-B900E5B5125F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1DC0BA17-7DCB-4514-B1E0-0C37B9ACC80D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{335BCE54-520B-4275-92E9-AA75B5C7358C}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{75A13A29-16DA-4694-8AED-5B8CB60B74F8}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{1917791C-5683-4E02-B85C-4DB9D0C8B065}] => (Allow) H:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{5229141A-E99B-476C-94E5-BA50228B93F4}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{22F296FD-1CCD-4ED3-917A-D3959ABF62FA}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{10BC7E16-FCD6-4770-A50E-AD1BCB95A6E1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [{AF1AD763-1419-4B2B-BD62-131CD2D601F1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [UDP Query User{590AD1C7-4A50-4F88-B7EA-490759C38D80}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{1C29AE09-4315-4622-919D-CD2C646D09E8}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [UDP Query User{35002341-40BD-453E-9FB4-8E77F2E1F501}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{03D08A97-C2F8-44C5-B5D3-2340505EE555}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [{F8CE7F3C-77A8-4DB2-98CC-D294FEEC3990}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{727A3365-83ED-42AD-881E-0AB34A286E11}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{BD1D269F-16F8-45E8-BEC4-35FF4BBD40F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{3A5409F3-908C-4484-86D4-01F5E25697C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{030E7187-1FD8-4E1E-A675-1F4ACD2ABD87}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6896C87F-2A4B-490C-AD89-09871003F247}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{DF823242-CC34-4F2C-A391-2AA5194142C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{C8F450ED-851C-43FE-A134-D621CBE99EE0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{B79C3D88-B406-42D3-8E40-6316AA3BCD57}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{D2D0EE2F-64E9-4FD1-B6C6-F14A0C092B0C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{590A0C7C-A4EE-4BA0-A313-25DD66A0A781}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{6FEB933F-57CE-4214-A43C-616EDF5951C5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{1C2B145F-C011-4CF1-B992-F78A27CE4D7E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{B57679DE-858E-46BA-B56A-7F472BEAE711}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{13B8F977-4B7D-403F-ABB9-4AE55FC860C1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{81C6F084-57DD-4AFF-9B20-240CAFF8E483}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2ED67888-28D1-435C-81DF-B726086F74AE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7A0E4ED8-681B-43F5-978E-624CF42C4F5A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5BA8D653-24F3-48A0-B287-B0AA4385EA0B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{1A18B3ED-1CBF-4FB1-BE6C-15183FDF7209}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{8FB28222-AC16-4A93-8C36-860F201EC145}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [TCP Query User{A3B7E88D-841E-4817-A1CF-6362D0CCC1B3}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{B4D45677-6B67-4A53-8CDA-6B1D2E8A99A8}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{FACE4B9F-5C89-453B-8048-F842B568F362}] => (Allow) E:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{831275C3-9860-4DE4-B1AD-F670462D4893}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{4B669EE0-A9D1-4F09-89CE-78200F9B29F4}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{58C7AE4B-6A3C-4BCF-BF7F-A0911F042250}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{3BA7B709-2475-43CD-A00E-462A5A44814E}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{5D6CB60F-618B-4F68-87C8-1BCF9DC20FAC}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{BC8474A6-26B9-4472-9517-94BB71305E63}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{A345A686-F886-495C-91B1-9C8DC6DA4153}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [{F41A980A-890A-422C-BC01-6A79C5D6B23D}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [TCP Query User{A02D4A8D-D7B3-41CB-8C0F-B74185F91758}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{0B010CEC-220B-41D7-A227-5D983233A0B1}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{0E493143-C7CA-4B97-996D-610F988623AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{94705516-98C9-4DBF-9645-E47CFFB6AF82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0EC2FCD1-5F09-464A-AFF8-92DE47EAE7EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{45E00A3B-C982-4C28-A2C2-B24090BDF4CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7A9790D6-4262-46FD-ADB0-A88824F89C05}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{827162A1-098F-4EE6-A015-D2A6F92E6C03}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{8587BD94-30AF-4F53-81CD-DC514FCEEF41}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{CF120258-7A1A-40C2-96CE-0B703839BA5E}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{993D3A54-D83C-4CA7-9E58-3283387A6ABC}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{0A97A4C5-0E55-4E5E-845F-487B9D1673B2}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{05D91A0A-2D07-48C1-A14C-2B9EC07B4F92}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{62414625-DC71-41AF-9521-C4D495E1B7C4}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{B24DCB97-E781-45B0-9C7E-BFDC2BB76FF6}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{343BCB0D-A115-4169-B665-81C778DE589F}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{8EC0223E-EC1E-4489-B65D-C7CB4DE256DE}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{BCF9E82D-CC24-42B2-BCB8-4802AB756295}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{7EDB3FC4-1DDD-40B2-8C21-176A4DED00E4}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{E97232A3-8073-43E2-9917-D49FE4E1BB01}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{F4C08DAB-96C0-49C2-A333-CAF8975E9FD1}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{797EC598-4990-43FA-87A9-C0514F5D929C}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{DB5AFDC2-664F-41CF-BCA1-33B2518C675F}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{E9FF6430-7ACA-4404-8F2D-65855E82C606}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{41E8953A-5C23-4B85-93BA-62C33FDC7427}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{36122F37-8231-456B-9607-B5A87FE0EEEE}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{7ADF1E6C-4B4B-4165-ACA2-968577719846}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{7549F9DF-F224-4F24-B542-1B35FDA112D4}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{39330B85-C760-4C1C-ACD4-F79C9550E0C7}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{FDF62D83-CB6E-489C-8DF2-BC895F0C2030}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{32EDB9AD-3D11-4EAC-9C67-6FCB667B5C14}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{5FA9E85D-9BFC-43E3-907F-A8757FF89D90}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{6DCDB633-5F6C-4257-90EF-DFE556C8DCA9}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{9819ABF1-961A-4946-8854-F1BEDF9B56E5}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{690A066B-FBC3-457E-8866-AF25A3A0589A}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [{1EBC7D26-FE50-400D-B4B4-75AC6B39413A}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [TCP Query User{4B86C128-5107-4363-AC19-C5FA36465EA0}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{5DFE83D5-835F-4683-9A5C-E6328CD9EC3B}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [{5656CEE0-F8E9-4855-B8AF-000CF4149F70}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{2EBCE465-408E-4F12-845C-8628440EFBC6}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{7E16960D-9B9F-4A0F-A47C-3D2777B43B4D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{38048089-9E32-4B04-8D66-D52FB58F7574}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{4D6F0F96-700F-4928-B84B-9D6C4B4CAD6D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{4F07AAD3-A3B4-4E19-9953-19A16990F0DF}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{F96DD952-B15E-424D-A717-F50BF4DC84DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7D0A1B7F-FE37-4B25-BD20-4FCE7DD06914}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2C193D0E-6E3F-498B-AF16-C250C26BC7BA}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [UDP Query User{3D72D360-45EF-4D3A-8E09-EC6EB03BA86D}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [{2AD4F1D9-7E36-4193-9313-5DEA07630321}] => (Allow) C:\Users\Rudolf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{8BD918FB-4CBA-44EC-80B9-91D86065FF09}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{94008313-981D-46F6-AC80-423F35D60837}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{7ECD8FE1-A1FD-4B57-8F46-AA17751F56D3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{3D5D79AC-062A-489D-9913-3B678B26D972}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{EDA65F68-3A98-44CA-B9B4-F9DE43330F7C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{AE4F2305-115F-4E44-868A-76F1D59DDA6E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ED027693-62EE-47F6-BBCE-A0623395610E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ECEB4C4A-0D28-422C-9F1B-EB1B1AA6FD63}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{E6D13397-7811-4430-A919-DF425B2B21A7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{DE83BA7E-C1BB-4466-BCA3-8EECDAD4257E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{6A79F00C-7D41-49F7-8009-F3E728CC1331}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{393E28F3-9B19-4306-89AB-5C4EA09D06B1}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{4C6DB319-5454-4DD1-BB6B-47FC7658BC96}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{825591BA-72C7-4EF5-90CA-84047CF1E966}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{4F52405F-0D82-4964-83E3-2834A50E65B4}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [{A20FB031-BC47-4C1A-95AB-1F67BA7BC97C}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{083415FB-4C92-4C01-A9D7-555131751228}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [UDP Query User{2F767CBE-B792-4C81-B854-BBA72810F303}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [{DF33D451-0625-4FCF-97E2-072ABBB5ED5F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{7BC0CCF5-CE4F-40D1-B639-FCED55DEE350}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{EC62D032-4D4F-4682-BCE8-60C1F2A35660}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{BF47679A-4D0E-48DA-B09B-0D6C9777D9D8}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [TCP Query User{8AAC9022-3498-469D-8638-5606E8181247}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [UDP Query User{27ABF644-C24B-418F-A091-09D3FB56A0DD}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [{8F7E01E8-ED50-4C24-8A3C-D2CB7FD6136A}] => (Allow) D:\Programme\MariaDB 10.1\bin\mysqld.exe
FirewallRules: [{2E818699-90A2-44BF-9FCF-CD4A30FEB10F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
07-02-2016 15:10:03 Installed Oracle VM VirtualBox 5.0.14
10-02-2016 11:11:08 Removed Java SE Development Kit 8 Update 72 (64-bit)
12-02-2016 19:28:34 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/12/2016 06:54:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: opera.exe, Version: 12.17.1863.0, Zeitstempel: 0x534cefc5
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18202, Zeitstempel: 0x569e7d02
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f1b70
ID des fehlerhaften Prozesses: 0x508
Startzeit der fehlerhaften Anwendung: 0xopera.exe0
Pfad der fehlerhaften Anwendung: opera.exe1
Pfad des fehlerhaften Moduls: opera.exe2
Berichtskennung: opera.exe3
Vollständiger Name des fehlerhaften Pakets: opera.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: opera.exe5
Error: (02/12/2016 02:51:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pandora)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/12/2016 01:11:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15203
Error: (02/12/2016 01:11:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15203
Error: (02/12/2016 01:11:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/11/2016 10:39:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/11/2016 10:39:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/11/2016 02:59:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pandora)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/11/2016 11:17:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.18124 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1770
Startzeit: 01d164b27c765d36
Endzeit: 15
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: 9df28734-d0a8-11e5-bf05-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/11/2016 10:33:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Systemfehler:
=============
Error: (02/12/2016 07:19:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FLEXnet Licensing Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/12/2016 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MySQL" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/12/2016 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BBUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/12/2016 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/12/2016 07:19:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Emsisoft Protection Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/12/2016 07:19:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/12/2016 07:19:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Phone IP over USB Transport (IpOverUsbSvc)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/12/2016 07:19:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/12/2016 07:19:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/12/2016 07:19:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-02-11 10:17:16.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Store signing level requirements.
Date: 2016-02-11 10:17:14.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Store signing level requirements.
Date: 2016-01-26 15:47:40.625
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.437
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.187
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.000
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.684
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.496
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 3976.74 MB
Verfügbarer physikalischer RAM: 2336.69 MB
Summe virtueller Speicher: 8072.74 MB
Verfügbarer virtueller Speicher: 5548.31 MB
==================== Laufwerke ================================
Drive c: (MARILYN MONROE) (Fixed) (Total:223.25 GB) (Free:137.6 GB) NTFS
Drive d: (KASSANDRA) (Fixed) (Total:224.36 GB) (Free:161.78 GB) NTFS
Drive e: (LYNKEUS) (Fixed) (Total:118.54 GB) (Free:75.97 GB) NTFS
Drive f: (CORIOLANUS) (Fixed) (Total:117.19 GB) (Free:60.49 GB) NTFS
Drive g: (VERDANDI) (Fixed) (Total:102.54 GB) (Free:74.59 GB) NTFS
Drive h: (MESSALINA) (Fixed) (Total:97.85 GB) (Free:75.45 GB) NTFS
Drive i: (PYTHIA) (Fixed) (Total:10.07 GB) (Free:3.94 GB) FAT32
Drive j: (NIFLHEIM) (Fixed) (Total:8.42 GB) (Free:3.13 GB) NTFS
Drive k: (FREYJA) (Fixed) (Total:11.12 GB) (Free:11.08 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 58E200DF)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 06E4F0D5)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
12.02.2016, 20:04
| #26 |
| | "nbi cleaner" ist wieder/noch da FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von Rudolf (Administrator) auf PANDORA (12-02-2016 19:39:39)
Gestartet von D:\Sicherung\Downloads\Microsoft\MalwareTools\FarbarRST
Geladene Profile: Rudolf & Heinz (Verfügbare Profile: Rudolf & Heinz)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
() D:\Programme\MariaDB 10.1\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [Eraser] => D:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [Classic Start Menu] => C:\Programme\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Watch] => "H:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe"
HKLM-x32\...\Run: [EaseUs Tray] => "H:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe"
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596016 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt
HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-09] (Google Inc.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-09-17] ()
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2016-02-09]
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2016-02-09]
ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-02-09]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk [2016-02-09]
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-02-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2016-02-09]
ShortcutTarget: Microsoft Office.lnk -> D:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-02-09]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B3CAEEBF-3743-4152-A0F7-CCF641E2A859}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {DED4D168-AEEE-4E0C-B699-36A9A320ED5E} hxxp://de.cyberlink.com/prog/win8/js/UpdateAdvisor.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Rudolf\AppData\Roaming\Mozilla\Firefox\Profiles\md9tgtza.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @java.com/DTPlugin,version=11.74.2 -> D:\Program Files\Java\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.74.2 -> D:\Program Files\Java\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/1&1 Internet-Radio-Player -> D:\Program Files\1&1 Internet-Radio-Player\npphonostarDetectNP.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/phonostar-Player -> D:\Program Files\Internet-Radio-Player\phonostar-Player\npphonostarDetectNP.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-25]
CHR Extension: (Google Drive) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-25]
CHR Extension: (YouTube) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-25]
CHR Extension: (Google-Suche) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-25]
CHR Extension: (Google Wallet) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-26]
CHR Extension: (Google Mail) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-25]
Opera:
=======
StartMenuInternet: (HKLM) Opera - D:\Program Files\Opera\Opera.exe
StartMenuInternet: (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004) Opera - "C:\Users\Heinz\AppData\Local\Programs\Opera x64\Opera.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10963864 2016-01-27] (Emsisoft Ltd)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-28] (Adobe Systems) [Datei ist nicht signiert]
R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-08-18] (Apple Inc.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-21] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R3 hpqcxs08; D:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2011-04-29] (Hewlett-Packard Co.)
R2 hpqddsvc; D:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2011-04-29] (Hewlett-Packard Co.)
R2 HPSLPSVC; C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MySQL; D:\Programme\MariaDB 10.1\bin\mysqld.exe [13470536 2015-12-23] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-09] (Emsisoft Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
R1 vmm; C:\WINDOWS\system32\Treiber\vmm.sys [294248 2016-01-29] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 cpuz137; \??\D:\Program Files\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-12 19:32 - 2016-02-12 19:32 - 00000777 _____ C:\Users\Rudolf\Desktop\JRT.txt
2016-02-10 15:56 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 15:56 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-10 15:56 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 15:56 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 15:56 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 15:56 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 15:56 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 15:56 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 14:46 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 14:46 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 14:46 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 14:46 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 14:46 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-10 14:46 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-10 14:44 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-10 14:44 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 14:44 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 14:44 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-10 14:44 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-10 14:44 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-02-10 14:44 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 14:44 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-10 14:44 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-02-10 14:44 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-10 14:44 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-10 14:44 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-10 14:44 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-10 14:44 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 14:44 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 14:44 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-02-10 14:44 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-02-10 14:44 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-02-10 14:44 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-10 14:44 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-10 14:44 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-10 14:44 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-02-10 14:44 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 14:44 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-02-10 14:44 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 14:44 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 14:44 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 14:44 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 14:44 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 14:44 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 14:44 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 14:44 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-02-10 14:44 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 14:43 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-02-10 14:43 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-10 14:43 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 14:43 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 14:43 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-02-10 14:43 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-02-10 14:43 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 14:43 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-02-10 14:43 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 14:43 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-02-10 14:43 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 14:43 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-02-10 14:43 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 14:43 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-02-10 14:43 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 14:43 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 14:43 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-02-10 14:43 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-02-10 14:43 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2016-02-10 14:43 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 14:43 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 14:43 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-10 14:43 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-02-10 14:43 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-02-10 14:43 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-02-10 14:43 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-02-10 14:43 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2016-02-10 14:43 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2016-02-10 14:42 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-10 14:42 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 14:42 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-02-10 14:42 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-02-10 14:42 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-02-10 14:42 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-02-10 14:42 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-02-10 14:42 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-02-10 14:42 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-02-10 14:42 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-02-10 14:42 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-02-10 14:42 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-02-10 14:42 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-02-10 14:42 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-02-10 13:08 - 2016-02-10 13:08 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-10 13:08 - 2016-02-10 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 22:43 - 2016-02-09 23:20 - 00000000 __RHD C:\ESD
2016-02-09 22:40 - 2016-02-09 22:40 - 00010214 _____ C:\TDSSKiller.3.1.0.9_09.02.2016_22.40.39_log.txt
2016-02-07 15:10 - 2016-02-09 22:40 - 00000876 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-02-05 18:16 - 2016-02-05 18:16 - 399414055 _____ C:\WINDOWS\MEMORY.DMP
2016-02-05 18:16 - 2016-02-05 18:16 - 00286232 _____ C:\WINDOWS\Minidump\020516-36828-01.dmp
2016-02-05 18:16 - 2016-02-05 18:16 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-04 16:12 - 2016-01-19 17:40 - 00965440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2016-02-04 16:12 - 2016-01-19 17:40 - 00138904 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2016-02-04 13:04 - 2016-02-04 13:04 - 00000000 ____D C:\ProgramData\Emsisoft
2016-02-04 12:50 - 2016-02-09 22:40 - 00000960 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-02-04 12:50 - 2016-02-04 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-02-04 12:49 - 2016-02-12 19:35 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-02-02 16:42 - 2016-02-02 16:42 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\VSRevoGroup
2016-02-02 16:36 - 2016-02-09 22:39 - 00000928 _____ C:\Users\Rudolf\Desktop\Revo Uninstaller.lnk
2016-02-02 16:36 - 2016-02-02 16:36 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-02-02 16:31 - 2016-02-02 16:34 - 00235990 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_16.31.34_log.txt
2016-02-02 16:24 - 2016-02-02 16:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-02-02 16:21 - 2016-02-02 16:25 - 00237812 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_16.21.01_log.txt
2016-02-02 13:53 - 2016-02-02 13:58 - 00236786 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_13.53.27_log.txt
2016-01-29 13:49 - 2016-02-09 22:40 - 00001635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
2016-01-29 13:49 - 2016-01-29 17:29 - 00000000 ____D C:\WINDOWS\system32\Treiber
2016-01-27 18:21 - 2016-01-27 18:21 - 00000894 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\MySQL Client (MariaDB 10.1 (x64)).lnk
2016-01-27 10:41 - 2016-01-27 10:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 00:02 - 2016-01-27 00:02 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-26 22:00 - 2016-02-12 19:39 - 00000000 ____D C:\FRST
2016-01-26 17:48 - 2016-01-26 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strawberry Perl (64-bit)
2016-01-26 17:38 - 2016-02-07 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-01-26 16:36 - 2016-01-26 16:36 - 00001468 _____ C:\Users\Heinz\Desktop\WinMD5.lnk
2016-01-25 18:51 - 2016-02-07 15:16 - 00000000 ____D C:\Users\Heinz\VirtualBox VMs
2016-01-25 17:38 - 2016-02-12 17:56 - 00000000 ____D C:\Users\Heinz\.VirtualBox
2016-01-25 17:27 - 2016-01-25 17:27 - 00000000 ____D C:\MATS
2016-01-19 17:40 - 2016-01-19 17:40 - 00194976 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2016-01-19 17:40 - 2016-01-19 17:40 - 00117768 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2016-01-17 12:35 - 2016-01-18 00:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-14 17:48 - 2016-02-10 12:09 - 00000000 ____D C:\Users\Heinz\.oracle_jre_usage
2016-01-14 17:45 - 2016-01-14 17:45 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\HeidiSQL
2016-01-14 17:43 - 2016-02-09 22:40 - 00001170 _____ C:\Users\Public\Desktop\HeidiSQL.lnk
2016-01-14 17:43 - 2016-01-14 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MariaDB 10.1 (x64)
2016-01-14 16:26 - 2016-02-09 22:40 - 00000715 _____ C:\Users\Public\Desktop\Notepad++ 6.8.8.lnk
2016-01-13 22:48 - 2016-01-12 20:40 - 00001576 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Win Media Player.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-12 19:22 - 2013-12-21 21:49 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-12 19:21 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-12 19:20 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-12 18:54 - 2013-12-26 15:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-12 18:54 - 2013-12-21 14:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\CrashDumps
2016-02-12 18:45 - 2013-12-21 21:49 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-11 22:36 - 2013-12-24 15:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ClassicShell
2016-02-11 21:23 - 2013-11-14 08:27 - 01886820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-11 21:23 - 2013-11-14 08:11 - 00807630 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-11 21:23 - 2013-11-14 08:11 - 00177182 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-11 21:23 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-02-11 11:22 - 2013-12-19 16:04 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2932333098-1933949563-2559224823-1004
2016-02-11 11:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-11 10:32 - 2013-12-19 13:37 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2932333098-1933949563-2559224823-1001
2016-02-11 10:31 - 2014-10-31 10:35 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\ClassicShell
2016-02-11 10:27 - 2013-12-24 17:22 - 00000000 ___DO C:\Users\Rudolf\SkyDrive
2016-02-11 10:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-02-10 20:52 - 2013-12-21 21:50 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 20:16 - 2013-08-22 15:44 - 01027912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-10 19:32 - 2015-04-15 16:58 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-10 19:32 - 2013-11-14 08:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 19:32 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-02-10 16:06 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-10 16:01 - 2013-12-20 16:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 15:57 - 2013-12-20 16:06 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 14:39 - 2015-11-11 12:08 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 14:39 - 2015-11-11 12:08 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-10 12:12 - 2014-03-26 18:26 - 00000000 ____D C:\Users\Rudolf\.nbi
2016-02-10 11:55 - 2015-08-30 14:14 - 00000000 ____D C:\Users\Rudolf\.oracle_jre_usage
2016-02-09 23:51 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Heinz
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieUserList
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieSiteList
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieBrowserModeList
2016-02-09 22:53 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-09 22:40 - 2015-12-26 17:55 - 00000851 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-02-09 22:40 - 2015-12-26 17:55 - 00000789 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-02-09 22:40 - 2015-11-23 13:04 - 00000777 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-02-09 22:40 - 2015-11-23 13:04 - 00000777 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-02-09 22:40 - 2015-11-21 17:13 - 00001017 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-02-09 22:40 - 2015-10-31 11:47 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-09 22:40 - 2015-10-31 11:47 - 00002075 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-02-09 22:40 - 2015-09-26 14:47 - 00001556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-02-09 22:40 - 2015-09-26 14:35 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002779 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002719 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002687 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002649 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2016-02-09 22:40 - 2015-07-15 21:55 - 00002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-02-09 22:40 - 2015-05-30 10:37 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-09 22:40 - 2015-04-20 14:37 - 00000707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-02-09 22:40 - 2015-02-22 19:36 - 00001096 _____ C:\Users\Public\Desktop\paint.net.lnk
2016-02-09 22:40 - 2015-02-08 17:33 - 00002597 _____ C:\Users\Public\Desktop\WorldWide Telescope.lnk
2016-02-09 22:40 - 2015-01-31 12:52 - 00000823 _____ C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk
2016-02-09 22:40 - 2015-01-31 11:04 - 00001122 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-02-09 22:40 - 2014-12-26 22:10 - 00001142 _____ C:\Users\Public\Desktop\Free Dailymotion Download.lnk
2016-02-09 22:40 - 2014-08-13 15:59 - 00001989 _____ C:\Users\Public\Desktop\FinePixViewer.lnk
2016-02-09 22:40 - 2014-08-07 15:19 - 00001895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-02-09 22:40 - 2014-08-07 15:05 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-02-09 22:40 - 2014-08-05 08:11 - 00001109 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2016-02-09 22:40 - 2014-08-05 08:11 - 00000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2016-02-09 22:40 - 2014-05-17 16:09 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.1.lnk
2016-02-09 22:40 - 2014-05-17 16:09 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.1.lnk
2016-02-09 22:40 - 2014-04-23 15:11 - 00000784 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64bits.lnk
2016-02-09 22:40 - 2014-01-28 16:34 - 00002089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-02-09 22:40 - 2014-01-28 16:33 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
2016-02-09 22:40 - 2013-12-25 18:13 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-09 22:40 - 2013-12-25 18:13 - 00001171 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-09 22:40 - 2013-12-22 13:37 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-09 22:40 - 2013-12-22 00:26 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00001885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk
2016-02-09 22:40 - 2013-12-21 15:10 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 5.0.lnk
2016-02-09 22:40 - 2013-12-21 15:04 - 00002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-02-09 22:40 - 2013-12-21 15:03 - 00000765 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS2.lnk
2016-02-09 22:40 - 2013-12-20 16:36 - 00000717 _____ C:\Users\Public\Desktop\WinRAR 3.93.lnk
2016-02-09 22:40 - 2013-12-19 17:02 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-09 22:40 - 2013-09-17 17:06 - 00001927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-02-09 22:39 - 2015-12-18 16:14 - 00000760 _____ C:\Users\Rudolf\Desktop\jEdit.lnk
2016-02-09 22:39 - 2015-11-21 17:31 - 00000877 _____ C:\Users\Rudolf\Desktop\Any Video Converter.lnk
2016-02-09 22:39 - 2015-11-21 16:07 - 00000675 _____ C:\Users\Rudolf\Desktop\Nmap - Zenmap GUI.lnk
2016-02-09 22:39 - 2015-07-22 16:57 - 00001216 _____ C:\Users\Rudolf\Desktop\CrystalDiskInfo.lnk
2016-02-09 22:39 - 2014-10-31 10:42 - 00001178 _____ C:\Users\Rudolf\Desktop\Calculator.lnk
2016-02-09 22:39 - 2014-10-31 10:35 - 00002083 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2016-02-09 22:39 - 2014-08-07 15:19 - 00000787 _____ C:\Users\Rudolf\Desktop\DVD slideshow GUI.lnk
2016-02-09 22:39 - 2014-08-05 08:11 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2016-02-09 22:39 - 2013-12-22 13:54 - 00001468 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-09 22:39 - 2013-12-21 21:33 - 00001096 _____ C:\Users\Rudolf\Desktop\RegEdit.lnk
2016-02-09 22:39 - 2013-12-20 20:34 - 00000805 _____ C:\Users\Rudolf\Desktop\ACDSee Trial Version.lnk
2016-02-09 18:54 - 2013-12-26 15:30 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-02-06 16:03 - 2013-12-21 18:01 - 00000028 _____ C:\WINDOWS\OutLog.txt
2016-02-06 16:03 - 2013-12-21 18:01 - 00000000 _____ C:\WINDOWS\BcdLog.txt
2016-02-06 13:01 - 2013-12-22 12:50 - 00318368 _____ C:\Users\Heinz\AppData\Roaming\GDIPFONTCACHEV1.DAT
2016-02-03 19:34 - 2013-12-26 15:10 - 00000000 ____D C:\Users\Heinz\dwhelper
2016-02-02 16:44 - 2015-11-21 17:13 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Foxit Software
2016-02-02 03:37 - 2013-08-22 16:38 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-01 22:40 - 2013-12-21 21:49 - 00004106 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 22:40 - 2013-12-21 21:49 - 00003870 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-31 13:02 - 2014-02-08 22:26 - 00000376 _____ C:\Users\Heinz\Desktop\Live Anmelden.url
2016-01-30 23:41 - 2013-12-22 11:17 - 00000000 ____D C:\Users\Heinz\AppData\Local\Eraser 6
2016-01-28 18:59 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Rudolf
2016-01-27 18:15 - 2015-07-17 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2016-01-26 22:54 - 2013-12-21 15:23 - 00000000 ____D C:\TEMP
2016-01-26 21:05 - 2015-11-28 13:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-26 16:19 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-01-26 16:19 - 2014-01-02 16:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-26 16:19 - 2013-12-22 13:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-01-26 16:15 - 2015-09-26 15:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-01-26 16:14 - 2015-09-26 14:46 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2016-01-26 11:20 - 2015-11-21 16:07 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2016-01-26 11:20 - 2013-12-21 21:18 - 00000000 ____D C:\ProgramData\FLEXnet
2016-01-26 11:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2016-01-25 17:29 - 2014-10-30 12:03 - 00000000 ____D C:\Users\Rudolf\AppData\Local\ElevatedDiagnostics
2016-01-22 02:07 - 2015-01-31 11:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\vlc
2016-01-15 11:55 - 2014-12-25 13:19 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 16:26 - 2013-12-22 00:10 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Notepad++
2016-01-13 00:23 - 2015-03-11 23:47 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-07 15:18 - 2014-08-07 15:18 - 5082084 _____ (The Public) C:\Users\Rudolf\AppData\Roaming\Avisynth.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 5243208 _____ ( ) C:\Users\Rudolf\AppData\Roaming\AvsP.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 5514668 _____ (LIGHTNING UK!) C:\Users\Rudolf\AppData\Roaming\Imgburn.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 1357348 _____ () C:\Users\Rudolf\AppData\Roaming\MatroskaSplitter.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 7760687 _____ (Boraxsoft) C:\Users\Rudolf\AppData\Roaming\SetupGFD.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 0117723 _____ () C:\Users\Rudolf\AppData\Roaming\yuvcodecs-1.3.exe
2013-12-21 15:57 - 2015-01-28 12:41 - 0016515 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Heinz\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Heinz\AppData\Local\Temp\npp.6.7.8.2.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.1.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.6.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.8.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\TubeItUpdater.exe
C:\Users\Heinz\AppData\Local\Temp\WatermarkImageSetup.3.5.1.5.exe
C:\Users\Rudolf\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-12 15:16
==================== Ende von FRST.txt ============================
[/CODE] |
|
12.02.2016, 22:35
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "nbi cleaner" ist wieder/noch da FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM-x32\...\Run: [] => [X]
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.02.2016, 11:17
| #28 |
| | "nbi cleaner" ist wieder/noch da Hallo, wie deaktiviert man "Emisoft Anti-Malware"? Ich habe bisher die Häkchen aus den Optionen rausgemacht, direkt etwas zum deaktivieren habe ich nicht gefunden. Danke! |
|
13.02.2016, 12:19
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "nbi cleaner" ist wieder/noch da Müsste über das Icon im System Tray gehen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.02.2016, 12:59
| #30 |
| | "nbi cleaner" ist wieder/noch da Hoffe, es ist alles korrekt gelaufen. Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von Rudolf (2016-02-13 12:38:32) Run:1
Gestartet von D:\Sicherung\Downloads\Microsoft\MalwareTools\FarbarRST
Geladene Profile: Rudolf & Heinz (Verfügbare Profile: Rudolf & Heinz)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
HKLM-x32\...\Run: [] => [X]
emptytemp:
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich
entfernt
EmptyTemp: => 1.2 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 12:39:28 ====
|
|
| Themen zu "nbi cleaner" ist wieder/noch da |
| alten, bedrohung, bekannte, cleaner, entdeck, entdeckt, exe-dateien, found, handel, heute, hoffe, installer, installier, installiere, installieren, java, löschen, melde, runtergeladen, schei, seite, troja, trojan, trojaner, verlasse, verlassen |
