|
Log-Analyse und Auswertung: Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
08.04.2016, 23:38 | #1 |
| Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer Hallo community, ich habe den Verdacht, dass mein Laptop (Windows 10) gehackt wurde bzw dass jmnd. unerlaubt Zugriff darauf hatte und evtl. Malware oder Spyware installiert hat. Muss aber dazu sagen, dass ich eher wenig Ahnung vom Thema hab-_- Gestern hatte ein mir persönlich Unbekannter Zugriff auf meinen Laptop per Teamviewer. Nach Kontakt per Telefon habe ich ihm blauäugig vertraut, aber nun bin ich mir nicht sicher, ob da alles mit rechten Dingen zuging, auch weil ich nicht die gesamte Zeit zusehen konnte. Aktuell läuft mein PC auch langsamer und beim Viren-Scan über AVG Sec. hängt er sich auf, was vorher nie der Fall war. Hier gleich mal der HiJack Logfile und ich hoffe, ihr könnt mir Gewissheit geben...danke im Voraus! Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 00:04:40, on 09.04.2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10586.0020) FIREFOX: 45.0.1 (x86 de) Boot mode: Normal Running processes: C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files\WinZip\WZUpdateNotifier.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\AVG\Av\avgui.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\AVG Web TuneUp\vprot.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Martin\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\7b4e384f5b096b9656fee276ba88bb81\HijackThis_2.0.5.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={D3AEC589-1513-473F-81CD-6F41E8B26023}&mid=d5ce895a9a8f47cc98ecd16ff0cb731e-7feb6dfe2b0f8fcb826b0bb4ea7eadf225f38942&lang=de&ds=AVG&coid=avgtbavg&cmpid=0316av&pr=fr&d=2016-03-12 03:33:06&v=4.2.8.608&pid=wtu&sg=&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.2.8.608\AVG Web TuneUp.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.8.0_45\bin\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [OneDrive] "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Lokaler Dienst') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Netzwerkdienst') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Startup: Protectorion SmartTray.lnk = Martin\AppData\Local\Programs\Protectorion Data Safe\ProtectorionLauncher.exe O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe O4 - Global Startup: Update Benachrichtigungsdienst.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: @oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing) O23 - Service: Dropbox-Update-Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Dropbox-Update-Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: devolo Network Service (DevoloNetworkService) - devolo AG - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater40.2.8 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -- End of file - 13721 bytes LG, Martin |
09.04.2016, 16:22 | #2 |
/// TB-Ausbilder /// Anleitungs-Guru | Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewerMein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
Hinweis: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst. Los geht's: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
10.04.2016, 07:58 | #3 |
| Farbar Scan FRST.txtCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von Martin (Administrator) auf MARTIN-TOSH (10-04-2016 08:49:47) Gestartet von C:\Users\Martin\Downloads Geladene Profile: Martin (Verfügbare Profile: Martin & Gast) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\loggingserver.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TEco.exe (Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (Braincell consult & research GmbH) C:\Users\Martin\AppData\Local\Programs\Protectorion Data Safe\ProtectorionLauncher.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor) HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH) HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [596328 2009-08-06] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35160 2009-08-06] (TOSHIBA Corporation) HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation) HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-05] (TOSHIBA Corporation) HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation) HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-07-29] (TOSHIBA Corporation) HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1481568 2009-08-26] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-07-30] (Toshiba Europe GmbH) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated) HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2009-08-12] (TOSHIBA) HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2009-06-02] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2446648 2009-08-11] (TOSHIBA CORPORATION.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_45\bin\jusched.exe" HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25577864 2016-03-12] (Dropbox, Inc.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-03-23] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2875464 2016-03-28] () HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1631144 2013-03-29] (Valve Corporation) HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\RunOnce: [Uninstall C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\MountPoints2: {1665bc50-fde0-11e5-8d7f-0026223f32fa} - "F:\HiSuiteDownLoader.exe" ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-04-06] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Benachrichtigungsdienst.lnk [2016-04-06] ShortcutTarget: Update Benachrichtigungsdienst.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-04-06] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-09-08] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-09-08] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\DJ Polterabend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-09-08] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-09-08] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-11-15] ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Protectorion SmartTray.lnk [2012-08-23] ShortcutTarget: Protectorion SmartTray.lnk -> C:\Users\Martin\AppData\Local\Programs\Protectorion Data Safe\ProtectorionLauncher.exe (Braincell consult & research GmbH) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{061292e7-4e0b-48e7-9bf3-0fbbc62c599f}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{2d7f2d4d-f8fb-49aa-92c3-74cfda8e30f6}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{974be9e2-f49d-4c97-9945-4300e9079acb}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{f6556f80-dedb-4c79-bedb-9eb447f983cf}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D3AEC589-1513-473F-81CD-6F41E8B26023}&mid=d5ce895a9a8f47cc98ecd16ff0cb731e-7feb6dfe2b0f8fcb826b0bb4ea7eadf225f38942&lang=de&ds=AVG&coid=avgtbavg&cmpid=0316av&pr=fr&d=2016-03-12 03:33:06&v=4.2.8.608&pid=wtu&sg=&sap=hp HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH SearchScopes: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D3AEC589-1513-473F-81CD-6F41E8B26023}&mid=d5ce895a9a8f47cc98ecd16ff0cb731e-7feb6dfe2b0f8fcb826b0bb4ea7eadf225f38942&lang=de&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2016-03-12 03:33:06&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D3AEC589-1513-473F-81CD-6F41E8B26023}&mid=d5ce895a9a8f47cc98ecd16ff0cb731e-7feb6dfe2b0f8fcb826b0bb4ea7eadf225f38942&lang=de&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2016-03-12 03:33:06&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms} BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.8.608\AVG Web TuneUp.dll [2016-03-28] (AVG) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle Corporation) BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.8.608\AVG Web TuneUp.dll [2016-03-28] (AVG) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle Corporation) Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - Keine Datei Toolbar: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - Keine Datei Toolbar: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default FF DefaultSearchEngine: AVG Secure Search FF SearchEngineOrder.1: Ask.com FF Homepage: hxxp://www.google.de/ FF NetworkProxy: "no_proxies_on", "*.local" FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.8\\npsitesafety.dll [Keine Datei] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2010-12-20] (Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-10] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\askcom.xml [2012-08-18] FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\avg-nation-search.xml [2014-04-27] FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\avg-secure-search.xml [2016-03-28] FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\daemon-search.xml [2010-12-11] FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\google-images.xml [2014-12-02] FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\google-maps.xml [2014-12-02] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml [2014-04-27] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-03-28] FF Extension: AVG Web TuneUp - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\extensions\avg@toolbar.xpi [2016-03-28] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-04-06] [ist nicht signiert] Chrome: ======= CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-06] CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-06] CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-06] CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-06] CHR Extension: (Google Tabellen) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-06] CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-06] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06] CHR Extension: (Google Mail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-06] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <kein Path/update_url> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1074448 2016-03-23] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2015-10-23] (Broadcom Corporation.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-20] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-20] (Dropbox, Inc.) R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3647992 2014-05-14] (devolo AG) S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert] R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH) R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH) R2 vToolbarUpdater40.2.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe [1957448 2016-03-12] (AVG Secure Search) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1216584 2016-03-28] () ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.) R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-10-23] (Broadcom Corporation.) R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2014-05-14] (CACE Technologies) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-12] (Synaptics Incorporated) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45728 2015-10-23] (Toshiba Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-10 08:49 - 2016-04-10 08:51 - 00027547 _____ C:\Users\Martin\Downloads\FRST.txt 2016-04-10 08:49 - 2016-04-10 08:49 - 02374144 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe 2016-04-10 08:49 - 2016-04-10 08:49 - 00000000 ____D C:\FRST 2016-04-09 00:00 - 2016-04-09 00:03 - 01475080 _____ C:\Users\Martin\Downloads\HijackThis - CHIP-Installer.exe 2016-04-07 20:56 - 2016-04-07 20:56 - 00000000 ____D C:\Diagprog 2016-04-06 18:42 - 2016-04-07 20:38 - 00000000 ____D C:\Users\Martin\Desktop\BMW Daten Bimmerfest 2016-04-06 18:32 - 2016-04-06 18:43 - 00000000 ____D C:\Users\Martin\AppData\Local\WinZip 2016-04-06 16:36 - 2016-04-06 18:35 - 536775892 _____ C:\Users\Martin\Downloads\Archive-76be.zip 2016-04-06 15:30 - 2016-04-08 23:26 - 00002273 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-06 15:30 - 2016-04-08 23:26 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-06 15:28 - 2016-04-06 15:28 - 00987728 _____ (Google Inc.) C:\Users\Martin\Downloads\ChromeSetup.exe 2016-04-06 15:23 - 2016-04-08 23:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-06 15:17 - 2016-04-06 15:17 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2016-04-06 15:17 - 2016-04-06 15:17 - 00002108 _____ C:\Users\Public\Desktop\WinZip.lnk 2016-04-06 15:17 - 2016-04-06 15:17 - 00000000 ____D C:\Users\Martin\AppData\Local\Nico Mak Computing 2016-04-06 15:17 - 2016-04-06 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2016-04-06 15:17 - 2016-04-06 15:17 - 00000000 ____D C:\Program Files\WinZip 2016-04-06 15:13 - 2016-04-06 15:14 - 01475080 _____ C:\Users\Martin\Downloads\WinZip 64 Bit - CHIP-Installer.exe 2016-04-06 14:58 - 2016-04-06 14:58 - 00065039 _____ C:\WINDOWS\unins000.dat 2016-04-06 14:58 - 2016-04-06 14:58 - 00001692 _____ C:\Users\Public\Desktop\INPA.lnk 2016-04-06 14:58 - 2016-04-06 14:58 - 00001672 _____ C:\Users\Public\Desktop\WinKFP.lnk 2016-04-06 14:58 - 2016-04-06 14:58 - 00001590 _____ C:\Users\Public\Desktop\NCS-Expertentool.lnk 2016-04-06 14:58 - 2016-04-06 14:58 - 00001563 _____ C:\Users\Public\Desktop\Tool32.lnk 2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMW Standard Tools 2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\NFS-Backup 2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\NCSEXPER 2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\Entwicklungsdaten 2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\EDIABAS 2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\EC-APPS 2016-04-06 14:58 - 2016-04-06 14:55 - 00725002 _____ C:\WINDOWS\unins000.exe 2016-04-06 14:53 - 2016-04-06 14:55 - 33709365 _____ (BMW Group ) C:\Users\Martin\Desktop\Standard_Tools_Setup_2.12.exe 2016-04-06 14:50 - 2016-04-06 14:51 - 02114664 _____ C:\Users\Martin\Downloads\winrar-x64-531d.exe 2016-04-06 11:03 - 2016-04-06 11:04 - 00274740 _____ C:\WINDOWS\Minidump\040616-87078-01.dmp 2016-04-06 11:03 - 2016-04-06 11:03 - 00000000 ____D C:\WINDOWS\Minidump 2016-04-06 10:16 - 2016-04-06 10:16 - 35149164 _____ C:\Users\Martin\Downloads\BMW Standard Tools 2.12.rar 2016-04-05 20:38 - 2016-04-07 20:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-04-05 20:38 - 2016-04-05 20:38 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-04-05 20:38 - 2016-04-05 20:38 - 00001115 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-04-05 20:38 - 2016-04-05 20:38 - 00000000 ____D C:\Users\Martin\AppData\Roaming\TeamViewer 2016-04-05 20:35 - 2016-04-05 20:35 - 01475080 _____ C:\Users\Martin\Downloads\TeamViewer - CHIP-Installer.exe 2016-04-05 19:24 - 2016-04-05 19:45 - 856086033 _____ C:\Users\Martin\Downloads\Windows_XP_Final_Update.zip 2016-04-04 14:38 - 2016-04-04 14:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01005.Wdf 2016-04-04 14:37 - 2016-04-04 16:43 - 00000000 ____D C:\Users\Martin\AppData\Local\APManager 2016-04-04 14:37 - 2016-04-04 14:37 - 00000000 ____D C:\Users\Martin\Documents\APMaps 2016-04-04 14:36 - 2016-04-04 14:36 - 00001323 _____ C:\Users\Martin\Desktop\Accessport Manager.lnk 2016-04-04 14:36 - 2016-04-04 14:36 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessport 2016-04-04 14:36 - 2016-04-04 14:36 - 00000000 ____D C:\Program Files (x86)\Accessport 2016-04-04 14:35 - 2016-04-04 14:36 - 07068638 _____ C:\Users\Martin\Downloads\APManagerSetup.exe 2016-03-28 10:38 - 2016-03-28 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-03-19 12:38 - 2016-03-19 12:38 - 00194671 _____ C:\Users\Martin\Desktop\kfz-kaufvertrag-privat.pdf 2016-03-19 09:52 - 2016-03-19 09:52 - 00147058 _____ C:\Users\Martin\Downloads\kaufvertrag.pdf 2016-03-19 09:46 - 2016-03-19 09:46 - 00184785 _____ C:\Users\Martin\Downloads\kfz-kaufvertrag-privat.pdf 2016-03-19 09:45 - 2016-03-19 09:45 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-03-19 09:43 - 2016-03-19 09:44 - 85161656 _____ (Adobe Systems Incorporated) C:\Users\Martin\Downloads\AcroRdrDC1501020060_de_DE.exe 2016-03-16 09:50 - 2016-03-16 09:50 - 00316352 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftd2xx.dll 2016-03-16 09:50 - 2016-03-16 09:50 - 00274880 _____ (FTDI Ltd.) C:\WINDOWS\system32\FTLang.dll 2016-03-16 09:50 - 2016-03-16 09:50 - 00168384 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftbusui.dll 2016-03-16 09:50 - 2016-03-16 09:50 - 00108352 _____ (FTDI Ltd.) C:\WINDOWS\system32\Drivers\ftdibus.sys 2016-03-16 09:50 - 2016-03-16 09:50 - 00095168 _____ (FTDI Ltd.) C:\WINDOWS\system32\Drivers\ftser2k.sys 2016-03-16 09:50 - 2016-03-16 09:50 - 00075200 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftcserco.dll 2016-03-16 09:50 - 2016-03-16 09:50 - 00065472 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftserui2.dll 2016-03-16 09:44 - 2016-03-16 09:44 - 00274368 _____ (FTDI Ltd.) C:\WINDOWS\SysWOW64\ftd2xx.dll 2016-03-15 20:04 - 2016-03-15 20:04 - 00012150 _____ C:\Users\Martin\Desktop\Kosten.odt 2016-03-12 04:33 - 2016-03-28 10:41 - 00000000 ____D C:\ProgramData\AVG Web TuneUp 2016-03-12 04:33 - 2016-03-12 13:47 - 00000000 ____D C:\Users\Martin\AppData\Local\AVG Web TuneUp 2016-03-12 04:33 - 2016-03-12 04:33 - 00000000 ____D C:\ProgramData\AVG Secure Search 2016-03-12 04:33 - 2016-03-12 04:33 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search 2016-03-12 04:33 - 2016-03-12 04:33 - 00000000 ____D C:\Program Files\AVG Web TuneUp 2016-03-12 04:32 - 2016-03-28 10:41 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp 2016-03-11 20:11 - 2016-03-11 20:11 - 00002439 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-10 08:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-04-10 08:48 - 2012-10-17 12:37 - 00000000 ____D C:\ProgramData\MFAData 2016-04-10 08:48 - 2011-09-14 14:24 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{737F47C7-A605-4F4D-8217-2D285D389E1B} 2016-04-09 09:10 - 2013-03-12 09:35 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-04-09 08:52 - 2015-12-17 05:44 - 02086168 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-04-09 08:52 - 2015-10-30 20:35 - 00889250 _____ C:\WINDOWS\system32\perfh007.dat 2016-04-09 08:52 - 2015-10-30 20:35 - 00197298 _____ C:\WINDOWS\system32\perfc007.dat 2016-04-09 08:52 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-04-09 08:52 - 2010-10-12 18:02 - 00000000 ____D C:\Program Files (x86)\Steam 2016-04-09 01:22 - 2015-08-20 22:19 - 00000000 ___RD C:\Users\Martin\Dropbox 2016-04-09 01:22 - 2015-08-20 22:17 - 00001214 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-04-09 01:22 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Martin\AppData\Local\Dropbox 2016-04-09 01:21 - 2016-02-03 19:18 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-09 01:21 - 2015-08-20 22:17 - 00001210 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-04-09 01:18 - 2015-12-17 06:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-04-09 01:17 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-04-08 23:40 - 2012-05-04 00:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-08 23:05 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-06 18:32 - 2014-08-06 13:35 - 00000000 ____D C:\ProgramData\WinZip 2016-04-06 17:34 - 2010-10-12 15:51 - 00000000 ____D C:\Users\Martin\AppData\Local\Google 2016-04-06 15:30 - 2009-09-08 10:11 - 00000000 ____D C:\Program Files (x86)\Google 2016-04-06 14:51 - 2011-02-01 22:33 - 00000000 ____D C:\Program Files\WinRAR 2016-04-06 11:05 - 2015-12-17 05:45 - 00000000 ____D C:\Users\Martin 2016-04-06 11:03 - 2015-12-17 05:36 - 00288280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-06 11:02 - 2015-12-17 05:35 - 654992433 _____ C:\WINDOWS\MEMORY.DMP 2016-04-06 10:27 - 2015-06-03 14:47 - 00000000 ____D C:\Users\Martin\AppData\Local\Avg 2016-04-05 18:13 - 2015-10-23 17:58 - 00000000 ____D C:\Users\Martin\AppData\Local\Packages 2016-04-04 14:34 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-03-28 10:57 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-03-28 10:38 - 2015-08-20 22:17 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-03-13 04:39 - 2014-04-03 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2016-03-13 04:31 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-03-13 04:31 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-03-13 04:31 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-03-13 04:31 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-03-12 04:33 - 2013-09-28 09:36 - 00000000 ____D C:\ProgramData\AVG Security Toolbar 2016-03-11 20:11 - 2015-10-23 18:10 - 00000000 ___RD C:\Users\Martin\OneDrive ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-09-28 09:36 - 2014-04-27 18:00 - 0001704 _____ () C:\Program Files (x86)\Mozilla Firefoxnation-secure-search.xml 2011-05-23 17:53 - 2011-05-23 17:54 - 0000000 _____ () C:\Users\Martin\AppData\Local\{E4168390-D1AC-4111-95DA-4DE9DDBE3A68} ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-04 16:33 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 durchgeführt von Martin (2016-04-10 08:51:53) Gestartet von C:\Users\Martin\Downloads Windows 10 Home Version 1511 (X64) (2015-12-17 04:08:53) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2000210142-2090411493-3058419309-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2000210142-2090411493-3058419309-503 - Limited - Disabled) Gast (S-1-5-21-2000210142-2090411493-3058419309-501 - Limited - Disabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-2000210142-2090411493-3058419309-1002 - Limited - Enabled) Martin (S-1-5-21-2000210142-2090411493-3058419309-1000 - Administrator - Enabled) => C:\Users\Martin ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) AccessPORT Driver 1.3.1 (HKLM-x32\...\AccessPORT Driver) (Version: - Cobb Tuning Products, LLC.) Accessport Manager 2.1.1.13 (HKLM-x32\...\Accessport Manager) (Version: 2.1.1.13 - Cobb Tuning Products, LLC) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) ALDI NORD Bestellsoftware 4.14.5 (HKLM-x32\...\ALDI NORD Bestellsoftware) (Version: 4.14.5 - ORWO Net) Amazon.de (HKLM-x32\...\{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}) (Version: - Amazon EU S.a.r.L.) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ashampoo WinOptimizer 6.60 (HKLM-x32\...\Ashampoo WinOptimizer 6_is1) (Version: 6.6.0 - Ashampoo GmbH & Co. KG) ATI Catalyst Install Manager (HKLM\...\{0FB2E75A-1024-331F-77EF-D45F71505D58}) (Version: 3.0.732.0 - ATI Technologies, Inc.) AVG (Version: 16.51.7497 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4545 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.51.7497 - AVG Technologies) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.8.608 - AVG Technologies) Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.08(T) - TOSHIBA CORPORATION) BMW Standard Tools (HKLM-x32\...\{ 70994916-61E9-40D2-A30C-89D2C030017F}_is1) (Version: 2.12.0 - BMW Group) Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision) Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward) Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - ) ccc-core-static (x32 Version: 2009.0729.2238.38827 - Ihr Firmenname) Hidden Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.2.2.0 - devolo AG) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden eBay (HKLM-x32\...\{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}) (Version: 1.0.4 - eBay Inc.) FMW 1 (Version: 1.72.2 - AVG Technologies) Hidden Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: 4.3.0.1110 - Foxit Corporation) GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) OpenOffice.org 3.2 (HKLM-x32\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Protectorion Data Safe (HKLM-x32\...\{CA0528BB-7B85-46C9-8D43-D9947C4FF8B5}) (Version: 3.4 - Braincell consult & research GmbH) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.) Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.) Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek) Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform) SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - ) Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - ) SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - ) SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - ) Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software) Skype(TM) Launcher (HKLM-x32\...\{26D8DF7E-DBF8-43A6-8D42-F37497CE603D}) (Version: - Skype Technologies S.A.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer) Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.09 - TOSHIBA) TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}) (Version: 1.0.04.64 - TOSHIBA Corporation) TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.21 - TOSHIBA Corporation) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 for x64 - TOSHIBA Corporation) TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.0.07-A - TOSHIBA Corporation) TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.1.10.64 - TOSHIBA Corporation) TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: - ) TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.1.64 - TOSHIBA Corporation) TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION) TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.11C - TOSHIBA CORPORATION) TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.0 - TOSHIBA Corporation) Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA) Toshiba Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.08.0001 - TOSHIBA) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.4.1.64 - TOSHIBA Corporation) Toshiba Photo Service - powered by myphotobook (HKLM-x32\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.0.0-663 - myphotobook GmbH) TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation) TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA) TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}) (Version: 1.0.04.64 - TOSHIBA Corporation) TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.9.1.12 - TOSHIBA) TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.14 - TOSHIBA) TOSHIBA Supervisorkennwort (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION) TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH) TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.25.64 - TOSHIBA Corporation) TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.4 - TOSHIBA Corporation) TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - ) TRORMCLauncher (Version: 1.0.0.7 - TOSHIBA) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Utility Common Driver (x32 Version: 1.0.50.27C - TOSHIBA) Hidden VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN) Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. ) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {044B1215-AC8B-4E77-9896-BB3344362C67} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {05919AFF-EC96-412D-86E3-667324664A87} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation) Task: {05EB13B5-6715-4E08-B49E-A0A216CC9A06} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {073FCFA6-355C-4A6C-87EE-FF8B52975697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {09569323-E733-4B93-8D8D-381A593BE1CF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {0D8A0B49-C09E-4B6B-9CEE-AECBA3D1C35B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {0F01B5D4-78EC-44DF-9537-C91D3D3FADFD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {1AF1D8E8-F811-409D-91BB-D033AF92E7CA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {1C0A6948-A78E-416E-A3F3-16764F360A22} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated) Task: {1F17ADD9-DCF6-4D73-907D-C4EED30487B1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {2A39DDA4-9482-4ECF-BE57-F06D6AADE905} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {2D5368BA-EDB9-4E86-A668-CF2130BEAD77} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {2FF21FF6-5784-4D89-BE20-1B92DFBBBC00} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {3E21AE4D-8E1B-4AD4-B1A7-E376EF009CF3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {4339889F-04B0-4167-BDF1-D7FE563BC022} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {45D19459-FDE5-43C8-BC71-D9531053DDA9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {52BF854E-2B6C-4F1E-907A-DD2B07443E88} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {5706D1B3-75BF-4BC3-B663-62C8D378372A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {590E6831-A4B6-4AE2-9BD3-8DF8913EAE67} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {59DE207C-051A-4E8E-85D2-F8F11D2198A5} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {671DA0F9-0612-48AD-94BD-768B73DC6111} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {6727E40A-A4C8-4F25-A477-8AD8D3A8F698} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () Task: {6C9D2C6D-659D-4B01-BBC3-E030E7E6B482} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {6D502555-E274-4C58-8374-CCE94D136266} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2000210142-2090411493-3058419309-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe Task: {6FD999AB-8D33-4906-B4C5-C62AD1646349} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {770C0999-696E-41F9-AB91-E499B18436A5} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {815704E9-BC03-48F5-9DEC-5F956C226B8D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {8579D0F4-00EE-4167-89AC-6C6DDEE33197} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2000210142-2090411493-3058419309-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe Task: {892FB8C1-8627-48A2-A445-4EAB957F0F06} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {8F1144E1-D1DC-4E1B-B1DA-63F95B8CC079} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {A0A4EFB4-175B-44A8-99A9-08AD041E1B71} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {A4C6DDD3-C809-4AE5-80B4-B79FCEBF12AF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {A7F7B4A8-81DE-4820-83CD-16FCB0597E50} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe Task: {A9C10BD1-4770-402D-AAC0-27B98D678269} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {AE969F50-0EF6-459E-96AB-6E4D777966B2} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {B1D08977-1F98-4237-929D-56352C50F0D3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-20] (Dropbox, Inc.) Task: {B30B5C5A-A967-4B80-A8A6-88225277ADA7} - System32\Tasks\{6470E94E-3334-4700-9813-AE640EEADA48} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe Task: {B760F9F6-B70F-4F6D-AA30-8DAA7B49F65D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {B9ACC160-DABF-4E33-B7D4-A14D71AB8354} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {BEC47F94-F8A1-4286-B90A-A80D098EC339} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {BF32A50D-33CB-4DBC-9C88-4E159D6CA6D9} - System32\Tasks\{6088A1ED-8355-4C38-BBF4-820B50049834} => pcalua.exe -a "C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EJV31QEW\Firefox%20Setup%203.6.10[1].exe" -d C:\Users\Martin\Desktop Task: {CC7D19B9-1306-4211-9E83-D1EF1437177C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {CEAD5A65-5ACC-48E6-AF3B-2063463FB984} - System32\Tasks\{28A67731-A5EA-40F6-A373-0BBD08DBAD4B} => pcalua.exe -a "C:\Program Files (x86)\Real\RealPlayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|15.0 Task: {DABBE447-B3EC-47DD-8DF7-9B7377534282} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {DFE2AB57-BDAF-475A-BCE8-B29055DE29ED} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-20] (Dropbox, Inc.) Task: {E59539D5-35E9-4941-A7DB-B17BDC5BAEF4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {ED6E7618-D51B-453A-857E-0B6B822403CB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {F2051EDA-EE9A-48A3-9615-8757B43C6E9B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {F81CC4D1-47EE-4AD8-857C-C204181DCA24} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {FBD2A2EB-2B00-4615-B1F1-0820B3F096A0} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2000210142-2090411493-3058419309-1000.job => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2000210142-2090411493-3058419309-1000.job => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protectorion Data Safe\Update ....lnk -> C:\Users\Martin\AppData\Local\Programs\Protectorion Data Safe\update.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-03-28 10:41 - 2016-03-28 10:41 - 01216584 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 2009-08-26 17:58 - 2009-08-26 17:58 - 00553984 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll 2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2016-03-12 04:33 - 2016-03-12 04:32 - 00192584 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\loggingserver.exe 2016-03-02 18:55 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-02 18:55 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-02-03 19:30 - 2016-02-03 19:31 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-19 14:46 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-03-02 18:55 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-15 19:27 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-15 19:27 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-02-03 19:28 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-02-03 19:28 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2009-08-06 14:14 - 2009-08-06 14:14 - 03002728 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll 2009-07-16 15:27 - 2009-07-16 15:27 - 07244600 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll 2009-07-16 15:27 - 2009-07-16 15:27 - 00051512 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll 2009-09-08 10:04 - 2009-06-22 15:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll 2009-03-12 19:08 - 2009-03-12 19:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll 2009-07-25 17:38 - 2009-07-25 17:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll 2016-03-28 10:41 - 2016-03-28 10:41 - 02875464 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe 2009-08-03 18:18 - 2009-08-03 18:18 - 00081752 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll 2016-03-12 04:33 - 2016-03-12 04:32 - 00533576 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\log4cplusU.dll 2016-02-03 19:30 - 2016-02-03 19:31 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-02-03 19:30 - 2016-02-03 19:31 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2010-05-04 16:36 - 2010-05-04 16:36 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2016-03-28 10:38 - 2016-02-23 20:19 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-03-28 10:38 - 2016-02-23 20:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2016-03-28 10:38 - 2016-02-23 20:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-03-28 10:38 - 2016-02-23 20:19 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-03-28 10:38 - 2016-02-23 20:19 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-03-28 10:38 - 2016-02-23 20:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-03-28 10:38 - 2016-03-12 02:18 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-03-28 10:38 - 2016-02-23 20:19 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-03-28 10:38 - 2016-02-23 20:20 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-03-28 10:38 - 2016-03-12 02:18 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-03-28 10:38 - 2016-02-13 02:24 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2016-03-28 10:38 - 2016-03-12 02:18 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-03-28 10:38 - 2016-02-23 20:19 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2016-03-28 10:38 - 2016-02-23 20:19 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-03-28 10:38 - 2016-02-23 20:20 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-03-28 10:38 - 2016-02-23 20:21 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-03-28 10:38 - 2016-03-12 02:18 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-03-28 10:38 - 2016-02-23 20:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2016-03-28 10:38 - 2016-02-23 20:23 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2016-03-28 10:38 - 2016-02-23 20:23 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2016-03-28 10:38 - 2016-03-12 02:18 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2016-03-28 10:38 - 2016-03-12 02:18 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2016-03-28 10:38 - 2016-02-23 20:25 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-04-08 23:41 - 2016-04-08 23:41 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\123simsen.com -> www.123simsen.com Da befinden sich 7648 mehr Seiten. ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2015-10-27 20:33 - 2015-10-27 20:33 - 00434876 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Da befinden sich 14956 zusätzliche Einträge. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "TWebCamera" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{0BFC16B4-C331-4499-B77D-5F9C140A0449}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0D8143BE-B4EB-45DD-A250-50952CDEAA49}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{80FBBD8E-2B8A-416D-98A0-9CCCE859E664}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{6D6343EC-1425-479C-A157-FB0394008CB8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{8516A2EB-BE36-4A0A-A0E8-E794EA0A14B5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe FirewallRules: [{1B38C172-1D33-4729-B171-E71A7C807573}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{9F1054F0-08E3-4079-8C28-E1E5D03B8C29}] => (Allow) svchost.exe FirewallRules: [{4F963B9A-AC62-4B81-88D3-B08104C7A8F4}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{3D2F00DA-0BA9-4CCE-B356-6FC2C52C47D0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A186E83C-614E-4C78-A91C-8875546E6BDB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E8B0F9FB-1B50-41AC-97EA-66E566F2635E}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe FirewallRules: [{57C6F0E7-01EE-44C6-ABBD-4EE565847026}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe FirewallRules: [{DB51191B-2F20-4E9F-9319-2E1D0843E7B5}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe FirewallRules: [{092E92CC-D1A1-4C4F-93FF-2C30DE46EA10}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe FirewallRules: [TCP Query User{4531433B-B2E9-4F3B-B84F-E354284C9948}C:\program files (x86)\microsoft games\age of empires iii\age3.exe] => (Block) C:\program files (x86)\microsoft games\age of empires iii\age3.exe FirewallRules: [UDP Query User{38B97628-FA76-4DDB-B722-194E32FC31D3}C:\program files (x86)\microsoft games\age of empires iii\age3.exe] => (Block) C:\program files (x86)\microsoft games\age of empires iii\age3.exe FirewallRules: [TCP Query User{980E9CD6-4C49-420C-A433-A5B7512BB335}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe FirewallRules: [UDP Query User{D9D75EF5-2CCA-4612-9D10-2531C045DF9F}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe FirewallRules: [TCP Query User{E3C27577-1120-44A2-BA1A-A99A1DCCAD31}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Block) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe FirewallRules: [UDP Query User{06EDC328-A1DB-4196-8E44-C8D98863302A}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Block) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe FirewallRules: [{DFBF0DB7-FB08-4551-9545-ECE6CFD6B21B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{C69F9DE8-6F65-4C2C-AA23-E9D7021D4F8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1126235A-1D57-4A9E-B71F-1910C8D8511C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{BAA3137E-4AC9-4FBA-8B29-20191751049C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{1CD929C5-FC40-4220-9DC1-63D70E0BC858}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe FirewallRules: [{64E7CB07-B151-484A-99D7-DF29A2DEA8A0}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe FirewallRules: [{34B72F2A-876B-4D92-A87A-3419B27C12E5}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe FirewallRules: [{5D40AA08-79FF-4CC4-8F3C-052EDE0B96D3}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe FirewallRules: [TCP Query User{892380FF-10D3-4831-8A85-2A892F14F362}C:\users\martin\desktop\warcraft 1.18\war3.exe] => (Block) C:\users\martin\desktop\warcraft 1.18\war3.exe FirewallRules: [UDP Query User{B5A5B3F8-3D1A-460C-88D2-9CE94DC0B8C7}C:\users\martin\desktop\warcraft 1.18\war3.exe] => (Block) C:\users\martin\desktop\warcraft 1.18\war3.exe FirewallRules: [{F5F1249D-D2F1-46C0-BA38-7B6498AA5C54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe FirewallRules: [{711A7E70-9CFF-47CA-86B1-264175ACEEB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe FirewallRules: [{9BB53347-D821-40B8-8DEC-C265E6B19884}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe FirewallRules: [{D7406BC4-8554-4D1B-A01F-CCB1F373C2AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe FirewallRules: [{3B23CDED-F837-4BD8-A425-E0B9874AF067}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{225AE33F-DDA2-46AC-8CAD-1C22496E687B}C:\users\martin\desktop\age of empires ii\empires2.exe] => (Allow) C:\users\martin\desktop\age of empires ii\empires2.exe FirewallRules: [UDP Query User{EB93B0C0-998E-4E30-B618-A991DA3082AE}C:\users\martin\desktop\age of empires ii\empires2.exe] => (Allow) C:\users\martin\desktop\age of empires ii\empires2.exe FirewallRules: [TCP Query User{8EB90B02-339A-4A66-A910-163D3BD63633}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe FirewallRules: [UDP Query User{92999DC8-5F68-4826-AD2B-403CDC517BC5}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe FirewallRules: [TCP Query User{FB74B361-62A8-40BC-BB32-06D5C2868155}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{35D67AC5-00F3-4626-A13D-9F69C6A05962}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{20EA17D9-A6A4-4B47-9F9F-EA620078C25E}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe FirewallRules: [{0CFC968D-BDF1-476E-9743-C3C91303108B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe FirewallRules: [{2036D734-F707-4B1F-9D95-9DFA98173020}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe FirewallRules: [{3E70CAE4-D396-4781-8595-4845D2655467}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe FirewallRules: [TCP Query User{9C38D606-932A-4B71-81AF-E910A5F859CF}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe FirewallRules: [UDP Query User{38D5E8FA-FFE8-40B5-9CE7-A440671ACE42}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe FirewallRules: [{ABD00674-C197-4F96-997A-7389827881EA}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe FirewallRules: [{83C2D1AA-0E10-4A9D-81B6-5E0AF78CA55A}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe FirewallRules: [{AFA9504B-153B-4A5C-8022-7D94AAE82AA6}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{17AF64C9-CA91-4E82-A2BC-912324D52E2A}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{706A6C80-A328-495E-8988-5AA6C4AB5BB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3EE18752-1DD6-4A85-95BE-63F361D7B661}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D5D14F3B-67F7-46D4-92C1-3147C9F0202F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{75C52CD6-2743-4561-A612-03D07C64CDAC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{8A8BD4C3-7407-48BD-B0AB-3AEFCE6AECF7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [TCP Query User{FAF617ED-2237-4165-9453-BA0218F35AD8}C:\users\dj\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dj\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{C4CCD9D9-AF56-49D3-BBCF-9BC8A8F1F634}C:\users\dj\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dj\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{E00E78AE-7931-4118-9133-6A010A45147C}C:\users\dj\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dj\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{CC187B33-396B-4D83-A68A-63449E5D1AC4}C:\users\dj\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dj\appdata\roaming\spotify\spotify.exe FirewallRules: [{33BDEFCC-B175-4995-A639-8E5F6C7827E8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{96CD4AC7-2DD4-4BCA-859F-80706B9E28DC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{D8D35B1E-65FE-453A-9534-EE27C60C807F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{A5C67F12-466F-4372-8F69-C17405B9541F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{87F4F911-3457-48E0-92BB-A23084BC626B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{1FE41D17-D8BB-4B72-8459-1BD06D5D8527}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{4BFFF07C-B62B-42FA-970D-D3073409C3EA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{C4F5837C-DDA4-4CBB-A9AF-E37593F835D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{7F91FA7B-8AF0-41AD-AAC0-2A250C693A92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C46494AF-FD4C-4D4D-94F7-EF1B8121C7A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{4C58191A-9065-4DB3-9E8B-0056CB580E5C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{BF7D2245-EED3-4176-8B93-70D0FDF83840}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 28-03-2016 10:54:07 Windows Update 04-04-2016 20:24:09 Geplanter Prüfpunkt 06-04-2016 15:16:31 WinZip 20.0 wird installiert ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (04/08/2016 11:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm avgui.exe, Version 16.51.0.7497 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 18cc Startzeit: 01d1900481b56fdb Beendigungszeit: 60000 Anwendungspfad: C:\Program Files (x86)\AVG\Av\avgui.exe Berichts-ID: 8ffdd49d-fdd1-11e5-8d7d-0026223f32fa Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (04/07/2016 08:17:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: devolonetsvc.exe, Version: 4.2.2.0, Zeitstempel: 0x537360e3 Name des fehlerhaften Moduls: devolonetsvc.exe, Version: 4.2.2.0, Zeitstempel: 0x537360e3 Ausnahmecode: 0xc0000417 Fehleroffset: 0x001db17c ID des fehlerhaften Prozesses: 0x98c Startzeit der fehlerhaften Anwendung: 0xdevolonetsvc.exe0 Pfad der fehlerhaften Anwendung: devolonetsvc.exe1 Pfad des fehlerhaften Moduls: devolonetsvc.exe2 Berichtskennung: devolonetsvc.exe3 Vollständiger Name des fehlerhaften Pakets: devolonetsvc.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: devolonetsvc.exe5 Error: (04/06/2016 03:16:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (04/06/2016 10:28:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avgui.exe, Version: 16.51.0.7497, Zeitstempel: 0x56d6b2f6 Name des fehlerhaften Moduls: TBAPI.dll, Version: 0.0.0.0, Zeitstempel: 0x56dc1066 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c270 ID des fehlerhaften Prozesses: 0x18e4 Startzeit der fehlerhaften Anwendung: 0xavgui.exe0 Pfad der fehlerhaften Anwendung: avgui.exe1 Pfad des fehlerhaften Moduls: avgui.exe2 Berichtskennung: avgui.exe3 Vollständiger Name des fehlerhaften Pakets: avgui.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avgui.exe5 Error: (04/05/2016 06:37:03 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (04/04/2016 08:24:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (04/04/2016 04:34:45 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (04/04/2016 02:46:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: taskhostw.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cbf9dd Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000231f7 ID des fehlerhaften Prozesses: 0x2f1c Startzeit der fehlerhaften Anwendung: 0xtaskhostw.exe0 Pfad der fehlerhaften Anwendung: taskhostw.exe1 Pfad des fehlerhaften Moduls: taskhostw.exe2 Berichtskennung: taskhostw.exe3 Vollständiger Name des fehlerhaften Pakets: taskhostw.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: taskhostw.exe5 Error: (03/28/2016 10:55:43 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (03/28/2016 10:40:35 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: ScriptHelper.exe, Version: 4.2.8.608, Zeitstempel: 0x56dc106e Name des fehlerhaften Moduls: ScriptHelper.exe, Version: 4.2.8.608, Zeitstempel: 0x56dc106e Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000155e ID des fehlerhaften Prozesses: 0x16a4 Startzeit der fehlerhaften Anwendung: 0xScriptHelper.exe0 Pfad der fehlerhaften Anwendung: ScriptHelper.exe1 Pfad des fehlerhaften Moduls: ScriptHelper.exe2 Berichtskennung: ScriptHelper.exe3 Vollständiger Name des fehlerhaften Pakets: ScriptHelper.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ScriptHelper.exe5 Systemfehler: ============= Error: (04/10/2016 08:44:40 AM) (Source: BTHUSB) (EventID: 17) (User: ) Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error: (04/09/2016 09:19:39 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (04/09/2016 08:52:09 AM) (Source: BTHUSB) (EventID: 17) (User: ) Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error: (04/09/2016 01:25:30 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (04/09/2016 01:18:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (04/09/2016 01:17:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_540dc erreicht. Error: (04/09/2016 01:16:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_540dc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/08/2016 11:40:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (04/08/2016 11:38:58 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {7006698D-2974-4091-A424-85DD0B909E23} Error: (04/08/2016 11:38:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_5224f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2016-03-28 11:11:13.556 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-16 16:51:40.545 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-13 03:37:19.774 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-11 04:08:36.872 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-04 03:35:58.888 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-03 22:35:00.765 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-29 13:18:16.914 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-11 05:05:14.229 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-03 19:35:38.710 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-23 03:38:48.805 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz Prozentuale Nutzung des RAM: 52% Installierter physikalischer RAM: 4060.87 MB Verfügbarer physikalischer RAM: 1916.42 MB Summe virtueller Speicher: 8156.87 MB Verfügbarer virtueller Speicher: 5858.21 MB ==================== Laufwerke ================================ Drive c: (WINDOWS) (Fixed) (Total:185.81 GB) (Free:16.31 GB) NTFS Drive d: (Data) (Fixed) (Total:185.91 GB) (Free:68.5 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 372.6 GB) (Disk ID: C83D8E54) Partition 1: (Active) - (Size=400 MB) - (Type=27) Partition 2: (Not Active) - (Size=185.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=504 MB) - (Type=27) Partition 4: (Not Active) - (Size=185.9 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
10.04.2016, 19:32 | #4 | |
/// TB-Ausbilder /// Anleitungs-Guru | Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewerZitat:
Schritt 1 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
11.04.2016, 17:47 | #5 |
| Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer Ich hatte mich mit dem Typen über Teamviewer verbunden, es ging grob gesagt um eine Software für meinen BMW. Er hat dann in Windeseile ettliche Ordner von A nach B verschoben und hatte plötzlich 10 Fenster gleichzeitig offen. Mein Verdacht geht nun dahin, dass er im Hintergrund auf meinem PC etwas installiert hat, womit er auch nachträglich noch Zugang zu ihm hat oder ihn ausspäht. Komischerweise war er auch zwischendurch von mir getrennt wegen Verbindungsproblemen, konnte sich später aber ohne neues Passwort für den Teamviewer wieder bei mir einloggen. Das kann doch nicht sein, oder? Code:
ATTFilter 18:38:42.0279 0x12d8 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 18:38:45.0033 0x12d8 ============================================================ 18:38:45.0033 0x12d8 Current date / time: 2016/04/11 18:38:45.0033 18:38:45.0033 0x12d8 SystemInfo: 18:38:45.0033 0x12d8 18:38:45.0033 0x12d8 OS Version: 10.0.10586 ServicePack: 0.0 18:38:45.0033 0x12d8 Product type: Workstation 18:38:45.0033 0x12d8 ComputerName: MARTIN-TOSH 18:38:45.0033 0x12d8 UserName: Martin 18:38:45.0033 0x12d8 Windows directory: C:\WINDOWS 18:38:45.0033 0x12d8 System windows directory: C:\WINDOWS 18:38:45.0033 0x12d8 Running under WOW64 18:38:45.0033 0x12d8 Processor architecture: Intel x64 18:38:45.0033 0x12d8 Number of processors: 2 18:38:45.0033 0x12d8 Page size: 0x1000 18:38:45.0033 0x12d8 Boot type: Normal boot 18:38:45.0033 0x12d8 ============================================================ 18:38:45.0171 0x12d8 KLMD registered as C:\WINDOWS\system32\drivers\63416168.sys 18:38:45.0412 0x12d8 System UUID: {7E76AB96-3770-9979-D99D-7DE5ED0465C0} 18:38:45.0863 0x12d8 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 ( 372.61 Gb ), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:38:45.0877 0x12d8 ============================================================ 18:38:45.0877 0x12d8 \Device\Harddisk0\DR0: 18:38:45.0877 0x12d8 MBR partitions: 18:38:45.0877 0x12d8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x173A0680 18:38:45.0877 0x12d8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17565000, BlocksNum 0x173D4000 18:38:45.0877 0x12d8 ============================================================ 18:38:45.0899 0x12d8 C: <-> \Device\Harddisk0\DR0\Partition1 18:38:45.0944 0x12d8 D: <-> \Device\Harddisk0\DR0\Partition2 18:38:45.0944 0x12d8 ============================================================ 18:38:45.0945 0x12d8 Initialize success 18:38:45.0945 0x12d8 ============================================================ 18:39:16.0612 0x1558 ============================================================ 18:39:16.0612 0x1558 Scan started 18:39:16.0613 0x1558 Mode: Manual; SigCheck; TDLFS; 18:39:16.0613 0x1558 ============================================================ 18:39:16.0613 0x1558 KSN ping started 18:39:19.0045 0x1558 KSN ping finished: true 18:39:20.0875 0x1558 ================ Scan system memory ======================== 18:39:20.0875 0x1558 System memory - ok 18:39:20.0879 0x1558 ================ Scan services ============================= 18:39:21.0148 0x1558 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 18:39:21.0240 0x1558 1394ohci - ok 18:39:21.0288 0x1558 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 18:39:21.0304 0x1558 3ware - ok 18:39:21.0352 0x1558 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 18:39:21.0385 0x1558 ACPI - ok 18:39:21.0429 0x1558 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 18:39:21.0448 0x1558 acpiex - ok 18:39:21.0464 0x1558 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 18:39:21.0495 0x1558 acpipagr - ok 18:39:21.0546 0x1558 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 18:39:21.0610 0x1558 AcpiPmi - ok 18:39:21.0624 0x1558 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 18:39:21.0665 0x1558 acpitime - ok 18:39:21.0745 0x1558 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 18:39:21.0756 0x1558 AdobeARMservice - ok 18:39:21.0902 0x1558 [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:39:21.0939 0x1558 AdobeFlashPlayerUpdateSvc - ok 18:39:22.0057 0x1558 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 18:39:22.0106 0x1558 ADP80XX - ok 18:39:22.0261 0x1558 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys 18:39:22.0294 0x1558 AFD - ok 18:39:22.0334 0x1558 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 18:39:22.0351 0x1558 agp440 - ok 18:39:22.0370 0x1558 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 18:39:22.0424 0x1558 ahcache - ok 18:39:22.0475 0x1558 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll 18:39:22.0540 0x1558 AJRouter - ok 18:39:22.0584 0x1558 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe 18:39:22.0661 0x1558 ALG - ok 18:39:22.0699 0x1558 [ 7FE59496114A48A64E98E3218664A3E6, 1C11EE3686CB7F57783A5A5F56CCED71F61A46B26B0F4C4D04B1B37E8AC5A7D1 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe 18:39:22.0826 0x1558 AMD External Events Utility - ok 18:39:22.0851 0x1558 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 18:39:22.0898 0x1558 AmdK8 - ok 18:39:23.0346 0x1558 [ E66C25946B3D9268D8E10D3769CF4719, C273A59D3A29549E3C8BBF896015CA0E5D64A4ECCD6C2FF360927773DA736022 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys 18:39:24.0111 0x1558 amdkmdag - ok 18:39:24.0165 0x1558 [ D1D66D1D42E53B53AFC7598058E71796, 12A1C8D895891F89745493091174D3FF5A9953F21427E7E1BE1120DA762E0CBD ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys 18:39:24.0228 0x1558 amdkmdap - ok 18:39:24.0250 0x1558 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 18:39:24.0283 0x1558 AmdPPM - ok 18:39:24.0317 0x1558 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 18:39:24.0334 0x1558 amdsata - ok 18:39:24.0357 0x1558 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 18:39:24.0378 0x1558 amdsbs - ok 18:39:24.0392 0x1558 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 18:39:24.0407 0x1558 amdxata - ok 18:39:24.0478 0x1558 [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll 18:39:24.0505 0x1558 AppHostSvc - ok 18:39:24.0544 0x1558 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys 18:39:24.0563 0x1558 AppID - ok 18:39:24.0611 0x1558 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 18:39:24.0672 0x1558 AppIDSvc - ok 18:39:24.0689 0x1558 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll 18:39:24.0729 0x1558 Appinfo - ok 18:39:24.0789 0x1558 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 18:39:24.0851 0x1558 AppReadiness - ok 18:39:24.0955 0x1558 [ 3DF25A56F18D2AB4CF58C1300C8CD323, 34A20004A93BC0F22BF99E56E6657CF0A68B64B375A66408FB1E26ADA7A72FC4 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 18:39:25.0096 0x1558 AppXSvc - ok 18:39:25.0120 0x1558 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 18:39:25.0138 0x1558 arcsas - ok 18:39:25.0254 0x1558 [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:39:25.0271 0x1558 aspnet_state - ok 18:39:25.0312 0x1558 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys 18:39:25.0369 0x1558 AsyncMac - ok 18:39:25.0395 0x1558 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 18:39:25.0410 0x1558 atapi - ok 18:39:25.0451 0x1558 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 18:39:25.0511 0x1558 AudioEndpointBuilder - ok 18:39:25.0593 0x1558 [ 9610CE53A9ED0789C8B669A5F86008F7, 9EE4B3F8528B20682595DDBDB0FF9F98FD8B957EE4C335FDD4382AE30D3C2EA0 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 18:39:25.0660 0x1558 Audiosrv - ok 18:39:25.0787 0x1558 [ 55D62DD579231402745ECCDD1E55C6CC, 29030EDEDDB40F6D78DD52353CB1FFF292A2CD25EF603225FD0A506868915781 ] AvgAMPS C:\Program Files (x86)\AVG\Av\avgamps.exe 18:39:25.0820 0x1558 AvgAMPS - ok 18:39:25.0852 0x1558 [ 344B89E8D91B1F25239310DCC7337ED0, CF57BD6AAA2A1527957DA4BA4FFC8072D4BE071C95A8741690CA051727B4E30C ] Avgboota C:\WINDOWS\system32\DRIVERS\avgboota.sys 18:39:25.0868 0x1558 Avgboota - ok 18:39:25.0902 0x1558 [ FF641C4AD6F27902A7D3CA57BEAA8E80, D5CC8F8BFAE3FFAF9E6FB8130337BACCCC2DB9AE04C8D01A3B7F9037EE3A0ED2 ] Avgdiska C:\WINDOWS\system32\DRIVERS\avgdiska.sys 18:39:25.0916 0x1558 Avgdiska - ok 18:39:26.0082 0x1558 [ F5EB38E929945BB7B476924F4D61DB4F, B28CA18B80D038627A03E9EB176808ABB1CFB3DDE4D00A1CC3D90175169BA35B ] AVGIDSAgent C:\Program Files (x86)\AVG\Av\avgidsagent.exe 18:39:26.0256 0x1558 AVGIDSAgent - ok 18:39:26.0373 0x1558 [ 9A809D3EA1569177B1CFA2A20E334C9D, DFC92C31D37EC49D2972712085E109E4D54C5F475D829F29884B51A523171AFC ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys 18:39:26.0400 0x1558 AVGIDSDriver - ok 18:39:26.0442 0x1558 [ D54A730B8DA065C33901737446D7C006, 5054DE9BD322D8D794AC69A8F2FA91C6FA0D82CB67047796114DB958AB7A9771 ] AVGIDSHA C:\WINDOWS\system32\DRIVERS\avgidsha.sys 18:39:26.0458 0x1558 AVGIDSHA - ok 18:39:26.0513 0x1558 [ D2E83AA008426FC9408272035E50D40B, 6F3B3385C5E1BDBF29343737C5A72A3C8B671016BC805EC51B4C0728807726E3 ] Avgldx64 C:\WINDOWS\system32\DRIVERS\avgldx64.sys 18:39:26.0530 0x1558 Avgldx64 - ok 18:39:26.0556 0x1558 [ 1B77FEC764628B1555086F749D911859, 0A0DA2FBB6472694A4E20E64F381AB99F7FE702E928C5FD2F7C6F353EC029F9B ] Avgloga C:\WINDOWS\system32\DRIVERS\avgloga.sys 18:39:26.0576 0x1558 Avgloga - ok 18:39:26.0625 0x1558 [ 2A9380C58B7CD687EB9709086614820D, 7AB787135E96790740EE6A6A8046F2880B90ECF717359EEA579D2A149B953056 ] Avgmfx64 C:\WINDOWS\system32\DRIVERS\avgmfx64.sys 18:39:26.0642 0x1558 Avgmfx64 - ok 18:39:26.0670 0x1558 [ 392339315A0738429B3C9E92A0F8F995, 3B101C2316DE151D39D88B33B382451C5C05C13FA5A52C4B00C5B7853931680A ] Avgrkx64 C:\WINDOWS\system32\DRIVERS\avgrkx64.sys 18:39:26.0680 0x1558 Avgrkx64 - ok 18:39:26.0829 0x1558 [ BF1DFD9D1246994C8396FBFF472A2EEF, BC53CB81FB52C44148F07946AC5D47039BC33E5F1BB57DDE1F3EF1E635EC982C ] avgsvc C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe 18:39:26.0868 0x1558 avgsvc - ok 18:39:26.0894 0x1558 [ EADED7133726FEEC05C3A7CF0F661590, 2B8A912B77E3A78D44BA0689BDB75DF7838AC18EF153191229019C4DAED93B7B ] Avguniva C:\WINDOWS\system32\DRIVERS\avguniva.sys 18:39:26.0904 0x1558 Avguniva - ok 18:39:26.0943 0x1558 [ 501D3FE6D8A15FB182983E4EA0C6386B, 15B000CA8757B9D91695465D5D842F441FD2FCF0DD1064FF52D04020E5830D8E ] avgwd C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe 18:39:26.0968 0x1558 avgwd - ok 18:39:26.0998 0x1558 [ E1280D6DE33584FF88B128C9A6773719, 0161DD5736BCB0D4DBCEA8FF576E25CB860C5432B330DCD8412CF3BEC64A3C5E ] Avgwfpa C:\WINDOWS\system32\DRIVERS\avgwfpa.sys 18:39:27.0016 0x1558 Avgwfpa - ok 18:39:27.0071 0x1558 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 18:39:27.0109 0x1558 AxInstSV - ok 18:39:27.0168 0x1558 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 18:39:27.0198 0x1558 b06bdrv - ok 18:39:27.0218 0x1558 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 18:39:27.0265 0x1558 BasicDisplay - ok 18:39:27.0270 0x1558 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 18:39:27.0304 0x1558 BasicRender - ok 18:39:27.0332 0x1558 [ F8FE7E12F8151E0A17C23CF840599F9A, 5D1AA3A5DAC08B521A7BE775F32434AFF1F5F19B69CD16D2D94B0D399E61C371 ] bcbtums C:\WINDOWS\system32\drivers\bcbtums.sys 18:39:27.0345 0x1558 bcbtums - ok 18:39:27.0435 0x1558 [ ACB44407FF63C3A5A22AB5782F209604, 86BE221F07EB49D2149710CCCE4F0C24677560FEFD41F093C6D2BA0C962CF5C3 ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe 18:39:27.0514 0x1558 BcmBtRSupport - ok 18:39:27.0552 0x1558 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys 18:39:27.0579 0x1558 bcmfn - ok 18:39:27.0598 0x1558 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 18:39:27.0626 0x1558 bcmfn2 - ok 18:39:27.0677 0x1558 [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 18:39:27.0755 0x1558 BDESVC - ok 18:39:27.0796 0x1558 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 18:39:27.0851 0x1558 Beep - ok 18:39:27.0922 0x1558 [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE C:\WINDOWS\System32\bfe.dll 18:39:27.0998 0x1558 BFE - ok 18:39:28.0101 0x1558 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll 18:39:28.0192 0x1558 BITS - ok 18:39:28.0210 0x1558 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 18:39:28.0244 0x1558 bowser - ok 18:39:28.0292 0x1558 [ 9972A886D911234F833A265D5D641D30, E64199AB64CC60C75371D8421031DC02818C852427C4F66AD3DF7DCDF33952B1 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 18:39:28.0359 0x1558 BrokerInfrastructure - ok 18:39:28.0424 0x1558 [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser C:\WINDOWS\System32\browser.dll 18:39:28.0455 0x1558 Browser - ok 18:39:28.0499 0x1558 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 18:39:28.0565 0x1558 BthAvrcpTg - ok 18:39:28.0591 0x1558 [ 36417FC4F11C31C880CB428037DEDF3F, ACDB798A038E3D5CC350AC53A9EC8E14AD02E2C28AE4578EC0205E6DF537A8F9 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 18:39:28.0633 0x1558 BthEnum - ok 18:39:28.0673 0x1558 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 18:39:28.0706 0x1558 BthHFEnum - ok 18:39:28.0720 0x1558 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 18:39:28.0738 0x1558 bthhfhid - ok 18:39:28.0791 0x1558 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 18:39:28.0864 0x1558 BthHFSrv - ok 18:39:28.0908 0x1558 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 18:39:28.0943 0x1558 BTHMODEM - ok 18:39:28.0958 0x1558 [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys 18:39:28.0980 0x1558 BthPan - ok 18:39:29.0039 0x1558 [ CEFF59649E90987D263D96078724A54A, 3EB69F0BA282085682FB09F1469BF66A84229D8C7A044C6B98B78477716917EE ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys 18:39:29.0106 0x1558 BTHPORT - ok 18:39:29.0146 0x1558 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\WINDOWS\system32\bthserv.dll 18:39:29.0182 0x1558 bthserv - ok 18:39:29.0216 0x1558 [ 0D279373091AA1BBEEE958AAF02B5EDF, 79CEBC2D9345103958DC161C31AC4BE078626D6DC28F6F06C432917872A1E3B4 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys 18:39:29.0240 0x1558 BTHUSB - ok 18:39:29.0261 0x1558 [ BC279FCEE9FC8CBF991D5DE539771AA9, 5DE007672BFBFA78C44CC08251F495420402AFF4AD01541AA84AD37BD4A58190 ] btwampfl C:\WINDOWS\system32\DRIVERS\btwampfl.sys 18:39:29.0274 0x1558 btwampfl - ok 18:39:29.0291 0x1558 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys 18:39:29.0331 0x1558 buttonconverter - ok 18:39:29.0357 0x1558 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys 18:39:29.0406 0x1558 CapImg - ok 18:39:29.0445 0x1558 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 18:39:29.0480 0x1558 cdfs - ok 18:39:29.0545 0x1558 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll 18:39:29.0614 0x1558 CDPSvc - ok 18:39:29.0639 0x1558 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 18:39:29.0678 0x1558 cdrom - ok 18:39:29.0732 0x1558 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll 18:39:29.0779 0x1558 CertPropSvc - ok 18:39:29.0822 0x1558 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys 18:39:29.0840 0x1558 circlass - ok 18:39:29.0888 0x1558 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 18:39:29.0913 0x1558 CLFS - ok 18:39:29.0951 0x1558 [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll 18:39:29.0984 0x1558 ClipSVC - ok 18:39:30.0000 0x1558 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 18:39:30.0043 0x1558 CmBatt - ok 18:39:30.0087 0x1558 [ A1105260EEEE3DBD8D38FD054B22BD00, CA943B0B03527B07690CAFFD53F8ABF14FB3974DAAA1036E54815BD0DAF803D8 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 18:39:30.0119 0x1558 CNG - ok 18:39:30.0166 0x1558 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 18:39:30.0180 0x1558 cnghwassist - ok 18:39:30.0289 0x1558 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys 18:39:30.0342 0x1558 CompositeBus - ok 18:39:30.0350 0x1558 COMSysApp - ok 18:39:30.0387 0x1558 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 18:39:30.0402 0x1558 condrv - ok 18:39:30.0479 0x1558 [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll 18:39:30.0516 0x1558 CoreMessagingRegistrar - ok 18:39:30.0569 0x1558 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 18:39:30.0641 0x1558 CryptSvc - ok 18:39:30.0657 0x1558 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys 18:39:30.0675 0x1558 dam - ok 18:39:30.0697 0x1558 dbupdate - ok 18:39:30.0701 0x1558 dbupdatem - ok 18:39:30.0857 0x1558 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 18:39:30.0933 0x1558 DcomLaunch - ok 18:39:30.0985 0x1558 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll 18:39:31.0048 0x1558 DcpSvc - ok 18:39:31.0102 0x1558 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 18:39:31.0154 0x1558 defragsvc - ok 18:39:31.0215 0x1558 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 18:39:31.0293 0x1558 DeviceAssociationService - ok 18:39:31.0343 0x1558 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 18:39:31.0387 0x1558 DeviceInstall - ok 18:39:31.0584 0x1558 [ 7997CA8D6C36A0E3CBB9283461C365A5, 268A0C5498A990786B5122DBE53A32513943821FB081435E1FB4D04832579D44 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe 18:39:31.0771 0x1558 DevoloNetworkService - ok 18:39:31.0830 0x1558 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll 18:39:31.0898 0x1558 DevQueryBroker - ok 18:39:31.0945 0x1558 [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 18:39:31.0994 0x1558 Dfsc - ok 18:39:32.0101 0x1558 [ D51B32BA3897F630D99713B74B40D6A2, 5EB136A8248E6FA1316CFA273D9DC8F9C8E8CCB9AC00AE23C1337FBF5F6FDBEC ] DfSdkS C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe 18:39:32.0145 0x1558 DfSdkS - detected UnsignedFile.Multi.Generic ( 1 ) 18:39:34.0554 0x1558 Detect skipped due to KSN trusted 18:39:34.0555 0x1558 DfSdkS - ok 18:39:34.0643 0x1558 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 18:39:34.0713 0x1558 Dhcp - ok 18:39:34.0805 0x1558 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe 18:39:34.0842 0x1558 diagnosticshub.standardcollector.service - ok 18:39:34.0940 0x1558 [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 18:39:35.0002 0x1558 DiagTrack - ok 18:39:35.0022 0x1558 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys 18:39:35.0038 0x1558 disk - ok 18:39:35.0092 0x1558 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll 18:39:35.0157 0x1558 DmEnrollmentSvc - ok 18:39:35.0199 0x1558 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 18:39:35.0248 0x1558 dmvsc - ok 18:39:35.0296 0x1558 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll 18:39:35.0351 0x1558 dmwappushservice - ok 18:39:35.0400 0x1558 [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 18:39:35.0437 0x1558 Dnscache - ok 18:39:35.0487 0x1558 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll 18:39:35.0529 0x1558 dot3svc - ok 18:39:35.0550 0x1558 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll 18:39:35.0590 0x1558 DPS - ok 18:39:35.0652 0x1558 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys 18:39:35.0666 0x1558 drmkaud - ok 18:39:35.0716 0x1558 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 18:39:35.0764 0x1558 DsmSvc - ok 18:39:35.0789 0x1558 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll 18:39:35.0837 0x1558 DsSvc - ok 18:39:35.0928 0x1558 [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 18:39:36.0002 0x1558 DXGKrnl - ok 18:39:36.0047 0x1558 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll 18:39:36.0084 0x1558 Eaphost - ok 18:39:36.0259 0x1558 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 18:39:36.0454 0x1558 ebdrv - ok 18:39:36.0496 0x1558 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe 18:39:36.0512 0x1558 EFS - ok 18:39:36.0581 0x1558 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 18:39:36.0597 0x1558 EhStorClass - ok 18:39:36.0623 0x1558 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 18:39:36.0640 0x1558 EhStorTcgDrv - ok 18:39:36.0705 0x1558 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll 18:39:36.0742 0x1558 embeddedmode - ok 18:39:36.0775 0x1558 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 18:39:36.0842 0x1558 EntAppSvc - ok 18:39:36.0863 0x1558 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 18:39:36.0896 0x1558 ErrDev - ok 18:39:36.0968 0x1558 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll 18:39:37.0034 0x1558 EventSystem - ok 18:39:37.0083 0x1558 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 18:39:37.0134 0x1558 exfat - ok 18:39:37.0156 0x1558 [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 18:39:37.0180 0x1558 fastfat - ok 18:39:37.0263 0x1558 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe 18:39:37.0337 0x1558 Fax - ok 18:39:37.0354 0x1558 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 18:39:37.0385 0x1558 fdc - ok 18:39:37.0426 0x1558 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 18:39:37.0448 0x1558 fdPHost - ok 18:39:37.0454 0x1558 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll 18:39:37.0495 0x1558 FDResPub - ok 18:39:37.0518 0x1558 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll 18:39:37.0561 0x1558 fhsvc - ok 18:39:37.0605 0x1558 [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys 18:39:37.0636 0x1558 FileCrypt - ok 18:39:37.0683 0x1558 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 18:39:37.0718 0x1558 FileInfo - ok 18:39:37.0739 0x1558 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 18:39:37.0777 0x1558 Filetrace - ok 18:39:37.0807 0x1558 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 18:39:37.0852 0x1558 flpydisk - ok 18:39:37.0883 0x1558 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 18:39:37.0908 0x1558 FltMgr - ok 18:39:37.0995 0x1558 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\WINDOWS\system32\FntCache.dll 18:39:38.0131 0x1558 FontCache - ok 18:39:38.0218 0x1558 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:39:38.0236 0x1558 FontCache3.0.0.0 - ok 18:39:38.0284 0x1558 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 18:39:38.0320 0x1558 FsDepends - ok 18:39:38.0344 0x1558 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 18:39:38.0366 0x1558 Fs_Rec - ok 18:39:38.0430 0x1558 [ 8EC36B9FD3D25687C3F996200BBB8DED, 7711D8EA638EAF045F6C91C86C98136E8EED81F0B0AABF19984C469F87DDDA68 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys 18:39:38.0442 0x1558 FTDIBUS - ok 18:39:38.0499 0x1558 [ 535AB1F6600D8384145E4A8521194D3F, 570E9D42B3D78E839BDDD96D2051B465E6AEEBC6F1E28DB94EE64F111A7DB18D ] FTSER2K C:\WINDOWS\system32\drivers\ftser2k.sys 18:39:38.0510 0x1558 FTSER2K - ok 18:39:38.0552 0x1558 [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 18:39:38.0584 0x1558 fvevol - ok 18:39:38.0621 0x1558 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 18:39:38.0636 0x1558 gagp30kx - ok 18:39:38.0679 0x1558 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 18:39:38.0719 0x1558 gencounter - ok 18:39:38.0735 0x1558 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys 18:39:38.0778 0x1558 genericusbfn - ok 18:39:38.0834 0x1558 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 18:39:38.0862 0x1558 GPIOClx0101 - ok 18:39:38.0953 0x1558 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 18:39:39.0039 0x1558 gpsvc - ok 18:39:39.0056 0x1558 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys 18:39:39.0089 0x1558 GpuEnergyDrv - ok 18:39:39.0171 0x1558 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:39:39.0194 0x1558 gupdate - ok 18:39:39.0203 0x1558 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:39:39.0217 0x1558 gupdatem - ok 18:39:39.0260 0x1558 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 18:39:39.0292 0x1558 HDAudBus - ok 18:39:39.0314 0x1558 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 18:39:39.0354 0x1558 HidBatt - ok 18:39:39.0404 0x1558 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 18:39:39.0424 0x1558 HidBth - ok 18:39:39.0474 0x1558 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 18:39:39.0503 0x1558 hidi2c - ok 18:39:39.0526 0x1558 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys 18:39:39.0542 0x1558 hidinterrupt - ok 18:39:39.0565 0x1558 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 18:39:39.0598 0x1558 HidIr - ok 18:39:39.0638 0x1558 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll 18:39:39.0669 0x1558 hidserv - ok 18:39:39.0716 0x1558 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 18:39:39.0739 0x1558 HidUsb - ok 18:39:39.0801 0x1558 [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 18:39:39.0849 0x1558 HomeGroupListener - ok 18:39:39.0898 0x1558 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 18:39:39.0943 0x1558 HomeGroupProvider - ok 18:39:39.0996 0x1558 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 18:39:40.0031 0x1558 HpSAMD - ok 18:39:40.0053 0x1558 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys 18:39:40.0062 0x1558 htcnprot - ok 18:39:40.0114 0x1558 [ 318E816717431D3C23DC82779900C744, 363702CC8A5B5FBF5E8CE2DA5C48D52CBD6244C9398B164EFDF1A4B0FAF592E6 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 18:39:40.0160 0x1558 HTTP - ok 18:39:40.0214 0x1558 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 18:39:40.0227 0x1558 hwpolicy - ok 18:39:40.0268 0x1558 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 18:39:40.0310 0x1558 hyperkbd - ok 18:39:40.0331 0x1558 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 18:39:40.0380 0x1558 i8042prt - ok 18:39:40.0421 0x1558 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys 18:39:40.0440 0x1558 iai2c - ok 18:39:40.0468 0x1558 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 18:39:40.0504 0x1558 iaLPSS2i_I2C - ok 18:39:40.0525 0x1558 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 18:39:40.0553 0x1558 iaLPSSi_GPIO - ok 18:39:40.0601 0x1558 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 18:39:40.0669 0x1558 iaLPSSi_I2C - ok 18:39:40.0720 0x1558 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys 18:39:40.0737 0x1558 iaStor - ok 18:39:40.0784 0x1558 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 18:39:40.0819 0x1558 iaStorAV - ok 18:39:40.0850 0x1558 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 18:39:40.0876 0x1558 iaStorV - ok 18:39:40.0911 0x1558 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys 18:39:40.0937 0x1558 ibbus - ok 18:39:40.0971 0x1558 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\WINDOWS\System32\tetheringservice.dll 18:39:41.0021 0x1558 icssvc - ok 18:39:41.0091 0x1558 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 18:39:41.0141 0x1558 IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 18:39:43.0560 0x1558 Detect skipped due to KSN trusted 18:39:43.0561 0x1558 IDriverT - ok 18:39:43.0580 0x1558 IEEtwCollectorService - ok 18:39:43.0671 0x1558 [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT C:\WINDOWS\System32\ikeext.dll 18:39:43.0738 0x1558 IKEEXT - ok 18:39:43.0823 0x1558 [ 0C3CF4B3BAE28E121A1689E3538F8712, 1599785D54E8306872A1DDD8546D316C9B193A85C5AEB37CF956B8C4077B8792 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 18:39:43.0884 0x1558 IntcAzAudAddService - ok 18:39:43.0934 0x1558 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys 18:39:43.0947 0x1558 intelide - ok 18:39:43.0963 0x1558 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 18:39:43.0978 0x1558 intelpep - ok 18:39:43.0999 0x1558 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 18:39:44.0019 0x1558 intelppm - ok 18:39:44.0039 0x1558 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys 18:39:44.0076 0x1558 IoQos - ok 18:39:44.0092 0x1558 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 18:39:44.0113 0x1558 IpFilterDriver - ok 18:39:44.0203 0x1558 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 18:39:44.0279 0x1558 iphlpsvc - ok 18:39:44.0303 0x1558 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 18:39:44.0351 0x1558 IPMIDRV - ok 18:39:44.0400 0x1558 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 18:39:44.0437 0x1558 IPNAT - ok 18:39:44.0451 0x1558 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 18:39:44.0480 0x1558 IRENUM - ok 18:39:44.0525 0x1558 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 18:39:44.0557 0x1558 isapnp - ok 18:39:44.0584 0x1558 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 18:39:44.0606 0x1558 iScsiPrt - ok 18:39:44.0621 0x1558 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 18:39:44.0636 0x1558 kbdclass - ok 18:39:44.0660 0x1558 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 18:39:44.0695 0x1558 kbdhid - ok 18:39:44.0731 0x1558 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys 18:39:44.0762 0x1558 kdnic - ok 18:39:44.0773 0x1558 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe 18:39:44.0788 0x1558 KeyIso - ok 18:39:44.0796 0x1558 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 18:39:44.0813 0x1558 KSecDD - ok 18:39:44.0849 0x1558 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 18:39:44.0867 0x1558 KSecPkg - ok 18:39:44.0916 0x1558 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 18:39:44.0946 0x1558 ksthunk - ok 18:39:44.0999 0x1558 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 18:39:45.0062 0x1558 KtmRm - ok 18:39:45.0107 0x1558 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 18:39:45.0152 0x1558 LanmanServer - ok 18:39:45.0197 0x1558 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 18:39:45.0243 0x1558 LanmanWorkstation - ok 18:39:45.0283 0x1558 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll 18:39:45.0319 0x1558 lfsvc - ok 18:39:45.0328 0x1558 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll 18:39:45.0365 0x1558 LicenseManager - ok 18:39:45.0416 0x1558 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys 18:39:45.0449 0x1558 lltdio - ok 18:39:45.0505 0x1558 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 18:39:45.0551 0x1558 lltdsvc - ok 18:39:45.0591 0x1558 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 18:39:45.0633 0x1558 lmhosts - ok 18:39:45.0683 0x1558 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 18:39:45.0699 0x1558 LSI_SAS - ok 18:39:45.0711 0x2214 Object required for P2P: [ 55D62DD579231402745ECCDD1E55C6CC ] AvgAMPS 18:39:45.0724 0x1558 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys 18:39:45.0741 0x1558 LSI_SAS2i - ok 18:39:45.0760 0x1558 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys 18:39:45.0776 0x1558 LSI_SAS3i - ok 18:39:45.0794 0x1558 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 18:39:45.0810 0x1558 LSI_SSS - ok 18:39:45.0875 0x1558 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll 18:39:45.0931 0x1558 LSM - ok 18:39:45.0952 0x1558 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys 18:39:45.0986 0x1558 luafv - ok 18:39:46.0011 0x1558 [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker C:\WINDOWS\System32\moshost.dll 18:39:46.0048 0x1558 MapsBroker - ok 18:39:46.0089 0x1558 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys 18:39:46.0104 0x1558 megasas - ok 18:39:46.0135 0x1558 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys 18:39:46.0166 0x1558 megasr - ok 18:39:46.0209 0x1558 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll 18:39:46.0247 0x1558 MessagingService - ok 18:39:46.0387 0x1558 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys 18:39:46.0423 0x1558 mlx4_bus - ok 18:39:46.0471 0x1558 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys 18:39:46.0511 0x1558 MMCSS - ok 18:39:46.0532 0x1558 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys 18:39:46.0562 0x1558 Modem - ok 18:39:46.0574 0x1558 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys 18:39:46.0618 0x1558 monitor - ok 18:39:46.0642 0x1558 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 18:39:46.0657 0x1558 mouclass - ok 18:39:46.0708 0x1558 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 18:39:46.0749 0x1558 mouhid - ok 18:39:46.0766 0x1558 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 18:39:46.0783 0x1558 mountmgr - ok 18:39:46.0842 0x1558 [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:39:46.0870 0x1558 MozillaMaintenance - ok 18:39:46.0911 0x1558 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 18:39:46.0946 0x1558 mpsdrv - ok 18:39:47.0006 0x1558 [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 18:39:47.0080 0x1558 MpsSvc - ok 18:39:47.0120 0x1558 [ 2B9A1FF2450BAF7A795941BE471F16EF, DD213BACDAE4E3C4F89BFE54BCE77B2F66D12AA85949147AE8A31049876CAA3E ] MQAC C:\WINDOWS\system32\drivers\mqac.sys 18:39:47.0172 0x1558 MQAC - ok 18:39:47.0215 0x1558 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 18:39:47.0252 0x1558 MRxDAV - ok 18:39:47.0301 0x1558 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 18:39:47.0327 0x1558 mrxsmb - ok 18:39:47.0354 0x1558 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 18:39:47.0406 0x1558 mrxsmb10 - ok 18:39:47.0427 0x1558 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 18:39:47.0447 0x1558 mrxsmb20 - ok 18:39:47.0478 0x1558 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys 18:39:47.0530 0x1558 MsBridge - ok 18:39:47.0584 0x1558 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe 18:39:47.0620 0x1558 MSDTC - ok 18:39:47.0658 0x1558 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 18:39:47.0694 0x1558 Msfs - ok 18:39:47.0733 0x1558 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 18:39:47.0747 0x1558 msgpiowin32 - ok 18:39:47.0768 0x1558 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 18:39:47.0800 0x1558 mshidkmdf - ok 18:39:47.0848 0x1558 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 18:39:47.0875 0x1558 mshidumdf - ok 18:39:47.0891 0x1558 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 18:39:47.0905 0x1558 msisadrv - ok 18:39:47.0953 0x1558 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 18:39:48.0001 0x1558 MSiSCSI - ok 18:39:48.0007 0x1558 msiserver - ok 18:39:48.0029 0x1558 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys 18:39:48.0055 0x1558 MSKSSRV - ok 18:39:48.0076 0x1558 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys 18:39:48.0109 0x1558 MsLldp - ok 18:39:48.0157 0x1558 [ 30130E99810283026C5FA2F57A4BB488, 3CF97CC2F63A7CDEA19C8B2DD73EED161309A7C334FF80567C18423F2DA34249 ] MSMQ C:\WINDOWS\system32\mqsvc.exe 18:39:48.0180 0x2214 Object send P2P result: true 18:39:48.0181 0x2214 Object required for P2P: [ F5EB38E929945BB7B476924F4D61DB4F ] AVGIDSAgent 18:39:48.0207 0x1558 MSMQ - ok 18:39:48.0223 0x1558 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys 18:39:48.0257 0x1558 MSPCLOCK - ok 18:39:48.0296 0x1558 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys 18:39:48.0312 0x1558 MSPQM - ok 18:39:48.0345 0x1558 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 18:39:48.0380 0x1558 MsRPC - ok 18:39:48.0389 0x1558 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 18:39:48.0404 0x1558 mssmbios - ok 18:39:48.0421 0x1558 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys 18:39:48.0437 0x1558 MSTEE - ok 18:39:48.0463 0x1558 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 18:39:48.0494 0x1558 MTConfig - ok 18:39:48.0512 0x1558 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys 18:39:48.0529 0x1558 Mup - ok 18:39:48.0548 0x1558 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 18:39:48.0564 0x1558 mvumis - ok 18:39:48.0628 0x1558 [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 18:39:48.0681 0x1558 NativeWifiP - ok 18:39:48.0733 0x1558 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 18:39:48.0784 0x1558 NcaSvc - ok 18:39:48.0810 0x1558 [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService C:\WINDOWS\System32\ncbservice.dll 18:39:48.0846 0x1558 NcbService - ok 18:39:48.0853 0x1558 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 18:39:48.0947 0x1558 NcdAutoSetup - ok 18:39:48.0973 0x1558 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys 18:39:48.0989 0x1558 ndfltr - ok 18:39:49.0045 0x1558 [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 18:39:49.0093 0x1558 NDIS - ok 18:39:49.0137 0x1558 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys 18:39:49.0178 0x1558 NdisCap - ok 18:39:49.0194 0x1558 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys 18:39:49.0235 0x1558 NdisImPlatform - ok 18:39:49.0285 0x1558 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 18:39:49.0324 0x1558 NdisTapi - ok 18:39:49.0341 0x1558 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys 18:39:49.0372 0x1558 Ndisuio - ok 18:39:49.0393 0x1558 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 18:39:49.0414 0x1558 NdisVirtualBus - ok 18:39:49.0435 0x1558 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys 18:39:49.0474 0x1558 NdisWan - ok 18:39:49.0483 0x1558 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 18:39:49.0507 0x1558 ndiswanlegacy - ok 18:39:49.0545 0x1558 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys 18:39:49.0585 0x1558 ndproxy - ok 18:39:49.0604 0x1558 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 18:39:49.0640 0x1558 Ndu - ok 18:39:49.0661 0x1558 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys 18:39:49.0676 0x1558 NetBIOS - ok 18:39:49.0690 0x1558 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 18:39:49.0742 0x1558 NetBT - ok 18:39:49.0763 0x1558 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe 18:39:49.0778 0x1558 Netlogon - ok 18:39:49.0827 0x1558 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll 18:39:49.0873 0x1558 Netman - ok 18:39:49.0972 0x1558 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:39:49.0988 0x1558 NetMsmqActivator - ok 18:39:49.0994 0x1558 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:39:50.0008 0x1558 NetPipeActivator - ok 18:39:50.0095 0x1558 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 18:39:50.0156 0x1558 netprofm - ok 18:39:50.0199 0x1558 [ 3D58D04A9269CE21B61960544A05573D, 250DB1266EE37BAAA9F9E51434879DB4564A8550FCAB28BAB3308772882850CF ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll 18:39:50.0242 0x1558 NetSetupSvc - ok 18:39:50.0261 0x1558 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:39:50.0275 0x1558 NetTcpActivator - ok 18:39:50.0283 0x1558 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:39:50.0296 0x1558 NetTcpPortSharing - ok 18:39:50.0353 0x1558 [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll 18:39:50.0405 0x1558 NgcCtnrSvc - ok 18:39:50.0455 0x1558 [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll 18:39:50.0519 0x1558 NgcSvc - ok 18:39:50.0576 0x1558 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 18:39:50.0623 0x1558 NlaSvc - ok 18:39:50.0642 0x2214 Object send P2P result: true 18:39:50.0643 0x2214 Object required for P2P: [ 2A9380C58B7CD687EB9709086614820D ] Avgmfx64 18:39:50.0673 0x1558 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 18:39:50.0707 0x1558 Npfs - ok 18:39:50.0850 0x1558 [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys 18:39:50.0876 0x1558 NPF_devolo - ok 18:39:50.0892 0x1558 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 18:39:50.0921 0x1558 npsvctrig - ok 18:39:50.0960 0x1558 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll 18:39:51.0008 0x1558 nsi - ok 18:39:51.0029 0x1558 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 18:39:51.0054 0x1558 nsiproxy - ok 18:39:51.0191 0x1558 [ 58BFFEF692A47FCE3FAAEDBC8F3DCBBB, 4F55CDF153306B17EDEA6F621939990667735676CBA460CC3078789C2766EF68 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys 18:39:51.0270 0x1558 NTFS - ok 18:39:51.0317 0x1558 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys 18:39:51.0347 0x1558 Null - ok 18:39:51.0366 0x1558 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 18:39:51.0383 0x1558 nvraid - ok 18:39:51.0437 0x1558 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 18:39:51.0487 0x1558 nvstor - ok 18:39:51.0505 0x1558 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 18:39:51.0524 0x1558 nv_agp - ok 18:39:51.0634 0x1558 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 18:39:51.0675 0x1558 odserv - ok 18:39:51.0736 0x1558 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll 18:39:51.0787 0x1558 OneSyncSvc - ok 18:39:51.0852 0x1558 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:39:51.0864 0x1558 ose - ok 18:39:51.0961 0x1558 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 18:39:52.0041 0x1558 p2pimsvc - ok 18:39:52.0090 0x1558 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll 18:39:52.0153 0x1558 p2psvc - ok 18:39:52.0178 0x1558 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys 18:39:52.0215 0x1558 Parport - ok 18:39:52.0231 0x1558 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 18:39:52.0248 0x1558 partmgr - ok 18:39:52.0296 0x1558 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 18:39:52.0330 0x1558 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 ) 18:39:53.0304 0x2214 Object send P2P result: true 18:39:53.0305 0x2214 Object required for P2P: [ 501D3FE6D8A15FB182983E4EA0C6386B ] avgwd 18:39:54.0744 0x1558 Detect skipped due to KSN trusted 18:39:54.0744 0x1558 PassThru Service - ok 18:39:54.0830 0x1558 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 18:39:54.0864 0x1558 PcaSvc - ok 18:39:54.0928 0x1558 [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci C:\WINDOWS\system32\drivers\pci.sys 18:39:54.0964 0x1558 pci - ok 18:39:54.0986 0x1558 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 18:39:55.0000 0x1558 pciide - ok 18:39:55.0016 0x1558 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 18:39:55.0033 0x1558 pcmcia - ok 18:39:55.0075 0x1558 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 18:39:55.0089 0x1558 pcw - ok 18:39:55.0103 0x1558 [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc C:\WINDOWS\system32\drivers\pdc.sys 18:39:55.0119 0x1558 pdc - ok 18:39:55.0187 0x1558 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 18:39:55.0236 0x1558 PEAUTH - ok 18:39:55.0255 0x1558 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys 18:39:55.0271 0x1558 percsas2i - ok 18:39:55.0286 0x1558 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys 18:39:55.0302 0x1558 percsas3i - ok 18:39:55.0340 0x1558 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 18:39:55.0366 0x1558 PerfHost - ok 18:39:55.0406 0x1558 [ 663962900E7FEA522126BA287715BB4A, 95CE12CA11E705C293BE4E18845581037D819A7EC812349BCAF4EABC8E7087B1 ] PGEffect C:\WINDOWS\system32\DRIVERS\pgeffect.sys 18:39:55.0414 0x1558 PGEffect - ok 18:39:55.0468 0x1558 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll 18:39:55.0542 0x1558 PhoneSvc - ok 18:39:55.0585 0x1558 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll 18:39:55.0649 0x1558 PimIndexMaintenanceSvc - ok 18:39:55.0740 0x1558 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll 18:39:55.0792 0x2214 Object send P2P result: true 18:39:55.0796 0x2214 Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam 18:39:55.0842 0x1558 pla - ok 18:39:55.0888 0x1558 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 18:39:55.0914 0x1558 PlugPlay - ok 18:39:55.0964 0x1558 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 18:39:56.0016 0x1558 PNRPAutoReg - ok 18:39:56.0048 0x1558 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 18:39:56.0077 0x1558 PNRPsvc - ok 18:39:56.0139 0x1558 [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 18:39:56.0184 0x1558 PolicyAgent - ok 18:39:56.0203 0x1558 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll 18:39:56.0235 0x1558 Power - ok 18:39:56.0293 0x1558 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys 18:39:56.0317 0x1558 PptpMiniport - ok 18:39:56.0519 0x1558 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 18:39:56.0809 0x1558 PrintNotify - ok 18:39:56.0881 0x1558 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys 18:39:56.0927 0x1558 Processor - ok 18:39:56.0972 0x1558 [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc C:\WINDOWS\system32\profsvc.dll 18:39:57.0020 0x1558 ProfSvc - ok 18:39:57.0040 0x1558 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys 18:39:57.0060 0x1558 Psched - ok 18:39:57.0112 0x1558 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll 18:39:57.0153 0x1558 QWAVE - ok 18:39:57.0203 0x1558 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 18:39:57.0232 0x1558 QWAVEdrv - ok 18:39:57.0266 0x1558 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 18:39:57.0309 0x1558 RasAcd - ok 18:39:57.0346 0x1558 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys 18:39:57.0381 0x1558 RasAgileVpn - ok 18:39:57.0412 0x1558 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll 18:39:57.0434 0x1558 RasAuto - ok 18:39:57.0470 0x1558 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys 18:39:57.0514 0x1558 Rasl2tp - ok 18:39:57.0579 0x1558 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll 18:39:57.0639 0x1558 RasMan - ok 18:39:57.0662 0x1558 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 18:39:57.0700 0x1558 RasPppoe - ok 18:39:57.0722 0x1558 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys 18:39:57.0757 0x1558 RasSstp - ok 18:39:57.0786 0x1558 [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 18:39:57.0814 0x1558 rdbss - ok 18:39:57.0831 0x1558 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 18:39:57.0853 0x1558 rdpbus - ok 18:39:57.0920 0x1558 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 18:39:57.0979 0x1558 RDPDR - ok 18:39:58.0007 0x1558 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 18:39:58.0021 0x1558 RdpVideoMiniport - ok 18:39:58.0050 0x1558 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 18:39:58.0072 0x1558 rdyboost - ok 18:39:58.0124 0x1558 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys 18:39:58.0168 0x1558 ReFSv1 - ok 18:39:58.0228 0x1558 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 18:39:58.0252 0x2214 Object send P2P result: true 18:39:58.0260 0x2214 Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c 18:39:58.0283 0x1558 RemoteAccess - ok 18:39:58.0341 0x1558 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 18:39:58.0383 0x1558 RemoteRegistry - ok 18:39:58.0431 0x1558 [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo C:\WINDOWS\system32\RDXService.dll 18:39:58.0514 0x1558 RetailDemo - ok 18:39:58.0548 0x1558 [ 74727B8BF0227820660A79450F2D94EF, 86BC249322A3C63CBC3B532AD86BFDCB5A46A24A767137D02C944B94A899C521 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 18:39:58.0600 0x1558 RFCOMM - ok 18:39:58.0653 0x1558 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 18:39:58.0674 0x1558 RpcEptMapper - ok 18:39:58.0719 0x1558 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe 18:39:58.0779 0x1558 RpcLocator - ok 18:39:58.0859 0x1558 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll 18:39:58.0910 0x1558 RpcSs - ok 18:39:58.0962 0x1558 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys 18:39:58.0997 0x1558 rspndr - ok 18:39:59.0030 0x1558 [ 8C22F21C924413D4E109995F748E18BB, 021369512F4C8F34458E1CD572B3A7F2F9434CB3EA941EBA8E5525263DB38BD7 ] RSUSBSTOR C:\WINDOWS\System32\Drivers\RtsUStor.sys 18:39:59.0113 0x1558 RSUSBSTOR - ok 18:39:59.0181 0x1558 [ FBEFF38DE03450E03E6CD9E8E37A8C74, C1C0876785DB4366D67792A3AFA219FC933FC1894AF93D07B0016BBCC81A5886 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys 18:39:59.0239 0x1558 rt640x64 - ok 18:39:59.0274 0x1558 [ 483C537E69FA97C77F7FE0E2E1C1F102, B5DCC1C669126C558057B328F86071F35B2FF55A0C595A05FC16F2E893BA48E4 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMIVX.sys 18:39:59.0287 0x1558 RTHDMIAzAudService - ok 18:39:59.0369 0x1558 [ 5065AF94871CA7E884F0C9D92073C378, 3868EE0DD6A9FD05FC5EB16FE53F6874A335EB3D46D0B37B2CBDB79A9576DB04 ] rtl8192se C:\WINDOWS\System32\drivers\rtl8192se.sys 18:39:59.0436 0x1558 rtl8192se - ok 18:39:59.0455 0x1558 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 18:39:59.0470 0x1558 s3cap - ok 18:39:59.0486 0x1558 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe 18:39:59.0501 0x1558 SamSs - ok 18:39:59.0527 0x1558 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 18:39:59.0545 0x1558 sbp2port - ok 18:39:59.0593 0x1558 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 18:39:59.0631 0x1558 SCardSvr - ok 18:39:59.0641 0x1558 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 18:39:59.0669 0x1558 ScDeviceEnum - ok 18:39:59.0710 0x1558 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 18:39:59.0738 0x1558 scfilter - ok 18:39:59.0796 0x1558 [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule C:\WINDOWS\system32\schedsvc.dll 18:39:59.0872 0x1558 Schedule - ok 18:39:59.0929 0x1558 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 18:39:59.0984 0x1558 SCPolicySvc - ok 18:40:00.0012 0x1558 [ 70165A0A2653FB8AFDE3D85000727F29, BAC35D7B0296CAC78EAC4266FC96E292174827E0B24ECAF085228B26A5052911 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 18:40:00.0036 0x1558 sdbus - ok 18:40:00.0080 0x1558 [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 18:40:00.0114 0x1558 SDRSVC - ok 18:40:00.0140 0x1558 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 18:40:00.0157 0x1558 sdstor - ok 18:40:00.0175 0x1558 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll 18:40:00.0220 0x1558 seclogon - ok 18:40:00.0260 0x1558 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll 18:40:00.0285 0x1558 SENS - ok 18:40:00.0368 0x1558 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe 18:40:00.0476 0x1558 SensorDataService - ok 18:40:00.0511 0x1558 [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService C:\WINDOWS\system32\SensorService.dll 18:40:00.0564 0x1558 SensorService - ok 18:40:00.0622 0x1558 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 18:40:00.0700 0x1558 SensrSvc - ok 18:40:00.0743 0x2214 Object send P2P result: true 18:40:00.0743 0x2214 Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] |
11.04.2016, 17:50 | #6 |
| TDSSKiller File 2. TeilCode:
ATTFilter iaLPSS2i_I2C 18:40:00.0752 0x1558 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 18:40:00.0776 0x1558 SerCx - ok 18:40:00.0800 0x1558 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 18:40:00.0818 0x1558 SerCx2 - ok 18:40:00.0835 0x1558 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 18:40:00.0873 0x1558 Serenum - ok 18:40:00.0890 0x1558 [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial C:\WINDOWS\System32\drivers\serial.sys 18:40:00.0909 0x1558 Serial - ok 18:40:00.0930 0x1558 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 18:40:00.0959 0x1558 sermouse - ok 18:40:01.0023 0x1558 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll 18:40:01.0072 0x1558 SessionEnv - ok 18:40:01.0131 0x1558 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 18:40:01.0160 0x1558 sfloppy - ok 18:40:01.0202 0x1558 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 18:40:01.0261 0x1558 SharedAccess - ok 18:40:01.0333 0x1558 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 18:40:01.0399 0x1558 ShellHWDetection - ok 18:40:01.0418 0x1558 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 18:40:01.0433 0x1558 SiSRaid2 - ok 18:40:01.0476 0x1558 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 18:40:01.0491 0x1558 SiSRaid4 - ok 18:40:01.0536 0x1558 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 18:40:01.0557 0x1558 SkypeUpdate - ok 18:40:01.0595 0x1558 [ F06D0E0C7CD13DD01DCCBAEB1EBC9283, 6E8C78EE466901650EF4028D6B64F2BF5969C883E8F498E9FAAA3C2A955F0A01 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys 18:40:01.0605 0x1558 SmbDrvI - ok 18:40:01.0646 0x1558 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll 18:40:01.0687 0x1558 smphost - ok 18:40:01.0733 0x1558 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll 18:40:01.0802 0x1558 SmsRouter - ok 18:40:01.0858 0x1558 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 18:40:01.0888 0x1558 SNMPTRAP - ok 18:40:01.0936 0x1558 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 18:40:01.0968 0x1558 spaceport - ok 18:40:01.0988 0x1558 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 18:40:02.0004 0x1558 SpbCx - ok 18:40:02.0057 0x1558 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe 18:40:02.0117 0x1558 Spooler - ok 18:40:02.0393 0x1558 [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc C:\WINDOWS\system32\sppsvc.exe 18:40:02.0743 0x1558 sppsvc - ok 18:40:02.0880 0x1558 [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 18:40:02.0933 0x1558 srv - ok 18:40:02.0953 0x1558 [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 18:40:03.0006 0x1558 srv2 - ok 18:40:03.0018 0x1558 [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 18:40:03.0046 0x1558 srvnet - ok 18:40:03.0170 0x1558 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 18:40:03.0193 0x2214 Object send P2P result: true 18:40:03.0236 0x1558 SSDPSRV - ok 18:40:03.0292 0x1558 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 18:40:03.0333 0x1558 SstpSvc - ok 18:40:03.0502 0x1558 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll 18:40:03.0707 0x1558 StateRepository - ok 18:40:03.0729 0x1558 Steam Client Service - ok 18:40:03.0746 0x1558 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 18:40:03.0760 0x1558 stexstor - ok 18:40:03.0825 0x1558 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll 18:40:03.0883 0x1558 stisvc - ok 18:40:03.0937 0x1558 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 18:40:03.0955 0x1558 storahci - ok 18:40:03.0972 0x1558 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 18:40:03.0987 0x1558 storflt - ok 18:40:04.0004 0x1558 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 18:40:04.0020 0x1558 stornvme - ok 18:40:04.0040 0x1558 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys 18:40:04.0085 0x1558 storqosflt - ok 18:40:04.0134 0x1558 [ 9953FA89A4E3BC33296DAFB1ACFDC62F, D2F2698834691FF7915BDFFB82DB549354311A5DD7D37BF767F95D407AC4019F ] StorSvc C:\WINDOWS\system32\storsvc.dll 18:40:04.0199 0x1558 StorSvc - ok 18:40:04.0239 0x1558 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys 18:40:04.0254 0x1558 storufs - ok 18:40:04.0269 0x1558 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 18:40:04.0286 0x1558 storvsc - ok 18:40:04.0323 0x1558 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll 18:40:04.0364 0x1558 svsvc - ok 18:40:04.0384 0x1558 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 18:40:04.0398 0x1558 swenum - ok 18:40:04.0425 0x1558 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll 18:40:04.0482 0x1558 swprv - ok 18:40:04.0530 0x1558 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys 18:40:04.0559 0x1558 Synth3dVsc - ok 18:40:04.0615 0x1558 [ 1C3F9491A1880C43F95A6F675736BF85, 15B47D3583400B8F8A10483B0E0B0228723F8E95750FADE0CACA64BAB48D8C97 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 18:40:04.0654 0x1558 SynTP - ok 18:40:04.0723 0x1558 [ E1415A51EFD0FB87649954C76BEE32D9, F65B35DE88351CEA4A0DD9CC76EB50EE777F323C4D15EEFCA43321CA4C525FBC ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe 18:40:04.0749 0x1558 SynTPEnhService - ok 18:40:04.0827 0x1558 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll 18:40:04.0894 0x1558 SysMain - ok 18:40:04.0972 0x1558 [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 18:40:05.0021 0x1558 SystemEventsBroker - ok 18:40:05.0065 0x1558 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 18:40:05.0090 0x1558 TabletInputService - ok 18:40:05.0121 0x1558 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 18:40:05.0167 0x1558 TapiSrv - ok 18:40:05.0282 0x1558 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 18:40:05.0379 0x1558 Tcpip - ok 18:40:05.0442 0x1558 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys 18:40:05.0522 0x1558 Tcpip6 - ok 18:40:05.0655 0x1558 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 18:40:05.0705 0x1558 tcpipreg - ok 18:40:05.0741 0x1558 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] TDCMDPST C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys 18:40:05.0749 0x1558 TDCMDPST - ok 18:40:05.0786 0x1558 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 18:40:05.0802 0x1558 tdx - ok 18:40:06.0299 0x1558 [ E9D702580349582413503A28F8329B32, 405CEA2DB2B9EE9EF87E454375BEA6A3F6FB30B95BBD9F397129C73D4CCCC282 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 18:40:06.0701 0x1558 TeamViewer - ok 18:40:06.0786 0x1558 [ 1B709733A04DCC41A63F9CD1F76A4EBE, 3973F7BA3CC5395040F68B60950A836D729B487BF7F732D31915064F7DA4C838 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe 18:40:06.0817 0x1558 TemproMonitoringService - ok 18:40:06.0868 0x1558 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 18:40:06.0890 0x1558 terminpt - ok 18:40:06.0979 0x1558 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll 18:40:07.0052 0x1558 TermService - ok 18:40:07.0073 0x1558 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll 18:40:07.0116 0x1558 Themes - ok 18:40:07.0150 0x1558 [ 93EBCBD28E42875B223C6824AF66DFAA, 681DA2A03A7ABEF97593B45E458A0E2DA671350F3A8741DB6C43F8298DC21FF3 ] Thotkey C:\WINDOWS\System32\drivers\Thotkey.sys 18:40:07.0160 0x1558 Thotkey - ok 18:40:07.0222 0x1558 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe 18:40:07.0279 0x1558 TieringEngineService - ok 18:40:07.0328 0x1558 [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll 18:40:07.0423 0x1558 tiledatamodelsvc - ok 18:40:07.0462 0x1558 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 18:40:07.0504 0x1558 TimeBroker - ok 18:40:07.0592 0x1558 [ 71C321649B28638EE80A2EEB164C1DC8, D75D296B506DCC38A4DED82C71141388AEB60B065785DCC5BC2F4B3B77ACEDC7 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 18:40:07.0607 0x1558 TMachInfo - ok 18:40:07.0638 0x1558 [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv C:\Windows\system32\TODDSrv.exe 18:40:07.0649 0x1558 TODDSrv - ok 18:40:07.0731 0x1558 [ 4DB8C79BCEA76063B83B13410366A1F7, 401521222F2E76D6D2E953006EB7C1DBBEA519306B83592DA0031F8ED656CDDE ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 18:40:07.0766 0x1558 TosCoSrv - ok 18:40:07.0812 0x1558 [ 707800855AFBD7648375EFB1519B8D6D, 29B572174C9DE4ACA15B8A5AF27038781DA14A158558A648C9EC5CAF096B60CF ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe 18:40:07.0826 0x1558 TOSHIBA eco Utility Service - ok 18:40:07.0883 0x1558 [ DD58E1250F604CBBADDA04575E5E2376, 2A5BF5903BE2CA756124FCC66ED8DFD860EC6B30997962302682BE328F9B1E0F ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 18:40:07.0902 0x1558 TOSHIBA HDD SSD Alert Service - ok 18:40:07.0926 0x1558 [ E54143FA5F4D7D651364EBD2E6C1EECC, 52986D58A5176F57CCD7AD68DAA7A00E4A9F93872425BC6D20113CA50D4C31B3 ] tosrfec C:\WINDOWS\System32\drivers\tosrfec.sys 18:40:07.0935 0x1558 tosrfec - ok 18:40:07.0977 0x1558 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8, 0D2CC72B7E02B92C9A1D6B76300B75A39427046903326642B9D511A51A795027 ] tos_sps64 C:\WINDOWS\system32\drivers\tos_sps64.sys 18:40:08.0008 0x1558 tos_sps64 - ok 18:40:08.0079 0x1558 [ DE64C52BD0671165CF2EEBF2A728A3E2, 201E7D2CD34248AEAB961C87C8481FA1CD253621C5F26C121F5017D422C74288 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe 18:40:08.0109 0x1558 TPCHSrv - ok 18:40:08.0160 0x1558 [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM C:\WINDOWS\System32\drivers\tpm.sys 18:40:08.0179 0x1558 TPM - ok 18:40:08.0225 0x1558 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll 18:40:08.0261 0x1558 TrkWks - ok 18:40:08.0343 0x1558 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 18:40:08.0376 0x1558 TrustedInstaller - ok 18:40:08.0398 0x1558 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys 18:40:08.0466 0x1558 tsusbflt - ok 18:40:08.0506 0x1558 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 18:40:08.0546 0x1558 TsUsbGD - ok 18:40:08.0571 0x1558 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys 18:40:08.0606 0x1558 tunnel - ok 18:40:08.0629 0x1558 [ 63165D1FA4D51838CD8D7AA3CB4E2651, 70500C52A86ED002502EEBC3A40F5F4EEAEF086B9AC8540C9178FDD770E1265C ] TVALZ C:\WINDOWS\system32\drivers\TVALZ_O.SYS 18:40:08.0640 0x1558 TVALZ - ok 18:40:08.0667 0x1558 [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL C:\WINDOWS\system32\DRIVERS\TVALZFL.sys 18:40:08.0675 0x1558 TVALZFL - ok 18:40:08.0719 0x1558 [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll 18:40:08.0752 0x1558 tzautoupdate - ok 18:40:08.0767 0x1558 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 18:40:08.0783 0x1558 uagp35 - ok 18:40:08.0830 0x1558 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 18:40:08.0846 0x1558 UASPStor - ok 18:40:08.0865 0x1558 [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys 18:40:08.0897 0x1558 UcmCx0101 - ok 18:40:08.0912 0x1558 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys 18:40:08.0930 0x1558 UcmUcsi - ok 18:40:08.0955 0x1558 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys 18:40:08.0975 0x1558 Ucx01000 - ok 18:40:08.0992 0x1558 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys 18:40:09.0040 0x1558 UdeCx - ok 18:40:09.0093 0x1558 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 18:40:09.0129 0x1558 udfs - ok 18:40:09.0167 0x1558 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 18:40:09.0181 0x1558 UEFI - ok 18:40:09.0226 0x1558 [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys 18:40:09.0248 0x1558 Ufx01000 - ok 18:40:09.0280 0x1558 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys 18:40:09.0296 0x1558 UfxChipidea - ok 18:40:09.0369 0x1558 [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys 18:40:09.0387 0x1558 ufxsynopsys - ok 18:40:09.0437 0x1558 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 18:40:09.0478 0x1558 UI0Detect - ok 18:40:09.0498 0x1558 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 18:40:09.0514 0x1558 uliagpkx - ok 18:40:09.0533 0x1558 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 18:40:09.0568 0x1558 umbus - ok 18:40:09.0610 0x1558 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 18:40:09.0640 0x1558 UmPass - ok 18:40:09.0687 0x1558 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 18:40:09.0714 0x1558 UmRdpService - ok 18:40:09.0802 0x1558 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll 18:40:09.0902 0x1558 UnistoreSvc - ok 18:40:10.0012 0x1558 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll 18:40:10.0067 0x1558 upnphost - ok 18:40:10.0083 0x1558 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys 18:40:10.0098 0x1558 UrsChipidea - ok 18:40:10.0124 0x1558 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys 18:40:10.0139 0x1558 UrsCx01000 - ok 18:40:10.0150 0x1558 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys 18:40:10.0165 0x1558 UrsSynopsys - ok 18:40:10.0181 0x1558 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 18:40:10.0199 0x1558 usbccgp - ok 18:40:10.0239 0x1558 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 18:40:10.0273 0x1558 usbcir - ok 18:40:10.0315 0x1558 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 18:40:10.0333 0x1558 usbehci - ok 18:40:10.0350 0x1558 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 18:40:10.0379 0x1558 usbhub - ok 18:40:10.0421 0x1558 [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 18:40:10.0452 0x1558 USBHUB3 - ok 18:40:10.0498 0x1558 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 18:40:10.0526 0x1558 usbohci - ok 18:40:10.0547 0x1558 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 18:40:10.0565 0x1558 usbprint - ok 18:40:10.0603 0x1558 [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser C:\WINDOWS\System32\drivers\usbser.sys 18:40:10.0651 0x1558 usbser - ok 18:40:10.0687 0x1558 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 18:40:10.0704 0x1558 USBSTOR - ok 18:40:10.0751 0x1558 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 18:40:10.0786 0x1558 usbuhci - ok 18:40:10.0838 0x1558 [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 18:40:10.0875 0x1558 usbvideo - ok 18:40:10.0889 0x1558 [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 18:40:10.0914 0x1558 USBXHCI - ok 18:40:10.0987 0x1558 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll 18:40:11.0076 0x1558 UserDataSvc - ok 18:40:11.0168 0x1558 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll 18:40:11.0251 0x1558 UserManager - ok 18:40:11.0300 0x1558 [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc C:\WINDOWS\system32\usocore.dll 18:40:11.0355 0x1558 UsoSvc - ok 18:40:11.0375 0x1558 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe 18:40:11.0391 0x1558 VaultSvc - ok 18:40:11.0401 0x1558 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 18:40:11.0416 0x1558 vdrvroot - ok 18:40:11.0480 0x1558 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe 18:40:11.0549 0x1558 vds - ok 18:40:11.0606 0x1558 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 18:40:11.0626 0x1558 VerifierExt - ok 18:40:11.0662 0x1558 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 18:40:11.0697 0x1558 vhdmp - ok 18:40:11.0717 0x1558 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys 18:40:11.0734 0x1558 vhf - ok 18:40:11.0754 0x1558 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 18:40:11.0771 0x1558 vmbus - ok 18:40:11.0786 0x1558 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 18:40:11.0818 0x1558 VMBusHID - ok 18:40:11.0874 0x1558 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 18:40:11.0918 0x1558 vmicguestinterface - ok 18:40:11.0936 0x1558 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 18:40:11.0971 0x1558 vmicheartbeat - ok 18:40:11.0986 0x1558 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 18:40:12.0020 0x1558 vmickvpexchange - ok 18:40:12.0036 0x1558 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 18:40:12.0070 0x1558 vmicrdv - ok 18:40:12.0086 0x1558 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 18:40:12.0121 0x1558 vmicshutdown - ok 18:40:12.0136 0x1558 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 18:40:12.0170 0x1558 vmictimesync - ok 18:40:12.0185 0x1558 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll 18:40:12.0220 0x1558 vmicvmsession - ok 18:40:12.0236 0x1558 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll 18:40:12.0270 0x1558 vmicvss - ok 18:40:12.0315 0x1558 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 18:40:12.0338 0x1558 volmgr - ok 18:40:12.0353 0x1558 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 18:40:12.0380 0x1558 volmgrx - ok 18:40:12.0399 0x1558 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 18:40:12.0427 0x1558 volsnap - ok 18:40:12.0481 0x1558 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 18:40:12.0499 0x1558 vpci - ok 18:40:12.0526 0x1558 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 18:40:12.0548 0x1558 vsmraid - ok 18:40:12.0636 0x1558 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe 18:40:12.0719 0x1558 VSS - ok 18:40:12.0771 0x1558 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 18:40:12.0795 0x1558 VSTXRAID - ok 18:40:12.0927 0x1558 [ 6D76E501E29F743259C87E8CD38DEDCE, 5DE27843DD8D7D124B30629087B92365FAA57407B1139DED6D655F335BB6451F ] vToolbarUpdater40.2.8 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe 18:40:12.0994 0x1558 vToolbarUpdater40.2.8 - ok 18:40:13.0044 0x1558 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 18:40:13.0080 0x1558 vwifibus - ok 18:40:13.0099 0x1558 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys 18:40:13.0133 0x1558 vwififlt - ok 18:40:13.0185 0x1558 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll 18:40:13.0228 0x1558 W32Time - ok 18:40:13.0306 0x1558 [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll 18:40:13.0336 0x1558 w3logsvc - ok 18:40:13.0400 0x1558 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll 18:40:13.0450 0x1558 W3SVC - ok 18:40:13.0468 0x1558 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 18:40:13.0500 0x1558 WacomPen - ok 18:40:13.0552 0x1558 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll 18:40:13.0613 0x1558 WalletService - ok 18:40:13.0629 0x1558 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 18:40:13.0665 0x1558 wanarp - ok 18:40:13.0670 0x1558 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 18:40:13.0691 0x1558 wanarpv6 - ok 18:40:13.0722 0x1558 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll 18:40:13.0759 0x1558 WAS - ok 18:40:13.0852 0x1558 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe 18:40:13.0945 0x1558 wbengine - ok 18:40:13.0994 0x1558 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 18:40:14.0057 0x1558 WbioSrvc - ok 18:40:14.0112 0x1558 [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 18:40:14.0155 0x1558 Wcmsvc - ok 18:40:14.0206 0x1558 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 18:40:14.0259 0x1558 wcncsvc - ok 18:40:14.0277 0x1558 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 18:40:14.0307 0x1558 WcsPlugInService - ok 18:40:14.0348 0x1558 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 18:40:14.0364 0x1558 WdBoot - ok 18:40:14.0435 0x1558 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 18:40:14.0470 0x1558 Wdf01000 - ok 18:40:14.0497 0x1558 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 18:40:14.0520 0x1558 WdFilter - ok 18:40:14.0559 0x1558 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 18:40:14.0601 0x1558 WdiServiceHost - ok 18:40:14.0607 0x1558 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 18:40:14.0633 0x1558 WdiSystemHost - ok 18:40:14.0710 0x1558 [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys 18:40:14.0764 0x1558 wdiwifi - ok 18:40:14.0780 0x1558 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 18:40:14.0797 0x1558 WdNisDrv - ok 18:40:14.0817 0x1558 WdNisSvc - ok 18:40:14.0875 0x1558 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll 18:40:14.0907 0x1558 WebClient - ok 18:40:14.0917 0x1558 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 18:40:14.0945 0x1558 Wecsvc - ok 18:40:14.0966 0x1558 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 18:40:15.0006 0x1558 WEPHOSTSVC - ok 18:40:15.0052 0x1558 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 18:40:15.0080 0x1558 wercplsupport - ok 18:40:15.0103 0x1558 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 18:40:15.0135 0x1558 WerSvc - ok 18:40:15.0160 0x1558 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys 18:40:15.0178 0x1558 WFPLWFS - ok 18:40:15.0233 0x1558 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 18:40:15.0271 0x1558 WiaRpc - ok 18:40:15.0298 0x1558 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 18:40:15.0313 0x1558 WIMMount - ok 18:40:15.0316 0x1558 WinDefend - ok 18:40:15.0337 0x1660 Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC 18:40:15.0347 0x1558 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys 18:40:15.0366 0x1558 WindowsTrustedRT - ok 18:40:15.0389 0x1558 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys 18:40:15.0404 0x1558 WindowsTrustedRTProxy - ok 18:40:15.0473 0x1558 [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 18:40:15.0536 0x1558 WinHttpAutoProxySvc - ok 18:40:15.0589 0x1558 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys 18:40:15.0633 0x1558 WinMad - ok 18:40:15.0711 0x1558 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 18:40:15.0759 0x1558 Winmgmt - ok 18:40:15.0906 0x1558 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll 18:40:16.0086 0x1558 WinRM - ok 18:40:16.0143 0x1558 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS 18:40:16.0162 0x1558 WINUSB - ok 18:40:16.0180 0x1558 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys 18:40:16.0196 0x1558 WinVerbs - ok 18:40:16.0301 0x1558 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 18:40:16.0441 0x1558 WlanSvc - ok 18:40:16.0570 0x1558 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 18:40:16.0697 0x1558 wlidsvc - ok 18:40:16.0724 0x1558 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 18:40:16.0756 0x1558 WmiAcpi - ok 18:40:16.0817 0x1558 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 18:40:16.0859 0x1558 wmiApSrv - ok 18:40:16.0883 0x1558 WMPNetworkSvc - ok 18:40:16.0940 0x1558 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys 18:40:16.0960 0x1558 Wof - ok 18:40:17.0064 0x1558 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 18:40:17.0181 0x1558 workfolderssvc - ok 18:40:17.0231 0x1558 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 18:40:17.0266 0x1558 wpcfltr - ok 18:40:17.0323 0x1558 [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 18:40:17.0356 0x1558 WPDBusEnum - ok 18:40:17.0382 0x1558 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 18:40:17.0399 0x1558 WpdUpFltr - ok 18:40:17.0454 0x1558 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll 18:40:17.0516 0x1558 WpnService - ok 18:40:17.0535 0x1558 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 18:40:17.0554 0x1558 ws2ifsl - ok 18:40:17.0601 0x1558 [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc C:\WINDOWS\System32\wscsvc.dll 18:40:17.0642 0x1558 wscsvc - ok 18:40:17.0692 0x1558 [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys 18:40:17.0715 0x1558 WSDPrintDevice - ok 18:40:17.0727 0x1558 WSearch - ok 18:40:17.0783 0x1660 Object send P2P result: true 18:40:17.0793 0x1660 Object required for P2P: [ AD43141CE6D5074DA1D28B5BCD4E4507 ] RetailDemo 18:40:17.0874 0x1558 [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService C:\WINDOWS\System32\WSService.dll 18:40:18.0121 0x1558 WSService - ok 18:40:18.0204 0x1558 [ 1AB42ABF8BE9C2B7B7B8B3A6234A4C15, 1D23E07E9390A922A308EB3205A9DDA6697BBC2953E8DCC691B4D0BCD15ECEB8 ] WtuSystemSupport C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 18:40:18.0247 0x1558 WtuSystemSupport - ok 18:40:18.0384 0x1558 [ 722FA682ED9EA8B85FA843A5C8F39E61, 47B09984582E55C22450A851FAF00EBEC76CD46149B19B199916255D553C6BF8 ] wuauserv C:\WINDOWS\system32\wuaueng.dll 18:40:18.0510 0x1558 wuauserv - ok 18:40:18.0561 0x1558 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 18:40:18.0581 0x1558 WudfPf - ok 18:40:18.0591 0x1558 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys 18:40:18.0617 0x1558 WUDFRd - ok 18:40:18.0662 0x1558 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 18:40:18.0685 0x1558 wudfsvc - ok 18:40:18.0696 0x1558 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 18:40:18.0721 0x1558 WUDFWpdFs - ok 18:40:18.0731 0x1558 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 18:40:18.0756 0x1558 WUDFWpdMtp - ok 18:40:18.0831 0x1558 [ 417D1526811D9646A7E8779209F11361, 220FE28801474AB26579F2A37D792975D9AAD2384B420BCE52215B1389E08F91 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 18:40:18.0922 0x1558 WwanSvc - ok 18:40:18.0986 0x1558 [ 405A419F4CDAC3C18F91FEDBD146C0A8, 92A6539AE6FC1B140366A0F733FDB784CAFB2359C4E0E2DF80629FEEA2CBFC98 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll 18:40:19.0047 0x1558 XblAuthManager - ok 18:40:19.0114 0x1558 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll 18:40:19.0193 0x1558 XblGameSave - ok 18:40:19.0239 0x1558 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys 18:40:19.0279 0x1558 xboxgip - ok 18:40:19.0361 0x1558 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll 18:40:19.0440 0x1558 XboxNetApiSvc - ok 18:40:19.0472 0x1558 [ DBACD4E4FE191D0CE7C624ACA389535E, A706DA0A284398E80AEB6FBE1B5F6C3192C3F4D1C1B7533528D689D163374DDF ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys 18:40:19.0490 0x1558 xinputhid - ok 18:40:19.0495 0x1558 ================ Scan global =============================== 18:40:19.0559 0x1558 [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll 18:40:19.0607 0x1558 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll 18:40:19.0652 0x1558 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll 18:40:19.0683 0x1558 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe 18:40:19.0696 0x1558 [ Global ] - ok 18:40:19.0696 0x1558 ================ |
11.04.2016, 21:31 | #7 |
/// TB-Ausbilder /// Anleitungs-Guru | Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer Und warum lässt Du den auf den PC? Das mit Teamviewer kann durchaus sein, man kann den PC auch neu starten und wird automatisch verbunden. Das siehst aber ja, ob Teamviewer läuft. Bei sowas kann man aber nur durch Neuinstallation ganz sicher sein. Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
12.04.2016, 18:41 | #8 |
| Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer Ich musste das Steuergerät umprogrammieren im Auto und dabei wollte er mir helfen (kannte ich nur über ein BMW-Forum). Folgende Frage hab ich da noch: Er hatte mir am nächsten Tag geschrieben, ob ich zu hause bin und ob ich meinen Laptop zur Hand hab. Ich hab dann geantwortet, dass ich arbeite und der Laptop zu hause liegt. Im Nachhinein kam mir auch das komisch vor...ist es möglich, dass er sich da nochmal in meinem Laptop eingeloggt hat, ohne dass ich dabei war? Danke für deine Geduld mit mir! Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=c4fc1a08db6b164fa9ddf73e112dc0d7 # end=init # utc_time=2016-04-12 12:26:16 # local_time=2016-04-12 02:26:16 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 29024 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=c4fc1a08db6b164fa9ddf73e112dc0d7 # end=updated # utc_time=2016-04-12 12:29:32 # local_time=2016-04-12 02:29:32 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=c4fc1a08db6b164fa9ddf73e112dc0d7 # engine=29024 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2016-04-12 03:24:04 # local_time=2016-04-12 05:24:04 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 14248132 15162608 0 0 # scanned=294904 # found=10 # cleaned=0 # scan_time=10470 sh=C1C66AA7FFD537DF1720DD63E3BE4E009B0793F2 ft=1 fh=c25b5c4dff3942af vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\AppData\Local\Temp\DMR\dmr_72.exe" sh=69948DCD1A77D2488CFE067BBEDBFE992C94408F ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\1e87da46595dd36f9638122cdf2e0615\wz200gev-64.msi" sh=781EBA75216AA639D2CC169EBFF940B61B9ACB99 ft=1 fh=ef3ad0c39b26277d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\7 Zip 32 Bit - CHIP-Installer.exe" sh=1DFC5F6F64CB56D04C3EEA5DA32EC43E58EB72A7 ft=1 fh=29ea6a66be887c11 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\ashampoo_winoptimizer_6_6.60_7593.exe" sh=76CF07C34A14B678F90FE088AC10A3F3F3D116A4 ft=1 fh=a2037e15ee781fd2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\HijackThis - CHIP-Installer.exe" sh=975FA954A83707F4A8342E88DD9DC63D97ADD42D ft=1 fh=4b7f987a63c09f77 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\pSX1.13 - CHIP-Installer.exe" sh=B6BC8BFD7315AD0A3B8643A20C7945F661560F18 ft=1 fh=589cede5bc25aab1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\Spotify - CHIP-Installer.exe" sh=AD814750DE5587910E97D72B933CE50D49AD5AEE ft=1 fh=48346e2f0aa83648 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\TeamViewer - CHIP-Installer.exe" sh=9A030E4181F215768B7B27315FC10B1AEC88E618 ft=1 fh=cbbb12d67d6f65b9 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\WinZip 64 Bit - CHIP-Installer.exe" sh=69948DCD1A77D2488CFE067BBEDBFE992C94408F ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\1055b5.msi" |
12.04.2016, 22:48 | #9 | |
/// TB-Ausbilder /// Anleitungs-Guru | Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer Malware ist da keine. Zitat:
Wie gesagt, hat man direkten Zugriff auf den PC kann man viel machen.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
13.04.2016, 17:42 | #10 |
| Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer ok...und Spyware auch nicht? was mache ich denn jetzt mit den infizierten Dateien? hab AVG aufm PC, soll ich alle Dateien damit vernichten? |
14.04.2016, 10:54 | #11 |
/// TB-Ausbilder /// Anleitungs-Guru | Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
Themen zu Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer |
adobe, adobe flash player, alert, avg, bho, cid, defender, explorer, flash player, google, hack?, helper, hijack, hijack auswertung, hijackthis, hängt, internet, internet explorer, logfile, malware, malware / spyware, mozilla, performance, secure search, senden, software, spyware, temp, windows, windowsapps |