Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.06.2016, 17:15   #1
Der Anfänger
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Böse

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Könnt Ihr mir bitte helfen, ich habe Win 10, Avast Premier, Spybot Antimalware.
Ich habe schon diverse Sachen ausprobiert, Revo Uninstaller, Adaware cleaner...
Von den sonst angebotenen Programmen habe ich lieber Abstand genommen...
Im Windows Forum auch nichts gefunden... Ich habe auch keine Ahnung wie das Programm installiert wurde, wähle die mitangebotenen Programme eigentlich immer ab.
Der Mpc Cleaner taucht auch nicht in den zu löschenden Programmen auf.
Den Desktop Icon habe ich versucht zu Schreddern, aber es kommt immer der Hinweis ich habe keine Administratorrechte...

Im Voraus schonmal vielen Dank http://www.trojaner-board.de/images/...fee_reboot.gif

Gruß Tomas

Alt 22.06.2016, 18:32   #2
M-K-D-B
/// TB-Ausbilder
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Bitte die Logdatei von AdwCleaner posten!


Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 23.06.2016, 12:47   #3
Der Anfänger
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
durchgeführt von Tomas (Administrator) auf TOMAS-HP (23-06-2016 13:42:59)
Gestartet von C:\Users\Tomas\Downloads
Geladene Profile: Tomas & DefaultAppPool (Verfügbare Profile: Tomas & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
ShellExecuteHooks:  - {E54729E8-643D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook64.dll [773192 2013-12-25] ()
ShellExecuteHooks-x32:  - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook32.dll [484936 2013-12-25] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-09] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exebddel.exe
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{30abc813-0b6f-41ab-b7c0-c838f2f7156b}: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{c88d17ef-686f-4942-b383-4d8b5ce72c67}: [NameServer] 77.234.40.79

Internet Explorer:
==================
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE10DEDE/MSE_WCP
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131053628877239770&GUID=00000000-0000-0000-0000-000000000000
SearchScopes: HKLM -> DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0EE6A110-BA3A-44A5-B8A3-CB03C6956FA4} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0EE6A110-BA3A-44A5-B8A3-CB03C6956FA4} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> DefaultScope {C6E811D7-0F9E-448D-B384-B99F7F30B0CF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> {C6E811D7-0F9E-448D-B384-B99F7F30B0CF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2924648203-2002222509-804629142-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-23] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-23] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-11-19] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-06] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: about:newtab
FF DefaultSearchEngine: Avast Search
FF DefaultSearchEngine.US: data:text/plain,browser.search.defaultenginename.US=hohosearch
FF DefaultSearchUrl: hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF SearchEngineOrder.1: Avast Search
FF SelectedSearchEngine: Avast Search
FF Homepage: search.mpc.am
FF Keyword.URL: hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-03-22] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Tomas\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tomas\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @talk.google.com/O1DPlugin -> C:\Users\Tomas\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tomas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-01] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2924648203-2002222509-804629142-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-04-26] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Tomas\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tomas\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\searchplugins\avast-search.xml [2016-04-24]
FF SearchPlugin: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\searchplugins\google-lavasoft.xml [2016-04-17]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2016-06-22] [ist nicht signiert]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-09]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am" 
CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-15]
CHR Extension: (Google Docs) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-15]
CHR Extension: (Google Drive) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-15]
CHR Extension: (YouTube) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-15]
CHR Extension: (Avast Passwords) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2016-05-15]
CHR Extension: (Google Sheets) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-15]
CHR Extension: (Google Docs Offline) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-15]
CHR Extension: (Gmail) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-15]
CHR HKLM-x32\...\Chrome\Extension: [emhginjpijfggbofeediiojmdlmlkoik] - C:\Program Files\AVAST Software\Avast\pam\Chrome\pam.crx [2016-05-09]
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]
CHR HKLM-x32\...\Chrome\Extension: [kioiabaigfcehjmemdmnnmjegnjjckai] - C:\Users\Tomas\AppData\Local\PicBadges\Chrome\PicBadges.crx [2012-09-20]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-05-09] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Datei ist nicht signiert]
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation)
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [153352 2016-04-05] (McAfee, Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-06-19] (DotC United Inc)
S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-03-29] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-11-15] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-11-15] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-08-01] (Realtek Semiconductor)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe [73200 2014-10-06] (SiSoftware) [Datei ist nicht signiert]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-09] (AVAST Software)
S3 aswNetNd6; C:\Windows\system32\DRIVERS\aswNetNd6.sys [28312 2016-04-23] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [536312 2016-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-09] (AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-04-23] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-09] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-11-03] ()
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows (R) Codename Longhorn DDK provider)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-03] (GFI Software)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-01-10] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-06-19] (DotC United Inc)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-12-16] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-09-15] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896752 2015-08-07] (Realtek                                            )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys [23112 2009-08-08] (SiSoftware)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [65576 2015-06-16] (Safer-Networking Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-23 12:29 - 2016-06-23 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-06-22 18:50 - 2016-06-23 12:29 - 00001800 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-06-22 17:24 - 2016-06-22 17:24 - 00001339 _____ C:\Users\Tomas\Desktop\Revo Uninstaller.lnk
2016-06-22 17:24 - 2016-06-22 17:24 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-06-22 17:23 - 2016-06-22 17:23 - 01473544 _____ C:\Users\Tomas\Downloads\Windows Installer Cleanup Alternative - CHIP-Installer.exe
2016-06-22 17:22 - 2016-06-22 17:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tomas\Downloads\revosetup95.exe
2016-06-22 16:32 - 2016-06-22 16:33 - 139692312 _____ (Microsoft Corporation) C:\Users\Tomas\Downloads\msert.exe
2016-06-22 16:14 - 2016-06-22 16:14 - 50716384 _____ (Microsoft Corporation) C:\Users\Tomas\Downloads\Windows-KB890830-x64-V5.37.exe
2016-06-22 16:04 - 2016-06-22 16:04 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\MCorp
2016-06-22 15:34 - 2016-06-22 15:35 - 03703360 _____ C:\Users\Tomas\Downloads\adwcleaner_5.200.exe
2016-06-22 15:09 - 2016-06-22 15:11 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\Tomas\Downloads\SpyHunter-Installer (1).exe
2016-06-22 13:43 - 2016-06-22 15:10 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-06-22 13:43 - 2016-06-22 15:04 - 00000000 ____D C:\Users\Tomas\AppData\Local\{698D0BA5-6E4B-44BD-9F9A-AA32F2E98D9A}
2016-06-22 13:42 - 2016-06-22 13:42 - 00613664 _____ (Plumbytes Software) C:\Users\Tomas\Downloads\antimalwaresetup.exe
2016-06-22 13:13 - 2016-06-22 13:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Tomas\Downloads\revosetup-195.exe
2016-06-22 12:49 - 2016-06-22 13:14 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Geek Uninstaller
2016-06-22 12:47 - 2016-06-22 13:44 - 00002259 _____ C:\Users\Tomas\Desktop\GeekUninstaller - CHIP Installer.lnk
2016-06-22 12:46 - 2016-06-22 12:46 - 02620536 _____ C:\Users\Tomas\Downloads\geek_1.4.0.83.zip
2016-06-22 12:45 - 2016-06-22 12:45 - 01473544 _____ C:\Users\Tomas\Downloads\GeekUninstaller - CHIP-Installer.exe
2016-06-22 12:43 - 2016-06-22 12:43 - 01473544 _____ C:\Users\Tomas\Downloads\Revo Uninstaller - CHIP-Installer.exe
2016-06-22 12:21 - 2016-06-22 12:21 - 00001824 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-22 12:21 - 2016-06-22 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-22 12:20 - 2016-06-22 12:21 - 00000000 ____D C:\Program Files\iTunes
2016-06-22 12:20 - 2016-06-22 12:20 - 00000000 ____D C:\Program Files\iPod
2016-06-22 12:20 - 2016-06-22 12:20 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-22 12:06 - 2016-06-22 12:06 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\Tomas\Downloads\SpyHunter-Installer.exe
2016-06-22 12:05 - 2016-06-22 12:08 - 00081193 _____ C:\Users\Tomas\Downloads\Addition.txt
2016-06-22 12:03 - 2016-06-23 13:42 - 00028238 _____ C:\Users\Tomas\Downloads\FRST.txt
2016-06-22 11:56 - 2016-06-22 12:03 - 00000262 _____ C:\Users\Tomas\Downloads\Search.txt
2016-06-22 11:55 - 2016-06-23 13:42 - 00000000 ____D C:\FRST
2016-06-22 11:54 - 2016-06-22 11:55 - 02387456 _____ (Farbar) C:\Users\Tomas\Downloads\FRST64.exe
2016-06-21 04:53 - 2016-06-21 04:53 - 00064110 _____ C:\WINDOWS\SysWOW64\bddel.dat
2016-06-20 20:08 - 2016-06-20 20:09 - 00558336 _____ (Safer-Networking Ltd. ) C:\Users\Tomas\Downloads\spybot2-license.exe
2016-06-19 19:56 - 2016-06-20 19:58 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Nico Mak Computing
2016-06-19 16:35 - 2016-06-19 16:34 - 00060136 ____N (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-06-19 16:34 - 2016-06-20 05:39 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-06-19 16:28 - 2016-06-21 04:57 - 00000000 ____D C:\Users\Tomas\AppData\Local\NanoNet
2016-06-19 13:53 - 2016-06-19 13:53 - 01091699 _____ C:\Users\Tomas\Downloads\03-SGB_III_Juni_I_2016.pdf
2016-06-19 13:03 - 2016-06-19 13:03 - 00001288 _____ C:\Users\Tomas\Desktop\Facebook Games Arcade (BETA).lnk
2016-06-19 13:03 - 2016-06-19 13:03 - 00000000 ____D C:\Users\Tomas\AppData\Local\FacebookGames
2016-06-19 13:02 - 2016-06-19 13:02 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup (3).exe
2016-06-19 13:02 - 2016-06-19 13:02 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup (2).exe
2016-06-19 13:02 - 2016-06-19 13:02 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup (1).exe
2016-06-18 22:26 - 2016-06-18 22:26 - 00106368 _____ () C:\Users\Tomas\Downloads\FacebookGamesArcadeSetup.exe
2016-06-17 21:09 - 2016-06-17 21:09 - 00404128 _____ C:\Users\Tomas\Downloads\received_1099156500158013.jpeg
2016-06-14 19:25 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-14 19:25 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-14 19:25 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-14 19:25 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-14 19:25 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-14 19:25 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-14 19:25 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-14 19:25 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-14 19:25 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-14 19:25 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-14 19:25 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-14 19:25 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-14 19:25 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-14 19:25 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-14 19:25 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-14 19:25 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-14 19:25 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-14 19:25 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-14 19:25 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-14 19:25 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-14 19:25 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-14 19:25 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-14 19:25 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-14 19:25 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-14 19:25 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-14 19:25 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-14 19:25 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-14 19:25 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-14 19:25 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-14 19:25 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-14 19:25 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-14 19:25 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-14 19:25 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-14 19:25 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-14 19:25 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-14 19:25 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-14 19:25 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-14 19:25 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-14 19:25 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-14 19:25 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-14 19:25 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-14 19:25 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-14 19:25 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-14 19:25 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-14 19:25 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-14 19:25 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-14 19:25 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-14 19:25 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-14 19:25 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-14 19:25 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-14 19:25 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-14 19:25 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-14 19:25 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-14 19:25 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-14 19:25 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 19:25 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-14 19:25 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-14 19:25 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-14 19:25 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-14 19:25 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-14 19:25 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-14 19:25 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-14 19:25 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 19:25 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-14 19:25 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-14 19:25 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-14 19:25 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-14 19:25 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-14 19:25 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-14 19:25 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-14 19:24 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-14 19:24 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-14 19:24 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-14 19:24 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-14 19:24 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-14 19:24 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-14 19:24 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-14 19:24 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-14 19:24 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-14 19:24 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-14 19:24 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-14 19:24 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-14 19:24 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-14 19:24 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-14 19:24 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-14 19:24 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-14 19:24 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-14 19:24 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-14 19:24 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-14 19:24 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-14 19:24 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-14 19:24 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-14 19:24 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 19:24 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-14 19:24 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-14 19:24 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-14 19:24 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-14 19:24 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-14 19:24 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-14 19:24 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-14 19:24 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-14 19:24 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-14 19:24 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-14 19:24 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-14 19:24 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-14 19:24 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-14 19:24 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-14 19:24 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-14 19:24 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-14 19:24 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-14 19:24 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-14 19:24 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-14 19:24 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-14 19:24 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-14 19:24 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-14 19:24 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-14 19:24 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-14 19:24 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-14 19:24 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-14 19:24 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-14 19:24 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-14 19:24 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-14 19:24 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-14 19:24 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-14 19:24 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-14 19:24 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-14 19:24 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-14 19:24 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-14 19:24 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-14 19:24 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-14 19:24 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-14 19:24 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-14 19:24 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-14 19:24 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-14 19:24 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-14 19:24 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-14 19:24 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-14 19:24 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-14 19:24 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-14 19:24 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-14 19:24 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-14 19:24 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-14 19:24 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-14 19:24 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-14 19:24 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-14 19:24 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-14 19:24 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-14 19:24 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-14 19:24 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-14 19:24 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-14 19:24 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-14 19:24 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-14 19:24 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-14 19:24 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-14 19:24 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-14 19:24 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-14 19:24 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-14 19:24 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-14 19:24 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-14 19:24 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-14 19:24 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-14 19:24 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-14 19:24 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-14 19:24 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-14 19:24 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-14 19:24 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-14 19:24 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-14 19:24 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-14 19:24 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-14 19:24 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-14 19:24 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-14 19:24 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-14 19:24 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-14 19:24 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-14 19:24 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-14 19:24 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-14 19:24 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-14 19:24 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-14 19:24 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-14 19:24 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 19:24 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-14 19:24 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-14 19:24 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-14 19:24 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-14 19:24 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-14 19:24 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-14 19:24 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-14 19:24 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-14 19:24 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-14 19:24 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-14 19:24 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-14 19:24 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-12 21:42 - 2016-06-12 21:42 - 00072013 _____ C:\Users\Tomas\Downloads\Kuendigungsschreiben-Wohnung-Außerordentliche-Kuendigung-PDF.pdf
2016-06-11 20:32 - 2016-06-11 20:32 - 00345591 _____ C:\Users\Tomas\Downloads\58ba3144916749b13a954f6b154dc97dd9d-3ad0_main (3).pdf
2016-06-10 18:36 - 2016-06-10 18:36 - 00345591 _____ C:\Users\Tomas\Downloads\58ba3144916749b13a954f6b154dc97dd9d-3ad0_main (2).pdf
2016-06-09 21:32 - 2016-06-09 21:32 - 00170293 _____ C:\Users\Tomas\Downloads\Rückmeldebogen Getränkestände SoFe 2016.pdf
2016-05-30 20:50 - 2016-05-30 20:50 - 00345591 _____ C:\Users\Tomas\Downloads\58ba3144916749b13a954f6b154dc97dd9d-3ad0_main (1).pdf
2016-05-26 21:33 - 2016-05-26 21:33 - 00854546 _____ C:\Users\Tomas\Downloads\Ihr_Vertrags_Angebot_0450721021_0300_4274940.pdf
2016-05-26 10:27 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-05-26 10:12 - 2016-05-26 10:13 - 20381888 _____ (Adobe Systems Incorporated) C:\Users\Tomas\Downloads\install_flash_player_ppapi (1).exe
2016-05-26 10:09 - 2016-06-20 05:38 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-26 10:09 - 2016-06-19 11:02 - 00004084 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-26 10:08 - 2016-05-26 10:08 - 20381888 _____ (Adobe Systems Incorporated) C:\Users\Tomas\Downloads\install_flash_player_ppapi.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-23 13:11 - 2011-11-05 17:05 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA.job
2016-06-23 12:41 - 2012-05-21 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-23 12:41 - 2012-05-21 19:50 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 12:41 - 2012-05-21 19:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 12:36 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-23 12:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-23 12:30 - 2016-04-23 22:52 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-06-23 12:29 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-23 12:29 - 2011-12-01 20:22 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-23 12:29 - 2011-11-02 21:48 - 00000000 ____D C:\Users\Tomas\AppData\LocalLow\AuthenTec
2016-06-23 12:29 - 2011-09-15 13:20 - 00000000 ____D C:\ProgramData\PDFC
2016-06-23 00:57 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-23 00:56 - 2011-09-15 13:26 - 00000000 ____D C:\ProgramData\truesuite
2016-06-22 18:49 - 2016-04-08 19:33 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTomas.job
2016-06-22 18:49 - 2013-09-24 21:17 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-22 18:49 - 2012-12-04 06:47 - 00000342 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-HP$.job
2016-06-22 18:49 - 2011-12-01 20:22 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-22 18:24 - 2014-06-13 21:03 - 00000000 ____D C:\AdwCleaner
2016-06-22 17:25 - 2016-05-10 18:08 - 00003304 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A7FD3D56-A56E-4E9D-A6E2-DCE91523FFC5}
2016-06-22 17:25 - 2016-05-10 14:35 - 00003304 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D8EAA7E8-A87F-4868-98AA-BDA3CC094837}
2016-06-22 17:25 - 2016-04-08 19:33 - 00002846 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTomas
2016-06-22 17:25 - 2014-12-25 09:27 - 00003038 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-06-22 17:25 - 2014-09-14 21:48 - 00002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-06-22 17:25 - 2014-03-01 23:24 - 00003170 _____ C:\WINDOWS\System32\Tasks\Java Update Scheduler
2016-06-22 17:25 - 2014-03-01 23:24 - 00003160 _____ C:\WINDOWS\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2016-06-22 17:25 - 2013-09-24 21:17 - 00003202 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-06-22 17:25 - 2013-05-19 11:31 - 00003358 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AE1EECA5-C038-4711-88D0-00157B2BDB06}
2016-06-22 17:25 - 2012-12-04 06:47 - 00002678 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTOMAS-HP$
2016-06-22 17:25 - 2011-12-01 20:22 - 00003706 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-22 17:24 - 2014-06-13 20:42 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-06-22 17:13 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-22 16:24 - 2016-05-14 22:00 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-22 16:14 - 2011-11-06 09:47 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-22 15:23 - 2016-05-15 09:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-22 13:05 - 2011-11-02 21:13 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\SoftGrid Client
2016-06-22 12:20 - 2014-07-22 14:49 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-22 12:16 - 2016-04-12 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 04:57 - 2016-05-10 20:05 - 00000491 _____ C:\WINDOWS\wininit.ini
2016-06-20 20:14 - 2016-05-15 09:03 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-20 06:11 - 2011-11-05 17:05 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core.job
2016-06-19 20:19 - 2016-05-03 20:26 - 00000000 ____D C:\Program Files\1fe9c2d0cdc3c960c6f9692ed5ec6a5e
2016-06-19 11:10 - 2011-12-01 20:24 - 00000000 ____D C:\Users\Tomas\AppData\Local\Adobe
2016-06-18 22:55 - 2016-05-15 10:41 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 22:55 - 2016-05-15 10:41 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-18 22:50 - 2015-12-12 12:06 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Skype
2016-06-18 22:17 - 2015-12-12 12:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-18 22:17 - 2015-12-12 12:06 - 00000000 ____D C:\ProgramData\Skype
2016-06-17 15:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 21:38 - 2016-05-14 22:05 - 00000000 ____D C:\Users\Tomas
2016-06-16 20:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-16 03:37 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 03:34 - 2016-02-13 10:21 - 00285304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 03:31 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 19:43 - 2013-08-03 10:27 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-13 20:41 - 2016-05-14 22:02 - 02087744 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-13 20:41 - 2016-02-13 18:59 - 00888590 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-13 20:41 - 2016-02-13 18:59 - 00197416 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-07 16:38 - 2012-11-02 19:17 - 00000000 ____D C:\Users\Tomas\AppData\Local\ElevatedDiagnostics
2016-06-06 14:29 - 2011-11-13 22:12 - 00000000 ____D C:\Users\Tomas\Documents\Elke
2016-06-04 09:43 - 2015-11-14 14:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-28 07:55 - 2016-02-13 19:27 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-05-26 01:18 - 2013-10-06 12:33 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-26 01:12 - 2016-01-23 14:03 - 00000000 ____D C:\Users\Tomas\AppData\Local\Battle.net
2016-05-25 22:16 - 2016-01-23 14:04 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-05-25 22:13 - 2016-01-23 14:03 - 00000000 ____D C:\Program Files (x86)\Battle.net

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-09-15 13:25 - 2011-06-10 01:44 - 0002792 _____ () C:\Program Files\HP SimplePass 2011
2012-09-18 18:02 - 2012-05-15 10:33 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager classic.msi
2012-10-03 11:42 - 2013-07-08 10:37 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
2015-02-21 21:47 - 2015-02-21 21:57 - 0000115 _____ () C:\Users\Tomas\AppData\Roaming\LogFile.txt
2014-10-26 13:02 - 2014-10-26 13:48 - 14364672 _____ () C:\Users\Tomas\AppData\Roaming\Sandra.mdb
2014-04-24 16:37 - 2014-04-26 11:37 - 0000043 _____ () C:\Users\Tomas\AppData\Roaming\WB.CFG
2015-06-08 20:31 - 2015-06-08 20:31 - 0000877 _____ () C:\Users\Tomas\AppData\Local\recently-used.xbel
2014-01-19 13:09 - 2014-09-13 10:32 - 0007599 _____ () C:\Users\Tomas\AppData\Local\Resmon.ResmonCfg
2014-10-27 11:01 - 2014-10-27 11:02 - 0000000 _____ () C:\Users\Tomas\AppData\Local\{CC88A7B1-283C-40EC-B03B-FE52DF639021}
2013-08-04 11:06 - 2013-08-04 11:06 - 0504982 _____ () C:\ProgramData\1375606864.bdinstall.bin
2014-02-22 21:38 - 2014-02-22 21:38 - 0246895 _____ () C:\ProgramData\1393097847.bdinstall.bin
2013-02-02 14:58 - 2013-02-02 14:58 - 0000060 _____ () C:\ProgramData\1548094.bat
2013-02-02 14:58 - 2013-02-02 14:58 - 0000153 _____ () C:\ProgramData\1548094.reg
2012-04-13 14:33 - 2012-04-13 14:33 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-01-28 20:38 - 2012-01-28 21:02 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\1548094.bat
C:\ProgramData\1548094.reg


Einige Dateien in TEMP:
====================
C:\Users\Tomas\AppData\Local\Temp\libeay32.dll
C:\Users\Tomas\AppData\Local\Temp\msvcr120.dll
C:\Users\Tomas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-17 15:33

==================== Ende von FRST.txt ============================
         
__________________

Alt 23.06.2016, 12:57   #4
Der Anfänger
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
durchgeführt von Tomas (2016-06-23 13:55:14)
Gestartet von C:\Users\Tomas\Downloads
Windows 10 Home Version 1511 (X64) (2016-05-14 21:13:29)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2924648203-2002222509-804629142-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2924648203-2002222509-804629142-503 - Limited - Disabled)
Gast (S-1-5-21-2924648203-2002222509-804629142-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2924648203-2002222509-804629142-1002 - Limited - Enabled)
Tomas (S-1-5-21-2924648203-2002222509-804629142-1001 - Administrator - Enabled) => C:\Users\Tomas

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Spybot - Search and Destroy (Disabled - Up to date) {1A0DDE8C-B4BA-EFDD-22A8-0F557C7985F0}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Alpha Protocol (HKLM-x32\...\{D37FE0E3-B1A9-4E41-AB5D-DA62E04D2C42}) (Version: 1.00.0000 - SEGA Corporation)
Amazon Kindle (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Amazon Kindle) (Version:  - Amazon)
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anno 1701 - Der Fluch des Drachen (HKLM-x32\...\{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}) (Version: 2.03 - Sunflowers)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
Avast Premier (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crossfire 1.9 (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\Crossfire 1.9) (Version: 1.90.00.00 - SWAT-Portal)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deus Ex: The Fall (HKLM-x32\...\Steam App 258180) (Version:  - Square Enix)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version:  - Obsidian Entertainment)
Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.0.0.10960 - Landesfinanzdirektion Thüringen)
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.18 - NCH Software)
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
Facebook Games Arcade 0.6.0.1 (HKLM-x32\...\{F31484D6-A5E7-401E-B571-8B035E27AB56}) (Version: 0.6.0.1 - Facebook)
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version:  - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät (HKLM\...\{48DF59F8-2ACD-4F1F-87F3-D820FE7A6178}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.4.18.7 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 3.2.0 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 8.2 - EasyBits Software AS)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SiSoftware Sandra Lite 2014.SP3e (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 20.50.2014.10 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
SMSC LAN7500 Device Driver (HKLM\...\{0F646F15-F7F6-448C-BF1C-FAB816D4AEB1}) (Version: 1.2.0.0 - SMSC)
SpellForce 2 - Faith in Destiny (HKLM-x32\...\Steam App 65530) (Version:  - Mind Over Matter Studios)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Star Wars(tm) Knights of the Old Republic(tm) II: The Sith Lords(tm) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3070 B611 series Produkten (HKLM\...\{CAD7B6DD-9C82-4D17-BAE8-3E9AE4971B90}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Tom Clancy's Rainbow Six 3: Athena Sword (HKLM-x32\...\Steam App 19840) (Version:  - Ubisoft)
Tom Clancy's Rainbow Six 3: Gold Edition (HKLM-x32\...\Steam App 19830) (Version:  - Red Storm Entertainment)
Tom Clancy's Rainbow Six: Lockdown (HKLM-x32\...\Steam App 15000) (Version:  - Red Storm Entertainment)
Tom Clancy's Rainbow Six: Vegas (HKLM-x32\...\Steam App 13540) (Version:  - Ubisoft Montreal)
Tom Clancy's Rainbow Six: Vegas 2 (HKLM-x32\...\Steam App 15120) (Version:  - Ubisoft Montreal)
Two Worlds II (HKLM-x32\...\Steam App 7520) (Version:  - Reality Pump Studios)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.3.2.0 - Reality Pump)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Venetica (HKLM-x32\...\Venetica_is1) (Version:  - dtp)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.31 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WISO Vermieter (HKLM-x32\...\WISO Vermieter) (Version:  - Buhl Data Service GmbH)
WISO Vermieter (x32 Version: 4.00.0000 - Buhl Data Service GmbH) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zombie Army Trilogy (HKLM\...\Steam App 301640) (Version:  - Rebellion)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2924648203-2002222509-804629142-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {015B764E-5136-476A-8F87-E213A96E883B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {043FA639-3230-4EE0-9CE2-6E1D96F2A286} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {074B6866-9535-4836-8B7C-B8DFDAE57FA2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {07776147-8691-463C-B435-92D2BEB7E872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {0A27C14E-E59A-4321-8DBF-3B382A052363} - \BrowserDefendert -> Keine Datei <==== ACHTUNG
Task: {0EC14F9F-BE55-4CFF-B762-316E6CEBD782} - System32\Tasks\{AB9E92A4-9344-45A0-A4D5-B72E4938858B} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {19F2EBFF-6628-4197-A076-5BD3287107E9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {1D888F88-4ED9-4B8C-B7AA-A41342992511} - System32\Tasks\{6A425AC8-5D22-4853-93BB-13822683B9F2} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {1DC1CCB9-5375-4B5D-BEA4-552AD4124021} - System32\Tasks\HPCeeScheduleForTOMAS-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {2648CAA3-2936-41F8-8DB9-D7431A887171} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {26D827C6-8499-43F6-A65D-BEDDBBC428EA} - \83041db3-6530-41d5-86d5-b6e664097760-4 -> Keine Datei <==== ACHTUNG
Task: {36BDF27F-4931-416F-A382-055ABB6F6C9D} - System32\Tasks\{6D102FA2-4A2E-4DC2-814D-7FC7F8778D33} => pcalua.exe -a E:\launcher.exe -d E:\
Task: {3BC7D25B-5FE8-4282-BE86-9B7B8DF7ACED} - System32\Tasks\{FE7E28D6-4641-4E00-B13B-9F2749A4ABB8} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {4039B1C6-6B0E-43D3-98D9-EC13E662136F} - System32\Tasks\{11ED1B38-420D-4E94-84C1-6F3B4185F78B} => C:\Users\Tomas\Desktop\Simcity 2000 (2)\Simcity 2000\SC2000.EXE
Task: {448270B0-5154-498D-B24D-AE71E7DB5927} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {47495CB1-90A6-4F5E-9B59-7CEA95DF5E39} - System32\Tasks\{F8B5979A-1B28-4844-B885-D7673855CC71} => pcalua.exe -a "C:\Program Files (x86)\Plus-HD-9.1\Uninstall.exe" -c /fcp=1
Task: {49AF581E-ED17-468A-9119-B45BB42B74A3} - \83041db3-6530-41d5-86d5-b6e664097760-2 -> Keine Datei <==== ACHTUNG
Task: {4C87DCF1-75A5-4A32-96AD-2D6352BF757B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {50D38761-4B0C-4CA2-B442-D7ACA5178106} - System32\Tasks\{23FCA87D-2232-4A50-ACC8-26501ECEA08D} => pcalua.exe -a E:\setup.exe -d E:\
Task: {5228B819-0A60-478B-B146-793795A54A85} - \FF Watcher {33623A7B-0D3C-4499-9DB8-0F8929B49502} -> Keine Datei <==== ACHTUNG
Task: {55FDF64B-3C5A-49F4-9EC4-597B575CA285} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {585F9124-F999-4489-A9EC-190C3B30DAD0} - \Digital Sites -> Keine Datei <==== ACHTUNG
Task: {5B054539-F896-4349-8680-9AD87C217855} - System32\Tasks\HPCeeScheduleForTomas => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {5FFF9050-DFE2-4DF5-BC04-9AD8161DE825} - System32\Tasks\Google Updater and Installer => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {60C6872D-D8C5-4B88-8980-45D08F81447E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {623B5983-DF32-4F30-9D46-C6B9DC565EDB} - System32\Tasks\{1F88F87F-59B4-4461-A9E1-1564A2B8AF3A} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/203750
Task: {64F932D1-B6F2-41E0-9C5C-C3FCE821F644} - System32\Tasks\{B189FDA8-FD07-40E4-B63E-F34993074BD3} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {66373DB8-4A8D-49A8-88A9-7AC45A9257AE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {685CDC09-3548-4954-8F39-7750EC8605FF} - \Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2 -> Keine Datei <==== ACHTUNG
Task: {6D922CB3-386D-44ED-AF78-D0FABC2C64AA} - \globalUpdateUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {6E5B304E-12BC-46EF-AA2D-587AF5746DDC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {79E48FB3-5216-4B09-A600-EB31BF4FF9FA} - \83041db3-6530-41d5-86d5-b6e664097760-3 -> Keine Datei <==== ACHTUNG
Task: {7DC60A66-FEFA-45F1-B37C-96DEAC5E33EF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {7E4454CE-1F54-425A-9AD1-56D68600E626} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {7F593ED1-DF42-4E49-9AA5-89149CAC42D5} - \Pwtyfemuk Cache -> Keine Datei <==== ACHTUNG
Task: {8077FE7E-1BBD-4C75-9F66-CA17637ACD4F} - System32\Tasks\{5F44405C-4518-442E-BE7A-4717FF655443} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {80C3446E-A855-4A45-8843-7F807577AF4A} - \LaunchApp -> Keine Datei <==== ACHTUNG
Task: {81E5D8B7-FD56-4812-B3EA-0154B9B76F95} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {82945558-549F-4466-8CE7-AEC7C78A4429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-05-18] (HP Inc.)
Task: {836816D2-5E8E-4204-8A0B-783FED231681} - System32\Tasks\{D68979DF-ACBB-4CEB-BB52-49121E0EE6FE} => pcalua.exe -a E:\demo32.exe -d E:\
Task: {837C3237-9508-4DB5-A012-098E91C0228E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {8EE75E20-09C6-4241-AA8E-90407BAA4A8E} - \globalUpdateUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
Task: {92341218-CB13-418D-A3ED-8C032B692686} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {931A7F3A-87EA-4784-9CA3-829508FC1DD0} - System32\Tasks\{43D05B11-7642-477D-88F7-9FC81EBD085F} => C:\Program Files (x86)\Venetica\bin\release_optimized\Venetica.exe [2009-11-25] ()
Task: {947E8B85-6B88-414C-9F36-A0B52F2A92BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {97D57FBC-B035-440C-88E7-9E676CD64057} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {98771609-FE6E-4395-ABDE-646A70DA8FF9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {995DAC08-14F8-4AEA-9E7C-E650A14B20D1} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe
Task: {9EE88514-786B-4C6B-B761-AD00A3815399} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {A08D7A04-51DC-48F1-BC25-3A4BA794242A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A0CCCDAD-5986-47CC-B123-05664BAE5E92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A13A7458-83D7-4361-A0B5-4DC7F109A993} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {A2D69FEC-BB6C-4569-8481-C5F7EE81F2E1} - System32\Tasks\{DAB547CB-8B06-42D5-9B76-EB98741270D2} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {A326FCAB-2038-4FB9-8D1E-02EBA937CB45} - System32\Tasks\{920C9929-92D7-448D-868C-0B8AB880DE2E} => pcalua.exe -a "C:\Users\Tomas\Downloads\2012-2_Flex-Neo-44 (2).exe" -d C:\Users\Tomas\Desktop
Task: {AAEF11FD-C50D-4CB7-8A51-37F0C839BAC0} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {ABE81196-0AAC-419A-993A-CA0F9FA7E738} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B0783751-AFAE-4BFF-B02A-3C74BBADC98E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {BB891099-3F04-45DA-8DFA-066AB33B0F7D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {C04FA793-8D8A-42A8-8B20-EE3CD6476D90} - \83041db3-6530-41d5-86d5-b6e664097760-1 -> Keine Datei <==== ACHTUNG
Task: {C08595E8-34D9-4560-BC9C-F8A5842C5411} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {C24F2A9B-D53F-476D-9FA6-3F1A9FAC2223} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C3E4EC74-F2D5-4AE8-BA8D-FBB3EE83B88C} - \83041db3-6530-41d5-86d5-b6e664097760-5 -> Keine Datei <==== ACHTUNG
Task: {C6429797-F491-4F5C-BD36-6AC08CF60D18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {C72FB687-FCDC-4A14-8297-42EA47D82DF9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DB27CABE-D07C-443D-B627-CD6B113E76AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {DDE8F577-7F7E-451F-BAC0-0BD924EC25CD} - System32\Tasks\{4EE4C141-7087-4003-891A-77226BE5F133} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
Task: {DFC1C1FF-7B49-408F-A8FA-1DDB498A32CF} - System32\Tasks\HPCustParticipation HP Deskjet 3070 B611 series => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E4BA5D5E-0152-4B79-A57B-178F490CD608} - System32\Tasks\SafeZone scheduled Autoupdate 1461445001 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {E5BEEF19-6A21-4360-80FC-AC88B769AE8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {E83B962E-9EAC-41E1-905D-0315BDE4E230} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-09] (AVAST Software)
Task: {EA95BFB6-57AA-40E0-B1C3-F2AD46A0CF0B} - \83041db3-6530-41d5-86d5-b6e664097760-11 -> Keine Datei <==== ACHTUNG
Task: {EDDE585F-6556-4451-B797-A427B3314F42} - System32\Tasks\{137F0F0B-9CAC-4B90-BD84-3AC07862630C} => C:\Program Files (x86)\LucasArts\SWKotOR2\launcher.exe [2005-01-13] (Obsidian Entertainment, Inc.)
Task: {EF928D9F-F645-4BC7-8B5B-95BF88337607} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {F445CF6C-69E2-455D-8C04-D24EF3EC1628} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {FD159878-3EDA-45B4-A402-1C38542C5B04} - System32\Tasks\{3AAC1151-7BFD-4D4F-9A36-AFD5BD7B702B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}\setup.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Oblivion" -c /M{35CB6715-41F8-4F99-8881-6FC75BF054B0}
Task: {FEE156CD-4156-4C22-AB6E-249DD66648B9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001Core.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2924648203-2002222509-804629142-1001UA.job => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTOMAS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTomas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-08 21:34 - 2015-11-15 21:52 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-01-07 19:26 - 2015-12-16 19:34 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-10-08 21:34 - 2015-11-15 21:52 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-05-14 22:44 - 2016-05-14 22:44 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-14 22:44 - 2016-05-14 22:44 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-21 09:29 - 2016-05-21 09:29 - 00959168 _____ () C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-01-10 20:29 - 2016-01-10 20:29 - 00088576 _____ () C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-14 22:44 - 2016-05-14 22:44 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-14 19:25 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 19:25 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 19:25 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 19:25 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-15 09:27 - 2016-05-15 09:27 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-05-09 21:15 - 2016-05-09 21:15 - 00259472 _____ () C:\Program Files\AVAST Software\Avast\AvastNM.exe
2016-05-09 21:15 - 2016-05-09 21:15 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-22 22:51 - 2016-06-22 22:51 - 02939392 _____ () C:\Program Files\AVAST Software\Avast\defs\16062202\algo.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-09 21:15 - 2016-05-09 21:15 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-15 09:03 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-05-15 09:03 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-05-15 09:03 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-05-21 09:29 - 2016-05-21 09:29 - 00679624 _____ () C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-04-23 22:51 - 2016-04-23 22:51 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-05-15 09:27 - 2016-05-15 09:27 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-15 09:27 - 2016-05-15 09:27 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-10 14:35 - 2016-04-15 14:45 - 62334968 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser.dll
2016-05-10 14:35 - 2016-04-15 14:45 - 02074104 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\libglesv2.dll
2016-05-10 14:35 - 2016-04-15 14:45 - 00081400 _____ () C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-2924648203-2002222509-804629142-1001\...\localhost -> localhost

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-06-19 16:31 - 00001036 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1	mssplus.mcafee.com
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2924648203-2002222509-804629142-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{BC72B0B2-008D-4ACC-BADC-4724F01C2177}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{8E7EDB47-1942-48E7-A875-1384B89336A5}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{486BBF95-9C53-4541-8F37-1A09675972DA}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{FF228F36-C5B7-4E04-8971-CEC821877B5C}] => (Allow) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\DeviceSetup.exe
FirewallRules: [{3C66EC13-9713-42A7-832C-FCBF4605893A}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5482\hppiw.exe
FirewallRules: [{2DDBCEB5-6BDB-42CF-8BE9-0A1A854B6DF0}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5482\hppiw.exe
FirewallRules: [{F778022F-9FFD-44B3-B1C8-13C1C72EF195}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{BC353BF2-CBD3-4180-9B76-0C04D474DBEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Zombie Army Trilogy\Launcher\ZATLauncher.exe
FirewallRules: [{FE47BC15-2274-40F9-B4BA-1DEF39DC8F2D}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS2D7F\hppiw.exe
FirewallRules: [{1ED94C8A-B647-491E-A9C0-5E6F57AF1855}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS2D7F\hppiw.exe
FirewallRules: [{DDFDEDE6-26E2-4115-A926-70AE05B9B03D}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5801\hppiw.exe
FirewallRules: [{0A5DF2AE-6FF3-45A4-BA44-21CDD994BE44}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5801\hppiw.exe
FirewallRules: [{8B39FE93-7A55-4503-9513-6C65B06B4540}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5723\hppiw.exe
FirewallRules: [{EC08A9F5-2039-4564-85C7-BCFB70898064}] => (Allow) C:\Users\Tomas\AppData\Local\Temp\7zS5723\hppiw.exe
FirewallRules: [{3E48CB04-668E-40AF-B25A-406676B6184D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{CDF75322-BED5-4400-ACCB-6BD8AA925C01}] => (Allow) LPort=3074
FirewallRules: [{74BDA901-9661-4F28-ACEE-7F32D5E35EF6}] => (Allow) LPort=3074
FirewallRules: [{C082EC7D-1265-4287-8441-769C6DD74E94}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{2C262B5B-C5A5-4F18-A796-A6F22BF5946F}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{886C4E83-5266-4704-BB8D-8323DB998389}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D3231A09-4030-4E4D-BCCA-96F14838B72F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3CC0B9D7-3BE1-4963-916F-F3AE0D6B4A64}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{504A9536-2F6C-4049-9EF1-0B8AADDD56A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FFDEE91D-847F-422F-9D1C-D702C3C6FE7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61D7C4EB-C820-4163-A4FF-6CC64A757732}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A13A7EFF-E296-4E4F-B517-0FB953860368}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7458260C-9F66-4BF7-B5AD-BFB8E2A56530}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5EEFABE4-C717-4602-8C44-CC76B82F7711}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{40A77B7F-E735-4567-AB92-4B9BFBFD8D60}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4D178AA9-1370-4706-B316-63C3807841D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5478CC0C-C4AF-44DB-93C9-9C8E93D1DF46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D2838B64-74A4-436C-B656-D669493F89CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{45761442-A197-477A-BCA5-F002C0A32AD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{44F8300D-DB9F-4C8B-AAF8-DF93293CF90A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{59EDCEAC-116F-4F3E-A197-B14905A46FB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{AC58D492-6A5A-4987-876C-78F21E5C16C4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2948F798-4BA0-406B-989B-25908874862B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7D0E2B03-6C32-4596-B323-0265E4011EB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4DF7E6E3-AA53-4AF5-B290-C16CD848D187}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{690DFD43-9F3D-43E0-9BC3-1DCCE1F45364}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas\Binaries\runme.exe
FirewallRules: [{452DBAE1-A10D-4D14-AC4D-6128E83521B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas\Binaries\runme.exe
FirewallRules: [{0B472C3D-3229-4BAD-A2D8-21A201F46A87}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{4A3E0DBB-ABFD-4F81-B9E6-B4E4C215E8CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{C1C72568-98CB-4F29-9BD7-1C73B10424B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Lockdown\lockdown.exe
FirewallRules: [{7D19C097-0CF4-4C3A-9C92-677DBA51DA1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six Lockdown\lockdown.exe
FirewallRules: [{ED79CA32-0015-41ED-BF4E-FA75E79B5122}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six 3 Gold\system\RavenShield.exe
FirewallRules: [{B7BE17F4-763C-4BE8-8865-BA8783EB9E27}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six 3 Gold\system\RavenShield.exe
FirewallRules: [{3A64016C-6F3D-4D75-B7B7-7ED8A559014C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39E473AF-8424-48FA-B2FE-4821BCDDA898}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6C4ACAC7-9580-4F20-A867-97FC8F0E8456}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{37B34069-0690-4A4C-9253-62A3CAEA2035}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{ACD5A8A5-8083-4E7D-8995-E124F129AE22}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5345C5A6-EBAF-423B-915B-61FB20FE6E79}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{48E3F0D8-1F82-4DFF-87EC-E94D042446FA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{B6D91525-33EF-4E47-B5B0-6A175FDFE9BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{78266EAE-899C-4A4D-A1EC-CBD9E1E43956}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{F66D0B47-CB90-426B-B22C-06CFD3C8C8F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex The Fall\DeusEx_steam.exe
FirewallRules: [{BB0A8B0B-1893-409B-9E5C-CFC6CDABE4A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B44D2430-1965-4C0C-B148-599328CCBFDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{CAF95CB1-DBCA-491E-8A97-CF7A63B9D2B6}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{024E554E-8371-44DC-88DE-2550012CB6B5}C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F5541F92-752B-4A10-A4D0-8339B5291747}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe
FirewallRules: [{BDB16204-A7DE-4A2F-A891-4903CA7107AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E7A1F02A-9436-4EC9-8103-F2BD2C6D8F44}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [UDP Query User{765B0CBF-155E-45AE-BA56-5C80E2F46747}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [TCP Query User{2AA69840-EA09-4655-8057-EBB3F78C7DBB}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{C6CCFC75-853C-47E4-8A39-CD3F6D43FA74}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{B7414F31-6BE6-4DAA-B031-2E5789DA37E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{3793790D-E44F-46DE-8262-A4FF851BC947}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{4AEFB139-C303-4C49-A2A1-48F45924AFB6}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{77BA5C03-63C2-4FDC-B82E-FD248AB541C1}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{66F7D118-A2AA-434B-ABC8-A61E8067AC6B}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{CA084FBA-2E58-4FA3-B998-EA2769858ACD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{A71695B1-B31A-47C3-B323-22B0DBD31058}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{BB1EFC01-39D4-40C3-98C4-7431C9526984}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{2E7BFEF4-5164-45F7-B63C-5F9AF60B07D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege III\Dungeon Siege III.exe
FirewallRules: [{7F3A9522-B474-40CE-878E-60991D4A9168}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{11B5E6FA-12CB-4071-9203-3CA7F096E52F}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{E3BDEDAE-93B3-45EC-9699-9B172262F45A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A9F42220-CF62-4162-8EAB-4987DD6A599C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4940015B-4DD2-4D71-B33B-7762CC8A5C61}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{E0CD193B-268F-4B60-8E2B-DB7ED50B64F9}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{DBB541BD-E078-4DB7-8C18-75023FD0D634}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{084D4899-F745-4D31-AB78-50400BB964C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Addon.exe
FirewallRules: [{088A97C5-A737-4F86-92DD-0C7175913B44}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{A3C6876D-FEC7-4853-B96D-36584D4450FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{B89018B0-FD68-486E-B59A-56FFEEC19AEC}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{6BEE8CBA-1EBB-452A-BE83-E5ECB7FB9202}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe
FirewallRules: [{1F210A28-7AFB-4BC4-9E87-EA1E331EB606}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithInDestiny.exe
FirewallRules: [{7E0E6576-8008-4B47-8C67-DB410CBD83DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithInDestiny.exe
FirewallRules: [{7EBAEC30-6320-4FA7-A5A1-A3AFF238BB7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\MapEditorFirstSteps.pdf
FirewallRules: [{14B8A8B5-2E0F-4553-91AC-A7D60E95FCD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\MapEditorFirstSteps.pdf
FirewallRules: [{C0BB5ED7-AC4A-4DFB-8DF1-96BF468EF67E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\SF2_FiD_Manual.pdf
FirewallRules: [{A26AF132-4589-4374-B96E-8DD9A22239EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\Docs\SF2_FiD_Manual.pdf
FirewallRules: [{E284E498-0E1D-44EF-80B8-24ABA76FC47F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithinDestinyEditor.exe
FirewallRules: [{0ABAB3FF-C609-4D59-BFD1-57CBDBD59EF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spellforce 2 - Faith in Destiny\SpellForce2FaithinDestinyEditor.exe
FirewallRules: [{F7C2905F-C675-44A9-A119-D772AEAAA425}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D8D141F9-E04F-4367-8738-97AED5DA2032}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C2F4072B-72D7-4149-9354-D23062AD0060}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B1942367-F127-4CA4-B935-80DABB3057F4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{277B75FC-E6B4-4904-9505-5B0B2D07D14C}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{F6DA87B7-FBC6-4759-BE5B-F12728280F8D}] => (Allow) C:\Program Files (x86)\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{8EE08553-A5FB-4CD3-AFD5-FADFAA9A4D10}] => (Allow) C:\Program Files (x86)\SEGA\Alpha Protocol\Binaries\APGame.exe
FirewallRules: [{C9A79531-EA58-4374-ABC5-3F68D804FEBF}] => (Allow) C:\Program Files (x86)\SEGA\Alpha Protocol\Binaries\APGame.exe
FirewallRules: [{5181CCC8-DA6F-4712-933C-BCD4D3E9FB5C}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{00B6FED3-59F6-4292-AA8B-609F2A5700B5}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{A6FA8FDB-D992-4A46-B3E1-06F50F433D41}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{D418144B-5124-4608-BDE6-13ECCAA997D4}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{8FBF5B78-356C-4A18-968A-63CA004207E4}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{0BE4E037-77B4-4966-8975-18E3C6F0304B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{43269863-3231-4C64-9921-3A5672E6B17D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{8E51BB4A-CB63-4642-9DE2-EAD26B94859F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{7D3CFC1A-7182-40A4-8FFA-CBB85C3F56C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B7B8D4F2-CE46-4780-B75A-DC0B3EF2E169}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2F9B65C7-ED06-4A42-B6DD-3D1CADAA9233}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{EE9FD726-1077-4EBB-98DE-730F7A7B7A7A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{841F574E-8B1B-41EA-A8A1-E17A017F666F}] => (Allow) LPort=1900
FirewallRules: [{1F7D10EA-AC30-4F79-BA27-6E4B0DDB68E4}] => (Allow) LPort=2869
FirewallRules: [{442EBAD6-8886-486F-804B-88709C1174F7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F4B1AA47-1FCD-4DAE-8782-C1C8CED97BEB}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{97C35FCC-9DF3-4EA3-AEC3-3490B7C115E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{540E9FBD-CBEF-4CD4-8CCE-42B479CBE565}] => (Allow) C:\Program Files\iTunes\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

04-06-2016 09:52:02 Geplanter Prüfpunkt
13-06-2016 18:05:31 Geplanter Prüfpunkt
17-06-2016 15:33:07 Windows Update
18-06-2016 22:13:29 ASU_MSI_TRAN
22-06-2016 12:16:53 ASU_MSI_TRAN

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/22/2016 05:15:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RuntimeBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7e0
Name des fehlerhaften Moduls: Windows.Internal.Shell.Broker.dll, Version: 10.0.10586.420, Zeitstempel: 0x57491a6f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003baba
ID des fehlerhaften Prozesses: 0x99c
Startzeit der fehlerhaften Anwendung: 0xRuntimeBroker.exe0
Pfad der fehlerhaften Anwendung: RuntimeBroker.exe1
Pfad des fehlerhaften Moduls: RuntimeBroker.exe2
Berichtskennung: RuntimeBroker.exe3
Vollständiger Name des fehlerhaften Pakets: RuntimeBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RuntimeBroker.exe5

Error: (06/22/2016 04:30:43 PM) (Source: MsiInstaller) (EventID: 1002) (User: Tomas-HP)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (06/22/2016 04:30:05 PM) (Source: HP Active Health) (EventID: 401) (User: )
Description: SmartDrive executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]

Error: (06/22/2016 04:29:56 PM) (Source: HP Active Health) (EventID: 1100) (User: )
Description: Agent DiskPhysical threw an exception: System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei HP.ActiveHealth.Agents.DiskPhysical.DiskPhysicalAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
   bei HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (06/22/2016 04:29:54 PM) (Source: HP Active Health) (EventID: 1101) (User: )
Description: DiskPhysical executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]

Error: (06/22/2016 04:18:23 PM) (Source: HP Active Health) (EventID: 401) (User: )
Description: SmartDrive executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]

Error: (06/22/2016 04:18:05 PM) (Source: MsiInstaller) (EventID: 1002) (User: Tomas-HP)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (06/22/2016 04:17:17 PM) (Source: HP Active Health) (EventID: 1100) (User: )
Description: Agent DiskPhysical threw an exception: System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei HP.ActiveHealth.Agents.DiskPhysical.DiskPhysicalAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
   bei HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (06/22/2016 04:17:10 PM) (Source: HP Active Health) (EventID: 1101) (User: )
Description: DiskPhysical executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]

Error: (06/22/2016 04:05:09 PM) (Source: MsiInstaller) (EventID: 1002) (User: Tomas-HP)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".


Systemfehler:
=============
Error: (06/23/2016 12:32:03 PM) (Source: DCOM) (EventID: 10016) (User: Tomas-HP)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Tomas-HPTomasS-1-5-21-2924648203-2002222509-804629142-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

Error: (06/23/2016 12:29:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetPipeActivator" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


Error: (06/23/2016 12:29:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.

Error: (06/23/2016 12:29:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SDScannerService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


Error: (06/23/2016 12:29:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SDScannerService erreicht.

Error: (06/23/2016 12:29:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058 = Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Error: (06/23/2016 12:56:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_33d3c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/22/2016 11:04:37 PM) (Source: DCOM) (EventID: 10016) (User: Tomas-HP)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Tomas-HPTomasS-1-5-21-2924648203-2002222509-804629142-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

Error: (06/22/2016 07:01:26 PM) (Source: DCOM) (EventID: 10016) (User: Tomas-HP)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Tomas-HPTomasS-1-5-21-2924648203-2002222509-804629142-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

Error: (06/22/2016 06:50:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetMsmqActivator" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.



CodeIntegrity:
===================================
  Date: 2016-06-22 22:51:51.368
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-22 22:51:49.487
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-22 20:02:17.724
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-06-22 20:02:16.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook32.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-06-22 20:02:11.595
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-22 19:57:58.948
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-22 19:00:57.040
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-22 18:52:51.487
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-22 18:20:42.360
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-22 17:44:16.115
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 6124.83 MB
Verfügbarer physikalischer RAM: 3875.43 MB
Summe virtueller Speicher: 6508.83 MB
Verfügbarer virtueller Speicher: 3460.86 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:917.96 GB) (Free:602.95 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.01 GB) (Free:1.54 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB976AF0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 23.06.2016, 13:17   #5
M-K-D-B
/// TB-Ausbilder
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Es fehlen noch die Logdateien von TDSS-Killer und AdwCleaner.

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 23.06.2016, 13:27   #6
Der Anfänger
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Code:
ATTFilter
# AdwCleaner v5.200 - Bericht erstellt am 23/06/2016 um 14:20:55
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-22.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Tomas - TOMAS-HP
# Gestartet von : C:\Users\Tomas\Downloads\adwcleaner_5.200.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst gelöscht : MPCProtectService
[-] Dienst gelöscht : MPCKpt

***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[#] Ordner gelöscht : C:\Program Files (x86)\MPC Cleaner
[-] Ordner gelöscht : C:\Users\Tomas\AppData\Roaming\MCorp
[#] Ordner gelöscht : C:\Users\Tomas\AppData\Roaming\MCorp
[#] Ordner gelöscht : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[#] Ordner gelöscht : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Public\Desktop\MPC Cleaner.lnk
[#] Datei gelöscht : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\oriifoaj.default\invalidprefs.js
[#] Datei gelöscht : C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\invalidprefs.js
[#] Datei gelöscht : C:\WINDOWS\SysNative\drivers\MPCKpt.sys

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : BrowserDefendert
[-] Geplante Aufgabe gelöscht : Digital Sites
[-] Geplante Aufgabe gelöscht : globalUpdateUpdateTaskMachineCore
[-] Geplante Aufgabe gelöscht : globalUpdateUpdateTaskMachineUA
[-] Geplante Aufgabe gelöscht : LaunchApp

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKLM\SOFTWARE\MPC

***** [ Internetbrowser ] *****

[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("browser.search.defaultenginename.US", "data:text/plain,browser.search.defaultenginename.US=hohosearch");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("browser.search.searchengine.hp", "hxxp://www.hohosearch.com/?ts=AHEqAHEoA3MkC0..&v=20160415&uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&mode=ffsengext");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("browser.search.searchengine.sp", "hxxp://www.hohosearch.com/chrome.php?mode=ffsengext&ptid=ftp&q={searchTerms}&ts=AHEqAHEoA3MkC0..&uid=D72C0A8F5388139634DD5A72110CE6C9&v=20160415");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.hohosearch.com/chrome.php?mode=ffsengext&ptid=ftp&q={searchTerms}&ts=AHEqAHEoA3MkC0..&uid=D72C0A8F5388139634DD5A72110CE6C9&v=20160415");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("browser.startup.homepage", "search.mpc.am");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE", "[{\"b\":224520315,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224520316,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.browser.version.last", "45.0");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.firstKnownVersion", "7.38.8.45986");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.homepage", "/index.jhtml?n=782a5d51");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.hp.enabled", true);
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.hp.guardType", "HPR");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.initialized", true);
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.installation.installDate", "2016042321");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.installation.success", true);
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.lastActivePing", "1461483889957");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.lastKnownVersion", "7.38.8.45986");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.lssState", "{\"previousLocales\":[\"de\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.options.defaultSearch", false);
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.options.homePageEnabled", false);
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.options.keywordEnabled", true);
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.options.tabEnabled", false);
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.language", "en");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.type", "Toolbar");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.successUrl", "hxxp://www.hohosearch.com/chrome.php?uid=D72C0A8F5388139634DD5A72110CE6C9&ptid=ftp&ts=AHEqAHEoA3MkC0..&v=20160415&mode=ffexttoolbar&q=[...]
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.toolbarCollapsed", false);
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark._brMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._brMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Tomas\\\\AppData\\\\[...]
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "yourGSearchfinder@GSearch.com");
[-] [C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "yourGSearchfinder@GSearch.com");
[-] [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] gelöscht : search.mpc.am
[-] [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] gelöscht : search.mpc.am

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [31436 Bytes] - [22/06/2016 15:39:56]
C:\AdwCleaner\AdwCleaner[C2].txt - [8683 Bytes] - [23/06/2016 14:20:55]
C:\AdwCleaner\AdwCleaner[R0].txt - [28205 Bytes] - [13/06/2014 21:04:08]
C:\AdwCleaner\AdwCleaner[S0].txt - [24333 Bytes] - [13/06/2014 21:04:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [31912 Bytes] - [22/06/2016 15:35:31]
C:\AdwCleaner\AdwCleaner[S2].txt - [8606 Bytes] - [22/06/2016 18:24:59]
C:\AdwCleaner\AdwCleaner[S3].txt - [8737 Bytes] - [23/06/2016 14:13:55]
C:\AdwCleaner\AdwCleaner[S4].txt - [8810 Bytes] - [23/06/2016 14:18:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [9197 Bytes] ##########
         

Alt 23.06.2016, 13:28   #7
M-K-D-B
/// TB-Ausbilder
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



ich meinte eigentlich die alte Logdatei von Adwcleaner, nicht dass du es nochmal ausführen sollst...
Und noch TDSS-Killer bitte.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 23.06.2016, 13:29   #8
Der Anfänger
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Hallo Matthias, Danke schon mal für deine Hilfe.

Gruß Tomas

Alt 23.06.2016, 13:37   #9
M-K-D-B
/// TB-Ausbilder
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Zitat:
Zitat von Der Anfänger Beitrag anzeigen
Hallo Matthias, Danke schon mal für deine Hilfe.
Alle meine Antworten gelesen?
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 23.06.2016, 13:47   #10
Der Anfänger
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Irgendwie funktioniert das mit der Log Datei nicht...

[CODE]14:32:45.0495 0x3af8 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
14:32:47.0934 0x3af8 ============================================================
14:32:47.0934 0x3af8 Current date / time: 2016/06/23 14:32:47.0934
14:32:47.0934 0x3af8 SystemInfo:
14:32:47.0934 0x3af8
14:32:47.0965 0x3af8 OS Version: 10.0.10586 ServicePack: 0.0
14:32:47.0965 0x3af8 Product type: Workstation
14:32:47.0965 0x3af8 ComputerName: TOMAS-HP
14:32:47.0965 0x3af8 UserName: Tomas
14:32:47.0965 0x3af8 Windows directory: C:\WINDOWS
14:32:47.0965 0x3af8 System windows directory: C:\WINDOWS
14:32:47.0965 0x3af8 Running under WOW64
14:32:47.0965 0x3af8 Processor architecture: Intel x64
14:32:47.0965 0x3af8 Number of processors: 4
14:32:47.0965 0x3af8 Page size: 0x1000
14:32:47.0965 0x3af8 Boot type: Normal boot
14:32:47.0965 0x3af8 ============================================================
14:32:48.0027 0x3af8 KLMD registered as C:\WINDOWS\system32\drivers\87929612.sys
14:32:48.0215 0x3af8 System UUID: {D3B461E0-990B-9FC9-AE7F-9BC3410BF184}
14:32:48.0574 0x3af8 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:32:48.0590 0x3af8 ============================================================
14:32:48.0590 0x3af8 \Device\Harddisk0\DR0:
14:32:48.0590 0x3af8 MBR partitions:
14:32:48.0590 0x3af8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:32:48.0590 0x3af8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72BEC000
14:32:48.0590 0x3af8 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72CFF800, BlocksNum 0x1A06800
14:32:48.0590 0x3af8 ============================================================
14:32:48.0621 0x3af8 C: <-> \Device\Harddisk0\DR0\Partition2
14:32:48.0699 0x3af8 D: <-> \Device\Harddisk0\DR0\Partition3
14:32:48.0699 0x3af8 ============================================================
14:32:48.0699 0x3af8 Initialize success
14:32:48.0699 0x3af8 ============================================================
14:32:50.0207 0x3774 ============================================================
14:32:50.0207 0x3774 Scan started
14:32:50.0207 0x3774 Mode: Manual;
14:32:50.0207 0x3774 ============================================================
14:32:50.0207 0x3774 KSN ping started
14:32:52.0354 0x3774 KSN ping finished: true
14:32:53.0573 0x3774 ================ Scan system memory ========================
14:32:53.0573 0x3774 System memory - ok
14:32:53.0573 0x3774 ================ Scan services =============================
14:32:53.0964 0x3774 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
14:32:53.0964 0x3774 1394ohci - ok
14:32:53.0980 0x3774 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
14:32:53.0995 0x3774 3ware - ok
14:32:54.0042 0x3774 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
14:32:54.0042 0x3774 acedrv11 - ok
14:32:54.0120 0x3774 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
14:32:54.0136 0x3774 ACPI - ok
14:32:54.0151 0x3774 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
14:32:54.0167 0x3774 acpiex - ok
14:32:54.0183 0x3774 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
14:32:54.0183 0x3774 acpipagr - ok
14:32:54.0230 0x3774 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
14:32:54.0230 0x3774 AcpiPmi - ok
14:32:54.0245 0x3774 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
14:32:54.0245 0x3774 acpitime - ok
14:32:54.0370 0x3774 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:32:54.0370 0x3774 AdobeARMservice - ok
14:32:54.0623 0x3774 [ 2A6C3CEC3C5F499EC8C93478008F2C48, 28F42782BD810A6A99C01482B500A541DDED8F67AD62B0F20D0213EA21BC21D8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:32:54.0623 0x3774 AdobeFlashPlayerUpdateSvc - ok
14:32:54.0732 0x3774 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:32:54.0748 0x3774 ADP80XX - ok
14:32:54.0779 0x3774 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys
14:32:54.0795 0x3774 AFD - ok
14:32:54.0810 0x3774 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
14:32:54.0810 0x3774 agp440 - ok
14:32:54.0904 0x3774 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:32:54.0904 0x3774 ahcache - ok
14:32:54.0951 0x3774 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
14:32:54.0951 0x3774 AJRouter - ok
14:32:54.0998 0x3774 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe
14:32:54.0998 0x3774 ALG - ok
14:32:55.0013 0x3774 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
14:32:55.0013 0x3774 AmdK8 - ok
14:32:55.0060 0x3774 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
14:32:55.0060 0x3774 AmdPPM - ok
14:32:55.0091 0x3774 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
14:32:55.0091 0x3774 amdsata - ok
14:32:55.0138 0x3774 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
14:32:55.0138 0x3774 amdsbs - ok
14:32:55.0154 0x3774 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
14:32:55.0154 0x3774 amdxata - ok
14:32:55.0263 0x3774 [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
14:32:55.0263 0x3774 AppHostSvc - ok
14:32:55.0279 0x3774 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys
14:32:55.0279 0x3774 AppID - ok
14:32:55.0295 0x3774 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
14:32:55.0295 0x3774 AppIDSvc - ok
14:32:55.0310 0x3774 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
14:32:55.0326 0x3774 Appinfo - ok
14:32:55.0435 0x3774 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:32:55.0435 0x3774 Apple Mobile Device Service - ok
14:32:55.0498 0x3774 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
14:32:55.0498 0x3774 AppReadiness - ok
14:32:55.0607 0x3774 [ 1CF69EF4E2844F9D297F309CF80122CB, 577428E4A364212AA5E650059C99139B8F9F4952DF228D6150D6B93E7D06AF61 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
14:32:55.0638 0x3774 AppXSvc - ok
14:32:55.0654 0x3774 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
14:32:55.0654 0x3774 arcsas - ok
14:32:55.0882 0x3774 [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:32:55.0882 0x3774 aspnet_state - ok
14:32:55.0945 0x3774 [ 1694434F5B9AB16772C7A8E2EF9134CA, B84FA624EB6D438BB01AB886AE85FA42BEA46F2E33454C6C4D9078015813CDB5 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
14:32:55.0945 0x3774 aswHwid - ok
14:32:55.0991 0x3774 [ 786E8BCDFF674068F3C950615FC2E71C, B5803960297F9622F594EC113FF6C89221606FC6B26B02EA6F021BE38AA66794 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
14:32:56.0007 0x3774 aswKbd - ok
14:32:56.0038 0x3774 [ 33D0DD0471FDF449C81338863FC63978, D5898B51B3BCE43E62D459CE808888085D82A4B9B284F90E3301CEF7C33C03E4 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
14:32:56.0038 0x3774 aswMonFlt - ok
14:32:56.0085 0x3774 [ A427227731E6A838E693305BE0824412, 30338F88477E34FF1391046F5FA4D21CAB8D811600D8147289C1EAE489740DEE ] aswNetNd6 C:\WINDOWS\system32\DRIVERS\aswNetNd6.sys
14:32:56.0085 0x3774 aswNetNd6 - ok
14:32:56.0179 0x3774 [ 5261F0E21A21027CDED0CD47D20E16F2, D56EE09C8F53D7CFC8E62F487C6733AF5CADC61A6839B7E80B5D8F4573E9DE1E ] aswNetSec C:\WINDOWS\system32\drivers\aswNetSec.sys
14:32:56.0195 0x3774 aswNetSec - ok
14:32:56.0195 0x3774 [ DF190688D993A3DB227BFB0BB40BD7D4, C7EDA64AE84001089AE2085B8336B7572DEDDCC80EAAA05D73C9C675CAD8C511 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
14:32:56.0210 0x3774 aswRdr - ok
14:32:56.0226 0x3774 [ D873455DFA27680585AE238503917DF5, CAD9CBCD24F33FF8E49C77C795F8FE0540243E455A6FC9E3035B8C15C9EEBD6C ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
14:32:56.0226 0x3774 aswRvrt - ok
14:32:56.0273 0x3774 [ A371A06EC8F4830C263D3F5CA5A11B65, 62E55DD439C106184F3AF73198D5CEAB5828A0EE1E30A13C35103B1B57966AB6 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
14:32:56.0288 0x3774 aswSnx - ok
14:32:56.0351 0x3774 [ 6B7F6CE19A16240EE9DE2C528897ED9C, 3B7C24F5B152B408D87DA70B01AD2E744DCB877D46602C0620931FCADB275E17 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
14:32:56.0366 0x3774 aswSP - ok
14:32:56.0398 0x3774 [ 3575F9226251DE48E065ED5C384A21EF, 032F53FEEB0BB43F1AD673EE13F507D3A8AC10F78543EA1294C40BAA918ED323 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
14:32:56.0398 0x3774 aswStm - ok
14:32:56.0429 0x3774 [ E4ABC023E251D2BB6B98C9FCAF5CF16D, 2A94320A3EF16E641B693BF6EABABB57C891B914B00F73ACD7ADB8CA5089EC40 ] aswTap C:\WINDOWS\System32\drivers\aswTap.sys
14:32:56.0445 0x3774 aswTap - ok
14:32:56.0460 0x3774 [ BA4CDCD8C0395E91C38CD2C5CE3E7FA2, EF037C9C62F67C3D4432C86E3F568F62AABF468C792EA75477FCBC8EC8151C29 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
14:32:56.0460 0x3774 aswVmm - ok
14:32:56.0491 0x3774 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
14:32:56.0491 0x3774 AsyncMac - ok
14:32:56.0554 0x3774 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
14:32:56.0554 0x3774 atapi - ok
14:32:56.0617 0x3774 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
14:32:56.0617 0x3774 atksgt - ok
14:32:56.0679 0x3774 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:32:56.0679 0x3774 AudioEndpointBuilder - ok
14:32:56.0726 0x3774 [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
14:32:56.0757 0x3774 Audiosrv - ok
14:32:56.0913 0x3774 [ A24AF1F8186B4B69D54DCC4B059CA695, 882338FEF206231B9FD83787A8685A7B69D76A414923B511A8D6A7619CB86F87 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:32:56.0929 0x3774 avast! Antivirus - ok
14:32:56.0976 0x3774 [ 08B412FBCBFDE2901C84801C4F356E2A, E44F5C8078A17B211AD44F46DD633C43B366B6F500BBA75206F4E1E626B59BBF ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
14:32:56.0992 0x3774 avast! Firewall - ok
14:32:57.0038 0x3774 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
14:32:57.0038 0x3774 AxInstSV - ok
14:32:57.0132 0x3774 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
14:32:57.0132 0x3774 b06bdrv - ok
14:32:57.0163 0x3774 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:32:57.0163 0x3774 BasicDisplay - ok
14:32:57.0163 0x3774 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
14:32:57.0163 0x3774 BasicRender - ok
14:32:57.0179 0x3774 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
14:32:57.0179 0x3774 bcmfn - ok
14:32:57.0226 0x3774 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
14:32:57.0226 0x3774 bcmfn2 - ok
14:32:57.0273 0x3774 [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
14:32:57.0288 0x3774 BDESVC - ok
14:32:57.0320 0x3774 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:32:57.0320 0x3774 Beep - ok
14:32:57.0429 0x3774 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\WINDOWS\System32\bfe.dll
14:32:57.0445 0x3774 BFE - ok
14:32:57.0538 0x3774 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
14:32:57.0554 0x3774 BITS - ok
14:32:57.0648 0x3774 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:32:57.0663 0x3774 Bonjour Service - ok
14:32:57.0742 0x3774 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
14:32:57.0742 0x3774 bowser - ok
14:32:57.0788 0x3774 [ 4F2621E187382D22045D0BC65B23858E, E6AB3B1EB13446128BA69A4D0B00BCA36625BB656F0056D3D43F3A252F6F09AC ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:32:57.0804 0x3774 BrokerInfrastructure - ok
14:32:57.0851 0x3774 [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser C:\WINDOWS\System32\browser.dll
14:32:57.0867 0x3774 Browser - ok
14:32:57.0898 0x3774 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:32:57.0898 0x3774 BthAvrcpTg - ok
14:32:57.0960 0x3774 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
14:32:57.0960 0x3774 BthHFEnum - ok
14:32:57.0992 0x3774 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
14:32:57.0992 0x3774 bthhfhid - ok
14:32:58.0054 0x3774 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
14:32:58.0054 0x3774 BthHFSrv - ok
14:32:58.0070 0x3774 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
14:32:58.0070 0x3774 BTHMODEM - ok
14:32:58.0117 0x3774 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\WINDOWS\system32\bthserv.dll
14:32:58.0132 0x3774 bthserv - ok
14:32:58.0148 0x3774 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
14:32:58.0148 0x3774 buttonconverter - ok
14:32:58.0367 0x3774 [ C8D931D734FC0097478CE2583A75C4DF, 60C5F97D7E5A8B81A7123A5DB333577B0C7B9302C1D1C98D47BA96C0A3FB7417 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
14:32:58.0382 0x3774 c2cautoupdatesvc - ok
14:32:58.0570 0x3774 [ 8E1CC0517DE17DF83CF80BFCE9F0C000, 13F7929D531914FA2ED1223977E15A7F45E3FF3DA1392ECC4B15F5619B37B754 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
14:32:58.0585 0x3774 c2cpnrsvc - ok
14:32:58.0632 0x3774 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
14:32:58.0635 0x3774 CapImg - ok
14:32:58.0649 0x3774 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:32:58.0649 0x3774 cdfs - ok
14:32:58.0712 0x3774 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
14:32:58.0728 0x3774 CDPSvc - ok
14:32:58.0775 0x3774 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
14:32:58.0790 0x3774 cdrom - ok
14:32:58.0821 0x3774 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
14:32:58.0837 0x3774 CertPropSvc - ok
14:32:58.0868 0x3774 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys
14:32:58.0868 0x3774 circlass - ok
14:32:58.0899 0x3774 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
14:32:58.0915 0x3774 CLFS - ok
14:32:58.0978 0x3774 [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
14:32:58.0993 0x3774 ClipSVC - ok
14:32:59.0024 0x3774 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
14:32:59.0024 0x3774 CmBatt - ok
14:32:59.0165 0x3774 [ 3F7C80D9F16B94367646CBF8B8C052F4, 3F33980348E92876CD2A367C31E4B959C92BA6572266B1C75CB0C062095DFCB7 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
14:32:59.0181 0x3774 CNG - ok
14:32:59.0196 0x3774 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
14:32:59.0196 0x3774 cnghwassist - ok
14:32:59.0306 0x3774 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
14:32:59.0321 0x3774 CompositeBus - ok
14:32:59.0321 0x3774 COMSysApp - ok
14:32:59.0368 0x3774 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
14:32:59.0368 0x3774 condrv - ok
14:32:59.0431 0x3774 [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
14:32:59.0446 0x3774 CoreMessagingRegistrar - ok
14:32:59.0540 0x3774 [ 2285B31039611D509F6120D691CA661F, 28F510E68BAAE4FCECBAB0899978B312158E937A4814629B353D0EA14B8073ED ] CpqDfw C:\WINDOWS\system32\drivers\CpqDfw.sys
14:32:59.0540 0x3774 CpqDfw - ok
14:32:59.0587 0x3774 [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
14:32:59.0587 0x3774 CryptSvc - ok
14:32:59.0806 0x3774 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:32:59.0821 0x3774 cvhsvc - ok
14:32:59.0853 0x3774 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys
14:32:59.0853 0x3774 dam - ok
14:32:59.0946 0x3774 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:32:59.0962 0x3774 DcomLaunch - ok
14:33:00.0056 0x3774 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
14:33:00.0056 0x3774 DcpSvc - ok
14:33:00.0150 0x3774 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
14:33:00.0165 0x3774 defragsvc - ok
14:33:00.0228 0x3774 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:33:00.0243 0x3774 DeviceAssociationService - ok
14:33:00.0259 0x3774 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
14:33:00.0275 0x3774 DeviceInstall - ok
14:33:00.0306 0x3774 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
14:33:00.0306 0x3774 DevQueryBroker - ok
14:33:00.0368 0x3774 [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
14:33:00.0368 0x3774 Dfsc - ok
14:33:00.0431 0x3774 [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
14:33:00.0431 0x3774 Dhcp - ok
14:33:00.0509 0x3774 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
14:33:00.0509 0x3774 diagnosticshub.standardcollector.service - ok
14:33:00.0618 0x3774 [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
14:33:00.0650 0x3774 DiagTrack - ok
14:33:00.0712 0x3774 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys
14:33:00.0712 0x3774 disk - ok
14:33:00.0743 0x3774 [ E32F15E26724F3BB6423FB29FF3E2A8F, E8CF9829D2A74F4423424F8D169E726B88F50734F0B1ADC735691C37C9F32DAA ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
14:33:00.0743 0x3774 DmEnrollmentSvc - ok
14:33:00.0775 0x3774 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
14:33:00.0775 0x3774 dmvsc - ok
14:33:00.0821 0x3774 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
14:33:00.0837 0x3774 dmwappushservice - ok
14:33:00.0888 0x3774 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:33:00.0888 0x3774 Dnscache - ok
14:33:00.0903 0x3774 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
14:33:00.0919 0x3774 dot3svc - ok
14:33:00.0966 0x3774 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
14:33:00.0981 0x3774 DPS - ok
14:33:00.0997 0x3774 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
14:33:00.0997 0x3774 drmkaud - ok
14:33:01.0059 0x3774 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
14:33:01.0059 0x3774 DsmSvc - ok
14:33:01.0106 0x3774 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll
14:33:01.0106 0x3774 DsSvc - ok
14:33:01.0294 0x3774 [ 8B83335B6A86F39785FC7C9DE5F5B29F, 2B9D6BB75E0AB6408C685EBB2CEC6291D7B1F41486E30CAB1EC132C83455CE3D ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:33:01.0325 0x3774 DXGKrnl - ok
14:33:01.0372 0x3774 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
14:33:01.0372 0x3774 Eaphost - ok
14:33:01.0653 0x3774 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
14:33:01.0700 0x3774 ebdrv - ok
14:33:01.0763 0x3774 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
14:33:01.0763 0x3774 EFS - ok
14:33:01.0794 0x3774 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
14:33:01.0794 0x3774 EhStorClass - ok
14:33:01.0810 0x3774 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:33:01.0825 0x3774 EhStorTcgDrv - ok
14:33:01.0872 0x3774 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
14:33:01.0872 0x3774 embeddedmode - ok
14:33:01.0903 0x3774 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
14:33:01.0919 0x3774 EntAppSvc - ok
14:33:01.0935 0x3774 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
14:33:01.0935 0x3774 ErrDev - ok
14:33:01.0997 0x3774 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
14:33:01.0997 0x3774 EventSystem - ok
14:33:02.0028 0x3774 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
14:33:02.0028 0x3774 exfat - ok
14:33:02.0028 0x3774 ezSharedSvc - ok
14:33:02.0075 0x3774 [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
14:33:02.0075 0x3774 fastfat - ok
14:33:02.0122 0x3774 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe
14:33:02.0138 0x3774 Fax - ok
14:33:02.0185 0x3774 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
14:33:02.0185 0x3774 fdc - ok
14:33:02.0231 0x3774 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
14:33:02.0231 0x3774 fdPHost - ok
14:33:02.0247 0x3774 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll
14:33:02.0247 0x3774 FDResPub - ok
14:33:02.0294 0x3774 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll
14:33:02.0310 0x3774 fhsvc - ok
14:33:02.0341 0x3774 [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
14:33:02.0341 0x3774 FileCrypt - ok
14:33:02.0372 0x3774 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
14:33:02.0372 0x3774 FileInfo - ok
14:33:02.0435 0x3774 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
14:33:02.0435 0x3774 Filetrace - ok
14:33:02.0450 0x3774 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
14:33:02.0450 0x3774 flpydisk - ok
14:33:02.0481 0x3774 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:33:02.0481 0x3774 FltMgr - ok
14:33:02.0575 0x3774 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\WINDOWS\system32\FntCache.dll
14:33:02.0606 0x3774 FontCache - ok
14:33:02.0794 0x3774 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:33:02.0794 0x3774 FontCache3.0.0.0 - ok
14:33:02.0872 0x3774 [ 71CDC1D7F58D5EC49EBC2E2332AD3FAE, 7CA82C54BB8CADE9D0F90CAC332B22D18E8A2FE0231B8E2E5C5D571A902EB5FE ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
14:33:02.0872 0x3774 FPLService - ok
14:33:02.0919 0x3774 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
14:33:02.0919 0x3774 FsDepends - ok
14:33:02.0981 0x3774 [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr.sys
14:33:02.0981 0x3774 fssfltr - ok
14:33:03.0106 0x3774 [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:33:03.0138 0x3774 fsssvc - ok
14:33:03.0153 0x3774 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:33:03.0153 0x3774 Fs_Rec - ok
14:33:03.0231 0x3774 [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:33:03.0231 0x3774 fvevol - ok
14:33:03.0247 0x3774 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
14:33:03.0263 0x3774 gagp30kx - ok
14:33:03.0403 0x3774 [ 5CEA11F0A0F8ECC5549A36219563B3A7, 2DF35C089BD78D6CBBFDE8E8554DD82F9591B1F549E8F0BF332804C6A19042AC ] Garmin Device Interaction Service C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
14:33:03.0419 0x3774 Garmin Device Interaction Service - ok
14:33:03.0450 0x3774 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:33:03.0466 0x3774 GEARAspiWDM - ok
14:33:03.0481 0x3774 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
14:33:03.0481 0x3774 gencounter - ok
14:33:03.0528 0x3774 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
14:33:03.0528 0x3774 genericusbfn - ok
14:33:03.0669 0x3774 [ 97DC871A801DF42AD1008F0BBFD1ED8E, 7D90E1064863D0E976B9D1529A07808E3A38BA0FFEF5E7E920CC049DC05A15F1 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:33:03.0685 0x3774 GfExperienceService - ok
14:33:03.0747 0x3774 [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto C:\WINDOWS\system32\drivers\gfibto.sys
14:33:03.0747 0x3774 gfibto - ok
14:33:03.0794 0x3774 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:33:03.0810 0x3774 GPIOClx0101 - ok
14:33:03.0888 0x3774 [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc C:\WINDOWS\System32\gpsvc.dll
14:33:03.0903 0x3774 gpsvc - ok
14:33:03.0966 0x3774 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
14:33:03.0966 0x3774 GpuEnergyDrv - ok
14:33:04.0075 0x3774 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:33:04.0075 0x3774 gupdate - ok
14:33:04.0091 0x3774 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:33:04.0091 0x3774 gupdatem - ok
14:33:04.0169 0x3774 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:33:04.0169 0x3774 gusvc - ok
14:33:04.0200 0x3774 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
14:33:04.0200 0x3774 HDAudBus - ok
14:33:04.0247 0x3774 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
14:33:04.0247 0x3774 HidBatt - ok
14:33:04.0278 0x3774 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
14:33:04.0278 0x3774 HidBth - ok
14:33:04.0325 0x3774 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
14:33:04.0325 0x3774 hidi2c - ok
14:33:04.0372 0x3774 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
14:33:04.0372 0x3774 hidinterrupt - ok
14:33:04.0435 0x3774 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
14:33:04.0435 0x3774 HidIr - ok
14:33:04.0482 0x3774 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
14:33:04.0497 0x3774 hidserv - ok
14:33:04.0544 0x3774 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
14:33:04.0560 0x3774 HidUsb - ok
14:33:04.0622 0x3774 [ 7CEC266216126BC9A0E1072E1A7E5702, 6B2C0768C8F2590E65B9520D266C07D1A9D89B9E185CC359B0453F399836759F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
14:33:04.0638 0x3774 HomeGroupListener - ok
14:33:04.0669 0x3774 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
14:33:04.0685 0x3774 HomeGroupProvider - ok
14:33:04.0794 0x3774 [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
14:33:04.0810 0x3774 HPClientSvc - ok
14:33:04.0982 0x3774 [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
14:33:04.0997 0x3774 hpqwmiex - ok
14:33:05.0060 0x3774 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
14:33:05.0060 0x3774 HpSAMD - ok
14:33:05.0138 0x3774 [ E60B8915796784DE61CE1AD17DDC5B17, 9724244852E169F65353457CA5F7D888D3C91A68ACB4DF953D50769C4550DB52 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
14:33:05.0138 0x3774 HPSupportSolutionsFrameworkService - ok
14:33:05.0232 0x3774 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
14:33:05.0247 0x3774 HTTP - ok
14:33:05.0294 0x3774 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
14:33:05.0294 0x3774 hwpolicy - ok
14:33:05.0326 0x3774 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
14:33:05.0326 0x3774 hyperkbd - ok
14:33:05.0357 0x3774 [ 40115A0F8E7FF9E786EBBD1D33D39AD7, 5190D3970950251CD0946521C428BF26BF7D68C2984B990B8EFDD406EC9CDFE1 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
14:33:05.0357 0x3774 HyperVideo - ok
14:33:05.0388 0x3774 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
14:33:05.0388 0x3774 i8042prt - ok
14:33:05.0419 0x3774 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
14:33:05.0419 0x3774 iai2c - ok
14:33:05.0466 0x3774 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
14:33:05.0466 0x3774 iaLPSS2i_I2C - ok
14:33:05.0513 0x3774 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
14:33:05.0513 0x3774 iaLPSSi_GPIO - ok
14:33:05.0544 0x3774 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
14:33:05.0544 0x3774 iaLPSSi_I2C - ok
14:33:05.0623 0x3774 [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
14:33:05.0623 0x3774 iaStor - ok
14:33:05.0654 0x3774 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
14:33:05.0669 0x3774 iaStorAV - ok
14:33:05.0701 0x3774 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
14:33:05.0701 0x3774 iaStorV - ok
14:33:05.0716 0x3774 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
14:33:05.0732 0x3774 ibbus - ok
14:33:05.0794 0x3774 [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc C:\WINDOWS\System32\tetheringservice.dll
14:33:05.0794 0x3774 icssvc - ok
14:33:05.0794 0x3774 IEEtwCollectorService - ok
14:33:05.0873 0x3774 [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
14:33:05.0904 0x3774 IKEEXT - ok
14:33:05.0951 0x3774 [ 801F83F8A04779A963CF2BAE90502BA0, B72FEAD7D477D25E4D2E1EB75EFD437E7D060838590719691E062F494EAEE9B8 ] InstallerService C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe
14:33:05.0951 0x3774 InstallerService - ok
14:33:06.0216 0x3774 [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:33:06.0279 0x3774 IntcAzAudAddService - ok
14:33:06.0294 0x3774 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
14:33:06.0294 0x3774 intelide - ok
14:33:06.0310 0x3774 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
14:33:06.0310 0x3774 intelpep - ok
14:33:06.0341 0x3774 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
14:33:06.0341 0x3774 intelppm - ok
14:33:06.0388 0x3774 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
14:33:06.0388 0x3774 IoQos - ok
14:33:06.0419 0x3774 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:33:06.0419 0x3774 IpFilterDriver - ok
14:33:06.0560 0x3774 [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
14:33:06.0576 0x3774 iphlpsvc - ok
14:33:06.0591 0x3774 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
14:33:06.0591 0x3774 IPMIDRV - ok
14:33:06.0654 0x3774 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
14:33:06.0654 0x3774 IPNAT - ok
14:33:06.0732 0x3774 [ 2BFF13AC46A5850161317D0F924B5B42, B8A09F66435EC6582F8772515988503CC13DC200A370EBB8C3FE661F2EA688DA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:33:06.0732 0x3774 iPod Service - ok
14:33:06.0763 0x3774 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
14:33:06.0763 0x3774 IRENUM - ok
14:33:06.0779 0x3774 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
14:33:06.0794 0x3774 isapnp - ok
14:33:06.0826 0x3774 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
14:33:06.0826 0x3774 iScsiPrt - ok
14:33:06.0857 0x3774 [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
14:33:06.0857 0x3774 jhi_service - ok
14:33:06.0904 0x3774 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
14:33:06.0904 0x3774 kbdclass - ok
14:33:06.0919 0x3774 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
14:33:06.0919 0x3774 kbdhid - ok
14:33:06.0919 0x3774 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
14:33:06.0919 0x3774 kdnic - ok
14:33:06.0935 0x3774 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
14:33:06.0935 0x3774 KeyIso - ok
14:33:06.0982 0x3774 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
14:33:06.0982 0x3774 KSecDD - ok
14:33:07.0076 0x3774 [ 425CFD45BDF5B9F8B790BEB20E0A8721, 0AB57F9C450A53308B41C8C884E92AACF643A74056F14E3D6C49BE2C61614879 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
14:33:07.0091 0x3774 KSecPkg - ok
14:33:07.0123 0x3774 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
14:33:07.0123 0x3774 ksthunk - ok
14:33:07.0201 0x3774 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
14:33:07.0216 0x3774 KtmRm - ok
14:33:07.0279 0x3774 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
14:33:07.0294 0x3774 LanmanServer - ok
14:33:07.0342 0x3774 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
14:33:07.0342 0x3774 LanmanWorkstation - ok
14:33:07.0420 0x3774 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
14:33:07.0420 0x3774 lfsvc - ok
14:33:07.0451 0x3774 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
14:33:07.0451 0x3774 LicenseManager - ok
14:33:07.0513 0x3774 [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
14:33:07.0513 0x3774 lirsgt - ok
14:33:07.0545 0x3774 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
14:33:07.0545 0x3774 lltdio - ok
14:33:07.0576 0x3774 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
14:33:07.0592 0x3774 lltdsvc - ok
14:33:07.0623 0x3774 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
14:33:07.0638 0x3774 lmhosts - ok
14:33:07.0685 0x3774 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F, 9BB0A3BE7CCDF62CF0A67CB67019364965F6567BE29BA6D153B8E36F88058302 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:33:07.0685 0x3774 LMS - ok
14:33:07.0748 0x3774 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
14:33:07.0748 0x3774 LSI_SAS - ok
14:33:07.0795 0x3774 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
14:33:07.0795 0x3774 LSI_SAS2i - ok
14:33:07.0826 0x3774 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
14:33:07.0826 0x3774 LSI_SAS3i - ok
14:33:07.0842 0x3774 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
14:33:07.0857 0x3774 LSI_SSS - ok
14:33:07.0904 0x3774 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
14:33:07.0904 0x3774 LSM - ok
14:33:07.0920 0x3774 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
14:33:07.0920 0x3774 luafv - ok
14:33:07.0982 0x3774 [ C06234DCDB1BFC0CF7E25CFAC5B7F5FE, 149A3880E1D58CC0768A174DF4E884F3A4432F935D134B5AE536B7020788F5D5 ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
14:33:07.0982 0x3774 ManyCam - ok
14:33:08.0013 0x3774 [ FA2CDF42B3E9F53B12E506BA48BE16AA, 2E3757F21C0F6B5EBBC2F86415C1E858673B94DC4830C675567F3DCC2CD35BE5 ] MapsBroker C:\WINDOWS\System32\moshost.dll
14:33:08.0029 0x3774 MapsBroker - ok
14:33:08.0076 0x3774 [ 88B3BADFB02BE4471655EAF88DDC7EBD, F38D69B80A7670F85A9692A01D2D71A54BB413346C3523726E59D1282D349B83 ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
14:33:08.0076 0x3774 mcaudrv_simple - ok
14:33:08.0092 0x3774 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
14:33:08.0092 0x3774 megasas - ok
14:33:08.0138 0x3774 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
14:33:08.0154 0x3774 megasr - ok
14:33:08.0185 0x3774 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
14:33:08.0185 0x3774 MEIx64 - ok
14:33:08.0243 0x3774 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
14:33:08.0243 0x3774 MessagingService - ok
14:33:08.0337 0x3774 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
14:33:08.0353 0x3774 mlx4_bus - ok
14:33:08.0384 0x3774 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
14:33:08.0399 0x3774 MMCSS - ok
14:33:08.0431 0x3774 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys
14:33:08.0431 0x3774 Modem - ok
14:33:08.0446 0x3774 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
14:33:08.0446 0x3774 monitor - ok
14:33:08.0493 0x3774 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
14:33:08.0493 0x3774 mouclass - ok
14:33:08.0509 0x3774 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
14:33:08.0509 0x3774 mouhid - ok
14:33:08.0524 0x3774 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
14:33:08.0524 0x3774 mountmgr - ok
14:33:08.0649 0x3774 [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:33:08.0649 0x3774 MozillaMaintenance - ok
14:33:08.0696 0x3774 [ B66A551D00E41D5416F4CB5497926238, 5B77B3EE6D0231133AFF756F62ABE9D7635C5BAE876BDD3117963E5391EDDD27 ] MPCKpt C:\WINDOWS\system32\DRIVERS\MPCKpt.sys
14:33:08.0712 0x3774 MPCKpt - ok
14:33:08.0759 0x3774 [ E5F8E0143A8B64F2ED68674909B14075, 86518EFC5E832ABF153C266C7AC52128C90A741EFD074F593EC4F4BE8DEDAE95 ] MPCProtectService C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
14:33:08.0759 0x3774 MPCProtectService - ok
14:33:08.0774 0x3774 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
14:33:08.0774 0x3774 mpsdrv - ok
14:33:08.0853 0x3774 [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
14:33:08.0868 0x3774 MpsSvc - ok
14:33:08.0946 0x3774 [ 2B9A1FF2450BAF7A795941BE471F16EF, DD213BACDAE4E3C4F89BFE54BCE77B2F66D12AA85949147AE8A31049876CAA3E ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
14:33:08.0978 0x3774 MQAC - ok
14:33:09.0024 0x3774 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
14:33:09.0024 0x3774 MRxDAV - ok
14:33:09.0056 0x3774 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:33:09.0056 0x3774 mrxsmb - ok
14:33:09.0071 0x3774 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
14:33:09.0087 0x3774 mrxsmb10 - ok
14:33:09.0134 0x3774 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
14:33:09.0134 0x3774 mrxsmb20 - ok
14:33:09.0165 0x3774 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
14:33:09.0165 0x3774 MsBridge - ok
14:33:09.0212 0x3774 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
14:33:09.0228 0x3774 MSDTC - ok
14:33:09.0243 0x3774 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:33:09.0243 0x3774 Msfs - ok
14:33:09.0322 0x3774 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:33:09.0322 0x3774 msgpiowin32 - ok
14:33:09.0334 0x3774 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
14:33:09.0334 0x3774 mshidkmdf - ok
14:33:09.0365 0x3774 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
14:33:09.0365 0x3774 mshidumdf - ok
14:33:09.0365 0x3774 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
14:33:09.0365 0x3774 msisadrv - ok
14:33:09.0397 0x3774 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
14:33:09.0397 0x3774 MSiSCSI - ok
14:33:09.0397 0x3774 msiserver - ok
14:33:09.0428 0x3774 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
14:33:09.0428 0x3774 MSKSSRV - ok
14:33:09.0459 0x3774 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
14:33:09.0475 0x3774 MsLldp - ok
14:33:09.0506 0x3774 [ 30130E99810283026C5FA2F57A4BB488, 3CF97CC2F63A7CDEA19C8B2DD73EED161309A7C334FF80567C18423F2DA34249 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
14:33:09.0506 0x3774 MSMQ - ok
14:33:09.0537 0x3774 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
14:33:09.0537 0x3774 MSPCLOCK - ok
14:33:09.0584 0x3774 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
14:33:09.0584 0x3774 MSPQM - ok
14:33:09.0615 0x3774 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
14:33:09.0615 0x3774 MsRPC - ok
14:33:09.0631 0x3774 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
14:33:09.0631 0x3774 mssmbios - ok
14:33:09.0662 0x3774 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
14:33:09.0662 0x3774 MSTEE - ok
14:33:09.0694 0x3774 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
14:33:09.0694 0x3774 MTConfig - ok
14:33:09.0694 0x3774 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
14:33:09.0694 0x3774 Mup - ok
14:33:09.0709 0x3774 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
14:33:09.0709 0x3774 mvumis - ok
14:33:09.0740 0x3774 [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
14:33:09.0756 0x3774 NativeWifiP - ok
14:33:09.0803 0x3774 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
14:33:09.0803 0x3774 NcaSvc - ok
14:33:09.0850 0x3774 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll
14:33:09.0865 0x3774 NcbService - ok
14:33:09.0881 0x3774 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
14:33:09.0881 0x3774 NcdAutoSetup - ok
14:33:09.0928 0x3774 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
14:33:09.0928 0x3774 ndfltr - ok
14:33:10.0006 0x3774 [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
14:33:10.0022 0x3774 NDIS - ok
14:33:10.0053 0x3774 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
14:33:10.0053 0x3774 NdisCap - ok
14:33:10.0131 0x3774 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
14:33:10.0131 0x3774 NdisImPlatform - ok
14:33:10.0194 0x3774 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:33:10.0194 0x3774 NdisTapi - ok
14:33:10.0209 0x3774 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
14:33:10.0209 0x3774 Ndisuio - ok
14:33:10.0256 0x3774 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
14:33:10.0256 0x3774 NdisVirtualBus - ok
14:33:10.0287 0x3774 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
14:33:10.0303 0x3774 NdisWan - ok
14:33:10.0303 0x3774 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:33:10.0303 0x3774 ndiswanlegacy - ok
14:33:10.0350 0x3774 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
14:33:10.0350 0x3774 ndproxy - ok
14:33:10.0397 0x3774 [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
14:33:10.0397 0x3774 Ndu - ok
14:33:10.0412 0x3774 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
14:33:10.0412 0x3774 NetBIOS - ok
14:33:10.0522 0x3774 [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:33:10.0522 0x3774 NetBT - ok
14:33:10.0537 0x3774 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:33:10.0537 0x3774 Netlogon - ok
14:33:10.0569 0x3774 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
14:33:10.0584 0x3774 Netman - ok
14:33:10.0631 0x3774 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:33:10.0631 0x3774 NetMsmqActivator - ok
14:33:10.0662 0x3774 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:33:10.0662 0x3774 NetPipeActivator - ok
14:33:10.0741 0x3774 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
14:33:10.0756 0x3774 netprofm - ok
14:33:10.0803 0x3774 [ A3AA03C0C5002F3D89397637B770A1BA, CB40F8FFE2850C11C9EA309BFDBB97C2C978202AF70D052573D8CF18A0677AEB ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
14:33:10.0803 0x3774 NetSetupSvc - ok
14:33:10.0819 0x3774 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:33:10.0819 0x3774 NetTcpActivator - ok
14:33:10.0819 0x3774 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:33:10.0834 0x3774 NetTcpPortSharing - ok
14:33:10.0850 0x3774 [ 2BB62723C835F75F0C7C9E6A736881FB, CBA690F5205BE8AE1E8ED8A47BC1594E05391DAC30AAEE0A055366F24602346C ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
14:33:10.0866 0x3774 netvsc - ok
14:33:10.0912 0x3774 [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
14:33:10.0912 0x3774 NgcCtnrSvc - ok
14:33:11.0006 0x3774 [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
14:33:11.0022 0x3774 NgcSvc - ok
14:33:11.0100 0x3774 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
14:33:11.0100 0x3774 NlaSvc - ok
14:33:11.0131 0x3774 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:33:11.0131 0x3774 Npfs - ok
14:33:11.0178 0x3774 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
14:33:11.0178 0x3774 npsvctrig - ok
14:33:11.0178 0x3774 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
14:33:11.0194 0x3774 nsi - ok
14:33:11.0194 0x3774 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
14:33:11.0194 0x3774 nsiproxy - ok
14:33:11.0287 0x3774 [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
14:33:11.0334 0x3774 NTFS - ok
14:33:11.0350 0x3774 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
14:33:11.0350 0x3774 Null - ok
14:33:11.0413 0x3774 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
14:33:11.0413 0x3774 NVHDA - ok
14:33:11.0709 0x3774 [ 299076F341794E62EE9A267A8CDE3D39, 57EE9A2C1DEE6B06E035E4926FBE4277D0E1AD254379CFBD07525518BD7C992F ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
14:33:11.0866 0x3774 nvlddmkm - ok
14:33:12.0053 0x3774 [ FB9407F47E184208E4880FA1DC28B9D4, 7FCA90AF10F9C578B928B93301EF3FB85157BB71D9F6865D6CD5CB5C0ECF3A2F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:33:12.0084 0x3774 NvNetworkService - ok
14:33:12.0147 0x3774 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
14:33:12.0163 0x3774 nvraid - ok
14:33:12.0178 0x3774 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
14:33:12.0178 0x3774 nvstor - ok
14:33:12.0288 0x3774 [ 9F0938D041D6203DA3B95AA3EBE4C34E, 4BBF1E49C9B521C42ABAAC1A4274E785F4E20611D091D5BE218408A2D5753B0E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:33:12.0288 0x3774 NvStreamKms - ok
14:33:12.0569 0x3774 [ 2F6ABCFB6B992A4DF5EFD9E6B7BAFF2B, 17864F9BE08F76E6875167A2E9CA15A01C12872635399FF66CEBEA91FE43B541 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
14:33:12.0678 0x3774 NvStreamNetworkSvc - ok
14:33:12.0975 0x3774 [ A8FD46F7EA7410847C3EBE84C4B18BB1, 6F428B26035268131F4AFED141307642FB20042B998BDDF6C3E27306711A6067 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
14:33:13.0069 0x3774 NvStreamSvc - ok
14:33:13.0163 0x3774 [ 90566025EFD5BA4005A5C9A2773B230B, 9075981E7020250E38D25C046E39C69B252B46888A9F6F749FF50FB442907E37 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
14:33:13.0178 0x3774 nvsvc - ok
14:33:13.0241 0x3774 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
14:33:13.0241 0x3774 nvvad_WaveExtensible - ok
14:33:13.0288 0x3774 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
14:33:13.0288 0x3774 nv_agp - ok
14:33:13.0350 0x3774 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
14:33:13.0350 0x3774 OneSyncSvc - ok
14:33:13.0491 0x3774 [ EABD6FC38504B46913E2B1B739DAD185, A6225F8A939E6DA467777F85FAB02A218FB4B7ECDF68C34FE156E85BEA6E04BB ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
14:33:13.0522 0x3774 Origin Client Service - ok
14:33:13.0569 0x3774 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:33:13.0569 0x3774 ose - ok
14:33:13.0819 0x3774 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:33:13.0897 0x3774 osppsvc - ok
14:33:13.0960 0x3774 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
14:33:13.0960 0x3774 p2pimsvc - ok
14:33:13.0991 0x3774 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
14:33:13.0991 0x3774 p2psvc - ok
14:33:14.0022 0x3774 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
14:33:14.0022 0x3774 Parport - ok
14:33:14.0069 0x3774 [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
14:33:14.0069 0x3774 partmgr - ok
14:33:14.0132 0x3774 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
14:33:14.0147 0x3774 PcaSvc - ok
14:33:14.0166 0x3774 [ CF78AF126B00C1B0A6FF45BD838E8EFE, AE01B107E1D9072F10F194AEE2AE4F9D75A4EC8FF3A46E45D27E7BF615CE0985 ] pci C:\WINDOWS\system32\drivers\pci.sys
14:33:14.0166 0x3774 pci - ok
14:33:14.0182 0x3774 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
14:33:14.0198 0x3774 pciide - ok
14:33:14.0213 0x3774 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
14:33:14.0213 0x3774 pcmcia - ok
14:33:14.0245 0x3774 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
14:33:14.0245 0x3774 pcw - ok
14:33:14.0307 0x3774 [ 67B9684B8272D5EBD1CCBB1DBD425EC8, 09BE2A2EB3A71E594D08B8D817820965DEEAD283029EBB0B74CCC658A2706233 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
14:33:14.0307 0x3774 pdc - ok
14:33:14.0338 0x3774 pdfcDispatcher - ok
14:33:14.0416 0x3774 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
14:33:14.0432 0x3774 PEAUTH - ok
14:33:14.0448 0x3774 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
14:33:14.0448 0x3774 percsas2i - ok
14:33:14.0495 0x3774 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
14:33:14.0495 0x3774 percsas3i - ok
14:33:14.0666 0x3774 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
14:33:14.0682 0x3774 PerfHost - ok
14:33:14.0745 0x3774 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
14:33:14.0760 0x3774 PhoneSvc - ok
14:33:14.0854 0x3774 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
14:33:14.0870 0x3774 PimIndexMaintenanceSvc - ok
14:33:14.0963 0x3774 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
14:33:14.0979 0x3774 pla - ok
14:33:15.0041 0x3774 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
14:33:15.0057 0x3774 PlugPlay - ok
14:33:15.0104 0x3774 [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
14:33:15.0120 0x3774 pmxdrv - ok
14:33:15.0120 0x3774 PnkBstrA - ok
14:33:15.0120 0x3774 PnkBstrB - ok
14:33:15.0151 0x3774 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
14:33:15.0151 0x3774 PNRPAutoReg - ok
14:33:15.0166 0x3774 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
14:33:15.0182 0x3774 PNRPsvc - ok
14:33:15.0245 0x3774 [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
14:33:15.0260 0x3774 PolicyAgent - ok
14:33:15.0260 0x3774 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
14:33:15.0260 0x3774 Power - ok
14:33:15.0323 0x3774 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
14:33:15.0323 0x3774 PptpMiniport - ok
14:33:15.0666 0x3774 [ 15709A9AB1411565754CEE33AAB36387, 77CBC04346F8F247B4614CE65FBD225F0A24827EDD1FDB34900D05673B682D84 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:33:15.0729 0x3774 PrintNotify - ok
14:33:15.0745 0x3774 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
14:33:15.0745 0x3774 Processor - ok
14:33:15.0792 0x3774 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
14:33:15.0807 0x3774 ProfSvc - ok
14:33:15.0823 0x3774 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
14:33:15.0838 0x3774 Psched - ok
14:33:15.0901 0x3774 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
14:33:15.0917 0x3774 QWAVE - ok
14:33:15.0979 0x3774 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
14:33:15.0979 0x3774 QWAVEdrv - ok
14:33:16.0026 0x3774 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:33:16.0026 0x3774 RasAcd - ok
14:33:16.0073 0x3774 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
14:33:16.0073 0x3774 RasAgileVpn - ok
14:33:16.0120 0x3774 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:33:16.0120 0x3774 RasAuto - ok
14:33:16.0167 0x3774 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
14:33:16.0182 0x3774 Rasl2tp - ok
14:33:16.0213 0x3774 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:33:16.0229 0x3774 RasMan - ok
14:33:16.0260 0x3774 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
14:33:16.0260 0x3774 RasPppoe - ok
14:33:16.0276 0x3774 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
14:33:16.0276 0x3774 RasSstp - ok
14:33:16.0307 0x3774 [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:33:16.0307 0x3774 rdbss - ok
14:33:16.0323 0x3774 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
14:33:16.0323 0x3774 rdpbus - ok
14:33:16.0370 0x3774 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
14:33:16.0370 0x3774 RDPDR - ok
14:33:16.0386 0x3774 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:33:16.0386 0x3774 RdpVideoMiniport - ok
14:33:16.0402 0x3774 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
14:33:16.0402 0x3774 rdyboost - ok
14:33:16.0449 0x3774 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
14:33:16.0480 0x3774 ReFSv1 - ok
14:33:16.0511 0x3774 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:33:16.0527 0x3774 RemoteAccess - ok
14:33:16.0574 0x3774 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:33:16.0574 0x3774 RemoteRegistry - ok
14:33:16.0636 0x3774 [ DF7A59E70F398EEB9FDCDD310987D8AE, 67817FC336B2046351BDEB84A57252D6708E17656CD84FF5BCA85FCA24F430E0 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
14:33:16.0667 0x3774 RetailDemo - ok
14:33:16.0699 0x3774 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
14:33:16.0699 0x3774 RpcEptMapper - ok
14:33:16.0746 0x3774 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:33:16.0761 0x3774 RpcLocator - ok
14:33:16.0777 0x3774 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:33:16.0792 0x3774 RpcSs - ok
14:33:16.0855 0x3774 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
14:33:16.0855 0x3774 rspndr - ok
14:33:16.0917 0x3774 [ 9A4CB33560A25CF7ACDE1C1E3C7B1A28, A62B6E555CB1D20328608829BEB90E8B882F4380BB65598C255258159A78801F ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
14:33:16.0949 0x3774 rt640x64 - ok
14:33:16.0996 0x3774 [ DDF3EFB4AD226C61D0ADA6E779E3D968, 5B14B35321F10D974B9F47D60C9DAA527A2C907029C242A6F4214E6012A046DA ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
14:33:16.0996 0x3774 RtkAudioService - ok
14:33:17.0027 0x3774 [ 044890BB0D6CF1E23C1087234D320509, CODE]

Alt 23.06.2016, 13:48   #11
M-K-D-B
/// TB-Ausbilder
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



ggf. die Logdatei von TDSS-Killer auf mehrere Posts aufteilen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 23.06.2016, 13:52   #12
Der Anfänger
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



14:33:17.0027 0x3774 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
14:33:17.0027 0x3774 s3cap - ok
14:33:17.0058 0x3774 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
14:33:17.0074 0x3774 SamSs - ok
14:33:17.0152 0x3774 [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys
14:33:17.0167 0x3774 SANDRA - ok
14:33:17.0214 0x3774 [ 062DF2975C23079DF834411A5CB761B0, 8CA11CDA54A7464AFA9294E6303DC62D0664BC7BDD0B4755AEC28FD80B86BB41 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe
14:33:17.0230 0x3774 SandraAgentSrv - ok
14:33:17.0261 0x3774 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
14:33:17.0261 0x3774 sbp2port - ok
14:33:17.0324 0x3774 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
14:33:17.0339 0x3774 SCardSvr - ok
14:33:17.0339 0x3774 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
14:33:17.0339 0x3774 ScDeviceEnum - ok
14:33:17.0386 0x3774 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:33:17.0386 0x3774 scfilter - ok
14:33:17.0464 0x3774 [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:33:17.0480 0x3774 Schedule - ok
14:33:17.0558 0x3774 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
14:33:17.0558 0x3774 SCPolicySvc - ok
14:33:17.0605 0x3774 [ B24408471C1BCB17FC44F5B47EA8DEA3, 1CFE07C793F2A3D883E9071B8703C01A7619C8C0A02AAEBAA1130F36654AFD4F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
14:33:17.0621 0x3774 sdbus - ok
14:33:17.0714 0x3774 [ 3D7F459BA223D75B325FC11BE6600961, FBFCA50E1FE3984DB3D7344EEE33B17FC78E5877EC716F604003FC0D53B36E58 ] SDHookDriver C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys
14:33:17.0746 0x3774 SDHookDriver - ok
14:33:17.0761 0x3774 [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
14:33:17.0761 0x3774 SDRSVC - ok
14:33:17.0855 0x3774 [ 2100C3E7E1D060DE822677DDE41FCCCF, 82F645A981C91ABD237AA8DD730F4490EF566371946E56A498146B7C8FC3C44A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:33:17.0886 0x3774 SDScannerService - ok
14:33:17.0933 0x3774 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
14:33:17.0949 0x3774 sdstor - ok
14:33:18.0011 0x3774 [ B89DF0D2410759A6C826C136AEBC2416, 5EF86212BE1E075B2B7E0783FDA6EB2CA6938546145428FC7B39EE9D5817F0B1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:33:18.0042 0x3774 SDUpdateService - ok
14:33:18.0089 0x3774 [ 6B4E097AD063AEED188629CB9A542602, 0342CD807ADD430E4EC14308464EB0E1BF74F95AD0D32356210A832E6C3FE6CF ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:33:18.0089 0x3774 SDWSCService - ok
14:33:18.0136 0x3774 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll
14:33:18.0152 0x3774 seclogon - ok
14:33:18.0199 0x3774 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
14:33:18.0199 0x3774 SENS - ok
14:33:18.0277 0x3774 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
14:33:18.0308 0x3774 SensorDataService - ok
14:33:18.0339 0x3774 [ 45D26646E3AD737E5DE3DB91CCCE7DBA, B05AB32700998C8347BC5797B18EB97F303FCB2302BED852348F2703DEDE72F9 ] SensorService C:\WINDOWS\system32\SensorService.dll
14:33:18.0355 0x3774 SensorService - ok
14:33:18.0371 0x3774 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
14:33:18.0371 0x3774 SensrSvc - ok
14:33:18.0386 0x3774 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
14:33:18.0386 0x3774 SerCx - ok
14:33:18.0433 0x3774 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
14:33:18.0433 0x3774 SerCx2 - ok
14:33:18.0449 0x3774 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
14:33:18.0449 0x3774 Serenum - ok
14:33:18.0480 0x3774 [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial C:\WINDOWS\System32\drivers\serial.sys
14:33:18.0480 0x3774 Serial - ok
14:33:18.0511 0x3774 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
14:33:18.0527 0x3774 sermouse - ok
14:33:18.0558 0x3774 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll
14:33:18.0574 0x3774 SessionEnv - ok
14:33:18.0589 0x3774 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
14:33:18.0589 0x3774 sfloppy - ok
14:33:18.0652 0x3774 [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\WINDOWS\system32\DRIVERS\Sftfslh.sys
14:33:18.0668 0x3774 Sftfs - ok
14:33:18.0714 0x3774 [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:33:18.0730 0x3774 sftlist - ok
14:33:18.0730 0x3774 [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\WINDOWS\system32\DRIVERS\Sftplaylh.sys
14:33:18.0746 0x3774 Sftplay - ok
14:33:18.0746 0x3774 [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\WINDOWS\system32\DRIVERS\Sftredirlh.sys
14:33:18.0746 0x3774 Sftredir - ok
14:33:18.0746 0x3774 [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\WINDOWS\system32\DRIVERS\Sftvollh.sys
14:33:18.0746 0x3774 Sftvol - ok
14:33:18.0761 0x3774 [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:33:18.0761 0x3774 sftvsa - ok
14:33:18.0824 0x3774 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:33:18.0824 0x3774 SharedAccess - ok
14:33:18.0902 0x3774 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:33:18.0918 0x3774 ShellHWDetection - ok
14:33:18.0965 0x3774 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
14:33:18.0965 0x3774 SiSRaid2 - ok
14:33:18.0980 0x3774 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
14:33:18.0980 0x3774 SiSRaid4 - ok
14:33:19.0090 0x3774 [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:33:19.0105 0x3774 SkypeUpdate - ok
14:33:19.0183 0x3774 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll
14:33:19.0183 0x3774 smphost - ok
14:33:19.0215 0x3774 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
14:33:19.0230 0x3774 SmsRouter - ok
14:33:19.0277 0x3774 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
14:33:19.0277 0x3774 SNMPTRAP - ok
14:33:19.0308 0x3774 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
14:33:19.0324 0x3774 spaceport - ok
14:33:19.0355 0x3774 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
14:33:19.0355 0x3774 SpbCx - ok
14:33:19.0433 0x3774 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe
14:33:19.0449 0x3774 Spooler - ok
14:33:19.0808 0x3774 [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc C:\WINDOWS\system32\sppsvc.exe
14:33:19.0949 0x3774 sppsvc - ok
14:33:19.0996 0x3774 [ BE88248427A6AA548A904FD867667F70, 37E7BB76881F4E896311721B1FCB7B1908524591D36F7D63B233CA0115FECC2C ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:33:19.0996 0x3774 srv - ok
14:33:20.0074 0x3774 [ 2568B86F6A50D254324CB89022CA9EFC, 001B7A0061227E8E78A35FDC095C71A6974F18B1289FA392FA0B864A88C20672 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
14:33:20.0090 0x3774 srv2 - ok
14:33:20.0136 0x3774 [ 6E520D6B16EA8AE23D1F81C1194F00C8, 42CAB0772D351023DBF1DAD4BDB1FC214827CEA660284838B41062B8DF89DF10 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
14:33:20.0136 0x3774 srvnet - ok
14:33:20.0207 0x3774 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:33:20.0223 0x3774 SSDPSRV - ok
14:33:20.0270 0x3774 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
14:33:20.0270 0x3774 SstpSvc - ok
14:33:20.0473 0x3774 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
14:33:20.0488 0x3774 ss_conn_service - ok
14:33:20.0785 0x3774 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
14:33:20.0848 0x3774 StateRepository - ok
14:33:21.0051 0x3774 [ BE826A247D22F2FDF24B92AD40049F89, 06996ECCE5A694DEFDC99DB56F45DD0ABD9A2150581F1FD132FBBD863C474DE3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:33:21.0066 0x3774 Steam Client Service - ok
14:33:21.0207 0x3774 [ 205C21F5812463A5EC73F6E8D0D97812, 6321190CE8FA7581BBFC8BFCD41A115FCCEEE7C108CE5B82F04EC66732E30112 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:33:21.0207 0x3774 Stereo Service - ok
14:33:21.0238 0x3774 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
14:33:21.0238 0x3774 stexstor - ok
14:33:21.0301 0x3774 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll
14:33:21.0317 0x3774 stisvc - ok
14:33:21.0364 0x3774 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
14:33:21.0395 0x3774 storahci - ok
14:33:21.0410 0x3774 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
14:33:21.0410 0x3774 storflt - ok
14:33:21.0410 0x3774 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
14:33:21.0426 0x3774 stornvme - ok
14:33:21.0457 0x3774 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
14:33:21.0457 0x3774 storqosflt - ok
14:33:21.0551 0x3774 [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
14:33:21.0582 0x3774 StorSvc - ok
14:33:21.0598 0x3774 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
14:33:21.0598 0x3774 storufs - ok
14:33:21.0614 0x3774 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
14:33:21.0614 0x3774 storvsc - ok
14:33:21.0645 0x3774 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll
14:33:21.0645 0x3774 svsvc - ok
14:33:21.0645 0x3774 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
14:33:21.0645 0x3774 swenum - ok
14:33:21.0676 0x3774 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll
14:33:21.0692 0x3774 swprv - ok
14:33:21.0739 0x3774 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
14:33:21.0739 0x3774 Synth3dVsc - ok
14:33:21.0801 0x3774 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
14:33:21.0817 0x3774 SysMain - ok
14:33:21.0879 0x3774 [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:33:21.0879 0x3774 SystemEventsBroker - ok
14:33:21.0942 0x3774 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:33:21.0942 0x3774 TabletInputService - ok
14:33:21.0973 0x3774 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:33:21.0989 0x3774 TapiSrv - ok
14:33:22.0051 0x3774 [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
14:33:22.0098 0x3774 Tcpip - ok
14:33:22.0160 0x3774 [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
14:33:22.0192 0x3774 Tcpip6 - ok
14:33:22.0223 0x3774 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
14:33:22.0239 0x3774 tcpipreg - ok
14:33:22.0270 0x3774 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
14:33:22.0285 0x3774 tdx - ok
14:33:22.0285 0x3774 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
14:33:22.0285 0x3774 terminpt - ok
14:33:22.0348 0x3774 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll
14:33:22.0395 0x3774 TermService - ok
14:33:22.0410 0x3774 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
14:33:22.0410 0x3774 Themes - ok
14:33:22.0426 0x3774 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
14:33:22.0442 0x3774 TieringEngineService - ok
14:33:22.0504 0x3774 [ 7ECACE6D0B4C2D323408EB00FD93C682, EE7F5E5185EA8C8098046FA573659443014ED7C9DA9E710D9EF3FCACBBFFA100 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
14:33:22.0504 0x3774 tiledatamodelsvc - ok
14:33:22.0551 0x3774 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
14:33:22.0551 0x3774 TimeBroker - ok
14:33:22.0614 0x3774 [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
14:33:22.0614 0x3774 TPM - ok
14:33:22.0660 0x3774 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
14:33:22.0660 0x3774 TrkWks - ok
14:33:22.0707 0x3774 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
14:33:22.0707 0x3774 TrustedInstaller - ok
14:33:22.0754 0x3774 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
14:33:22.0754 0x3774 tsusbflt - ok
14:33:22.0770 0x3774 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:33:22.0785 0x3774 TsUsbGD - ok
14:33:22.0832 0x3774 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
14:33:22.0832 0x3774 tunnel - ok
14:33:22.0879 0x3774 [ 56C238ACFE4CB020D3E38508249039EA, 172868080F07D98175229A02410FE751B5958ED5A3D567D4AE5736F4025DF432 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
14:33:22.0879 0x3774 tzautoupdate - ok
14:33:22.0895 0x3774 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
14:33:22.0895 0x3774 uagp35 - ok
14:33:22.0942 0x3774 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
14:33:22.0942 0x3774 UASPStor - ok
14:33:22.0989 0x3774 [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
14:33:22.0989 0x3774 UcmCx0101 - ok
14:33:23.0004 0x3774 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
14:33:23.0004 0x3774 UcmUcsi - ok
14:33:23.0035 0x3774 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
14:33:23.0035 0x3774 Ucx01000 - ok
14:33:23.0051 0x3774 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
14:33:23.0051 0x3774 UdeCx - ok
14:33:23.0067 0x3774 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
14:33:23.0082 0x3774 udfs - ok
14:33:23.0098 0x3774 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
14:33:23.0098 0x3774 UEFI - ok
14:33:23.0114 0x3774 [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
14:33:23.0114 0x3774 Ufx01000 - ok
14:33:23.0129 0x3774 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
14:33:23.0129 0x3774 UfxChipidea - ok
14:33:23.0145 0x3774 [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
14:33:23.0161 0x3774 ufxsynopsys - ok
14:33:23.0192 0x3774 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
14:33:23.0207 0x3774 UI0Detect - ok
14:33:23.0239 0x3774 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
14:33:23.0254 0x3774 uliagpkx - ok
14:33:23.0254 0x3774 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
14:33:23.0254 0x3774 umbus - ok
14:33:23.0270 0x3774 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
14:33:23.0270 0x3774 UmPass - ok
14:33:23.0317 0x3774 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
14:33:23.0317 0x3774 UmRdpService - ok
14:33:23.0364 0x3774 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
14:33:23.0395 0x3774 UnistoreSvc - ok
14:33:23.0504 0x3774 [ 758C2CE427C343F780A205E28555C98D, E3413BA433CD26DD61D3257B08B8354478A049A972EFAC53C303690BC71DD7E1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:33:23.0536 0x3774 UNS - ok
14:33:23.0645 0x3774 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll
14:33:23.0661 0x3774 upnphost - ok
14:33:23.0692 0x3774 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
14:33:23.0692 0x3774 UrsChipidea - ok
14:33:23.0707 0x3774 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
14:33:23.0707 0x3774 UrsCx01000 - ok
14:33:23.0723 0x3774 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
14:33:23.0723 0x3774 UrsSynopsys - ok
14:33:23.0770 0x3774 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
14:33:23.0770 0x3774 usbccgp - ok
14:33:23.0786 0x3774 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
14:33:23.0786 0x3774 usbcir - ok
14:33:23.0801 0x3774 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
14:33:23.0801 0x3774 usbehci - ok
14:33:23.0817 0x3774 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
14:33:23.0817 0x3774 usbhub - ok
14:33:23.0879 0x3774 [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
14:33:23.0895 0x3774 USBHUB3 - ok
14:33:23.0926 0x3774 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
14:33:23.0926 0x3774 usbohci - ok
14:33:23.0942 0x3774 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
14:33:23.0942 0x3774 usbprint - ok
14:33:23.0973 0x3774 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:33:23.0973 0x3774 usbscan - ok
14:33:24.0004 0x3774 [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
14:33:24.0004 0x3774 usbser - ok
14:33:24.0020 0x3774 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:33:24.0020 0x3774 USBSTOR - ok
14:33:24.0036 0x3774 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
14:33:24.0036 0x3774 usbuhci - ok
14:33:24.0051 0x3774 [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
14:33:24.0051 0x3774 USBXHCI - ok
14:33:24.0129 0x3774 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
14:33:24.0161 0x3774 UserDataSvc - ok
14:33:24.0270 0x3774 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll
14:33:24.0286 0x3774 UserManager - ok
14:33:24.0364 0x3774 [ 0D33D06EF42E3BC6A7BBC4F7F7517C25, 1B19739341F5D76C0C491D20BD676877D7D59C73AFC3108567C81E6963E6384A ] UsoSvc C:\WINDOWS\system32\usocore.dll
14:33:24.0364 0x3774 UsoSvc - ok
14:33:24.0380 0x3774 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
14:33:24.0380 0x3774 VaultSvc - ok
14:33:24.0427 0x3774 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
14:33:24.0427 0x3774 vdrvroot - ok
14:33:24.0489 0x3774 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe
14:33:24.0505 0x3774 vds - ok
14:33:24.0536 0x3774 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
14:33:24.0536 0x3774 VerifierExt - ok
14:33:24.0567 0x3774 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
14:33:24.0583 0x3774 vhdmp - ok
14:33:24.0598 0x3774 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys
14:33:24.0614 0x3774 vhf - ok
14:33:24.0630 0x3774 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
14:33:24.0630 0x3774 vmbus - ok
14:33:24.0645 0x3774 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
14:33:24.0645 0x3774 VMBusHID - ok
14:33:24.0692 0x3774 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
14:33:24.0708 0x3774 vmicguestinterface - ok
14:33:24.0723 0x3774 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
14:33:24.0723 0x3774 vmicheartbeat - ok
14:33:24.0739 0x3774 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
14:33:24.0755 0x3774 vmickvpexchange - ok
14:33:24.0770 0x3774 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
14:33:24.0770 0x3774 vmicrdv - ok
14:33:24.0817 0x3774 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
14:33:24.0833 0x3774 vmicshutdown - ok
14:33:24.0833 0x3774 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
14:33:24.0848 0x3774 vmictimesync - ok
14:33:24.0864 0x3774 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
14:33:24.0880 0x3774 vmicvmsession - ok
14:33:24.0895 0x3774 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll
14:33:24.0911 0x3774 vmicvss - ok
14:33:24.0927 0x3774 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
14:33:24.0927 0x3774 volmgr - ok
14:33:24.0975 0x3774 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
14:33:24.0990 0x3774 volmgrx - ok
14:33:25.0006 0x3774 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
14:33:25.0022 0x3774 volsnap - ok
14:33:25.0053 0x3774 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
14:33:25.0053 0x3774 vpci - ok
14:33:25.0069 0x3774 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
14:33:25.0084 0x3774 vsmraid - ok
14:33:25.0147 0x3774 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe
14:33:25.0209 0x3774 VSS - ok
14:33:25.0225 0x3774 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
14:33:25.0240 0x3774 VSTXRAID - ok
14:33:25.0240 0x3774 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
14:33:25.0240 0x3774 vwifibus - ok
14:33:25.0256 0x3774 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
14:33:25.0272 0x3774 vwififlt - ok
14:33:25.0287 0x3774 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll
14:33:25.0303 0x3774 W32Time - ok
14:33:25.0381 0x3774 [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
14:33:25.0397 0x3774 w3logsvc - ok
14:33:25.0475 0x3774 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
14:33:25.0490 0x3774 W3SVC - ok
14:33:25.0537 0x3774 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
14:33:25.0553 0x3774 WacomPen - ok
14:33:25.0600 0x3774 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll
14:33:25.0615 0x3774 WalletService - ok
14:33:25.0631 0x3774 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:33:25.0647 0x3774 wanarp - ok
14:33:25.0647 0x3774 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:33:25.0647 0x3774 wanarpv6 - ok
14:33:25.0662 0x3774 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
14:33:25.0662 0x3774 WAS - ok
14:33:25.0740 0x3774 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe
14:33:25.0787 0x3774 wbengine - ok
14:33:25.0803 0x3774 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
14:33:25.0819 0x3774 WbioSrvc - ok
14:33:25.0850 0x3774 [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
14:33:25.0865 0x3774 Wcmsvc - ok
14:33:25.0881 0x3774 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
14:33:25.0897 0x3774 wcncsvc - ok
14:33:25.0912 0x3774 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
14:33:25.0928 0x3774 WcsPlugInService - ok
14:33:25.0944 0x3774 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
14:33:25.0944 0x3774 WdBoot - ok
14:33:25.0975 0x3774 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
14:33:25.0990 0x3774 Wdf01000 - ok
14:33:26.0006 0x3774 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
14:33:26.0022 0x3774 WdFilter - ok
14:33:26.0037 0x3774 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
14:33:26.0053 0x3774 WdiServiceHost - ok
14:33:26.0053 0x3774 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
14:33:26.0053 0x3774 WdiSystemHost - ok
14:33:26.0115 0x3774 [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
14:33:26.0144 0x3774 wdiwifi - ok
14:33:26.0165 0x3774 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:33:26.0170 0x3774 WdNisDrv - ok
14:33:26.0217 0x3774 WdNisSvc - ok
14:33:26.0248 0x3774 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:33:26.0264 0x3774 WebClient - ok
14:33:26.0280 0x3774 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
14:33:26.0295 0x3774 Wecsvc - ok
14:33:26.0295 0x3774 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
14:33:26.0311 0x3774 WEPHOSTSVC - ok
14:33:26.0327 0x3774 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
14:33:26.0327 0x3774 wercplsupport - ok
14:33:26.0327 0x3774 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
14:33:26.0342 0x3774 WerSvc - ok
14:33:26.0389 0x3774 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
14:33:26.0389 0x3774 WFPLWFS - ok
14:33:26.0436 0x3774 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
14:33:26.0436 0x3774 WiaRpc - ok
14:33:26.0483 0x3774 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
14:33:26.0483 0x3774 WIMMount - ok
14:33:26.0498 0x3774 WinDefend - ok
14:33:26.0530 0x3774 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
14:33:26.0530 0x3774 WindowsTrustedRT - ok
14:33:26.0545 0x3774 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
14:33:26.0545 0x3774 WindowsTrustedRTProxy - ok
14:33:26.0592 0x3774 [ D4B30E23A3B373648F61290DAF432CB2, 7084E24A2E813BDD11C880F2B2D2626CD3600D9BABAA8AA8F068748E90BC8D58 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
14:33:26.0623 0x3774 WinHttpAutoProxySvc - ok
14:33:26.0639 0x3774 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
14:33:26.0639 0x3774 WinMad - ok
14:33:26.0764 0x3774 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:33:26.0764 0x3774 Winmgmt - ok
14:33:26.0905 0x3774 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
14:33:26.0967 0x3774 WinRM - ok
14:33:27.0014 0x3774 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
14:33:27.0014 0x3774 WINUSB - ok
14:33:27.0045 0x3774 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
14:33:27.0061 0x3774 WinVerbs - ok
14:33:27.0123 0x3774 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
14:33:27.0170 0x3774 WlanSvc - ok
14:33:27.0202 0x3774 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:33:27.0217 0x3774 wlcrasvc - ok
14:33:27.0295 0x3774 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
14:33:27.0358 0x3774 wlidsvc - ok
14:33:27.0358 0x3774 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
14:33:27.0374 0x3774 WmiAcpi - ok
14:33:27.0420 0x3774 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
14:33:27.0420 0x3774 wmiApSrv - ok
14:33:27.0467 0x3774 WMPNetworkSvc - ok
14:33:27.0514 0x3774 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
14:33:27.0530 0x3774 Wof - ok
14:33:27.0577 0x3774 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
14:33:27.0624 0x3774 workfolderssvc - ok
14:33:27.0655 0x3774 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
14:33:27.0655 0x3774 wpcfltr - ok
14:33:27.0702 0x3774 [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
14:33:27.0717 0x3774 WPDBusEnum - ok
14:33:27.0717 0x3774 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:33:27.0717 0x3774 WpdUpFltr - ok
14:33:27.0749 0x3774 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll
14:33:27.0764 0x3774 WpnService - ok
14:33:27.0811 0x3774 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:33:27.0811 0x3774 ws2ifsl - ok
14:33:27.0858 0x3774 [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc C:\WINDOWS\System32\wscsvc.dll
14:33:27.0874 0x3774 wscsvc - ok
14:33:27.0889 0x3774 [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
14:33:27.0889 0x3774 WSDPrintDevice - ok
14:33:27.0889 0x3774 WSearch - ok
14:33:28.0030 0x3774 [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService C:\WINDOWS\System32\WSService.dll
14:33:28.0108 0x3774 WSService - ok
14:33:28.0264 0x3774 [ 8D3AC00C88BC2A63D1D3CC320E0EAA19, 0E46765269B6FAD8ED8F032C42B38FA5998610CD9E85EB91A414135C595B3E75 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
14:33:28.0311 0x3774 wuauserv - ok
14:33:28.0358 0x3774 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
14:33:28.0358 0x3774 WudfPf - ok
14:33:28.0405 0x3774 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
14:33:28.0420 0x3774 WUDFRd - ok
14:33:28.0436 0x3774 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
14:33:28.0452 0x3774 wudfsvc - ok
14:33:28.0452 0x3774 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:33:28.0467 0x3774 WUDFWpdFs - ok
14:33:28.0561 0x3774 [ 5DA95027DF2317174E8C39B4A8D1FCD8, 99B356411CB08B8BCCF2348DBF1FD5D4F417EA509D9C7CE23E5877C333F4D304 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
14:33:28.0592 0x3774 WwanSvc - ok
14:33:28.0624 0x3774 [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
14:33:28.0655 0x3774 XblAuthManager - ok
14:33:28.0717 0x3774 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
14:33:28.0749 0x3774 XblGameSave - ok
14:33:28.0749 0x3774 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
14:33:28.0764 0x3774 xboxgip - ok
14:33:28.0780 0x3774 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
14:33:28.0811 0x3774 XboxNetApiSvc - ok
14:33:28.0811 0x3774 [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
14:33:28.0811 0x3774 xinputhid - ok
14:33:28.0827 0x3774 ================ Scan global ===============================
14:33:28.0860 0x3774 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
14:33:28.0898 0x3774 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
14:33:28.0929 0x3774 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
14:33:28.0960 0x3774 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
14:33:28.0960 0x3774 [ Global ] - ok
14:33:28.0960 0x3774 ================ Scan MBR ==================================
14:33:28.0976 0x3774 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:33:29.0411 0x3774 \Device\Harddisk0\DR0 - ok
14:33:29.0411 0x3774 ================ Scan VBR ==================================
14:33:29.0411 0x3774 [ 8C5646B1E9F3BBF75895B91C81B177AC ] \Device\Harddisk0\DR0\Partition1
14:33:29.0520 0x3774 \Device\Harddisk0\DR0\Partition1 - ok
14:33:29.0520 0x3774 [ 6AB79A8F922CC61F6A736A4D962953BE ] \Device\Harddisk0\DR0\Partition2
14:33:29.0583 0x3774 \Device\Harddisk0\DR0\Partition2 - ok
14:33:29.0645 0x3774 [ 41C3422B1E7E2D429EFE36CD40ADF755 ] \Device\Harddisk0\DR0\Partition3
14:33:29.0692 0x3774 \Device\Harddisk0\DR0\Partition3 - ok
14:33:29.0692 0x3774 ================ Scan generic autorun ======================
14:33:29.0755 0x3774 [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\Windows\system32\rundll32.exe
14:33:29.0755 0x3774 ShadowPlay - ok
14:33:30.0099 0x3774 [ 2D6800E17FEBB51E3C75CD935E2BA8F5, 0831307B35FB346116B6DB67B8EF87384A1BF08A8EEEB6343560AA5C4EED2B23 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:33:30.0208 0x3774 AvastUI.exe - ok
14:33:30.0397 0x3774 [ B58A7B5DB3944C25E3C1B9683647ACE7, 9F21A25D70F1DEDC93A039C30D22172FE85FE0CFB344BD053C127B1A2F6EB7DB ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
14:33:30.0444 0x3774 SDTray - ok
14:33:30.0847 0x3774 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:33:31.0018 0x3774 OneDriveSetup - ok
14:33:31.0206 0x3774 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:33:31.0315 0x3774 OneDriveSetup - ok
14:33:31.0550 0x3774 [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:33:31.0550 0x3774 OneDrive - ok
14:33:31.0737 0x3774 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:33:31.0847 0x3774 OneDriveSetup - ok
14:33:31.0862 0x3774 Waiting for KSN requests completion. In queue: 248
14:33:32.0892 0x3774 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x62100 ( disabled : updated )
14:33:32.0892 0x3774 AV detected via SS2: Spybot - Search and Destroy, C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe ( 2.5.42.0 ), 0x61000 ( enabled : updated )
14:33:32.0892 0x3774 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.2.2738.0 ), 0x41000 ( enabled : updated )
14:33:32.0892 0x3774 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.2.2738.0 ), 0x41010 ( enabled )
14:33:33.0017 0x3774 ============================================================
14:33:33.0017 0x3774 Scan finished
14:33:33.0017 0x3774 ============================================================
14:33:33.0017 0x3854 Detected object count: 0
14:33:33.0017 0x3854 Actual detected object count: 0[/CODE]

So ich hoffe ich habe jetzt alles....

Alt 23.06.2016, 13:56   #13
M-K-D-B
/// TB-Ausbilder
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Servus,



sehr gut gemacht.



Also zuerst machen wir folgendes:


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 23.06.2016, 16:44   #14
Der Anfänger
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.06.23.03
  rootkit: v2016.05.27.01

Windows 10 x64 NTFS
Internet Explorer 11.420.10586.0
Tomas :: TOMAS-HP [administrator]

23.06.2016 15:34:53
mbar-log-2016-06-23 (15-34-53).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 430163
Time elapsed: 50 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\WINDOWS\SYSTEM32\drivers\MPCKpt.sys (PUP.Optional.MorePowerfulCleaner) -> Delete on reboot. [b66a551d00e41d5416f4cb5497926238]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.06.23.03
  rootkit: v2016.05.27.01

Windows 10 x64 NTFS
Internet Explorer 11.420.10586.0
Tomas :: TOMAS-HP [administrator]

23.06.2016 16:49:15
mbar-log-2016-06-23 (16-49-15).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 429600
Time elapsed: 48 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Das Teil ist ganz schön hartnäckig.....

Alt 23.06.2016, 17:14   #15
M-K-D-B
/// TB-Ausbilder
 
Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Standard

Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.



Servus,


ja, ist es.


Jetzt nochmal die folgenden Tools in genau der Reihenfolge:
1) MBAM
2) Adwcleaner
3) JRT
4) FRST




Schritt 1
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 2
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • "Prefetch" Dateien löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Chrome Einstellungen zurücksetzen
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von MBAM,
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.
adaware, ahnung, avast, cleaner, desktop, diverse, eingefangen, forum, gen, hinweis, icon, installer, installiert, lieber, nicht mehr, nichts, programme, programmen, sache, sachen, schonmal, spybot, versucht, win, windows



Ähnliche Themen: Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los.


  1. hallo habe mir unter win7 64 bit nen crypto trojaner eingefangen
    Plagegeister aller Art und deren Bekämpfung - 20.12.2015 (12)
  2. Habe mir Viren eingefangen und bekomme sie nicht weg!
    Log-Analyse und Auswertung - 24.04.2015 (10)
  3. Hallo ihr lieben. Search Protect auf dem Rechner Windows 8 und bekomme es nicht mehr weg.
    Plagegeister aller Art und deren Bekämpfung - 07.09.2014 (13)
  4. Hallo leider stürzen seit kurzer Zeit viele Programme einfach ab Vlc player ,Media Monkey win 7 64 bit Avira findet nichts deshalb habe ich
    Log-Analyse und Auswertung - 26.05.2014 (3)
  5. hallo , habe mir heute ausversehen nation zoom runtergeladen , und bringe es nicht mehr weg .
    Plagegeister aller Art und deren Bekämpfung - 27.01.2014 (7)
  6. Hallo User von Trojaner-Board Leider bekomme ich mit Hijackthis nicht die schädlichen Prozesse gekillt
    Log-Analyse und Auswertung - 19.01.2014 (6)
  7. hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom
    Plagegeister aller Art und deren Bekämpfung - 18.01.2014 (27)
  8. qvo6 habe ich mir leider eingefangen wie werde ich das wieder los ich hab keine ahnung
    Plagegeister aller Art und deren Bekämpfung - 06.11.2013 (15)
  9. Habe mir wohl was eingefangen und bekomme es nicht in den Griff
    Log-Analyse und Auswertung - 14.06.2013 (27)
  10. HILFE habe mir den Bundestrojaner eingefangen. Kann mich nicht mehr anmelden. Abgesicherter Modus geht auch nicht
    Plagegeister aller Art und deren Bekämpfung - 11.06.2013 (21)
  11. hallo habe den gvu Trojaner auf windows 7 leider englische version was soll ich tun?
    Plagegeister aller Art und deren Bekämpfung - 24.05.2013 (2)
  12. Windows startet nicht mehr. Habe leider nur eine Wiederherstellungs-CD!
    Alles rund um Windows - 03.09.2010 (47)
  13. Hallo habe iexplorer.exe auf meinen PC und bekomme es nicht runter.
    Mülltonne - 15.01.2010 (2)
  14. Habe mir AntiVirPlus eingefangen und bekomme ihn nicht mehr weg!
    Plagegeister aller Art und deren Bekämpfung - 13.11.2009 (3)
  15. Hallo ich habe ein Werbe POP-UP virus kann nicht mehr normal surfen
    Log-Analyse und Auswertung - 20.10.2006 (1)
  16. Hallo! Habe mir auch was eingefangen :-(
    Plagegeister aller Art und deren Bekämpfung - 26.11.2004 (8)
  17. Hallo habe ein Problem weis nicht ob ich ein Virus habe
    Log-Analyse und Auswertung - 26.09.2004 (4)

Zum Thema Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. - Könnt Ihr mir bitte helfen, ich habe Win 10, Avast Premier, Spybot Antimalware. Ich habe schon diverse Sachen ausprobiert, Revo Uninstaller, Adaware cleaner... Von den sonst angebotenen Programmen habe ich - Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los....
Archiv
Du betrachtest: Hallo, ich habe mir leider den MPC Cleaner eingefangen und bekomme es nicht mehr los. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.