|
Log-Analyse und Auswertung: Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchteWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.01.2017, 21:25 | #1 |
| Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte Hallo alle zusammen, vielleicht kann mir der eine oder die andere Person weiterhelfen. Folgendes: Mein Mann und ich spielen am selben Laptop. Nun ist folgendes aufgetreten, wenn ich in unser Spiel oder andere Internetseiten auf machen möchte, dann erscheint ein weiteres Tabfenster mit irgendwelcher Werbung. Ich habe schon den HijackThis downgeloadet und auch ausgeführt,durchgelesen, welches dieser vielen kleinen Zahlen und Buchstaben ich die Finger von lassen sollte als auch nicht löschen darf. Leider tritt dieses Problem trotzdem noch auf. TrendMicro HouseCall findet nichts, den hab ich auch schon laufen gelassen... Was wird benötigt und was soll ich noch ausprobieren, um dieses Nervige loszuwerden?! Danke schön für eure Hilfe.... Grüße |
02.01.2017, 21:32 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte Zuerst mal: Finger weg von Hijackthis
__________________Das Tool ist seit Jahren veraltet und Laien können da zuviel noch mit kaputtmachen Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
02.01.2017, 21:53 | #3 |
| Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte Ich hoffe, das is so richtig?? Das wäre der 1. Log
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017 durchgeführt von Sina (Administrator) auf SINAMARC (02-01-2017 21:44:30) Gestartet von C:\Users\Sina\Desktop Geladene Profile: Sina (Verfügbare Profile: Sina) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe (Intel Corporation) C:\WINDOWS\System32\igfxtray.exe (Intel Corporation) C:\WINDOWS\System32\hkcmd.exe (Intel Corporation) C:\WINDOWS\System32\igfxpers.exe (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (SEIKO EPSON CORPORATION) C:\WINDOWS\System32\spool\drivers\x64\3\E_IATIGJE.EXE (Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (Alcor Micro Corp.) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2012-10-23] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2012-10-23] (Lenovo(beijing) Limited) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated) HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro) HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2016-11-21] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom) HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom) HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\Run: [EPSON BX305 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 83.169.186.161 192.168.0.1 Tcpip\..\Interfaces\{a99790b1-ab1e-4e86-99cd-b31ac52494a4}: [DhcpNameServer] 83.169.186.161 192.168.0.1 Tcpip\..\Interfaces\{bd491783-5434-40df-b039-a5365bf9d6b4}: [DhcpNameServer] 83.169.186.161 192.168.0.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ SearchScopes: HKLM -> DefaultScope {354AD6B5-6C93-491C-A476-701724DC2E85} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKLM -> {354AD6B5-6C93-491C-A476-701724DC2E85} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001 -> DefaultScope {354AD6B5-6C93-491C-A476-701724DC2E85} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001 -> {12EC5AC4-BCA6-48F4-B5C7-38299B17D68C} URL = hxxp://suche.aol.de/aol/search?s_it=tb50winamp&q={searchTerms} SearchScopes: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001 -> {1B385CD4-875E-4FFE-B61D-3E894565A8D0} URL = SearchScopes: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001 -> {354AD6B5-6C93-491C-A476-701724DC2E85} URL = hxxp://www.startseite24.net/?q={searchTerms} BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) FireFox: ======== FF ProfilePath: C:\Users\Sina\AppData\Roaming\TomTom\HOME\Profiles\p6ew8nnn.default [2016-07-14] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-07-14] [ist nicht signiert] FF ProfilePath: C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default [2017-01-02] FF Homepage: Mozilla\Firefox\Profiles\c54ks38h.default -> hxxps://www.google.de/?gws_rd=ssl FF Extension: (GMX MailCheck) - C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default\Extensions\browser-mailcheck@gmx.net [2016-12-08] FF SearchPlugin: C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default\searchplugins\aol-search.xml [2013-07-26] FF SearchPlugin: C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default\searchplugins\aol-suche.xml [2013-07-26] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2099553490-1702204881-2692438545-1001: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\Sina\AppData\Roaming\Mozilla\Plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Sina\AppData\Roaming\mozilla\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.de/" CHR Profile: C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default [2017-01-02] CHR Extension: (Google Docs) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-22] CHR Extension: (Google Drive) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-22] CHR Extension: (YouTube) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-22] CHR Extension: (Google Tabellen) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-22] CHR Extension: (Avira Browserschutz) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-22] CHR Extension: (Google Docs Offline) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-22] CHR Extension: (URL to QRCode) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkggleleindffinefpajdemfpncccgoo [2017-01-02] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-22] CHR Extension: (Justify Text) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojpacdfmkbekpdojohbabdkhggdcjao [2017-01-02] CHR Extension: (Google Mail) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-22] CHR Extension: (Chrome Media Router) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-14] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-14] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-14] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-12] (Avira Operations GmbH & Co. KG) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated) R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-02 21:44 - 2017-01-02 21:44 - 00019496 _____ C:\Users\Sina\Desktop\FRST.txt 2017-01-02 21:44 - 2017-01-02 21:44 - 00000000 ____D C:\FRST 2017-01-02 21:42 - 2017-01-02 21:43 - 02418176 _____ (Farbar) C:\Users\Sina\Desktop\FRST64.exe 2016-12-22 22:44 - 2016-12-22 22:45 - 00277332 _____ C:\WINDOWS\Minidump\122216-29921-01.dmp 2016-12-20 18:21 - 2016-12-20 18:21 - 00000000 _____ C:\WINDOWS\Minidump\122016-104250-01.dmp 2016-12-14 18:54 - 2016-11-22 12:42 - 00384864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-12-14 18:54 - 2016-11-22 11:43 - 03692040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-12-14 18:54 - 2016-11-22 11:38 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-12-14 18:54 - 2016-11-22 11:36 - 00159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2016-12-14 18:54 - 2016-11-22 11:35 - 00609056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-12-14 18:54 - 2016-11-22 11:04 - 02549456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-12-14 18:54 - 2016-11-22 11:03 - 01777280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-14 18:54 - 2016-11-22 11:02 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-12-14 18:54 - 2016-11-22 10:32 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-12-14 18:54 - 2016-11-22 10:24 - 02938408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-12-14 18:54 - 2016-11-22 10:17 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-14 18:54 - 2016-11-22 10:16 - 00064072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2016-12-14 18:54 - 2016-11-22 09:59 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-12-14 18:54 - 2016-11-22 09:54 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-12-14 18:54 - 2016-11-22 09:49 - 02195640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-14 18:54 - 2016-11-22 09:48 - 01522672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-14 18:54 - 2016-11-22 09:47 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-12-14 18:54 - 2016-11-22 09:47 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-12-14 18:54 - 2016-11-22 09:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-12-14 18:54 - 2016-11-22 09:32 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-12-14 18:54 - 2016-11-22 09:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-12-14 18:54 - 2016-11-22 09:12 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-12-14 18:54 - 2016-11-22 09:04 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-12-14 18:54 - 2016-11-22 08:57 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-12-14 18:54 - 2016-11-22 08:54 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2016-12-14 18:54 - 2016-11-22 08:53 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-12-14 18:54 - 2016-11-22 08:41 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-12-14 18:54 - 2016-11-22 08:38 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2016-12-14 18:54 - 2016-11-22 08:26 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-12-14 18:54 - 2016-11-22 08:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-12-14 18:54 - 2016-11-22 08:21 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-12-14 18:54 - 2016-11-22 08:15 - 22373376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-12-14 18:54 - 2016-11-22 08:14 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-14 18:54 - 2016-11-22 08:02 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-12-14 18:54 - 2016-11-22 08:01 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-14 18:54 - 2016-11-22 07:59 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-12-14 18:54 - 2016-11-22 07:55 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-12-14 18:54 - 2016-11-22 07:49 - 07839232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-12-14 18:54 - 2016-11-22 07:35 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-12-14 18:54 - 2016-11-22 07:34 - 18670080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-12-14 18:54 - 2016-11-22 07:34 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-14 18:54 - 2016-11-22 07:32 - 03663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-14 18:54 - 2016-11-22 07:17 - 05658624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-12-14 18:53 - 2016-11-22 11:38 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-12-14 18:53 - 2016-11-22 11:35 - 00075448 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2016-12-14 18:53 - 2016-11-22 11:02 - 01399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-12-14 18:53 - 2016-11-22 10:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe 2016-12-14 18:53 - 2016-11-22 10:13 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2016-12-14 18:53 - 2016-11-22 10:00 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe 2016-12-14 18:53 - 2016-11-22 09:55 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-12-14 18:53 - 2016-11-22 09:50 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-12-14 18:53 - 2016-11-22 09:20 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-12-14 18:53 - 2016-11-22 08:36 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-13 08:48 - 2016-12-13 08:48 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2016-12-12 22:38 - 2016-12-12 22:40 - 01020084 _____ C:\WINDOWS\Minidump\121216-60000-01.dmp 2016-12-09 00:37 - 2016-12-09 07:04 - 00285620 _____ C:\WINDOWS\Minidump\120916-33609-01.dmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-02 21:39 - 2013-04-18 04:49 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-01-02 20:30 - 2013-05-12 21:24 - 00432935 _____ C:\Users\Sina\AppData\Local\census.cache 2017-01-02 20:30 - 2013-05-12 21:24 - 00073141 _____ C:\Users\Sina\AppData\Local\ars.cache 2017-01-02 19:10 - 2016-02-03 03:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-02 19:10 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI 2017-01-02 18:50 - 2016-01-13 05:06 - 00000000 ____D C:\Users\Sina\Desktop\Demenz Ordner 2017-01-02 18:50 - 2013-07-26 13:34 - 00000000 ____D C:\Musik 2017-01-02 18:50 - 2013-07-13 15:45 - 00000000 ____D C:\Users\Sina\Desktop\Allerlei 2017-01-02 18:50 - 2013-03-10 20:09 - 00000000 ____D C:\Users\Sina\Desktop\Bilder 2017-01-02 10:59 - 2016-10-21 07:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-01-02 06:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-01 22:13 - 2013-03-08 22:49 - 00000000 ____D C:\Users\Sina\AppData\Roaming\vlc 2017-01-01 22:04 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat 2017-01-01 22:04 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat 2017-01-01 22:04 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2017-01-01 22:04 - 2015-08-19 12:10 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-01 08:15 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-12-31 09:23 - 2013-03-06 22:57 - 00000000 __SHD C:\System Volume Information 2016-12-31 05:11 - 2016-02-03 03:35 - 00000000 ____D C:\Users\Sina\AppData\Local 2016-12-29 23:48 - 2016-02-03 03:35 - 00000000 ____D C:\Users\Sina 2016-12-29 18:27 - 2016-02-23 15:11 - 00093864 _____ C:\WINDOWS\PFRO.log 2016-12-25 08:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\config\RegBack 2016-12-22 22:44 - 2016-02-09 06:08 - 00000000 ____D C:\WINDOWS\Minidump 2016-12-22 22:44 - 2015-10-01 04:03 - 359685698 _____ C:\WINDOWS\MEMORY.DMP 2016-12-20 18:36 - 2013-09-04 21:48 - 00000000 ____D C:\Users\Sina\Desktop\Forge of Empires 2016-12-18 06:34 - 2015-10-30 08:24 - 00000000 __SHD C:\WINDOWS\Installer 2016-12-16 22:55 - 2016-10-22 08:49 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-16 22:55 - 2016-10-22 08:49 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-16 22:55 - 2015-10-30 07:28 - 00000000 ___RD C:\Program Files (x86) 2016-12-16 22:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks 2016-12-16 06:27 - 2015-10-30 07:28 - 47710208 _____ C:\WINDOWS\system32\config\COMPONENTS 2016-12-16 06:27 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\config 2016-12-15 11:13 - 2016-02-03 03:34 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{485596d2-7ed5-11e5-80df-e41d2d718e10}.TMContainer00000000000000000002.regtrans-ms 2016-12-15 11:13 - 2016-02-03 03:34 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{485596d2-7ed5-11e5-80df-e41d2d718e10}.TM.blf 2016-12-15 11:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-12-15 10:51 - 2016-02-03 03:34 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{485596d2-7ed5-11e5-80df-e41d2d718e10}.TMContainer00000000000000000001.regtrans-ms 2016-12-15 10:37 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\WinSxS 2016-12-15 10:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\catroot2 2016-12-15 06:54 - 2016-10-22 08:49 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-15 06:54 - 2016-10-22 08:49 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-15 05:56 - 2015-10-30 07:28 - 00262144 ___SH C:\Users\Default\NTUSER.DAT 2016-12-15 05:52 - 2016-02-03 03:26 - 00219536 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-12-14 23:56 - 2016-02-03 03:25 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{485596e0-7ed5-11e5-80df-e41d2d718e10}.TMContainer00000000000000000001.regtrans-ms 2016-12-14 23:56 - 2016-02-03 03:25 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{485596e0-7ed5-11e5-80df-e41d2d718e10}.TM.blf 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\de-DE 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\de-DE 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Internet Explorer 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Internet Explorer 2016-12-14 23:55 - 2015-10-30 08:23 - 00000000 ____D C:\WINDOWS\system32\drivers 2016-12-14 23:55 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64 2016-12-14 23:55 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\DriverStore 2016-12-14 21:33 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-12-14 21:27 - 2013-08-18 15:18 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-12-14 21:22 - 2013-03-07 20:00 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-12-14 11:56 - 2013-03-06 06:45 - 00000000 ___RD C:\Users\Sina\Downloads 2016-12-14 06:39 - 2015-03-05 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-12-14 06:35 - 2016-10-06 18:43 - 00028272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys 2016-12-14 06:35 - 2013-03-30 18:53 - 00153904 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2016-12-14 06:35 - 2013-03-30 18:53 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2016-12-13 13:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-12-13 13:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-12-13 08:48 - 2016-02-03 03:35 - 00000000 ___RD C:\Users\Sina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-12-13 08:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks 2016-12-13 08:48 - 2015-08-19 12:34 - 00002434 _____ C:\Users\Sina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-13 08:48 - 2014-09-16 15:04 - 00000000 __RDO C:\Users\Sina\OneDrive 2016-12-12 00:03 - 2015-10-30 08:26 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-12-12 00:03 - 2015-10-30 08:26 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-09 17:32 - 2014-08-05 11:37 - 00000000 ____D C:\ProgramData\Package Cache ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-05-12 21:24 - 2017-01-02 20:30 - 0073141 _____ () C:\Users\Sina\AppData\Local\ars.cache 2013-05-12 21:24 - 2017-01-02 20:30 - 0432935 _____ () C:\Users\Sina\AppData\Local\census.cache 2013-05-12 21:15 - 2013-05-12 21:15 - 0000036 _____ () C:\Users\Sina\AppData\Local\housecall.guid.cache 2016-02-03 03:31 - 2016-02-03 03:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Sina\AppData\Local\Temp\avgnt.exe C:\Users\Sina\AppData\Local\Temp\OpenOffice_4.1.2_Win_x86_install_de.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-12-25 08:09 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017 durchgeführt von Sina (02-01-2017 21:50:12) Gestartet von C:\Users\Sina\Desktop Windows 10 Home Version 1511 (X64) (2016-02-03 03:08:03) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2099553490-1702204881-2692438545-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2099553490-1702204881-2692438545-503 - Limited - Disabled) Gast (S-1-5-21-2099553490-1702204881-2692438545-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2099553490-1702204881-2692438545-1003 - Limited - Enabled) Sina (S-1-5-21-2099553490-1702204881-2692438545-1001 - Administrator - Enabled) => C:\Users\Sina ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.8.42.71502 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.8.42.71502 - Alcor Micro Corp.) Hidden Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.) Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.4 - Atheros Communications Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG) Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.20 - Broadcom Corporation) Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.13 - Dolby Laboratories Inc) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo) Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden EPSON BX305 Series Handbuch (HKLM-x32\...\EPSON BX305 Series Manual) (Version: - ) EPSON BX305 Series Printer Uninstall (HKLM\...\EPSON BX305 Series) (Version: - SEIKO EPSON Corporation) Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION) Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG) Flatcast Viewer Plugin 5.3.0.784 (HKLM-x32\...\Flatcast Viewer 5.3_is1) (Version: - 1 mal 1 Software GmbH) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro) Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden Lenovo Solution Center (HKLM\...\{1E939186-B443-4262-A278-3C82949EA7AC}) (Version: 1.1.009.00 - Lenovo Group Limited) Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.) Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_{2CA60D7F-961E-49F8-8A86-9E3BB58E9108}) (Version: 8.0.2.192 - MAGIX AG) MAGIX Foto Manager 10 (x32 Version: 8.0.2.192 - MAGIX AG) Hidden MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH) MAGIX Online Druck Service (x32 Version: 1.1.0 - myphotobook GmbH) Hidden MAGIX Screenshare (HKLM-x32\...\MAGIX_{0774105B-F220-4F82-A957-74B89B5BE60F}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden MAGIX Video easy SE (HKLM-x32\...\MAGIX_{4F450E50-09AD-452A-8804-0E3D2B1582A5}) (Version: 1.0.4.6 - MAGIX AG) MAGIX Video easy SE (x32 Version: 1.0.4.6 - MAGIX AG) Hidden Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 48.0 (x64 de) (HKLM\...\Mozilla Firefox 48.0 (x64 de)) (Version: 48.0 - Mozilla) Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla) OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated) TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN) Websuche (HKLM-x32\...\Websuche) (Version: - Websuche) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows-Treiberpaket - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo) Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo) WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {14644AA1-AA64-4454-A2C7-DBA487112B2E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-08-08] (Lenovo) Task: {17EB7A1D-E47C-49BD-BA48-8E8390238629} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {22334BC7-984B-40F2-957E-0E8C6BBFDF7C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {25DC2CC2-2D4D-4A4F-9A2B-C842BAD2EC10} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] () Task: {29B48B56-5D23-45B8-9364-1F270194FBA5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {34B6F4E8-2D85-40C1-8234-5AEEA8AE486D} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] () Task: {399D304B-DBA9-413A-A39E-B72D37BCAF02} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) Task: {4CC35C51-0F46-4A45-8F62-76E91D0BB38D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {73608578-5E6D-4A90-A5F8-AC81E44B24FD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {805E8944-494F-4478-B6C1-0327B2583630} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {8FADB602-EF32-48B6-BC64-107498408D50} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {9496B041-93FB-4AE5-B7CC-62B0B5E5FA6D} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] () Task: {993CB1A8-8AC8-4DF6-A467-FFF36B167978} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {99BDFD84-F397-4D19-863E-E800B58D5EFA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated) Task: {9B3B8F2E-789E-446E-BB7E-4A3818B4E694} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {9E91AD8B-D950-4371-95B4-FB60706A1943} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation) Task: {A998A518-5BDE-4E20-9EE7-99C488FD76E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22] (Google Inc.) Task: {B13C26A1-731C-43B6-B615-B72AAE7D69DE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink) Task: {B2D820E3-19C7-4F3A-AD2C-2AC12048A8AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {D0610857-DFFA-45CE-B136-D1DD35D8387C} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] () Task: {D387F03A-F778-4314-9A09-88AEBC85A6FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22] (Google Inc.) Task: {D456B7BE-AD07-4502-AC24-16C99D35897E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {E20D62C3-C87B-42BB-9EB9-7CDA43F7E0CF} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\lsc.exe [2012-08-08] () Task: {ED805C47-E1F2-4135-B78D-7F84C2D2540C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-11-08 23:18 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-11-08 23:18 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-12-13 08:45 - 2016-12-13 08:45 - 01678560 _____ () C:\Users\Sina\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll 2016-02-03 03:17 - 2016-02-03 03:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-12 22:22 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll 2016-04-19 05:50 - 2016-04-19 05:51 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-12-15 06:54 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll 2016-12-15 06:54 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll 2016-11-08 23:22 - 2016-10-25 05:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-08 23:19 - 2016-10-25 05:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-08 23:22 - 2016-10-25 05:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-08 23:21 - 2016-10-25 05:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2012-10-23 19:18 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-12-13 08:45 - 2016-12-13 08:45 - 01244376 _____ () C:\Users\Sina\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll 2014-09-11 16:06 - 2014-09-11 16:06 - 00878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll 2014-09-11 16:05 - 2014-09-11 16:05 - 00036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll 2014-09-11 16:06 - 2014-09-11 16:06 - 00038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll 2014-09-11 16:14 - 2014-09-11 16:14 - 00032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll 2014-09-11 16:05 - 2014-09-11 16:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll 2014-09-11 16:14 - 2014-09-11 16:14 - 00027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll 2014-09-11 16:05 - 2014-09-11 16:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll 2014-09-11 16:14 - 2014-09-11 16:14 - 00381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll 2014-09-11 16:05 - 2014-09-11 16:05 - 00204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll 2014-09-11 16:14 - 2014-09-11 16:14 - 00218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll 2014-09-11 16:08 - 2014-09-11 16:08 - 00015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll 2014-09-11 16:14 - 2014-09-11 16:14 - 00015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll 2014-09-11 16:15 - 2014-09-11 16:15 - 00307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll 2014-09-11 16:15 - 2014-09-11 16:15 - 00014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll 2014-09-11 16:15 - 2014-09-11 16:15 - 00252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll 2016-04-19 05:50 - 2016-04-19 05:51 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 05:50 - 2016-04-19 05:51 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-10-21 15:50 - 2015-10-21 15:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll 2015-10-21 15:49 - 2015-10-21 15:49 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll 2015-10-21 15:49 - 2015-10-21 15:49 - 00136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll 2015-10-21 15:49 - 2015-10-21 15:49 - 00303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sina\Desktop\Bilder\Fun Bilder\animal-wallpapers-Big-cat-Wallpaper.jpg DNS Servers: 83.169.186.161 - 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{7B4EE75F-2814-4178-BF0D-D5025CE9A3A4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D9A45D17-1E0F-4E0C-BB18-54C48CF68E10}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{584F03DE-9E32-4092-80E9-52CD06F103E4}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{05F6F5E1-E803-46A7-9CC5-EB3671D61B1C}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe FirewallRules: [{47797E9E-008A-4F1F-B361-E6301D645321}] => C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{4666047C-D7DD-4047-AC66-EEE8E6CB3779}] => C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{1FAA2505-970F-4E0A-AF3C-3EBADCD0B057}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{81327794-F325-4218-8BD0-C3285B8BC881}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe FirewallRules: [{5B5106B4-519A-4AB8-9BC4-529CB6720DB0}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 14-12-2016 21:20:13 Windows Update 22-12-2016 08:52:29 Geplanter Prüfpunkt 31-12-2016 09:22:37 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/02/2017 08:49:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/02/2017 08:49:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: SINAMARC) Description: Das Paket „Microsoft.MicrosoftEdge_25.10586.672.0_neutral__8wekyb3d8bbwe+MicrosoftEdge“ wurde beendet, da das Anhalten zu lange dauerte. Error: (01/02/2017 06:51:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/02/2017 06:47:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/02/2017 06:41:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/02/2017 04:11:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/02/2017 10:23:02 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (01/02/2017 06:01:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/01/2017 11:20:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/01/2017 10:02:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Systemfehler: ============= Error: (01/02/2017 07:33:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/02/2017 07:09:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_6b63690" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/02/2017 07:09:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _6b63690" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/02/2017 07:09:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_6b63690" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/02/2017 07:09:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_6b63690" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/02/2017 06:48:50 PM) (Source: DCOM) (EventID: 10001) (User: SINAMARC) Description: Ein DCOM-Server konnte nicht gestartet werden: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider als Nicht verfügbar/Nicht verfügbar. Fehler: "31" Aufgetreten beim Start dieses Befehls: "C:\WINDOWS\System32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider Error: (01/02/2017 06:41:46 PM) (Source: DCOM) (EventID: 10010) (User: SINAMARC) Description: Der Server "App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/02/2017 06:28:08 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (01/02/2017 04:11:57 PM) (Source: DCOM) (EventID: 10010) (User: SINAMARC) Description: Der Server "App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/02/2017 03:56:30 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 CodeIntegrity: =================================== Date: 2016-12-16 05:23:54.468 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-15 05:56:14.001 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-14 21:22:00.208 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-11-10 09:40:13.827 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-11-10 09:04:35.037 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-11-10 05:56:09.991 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-29 06:59:18.170 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-15 06:46:03.494 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-14 05:49:00.524 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-13 05:44:34.046 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Celeron(R) CPU B830 @ 1.80GHz Prozentuale Nutzung des RAM: 83% Installierter physikalischer RAM: 1893.41 MB Verfügbarer physikalischer RAM: 306.37 MB Summe virtueller Speicher: 3813.41 MB Verfügbarer virtueller Speicher: 1686.4 MB ==================== Laufwerke ================================ Drive c: (Windows8_OS) (Fixed) (Total:250.32 GB) (Free:195.97 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:16.67 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 8CCAE9A3) Partition: GPT. ==================== Ende von Addition.txt ============================ |
02.01.2017, 22:00 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte+++ WICHTIGER HINWEIS +++ Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache. Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung! Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben. Gelesen und verstanden? Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren![/SIZE]
__________________ Logfiles bitte immer in CODE-Tags posten |
02.01.2017, 22:31 | #5 |
| Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte Soweit hab ich das verstanden,das ich keine Software de- oder installiere. Auch fummel ich nich im System rum, aber meine kleine Frage wäre dann, wenn ich den Avira runterschmeisse,welchen Virenscanner soll ich dann nehmen? Kaspersky knall ich mir leider nich auf den Laptop... Mit Avira bin ich bis jetzt immer zufrieden gewesen So,Avira ist nun deinstalliert |
03.01.2017, 09:07 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte |
03.01.2017, 13:01 | #7 |
| Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte Das ist der 1. Log Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2017.01.03.03 rootkit: v2016.11.20.01 Windows 10 x64 NTFS Internet Explorer 11.713.10586.0 Sina :: SINAMARC [administrator] 03.01.2017 09:54:08 mbar-log-2017-01-03 (09-54-08).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 358848 Time elapsed: 1 hour(s), 20 minute(s), 35 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Das ist der 2. Log Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2017.01.03.04 rootkit: v2016.11.20.01 Windows 10 x64 NTFS Internet Explorer 11.713.10586.0 Sina :: SINAMARC [administrator] 03.01.2017 11:23:23 mbar-log-2017-01-03 (11-23-23).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 358891 Time elapsed: 1 hour(s), 15 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Code:
ATTFilter 12:46:22.0995 0x1918 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01 12:46:22.0995 0x1918 UEFI system 12:46:30.0127 0x1918 ============================================================ 12:46:30.0127 0x1918 Current date / time: 2017/01/03 12:46:30.0127 12:46:30.0127 0x1918 SystemInfo: 12:46:30.0127 0x1918 12:46:30.0127 0x1918 OS Version: 10.0.10586 ServicePack: 0.0 12:46:30.0127 0x1918 Product type: Workstation 12:46:30.0127 0x1918 ComputerName: SINAMARC 12:46:30.0127 0x1918 UserName: Sina 12:46:30.0127 0x1918 Windows directory: C:\WINDOWS 12:46:30.0127 0x1918 System windows directory: C:\WINDOWS 12:46:30.0127 0x1918 Running under WOW64 12:46:30.0127 0x1918 Processor architecture: Intel x64 12:46:30.0127 0x1918 Number of processors: 2 12:46:30.0127 0x1918 Page size: 0x1000 12:46:30.0127 0x1918 Boot type: Normal boot 12:46:30.0127 0x1918 CodeIntegrityOptions = 0x00000001 12:46:30.0127 0x1918 ============================================================ 12:46:30.0978 0x1918 KLMD registered as C:\WINDOWS\system32\drivers\20425607.sys 12:46:30.0978 0x1918 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 10586.672, osProperties = 0x19 12:46:32.0755 0x1918 System UUID: {076D43AD-B719-59C9-F3DB-C121E0949024} 12:46:34.0277 0x1918 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 12:46:34.0338 0x1918 ============================================================ 12:46:34.0338 0x1918 \Device\Harddisk0\DR0: 12:46:34.0347 0x1918 GPT partitions: 12:46:34.0378 0x1918 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2ABB359F-449C-4F3E-BAC5-2D4964B00CAD}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000 12:46:34.0378 0x1918 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {721AF4E3-F056-40E8-B4DA-A4DD55C67886}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000 12:46:34.0378 0x1918 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {98481EAB-661B-49D9-B040-4BFEF00117B6}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000 12:46:34.0378 0x1918 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {869C713C-4BFB-450A-92AA-FCF6FBFC9BC1}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000 12:46:34.0378 0x1918 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BA22EC14-84FB-46A4-9736-3E9C5481B959}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x1F4A3000 12:46:34.0378 0x1918 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B4E72762-DF99-4A46-BAB8-14F515D704EB}, Name: , StartLBA 0x1F94D800, BlocksNum 0xE1000 12:46:34.0378 0x1918 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D8380E40-6A15-4B83-B194-B68B6F9FF640}, Name: Basic data partition, StartLBA 0x1FA2E800, BlocksNum 0x3200000 12:46:34.0378 0x1918 \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1FD11141-18FF-42B5-8463-7F745F14C0B8}, Name: Basic data partition, StartLBA 0x22C2E800, BlocksNum 0x2800000 12:46:34.0378 0x1918 MBR partitions: 12:46:34.0378 0x1918 ============================================================ 12:46:34.0600 0x1918 C: <-> \Device\Harddisk0\DR0\Partition5 12:46:34.0944 0x1918 D: <-> \Device\Harddisk0\DR0\Partition7 12:46:34.0944 0x1918 ============================================================ 12:46:34.0944 0x1918 Initialize success 12:46:34.0944 0x1918 ============================================================ 12:47:18.0560 0x0760 ============================================================ 12:47:18.0560 0x0760 Scan started 12:47:18.0560 0x0760 Mode: Manual; SigCheck; TDLFS; 12:47:18.0560 0x0760 ============================================================ 12:47:18.0560 0x0760 KSN ping started 12:47:18.0810 0x0760 KSN ping finished: true 12:47:24.0610 0x0760 ================ Scan system memory ======================== 12:47:24.0610 0x0760 System memory - ok 12:47:24.0625 0x0760 ================ Scan services ============================= 12:47:24.0841 0x0760 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 12:47:25.0233 0x0760 1394ohci - ok 12:47:25.0328 0x0760 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 12:47:25.0370 0x0760 3ware - ok 12:47:25.0450 0x0760 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 12:47:25.0487 0x0760 ACPI - ok 12:47:25.0519 0x0760 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 12:47:25.0540 0x0760 acpiex - ok 12:47:25.0565 0x0760 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 12:47:25.0603 0x0760 acpipagr - ok 12:47:25.0651 0x0760 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 12:47:25.0756 0x0760 AcpiPmi - ok 12:47:25.0782 0x0760 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 12:47:25.0828 0x0760 acpitime - ok 12:47:25.0883 0x0760 [ 3B42D95D20CD2AACDB0564471AE43ED7, BF49568D7060159F61D5F6DE7ECDECCCD1F920A2881544BA83CF420C822F6653 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys 12:47:25.0940 0x0760 ACPIVPC - ok 12:47:26.0067 0x0760 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 12:47:26.0087 0x0760 AdobeARMservice - ok 12:47:26.0248 0x0760 [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 12:47:26.0301 0x0760 AdobeFlashPlayerUpdateSvc - ok 12:47:26.0417 0x0760 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 12:47:26.0527 0x0760 ADP80XX - ok 12:47:26.0586 0x0760 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys 12:47:26.0640 0x0760 AFD - ok 12:47:26.0672 0x0760 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 12:47:26.0686 0x0760 agp440 - ok 12:47:26.0733 0x0760 [ 655491B1173E0F6322F6972A596B93F7, 9AF06B8B9881D535C47582F456A1BF448397B3A28CA33D3E14B4F0E077C7FE53 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 12:47:26.0859 0x0760 ahcache - ok 12:47:26.0902 0x0760 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll 12:47:27.0030 0x0760 AJRouter - ok 12:47:27.0091 0x0760 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe 12:47:27.0159 0x0760 ALG - ok 12:47:27.0187 0x0760 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 12:47:27.0318 0x0760 AmdK8 - ok 12:47:27.0365 0x0760 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 12:47:27.0399 0x0760 AmdPPM - ok 12:47:27.0443 0x0760 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 12:47:27.0459 0x0760 amdsata - ok 12:47:27.0536 0x0760 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 12:47:27.0831 0x0760 amdsbs - ok 12:47:27.0863 0x0760 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 12:47:27.0878 0x0760 amdxata - ok 12:47:27.0916 0x0760 [ C7BE7FBB9B6BDE11E12A0F204384C1D6, 36A6387B90DFB2488ABF135198F0F9E19EE29F7A521818DF92E64B36A0BE0245 ] AmUStor C:\WINDOWS\system32\drivers\AmUStor.SYS 12:47:27.0932 0x0760 AmUStor - ok 12:47:27.0963 0x0760 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys 12:47:28.0059 0x0760 AppID - ok 12:47:28.0102 0x0760 [ 86C97B5E6B5ACCF3C984D4B3EDBB3D0A, 29FCC4125489C43D838CE1F9736F0443D6CFEF74562D8CB39E88773B8B219745 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 12:47:28.0149 0x0760 AppIDSvc - ok 12:47:28.0217 0x0760 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll 12:47:28.0302 0x0760 Appinfo - ok 12:47:28.0348 0x0760 [ BA8F02FBDACAB89E7F2210703193794C, CF46C024066AC139572F718E9B0063F1405C809B0CB779C8983C2D5EED685521 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 12:47:28.0502 0x0760 AppReadiness - ok 12:47:28.0602 0x0760 [ 2AFB974A3F25F9D67B82C77242C8DD27, 428AB8373DEB29AD1739D2C583E1477D70AD23FE91EFCBEF0B5CFDCC4C7B7DD3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 12:47:28.0850 0x0760 AppXSvc - ok 12:47:28.0865 0x0760 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 12:47:28.0920 0x0760 arcsas - ok 12:47:28.0935 0x0760 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys 12:47:28.0966 0x0760 AsyncMac - ok 12:47:29.0002 0x0760 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 12:47:29.0003 0x0760 atapi - ok 12:47:29.0087 0x0760 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 12:47:29.0156 0x0760 AudioEndpointBuilder - ok 12:47:29.0251 0x0760 [ E172ACC75A73EDB416E641B9958DE6AA, A7920D48F010FF467540237AAFDEFA5A50A77DE1BAAA9731E83E50B5D0D2D29D ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 12:47:29.0372 0x0760 Audiosrv - ok 12:47:29.0425 0x0760 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 12:47:29.0472 0x0760 AxInstSV - ok 12:47:29.0561 0x0760 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 12:47:29.0610 0x0760 b06bdrv - ok 12:47:29.0657 0x0760 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 12:47:29.0793 0x0760 BasicDisplay - ok 12:47:29.0809 0x0760 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 12:47:29.0850 0x0760 BasicRender - ok 12:47:30.0226 0x0760 [ E6618C2CAEEE8A2644FD46B98304954A, 64CBE1AA061F0CC761A6D9E3C0E4C484EE09CACA932CB18D1947BC7D9F893BA3 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys 12:47:30.0842 0x0760 BCM43XX - ok 12:47:30.0889 0x0760 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys 12:47:30.0942 0x0760 bcmfn - ok 12:47:30.0974 0x0760 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 12:47:31.0013 0x0760 bcmfn2 - ok 12:47:31.0080 0x0760 [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 12:47:31.0242 0x0760 BDESVC - ok 12:47:31.0258 0x0760 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 12:47:31.0309 0x0760 Beep - ok 12:47:31.0392 0x0760 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\WINDOWS\System32\bfe.dll 12:47:31.0474 0x0760 BFE - ok 12:47:31.0556 0x0760 [ B79DB21084178D67B323005C0449F89A, EB5B1C3BC480905386057A1A7568DA2F791F0C8DB063D79D836894C789F05FF4 ] BITS C:\WINDOWS\System32\qmgr.dll 12:47:32.0229 0x0760 BITS - ok 12:47:32.0292 0x0760 [ 00B634714E8B9F6AF9A7A6BCACA87305, DE9714A8E782D7EE8167FC69021E0880D82E3D17E568B23805D317587AAAF07B ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 12:47:32.0476 0x0760 bowser - ok 12:47:32.0611 0x0760 [ C59B5FC1E0575C5910C4585A2503FFFA, F336325D1519C9B5B2526EF8A88411C7678CC69AAAE95E129D21C7B06E11F777 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 12:47:32.0834 0x0760 BrokerInfrastructure - ok 12:47:32.0950 0x0760 [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser C:\WINDOWS\System32\browser.dll 12:47:33.0178 0x0760 Browser - ok 12:47:33.0233 0x0760 [ CAE0272391FE4DBEC2901237FB412EFD, BC0D76C288CB28B1A9C43FFE56410890AE4DECD08E2F4CC11DEEBC096CD6CDD9 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 12:47:33.0379 0x0760 BthAvrcpTg - ok 12:47:33.0412 0x0760 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 12:47:33.0479 0x0760 BthHFEnum - ok 12:47:33.0540 0x0760 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 12:47:33.0587 0x0760 bthhfhid - ok 12:47:33.0718 0x0760 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 12:47:33.0805 0x0760 BthHFSrv - ok 12:47:33.0837 0x0760 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 12:47:33.0874 0x0760 BTHMODEM - ok 12:47:33.0943 0x0760 [ CEEC73833A4C6B31E2F376A3FD4DA73E, F09FC6EAB8D9769DBAD0931CC7C7F5DFE1562D3EE09CE0EF086AA73D4B62E076 ] bthserv C:\WINDOWS\system32\bthserv.dll 12:47:34.0118 0x0760 bthserv - ok 12:47:34.0148 0x0760 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys 12:47:34.0296 0x0760 buttonconverter - ok 12:47:34.0356 0x0760 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys 12:47:34.0816 0x0760 CapImg - ok 12:47:34.0868 0x0760 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 12:47:34.0947 0x0760 cdfs - ok 12:47:35.0002 0x0760 [ 88E3BA684A7B1247762E1D401076D4C2, 88375BD1970848A71B9CF8C7C73ECA2E4A65E57D80D0C36F41547D381441A552 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll 12:47:35.0133 0x0760 CDPSvc - ok 12:47:35.0171 0x0760 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 12:47:35.0233 0x0760 cdrom - ok 12:47:35.0292 0x0760 [ 1B41261BF9CD5AFD4722A1DB7D6755C7, FBE088BE6ADC9DEE4DD8F93E8E6391A9A8AE19E393AD851A40E117BAB02682DE ] CertPropSvc C:\WINDOWS\System32\certprop.dll 12:47:35.0354 0x0760 CertPropSvc - ok 12:47:35.0408 0x0760 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys 12:47:35.0455 0x0760 circlass - ok 12:47:35.0518 0x0760 [ B65F379EA5987BCFEACEB56C02F07425, 63D944528BC39B7FE039862593BF00DDDFE6674B2A3B990FF59DD40FE3D47FD4 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 12:47:35.0556 0x0760 CLFS - ok 12:47:35.0597 0x0760 [ A3DF8BC0A3A59125CB675B1CCDCFC9FB, 7DC2C9707713507CE1B7F1901B16D924BF799C357EE93675474C86E62F8DC60A ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll 12:47:35.0644 0x0760 ClipSVC - ok 12:47:35.0697 0x0760 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 12:47:35.0782 0x0760 CmBatt - ok 12:47:35.0860 0x0760 [ F46A89204F657FA068ED763368526549, D1ABAEE40B760C67F5BA097FEEBABEC2586B817A3B625F6BEA484B340438485E ] CNG C:\WINDOWS\system32\Drivers\cng.sys 12:47:35.0916 0x0760 CNG - ok 12:47:35.0932 0x0760 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 12:47:35.0947 0x0760 cnghwassist - ok 12:47:36.0001 0x0760 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys 12:47:36.0032 0x0760 CompositeBus - ok 12:47:36.0032 0x0760 COMSysApp - ok 12:47:36.0066 0x0760 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 12:47:36.0084 0x0760 condrv - ok 12:47:36.0112 0x0760 [ B2B3EAE325C093F8F9B0A358053DA37C, A99CD901F0A46A2B5D2B921A870F7D9945F1D50CF342CE01F3EB214F21ADED42 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll 12:47:36.0185 0x0760 CoreMessagingRegistrar - ok 12:47:36.0334 0x0760 [ B18D590BC5220FDB4A747BC16D78ABC7, D46F8B43BAC22E55DE9AFC19CF371B1C4E8D3707163598B2F9884BB31D730C09 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 12:47:37.0094 0x0760 cphs - ok 12:47:37.0156 0x0760 [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 12:47:37.0193 0x0760 CryptSvc - ok 12:47:37.0239 0x0760 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys 12:47:37.0271 0x0760 dam - ok 12:47:37.0375 0x0760 [ 68E07DF3E6D1DFED440B82D3D33542B1, A80C25C2B884F0A725B8256E985D670FCFBE9C870A0380C22B51BB140820B4A8 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 12:47:37.0509 0x0760 DcomLaunch - ok 12:47:37.0555 0x0760 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll 12:47:37.0609 0x0760 DcpSvc - ok 12:47:37.0671 0x0760 [ AEADFE9C3D3FBB3BE619AB369AE069B6, E7911628446C170375C70538192165F7DD9DF39B9098B4B2404E6521DBD191AE ] defragsvc C:\WINDOWS\System32\defragsvc.dll 12:47:37.0809 0x0760 defragsvc - ok 12:47:37.0910 0x0760 [ 0CADF20D9CBB7EEB26ACA0B5FDF01FB1, 2556861FB94F9942B2CA29A7E33F28883CECED56A2A5973F29A94C5D85219579 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 12:47:38.0033 0x0760 DeviceAssociationService - ok 12:47:38.0086 0x0760 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 12:47:38.0169 0x0760 DeviceInstall - ok 12:47:38.0192 0x0760 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll 12:47:38.0297 0x0760 DevQueryBroker - ok 12:47:38.0346 0x0760 [ A4FC5B8A300394F7E219B173E2BF3A46, 8D4691E992BBC4A94EC13ED7B79C016C527CDE3AE13F21CB8E4897C863567684 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 12:47:38.0411 0x0760 Dfsc - ok 12:47:38.0496 0x0760 [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 12:47:38.0554 0x0760 Dhcp - ok 12:47:38.0658 0x0760 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe 12:47:38.0734 0x0760 diagnosticshub.standardcollector.service - ok 12:47:38.0890 0x0760 [ 4EB7EE8A830E6602EBDDB03FC5B6F672, 903D8878BC3B79EBB6FB7204D4D7C5B776BF5E755CE4EA15F4088413BECE4D54 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 12:47:39.0006 0x0760 DiagTrack - ok 12:47:39.0048 0x0760 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys 12:47:39.0067 0x0760 disk - ok 12:47:39.0114 0x0760 [ 126FCA1567A012BAEA80FC4F8068A48F, 74907F56CC88AA0DD345E271DBB1F8B6EB1618F798B895CDF441123E582E9A16 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll 12:47:39.0234 0x0760 DmEnrollmentSvc - ok 12:47:39.0265 0x0760 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 12:47:39.0365 0x0760 dmvsc - ok 12:47:39.0418 0x0760 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll 12:47:39.0557 0x0760 dmwappushservice - ok 12:47:39.0607 0x0760 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 12:47:39.0659 0x0760 Dnscache - ok 12:47:39.0692 0x0760 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll 12:47:39.0772 0x0760 dot3svc - ok 12:47:39.0796 0x0760 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll 12:47:39.0892 0x0760 DPS - ok 12:47:39.0960 0x0760 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys 12:47:39.0991 0x0760 drmkaud - ok 12:47:40.0046 0x0760 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 12:47:40.0135 0x0760 DsmSvc - ok 12:47:40.0159 0x0760 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll 12:47:40.0318 0x0760 DsSvc - ok 12:47:40.0556 0x0760 [ B599B817F00A9EC43FFD624AC484A3F9, 664195A23C4BB0C7203AFF8ADFB7CB048BD0B4CBD340A84A26A900BAE9656D4A ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 12:47:40.0677 0x0760 DXGKrnl - ok 12:47:40.0729 0x0760 [ 1FBC5FF75CE1B6DCC61DA0352E7C91AA, 4705B8DB74E73945066363F72B20B0942F1AB7EB56AA523817F5F9D477D84D99 ] Eaphost C:\WINDOWS\System32\eapsvc.dll 12:47:40.0827 0x0760 Eaphost - ok 12:47:41.0034 0x0760 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 12:47:41.0233 0x0760 ebdrv - ok 12:47:41.0295 0x0760 [ 28F844500ADA77447835BC586F15AAAE, A0368E0928E7AB459F7DF3E9C0ECAFDD33F5DAC6A7122689FA6CF4B55AFB4D15 ] EFS C:\WINDOWS\System32\lsass.exe 12:47:41.0311 0x0760 EFS - ok 12:47:41.0363 0x0760 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 12:47:41.0394 0x0760 EhStorClass - ok 12:47:41.0410 0x0760 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 12:47:41.0432 0x0760 EhStorTcgDrv - ok 12:47:41.0479 0x0760 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll 12:47:41.0510 0x0760 embeddedmode - ok 12:47:41.0564 0x0760 [ B8B197787331426271457525DA7FC04D, 27EE1DA1211B506E06077656FDE55A140041CF91095EFF95F7A10120E60004D2 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 12:47:41.0711 0x0760 EntAppSvc - ok 12:47:41.0733 0x0760 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 12:47:41.0795 0x0760 ErrDev - ok 12:47:41.0849 0x0760 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll 12:47:41.0972 0x0760 EventSystem - ok 12:47:42.0003 0x0760 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 12:47:42.0092 0x0760 exfat - ok 12:47:42.0165 0x0760 Fabs - ok 12:47:42.0231 0x0760 [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 12:47:42.0281 0x0760 fastfat - ok 12:47:42.0366 0x0760 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe 12:47:42.0556 0x0760 Fax - ok 12:47:42.0622 0x0760 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 12:47:42.0650 0x0760 fdc - ok 12:47:42.0704 0x0760 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 12:47:42.0732 0x0760 fdPHost - ok 12:47:42.0751 0x0760 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll 12:47:42.0782 0x0760 FDResPub - ok 12:47:42.0835 0x0760 [ 7B4F6B1006E43FCC768D348AA0E81B67, E63C407158CE9DBCE1264602879A702F83F6D28B59FB60E7A7064354936149CF ] fhsvc C:\WINDOWS\system32\fhsvc.dll 12:47:42.0935 0x0760 fhsvc - ok 12:47:42.0967 0x0760 [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys 12:47:43.0069 0x0760 FileCrypt - ok 12:47:43.0093 0x0760 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 12:47:43.0111 0x0760 FileInfo - ok 12:47:43.0128 0x0760 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 12:47:43.0214 0x0760 Filetrace - ok 12:47:43.0453 0x0760 [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe 12:47:43.0839 0x0760 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 ) 12:47:44.0140 0x0760 Detect skipped due to KSN trusted 12:47:44.0140 0x0760 FirebirdServerMAGIXInstance - ok 12:47:44.0156 0x0760 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 12:47:44.0203 0x0760 flpydisk - ok 12:47:44.0240 0x0760 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 12:47:44.0287 0x0760 FltMgr - ok 12:47:44.0403 0x0760 [ FFF49D397DC82F804BD36A13B974A174, 5D29152A0A4A74036C13A52905335AFAD7E7F46B8EBB350415793D9B10164634 ] FontCache C:\WINDOWS\system32\FntCache.dll 12:47:44.0587 0x0760 FontCache - ok 12:47:44.0707 0x0760 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 12:47:44.0742 0x0760 FontCache3.0.0.0 - ok 12:47:44.0776 0x0760 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 12:47:44.0824 0x0760 FsDepends - ok 12:47:44.0839 0x0760 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 12:47:44.0845 0x0760 Fs_Rec - ok 12:47:44.0976 0x0760 [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 12:47:45.0037 0x0760 fvevol - ok 12:47:45.0063 0x0760 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 12:47:45.0082 0x0760 gagp30kx - ok 12:47:45.0128 0x0760 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 12:47:45.0161 0x0760 gencounter - ok 12:47:45.0192 0x0760 [ 3DEAA29F7DE0B6436E75277A6FE3E95F, 84A34FC404C427432D7B61F5DA425BE68114C06F3DBD98CD7B5BD0C4941DC442 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys 12:47:45.0277 0x0760 genericusbfn - ok 12:47:45.0308 0x0760 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 12:47:45.0346 0x0760 GPIOClx0101 - ok 12:47:45.0462 0x0760 [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc C:\WINDOWS\System32\gpsvc.dll 12:47:45.0609 0x0760 gpsvc - ok 12:47:45.0646 0x0760 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys 12:47:45.0701 0x0760 GpuEnergyDrv - ok 12:47:45.0762 0x0760 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 12:47:45.0809 0x0760 gupdate - ok 12:47:45.0844 0x0760 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 12:47:45.0847 0x0760 gupdatem - ok 12:47:45.0909 0x0760 [ DB1409A2774DB8AD3611EA28C48CEB66, AB712A38E985AE1F9910AB91C2BA0D69C324F2743551FA92A3AA0396782DB04F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 12:47:46.0025 0x0760 HDAudBus - ok 12:47:46.0065 0x0760 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 12:47:46.0116 0x0760 HidBatt - ok 12:47:46.0147 0x0760 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 12:47:46.0194 0x0760 HidBth - ok 12:47:46.0209 0x0760 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 12:47:46.0247 0x0760 hidi2c - ok 12:47:46.0278 0x0760 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys 12:47:46.0294 0x0760 hidinterrupt - ok 12:47:46.0309 0x0760 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 12:47:46.0347 0x0760 HidIr - ok 12:47:46.0394 0x0760 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll 12:47:46.0425 0x0760 hidserv - ok 12:47:46.0483 0x0760 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 12:47:46.0599 0x0760 HidUsb - ok 12:47:46.0652 0x0760 [ 3DC73B1A1B386F64F6C7EA7B86756955, C65828815E1826212109693A4C843290DDBE1A78C1D8BFD217B7482AE42EC255 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 12:47:46.0784 0x0760 HomeGroupListener - ok 12:47:46.0872 0x0760 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 12:47:47.0031 0x0760 HomeGroupProvider - ok 12:47:47.0073 0x0760 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 12:47:47.0086 0x0760 HpSAMD - ok 12:47:47.0156 0x0760 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 12:47:47.0240 0x0760 HTTP - ok 12:47:47.0308 0x0760 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 12:47:47.0339 0x0760 hwpolicy - ok 12:47:47.0359 0x0760 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 12:47:47.0392 0x0760 hyperkbd - ok 12:47:47.0423 0x0760 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 12:47:47.0523 0x0760 i8042prt - ok 12:47:47.0550 0x0760 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys 12:47:47.0592 0x0760 iai2c - ok 12:47:47.0676 0x0760 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 12:47:47.0723 0x0760 iaLPSS2i_I2C - ok 12:47:47.0756 0x0760 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 12:47:47.0761 0x0760 iaLPSSi_GPIO - ok 12:47:47.0777 0x0760 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 12:47:47.0808 0x0760 iaLPSSi_I2C - ok 12:47:47.0861 0x0760 [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 12:47:47.0893 0x0760 iaStorA - ok 12:47:47.0924 0x0760 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 12:47:47.0993 0x0760 iaStorAV - ok 12:47:48.0024 0x0760 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 12:47:48.0073 0x0760 iaStorV - ok 12:47:48.0100 0x0760 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys 12:47:48.0129 0x0760 ibbus - ok 12:47:48.0185 0x0760 [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc C:\WINDOWS\System32\tetheringservice.dll 12:47:48.0269 0x0760 icssvc - ok 12:47:48.0285 0x0760 IEEtwCollectorService - ok 12:47:48.0636 0x0760 [ 79AE3CC82CA1563A4B392207997ACE7C, A1E4A1DA95CA2FA197EF5975657822F0F813F6C33DA38E1FA5A840194034D071 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 12:47:48.0990 0x0760 igfx - ok 12:47:49.0086 0x0760 [ C2217CC3C5A0A0B9855FFA2951704E36, 6AFE7D15E8A8FB242FA83E7B3212C4BC8338A2BA36628FEE6DB43E6DDFDA00EE ] IKEEXT C:\WINDOWS\System32\ikeext.dll 12:47:49.0207 0x0760 IKEEXT - ok 12:47:49.0423 0x0760 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 12:47:49.0681 0x0760 IntcAzAudAddService - ok 12:47:49.0797 0x0760 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 12:47:49.0844 0x0760 Intel(R) Capability Licensing Service Interface - ok 12:47:49.0945 0x0760 [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 12:47:49.0960 0x0760 Intel(R) ME Service - ok 12:47:49.0980 0x0760 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys 12:47:49.0982 0x0760 intelide - ok 12:47:50.0029 0x0760 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 12:47:50.0045 0x0760 intelpep - ok 12:47:50.0164 0x0760 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 12:47:50.0230 0x0760 intelppm - ok 12:47:50.0245 0x0760 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys 12:47:50.0352 0x0760 IoQos - ok 12:47:50.0368 0x0760 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 12:47:50.0418 0x0760 IpFilterDriver - ok 12:47:50.0573 0x0760 [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 12:47:50.0739 0x0760 iphlpsvc - ok 12:47:50.0754 0x0760 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 12:47:50.0843 0x0760 IPMIDRV - ok 12:47:50.0892 0x0760 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 12:47:50.0939 0x0760 IPNAT - ok 12:47:50.0970 0x0760 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 12:47:50.0999 0x0760 IRENUM - ok 12:47:51.0030 0x0760 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 12:47:51.0046 0x0760 isapnp - ok 12:47:51.0096 0x0760 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 12:47:51.0128 0x0760 iScsiPrt - ok 12:47:51.0175 0x0760 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 12:47:51.0192 0x0760 jhi_service - ok 12:47:51.0208 0x0760 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 12:47:51.0224 0x0760 kbdclass - ok 12:47:51.0239 0x0760 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 12:47:51.0294 0x0760 kbdhid - ok 12:47:51.0310 0x0760 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys 12:47:51.0461 0x0760 kdnic - ok 12:47:51.0495 0x0760 [ 28F844500ADA77447835BC586F15AAAE, A0368E0928E7AB459F7DF3E9C0ECAFDD33F5DAC6A7122689FA6CF4B55AFB4D15 ] KeyIso C:\WINDOWS\system32\lsass.exe 12:47:51.0511 0x0760 KeyIso - ok 12:47:51.0559 0x0760 [ 38DADD5178E0299A1BB5A805B2136DEC, D6372DA2376C5D35611B0DF9427628A845878ED1AD410759804D1D306E996DD1 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 12:47:51.0574 0x0760 KSecDD - ok 12:47:51.0630 0x0760 [ C2138FE291C8235C3A26CD04EE629163, 33A840893B104BFCF111C99F8C23B283EF26D8E1BB523BDA0259F6B56B60874D ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 12:47:51.0661 0x0760 KSecPkg - ok 12:47:51.0721 0x0760 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 12:47:51.0747 0x0760 ksthunk - ok 12:47:51.0820 0x0760 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 12:47:51.0951 0x0760 KtmRm - ok 12:47:51.0982 0x0760 [ 4E444F41E69BBE2E0BAE34D5DFCB5732, ACAEFB839CF7A3113D026B9A715994C3DFF8797D73B991253959EF606C4FBC00 ] L1C C:\WINDOWS\System32\drivers\L1C63x64.sys 12:47:52.0061 0x0760 L1C - ok 12:47:52.0123 0x0760 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 12:47:52.0224 0x0760 LanmanServer - ok 12:47:52.0271 0x0760 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 12:47:52.0340 0x0760 LanmanWorkstation - ok 12:47:52.0387 0x0760 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll 12:47:52.0508 0x0760 lfsvc - ok 12:47:52.0545 0x0760 [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\WINDOWS\system32\DRIVERS\LhdX64.sys 12:47:52.0557 0x0760 LHDmgr - ok 12:47:52.0572 0x0760 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll 12:47:52.0659 0x0760 LicenseManager - ok 12:47:52.0712 0x0760 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys 12:47:52.0743 0x0760 lltdio - ok 12:47:52.0806 0x0760 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 12:47:52.0874 0x0760 lltdsvc - ok 12:47:52.0984 0x0760 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 12:47:53.0078 0x0760 lmhosts - ok 12:47:53.0137 0x0760 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 12:47:53.0152 0x0760 LMS - ok 12:47:53.0216 0x0760 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 12:47:53.0271 0x0760 LSI_SAS - ok 12:47:53.0302 0x0760 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys 12:47:53.0324 0x0760 LSI_SAS2i - ok 12:47:53.0340 0x0760 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys 12:47:53.0355 0x0760 LSI_SAS3i - ok 12:47:53.0386 0x0760 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 12:47:53.0424 0x0760 LSI_SSS - ok 12:47:53.0455 0x0760 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll 12:47:53.0556 0x0760 LSM - ok 12:47:53.0572 0x0760 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys 12:47:53.0624 0x0760 luafv - ok 12:47:53.0687 0x0760 [ 9B5D0A55BA3762E0A30563B7A5D4B5F7, 5557384CABA2CADC63DC7ACC98120E61D0AF880D01014049D0EFFE2C5321734F ] MapsBroker C:\WINDOWS\System32\moshost.dll 12:47:53.0802 0x0760 MapsBroker - ok 12:47:53.0838 0x0760 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys 12:47:53.0856 0x0760 megasas - ok 12:47:53.0887 0x0760 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys 12:47:53.0940 0x0760 megasr - ok 12:47:53.0987 0x0760 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys 12:47:54.0016 0x0760 MEIx64 - ok 12:47:54.0059 0x0760 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll 12:47:54.0108 0x0760 MessagingService - ok 12:47:54.0340 0x0760 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys 12:47:54.0403 0x0760 mlx4_bus - ok 12:47:54.0456 0x0760 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys 12:47:54.0560 0x0760 MMCSS - ok 12:47:54.0575 0x0760 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys 12:47:54.0629 0x0760 Modem - ok 12:47:54.0660 0x0760 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys 12:47:54.0760 0x0760 monitor - ok 12:47:54.0830 0x0760 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 12:47:54.0861 0x0760 mouclass - ok 12:47:54.0876 0x0760 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 12:47:54.0977 0x0760 mouhid - ok 12:47:54.0992 0x0760 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 12:47:55.0018 0x0760 mountmgr - ok 12:47:55.0086 0x0760 [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 12:47:55.0119 0x0760 MozillaMaintenance - ok 12:47:55.0131 0x0760 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 12:47:55.0232 0x0760 mpsdrv - ok 12:47:55.0294 0x0760 [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 12:47:55.0431 0x0760 MpsSvc - ok 12:47:55.0463 0x0760 [ 4B08308D8A2B21E96D77ABA478CB081E, 08373CEB7E538E08FD158DDF279CE3E99D083AB45C8FF028FC85786CC593163E ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 12:47:55.0567 0x0760 MRxDAV - ok 12:47:55.0671 0x0760 [ E7D59C52DE0C19C3179114D028EAA4B7, 0D2C137CFEFBBD5DB0EF8B8E5F5041F3E2C80CB46A4162FD9102D63DF48C8B7C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 12:47:55.0717 0x0760 mrxsmb - ok 12:47:55.0770 0x0760 [ 734D21F5B05D05DA2F85BE7EEF77DD43, 3B8BC89BE48DEA6138D5E35E8150D2DD003D0895F3EAF3EE485CB089E26D014D ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 12:47:55.0902 0x0760 mrxsmb10 - ok 12:47:55.0918 0x0760 [ 600D5CC9DD2AE16691C71DCD4DAF8F1D, 06777F594A1A0C054A7F662E518AC914670C0028B8843887A6DFE2891F052905 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 12:47:55.0941 0x0760 mrxsmb20 - ok 12:47:55.0999 0x0760 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys 12:47:56.0087 0x0760 MsBridge - ok 12:47:56.0140 0x0760 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe 12:47:56.0213 0x0760 MSDTC - ok 12:47:56.0242 0x0760 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 12:47:56.0289 0x0760 Msfs - ok 12:47:56.0343 0x0760 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 12:47:56.0359 0x0760 msgpiowin32 - ok 12:47:56.0390 0x0760 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 12:47:56.0443 0x0760 mshidkmdf - ok 12:47:56.0459 0x0760 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 12:47:56.0516 0x0760 mshidumdf - ok 12:47:56.0535 0x0760 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 12:47:56.0544 0x0760 msisadrv - ok 12:47:56.0606 0x0760 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 12:47:56.0644 0x0760 MSiSCSI - ok 12:47:56.0660 0x0760 msiserver - ok 12:47:56.0682 0x0760 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys 12:47:56.0702 0x0760 MSKSSRV - ok 12:47:56.0735 0x0760 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys 12:47:56.0776 0x0760 MsLldp - ok 12:47:56.0791 0x0760 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys 12:47:56.0845 0x0760 MSPCLOCK - ok 12:47:56.0876 0x0760 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys 12:47:56.0892 0x0760 MSPQM - ok 12:47:56.0923 0x0760 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 12:47:56.0960 0x0760 MsRPC - ok 12:47:56.0976 0x0760 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 12:47:56.0992 0x0760 mssmbios - ok 12:47:57.0023 0x0760 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys 12:47:57.0044 0x0760 MSTEE - ok 12:47:57.0078 0x0760 [ D65DB6F9285AF96151C937ABF027AEA8, 8BBB3DDB824C589663F81DED0C3D04EDAFFFDA64DBDF6F32217401523C9D51E5 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 12:47:57.0135 0x0760 MTConfig - ok 12:47:57.0176 0x0760 [ 74CADDF07A773FD9B5D840FD014A0430, 70FAB35A26FA4239E1F8095833C6F72B0DB7EE1B7742543FC70A000D52C7486E ] Mup C:\WINDOWS\system32\Drivers\mup.sys 12:47:57.0192 0x0760 Mup - ok 12:47:57.0223 0x0760 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 12:47:57.0243 0x0760 mvumis - ok 12:47:57.0308 0x0760 [ 549DFD8240CF20BFBD88AD9D89325DBF, D2553AEA91524E7EBCE902D175BCE3A14C594FB0B5E1310E2D9171AF903CF51C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 12:47:57.0377 0x0760 NativeWifiP - ok 12:47:57.0445 0x0760 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 12:47:57.0562 0x0760 NcaSvc - ok 12:47:57.0593 0x0760 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll 12:47:57.0728 0x0760 NcbService - ok 12:47:57.0745 0x0760 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 12:47:57.0877 0x0760 NcdAutoSetup - ok 12:47:57.0924 0x0760 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys 12:47:57.0943 0x0760 ndfltr - ok 12:47:58.0012 0x0760 [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 12:47:58.0103 0x0760 NDIS - ok 12:47:58.0146 0x0760 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys 12:47:58.0225 0x0760 NdisCap - ok 12:47:58.0247 0x0760 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys 12:47:58.0344 0x0760 NdisImPlatform - ok 12:47:58.0367 0x0760 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12:47:58.0414 0x0760 NdisTapi - ok 12:47:58.0463 0x0760 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys 12:47:58.0509 0x0760 Ndisuio - ok 12:47:58.0553 0x0760 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 12:47:58.0570 0x0760 NdisVirtualBus - ok 12:47:58.0647 0x0760 [ C0D4E47FE99B415DC1C95E386E8A4D3A, 9C16639B9E7A29DE89BFC3E98D29C55FDAC475400EC09DC20666ACC47DC3EF92 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys 12:47:58.0747 0x0760 NdisWan - ok 12:47:58.0763 0x0760 [ C0D4E47FE99B415DC1C95E386E8A4D3A, 9C16639B9E7A29DE89BFC3E98D29C55FDAC475400EC09DC20666ACC47DC3EF92 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 12:47:58.0778 0x0760 ndiswanlegacy - ok 12:47:58.0810 0x0760 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys 12:47:58.0847 0x0760 ndproxy - ok 12:47:58.0910 0x0760 [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 12:47:59.0021 0x0760 Ndu - ok 12:47:59.0052 0x0760 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys 12:47:59.0075 0x0760 NetBIOS - ok 12:47:59.0117 0x0760 [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 12:47:59.0244 0x0760 NetBT - ok |
03.01.2017, 13:02 | #8 |
| Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchteCode:
ATTFilter 12:47:59.0272 0x0760 [ 28F844500ADA77447835BC586F15AAAE, A0368E0928E7AB459F7DF3E9C0ECAFDD33F5DAC6A7122689FA6CF4B55AFB4D15 ] Netlogon C:\WINDOWS\system32\lsass.exe 12:47:59.0287 0x0760 Netlogon - ok 12:47:59.0334 0x0760 [ 996B7517091FA36F4EAC01745F2D5497, 1F50F3839E47F9F917D2592593A30DE241D3151E7475D3C11091064FD9302D14 ] Netman C:\WINDOWS\System32\netman.dll 12:47:59.0419 0x0760 Netman - ok 12:47:59.0472 0x0760 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 12:47:59.0557 0x0760 netprofm - ok 12:47:59.0604 0x0760 [ D8CAB1807EA429C2C647FBC33C30CC88, 8D7CD300A5345444ED39F7BD81B64DEDC4457AF66B5993E9F6A250AE6AD02130 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll 12:47:59.0708 0x0760 NetSetupSvc - ok 12:47:59.0793 0x0760 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 12:47:59.0877 0x0760 NetTcpPortSharing - ok 12:47:59.0940 0x0760 [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll 12:48:00.0077 0x0760 NgcCtnrSvc - ok 12:48:00.0151 0x0760 [ FD35B4E83326317C5DAEBE1A8A67F3FC, 23E3C1CCD5EB397F417B40BF6DAFF5BFC160627BEF130A9376BC123D774DE818 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll 12:48:00.0222 0x0760 NgcSvc - ok 12:48:00.0279 0x0760 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 12:48:00.0341 0x0760 NlaSvc - ok 12:48:00.0379 0x0760 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 12:48:00.0426 0x0760 Npfs - ok 12:48:00.0465 0x0760 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 12:48:00.0581 0x0760 npsvctrig - ok 12:48:00.0597 0x0760 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll 12:48:00.0666 0x0760 nsi - ok 12:48:00.0697 0x0760 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 12:48:00.0731 0x0760 nsiproxy - ok 12:48:00.0985 0x0760 [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys 12:48:01.0117 0x0760 NTFS - ok 12:48:01.0170 0x0760 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys 12:48:01.0186 0x0760 Null - ok 12:48:01.0233 0x0760 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 12:48:01.0249 0x0760 nvraid - ok 12:48:01.0271 0x0760 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 12:48:01.0287 0x0760 nvstor - ok 12:48:01.0318 0x0760 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 12:48:01.0334 0x0760 nv_agp - ok 12:48:01.0387 0x0760 [ 9F689F8A783ACE31090B3715322F7FA8, 4CDF23751B6731C0BCF852E714697168CB3186A2C42DF19BC0C25DBF1B67AE87 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll 12:48:01.0466 0x0760 OneSyncSvc - ok 12:48:01.0635 0x0760 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 12:48:01.0773 0x0760 p2pimsvc - ok 12:48:01.0820 0x0760 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll 12:48:01.0904 0x0760 p2psvc - ok 12:48:01.0951 0x0760 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys 12:48:01.0994 0x0760 Parport - ok 12:48:02.0036 0x0760 [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 12:48:02.0052 0x0760 partmgr - ok 12:48:02.0132 0x0760 [ 938D33D59D8AA992E80D4C98204C0FD8, 6F18ED282B7126AC6ADCDB39B88549DFE1E6ADFC1B22B1BE34FE1329E16AFBC1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 12:48:02.0201 0x0760 PcaSvc - ok 12:48:02.0245 0x0760 [ 3F89E96BDA0A24A3D2DBB7CE1E625589, 63AAF83128B8AE279BC37331D2B27133EB9DE9C61392ADF18278A301697D0307 ] pci C:\WINDOWS\system32\drivers\pci.sys 12:48:02.0305 0x0760 pci - ok 12:48:02.0352 0x0760 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 12:48:02.0374 0x0760 pciide - ok 12:48:02.0421 0x0760 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 12:48:02.0453 0x0760 pcmcia - ok 12:48:02.0476 0x0760 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 12:48:02.0495 0x0760 pcw - ok 12:48:02.0503 0x0760 [ 34DDBE73E42A4EDED7BEFF66F270C1A4, 420D6EC5B514423C4583839D4E185F7D71989C7BC8A854B0FCC54EE03A972381 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 12:48:02.0523 0x0760 pdc - ok 12:48:02.0623 0x0760 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 12:48:02.0723 0x0760 PEAUTH - ok 12:48:02.0754 0x0760 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys 12:48:02.0776 0x0760 percsas2i - ok 12:48:02.0792 0x0760 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys 12:48:02.0812 0x0760 percsas3i - ok 12:48:02.0923 0x0760 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 12:48:03.0113 0x0760 PerfHost - ok 12:48:03.0198 0x0760 [ BE52ACECBD9232D2DA3EE7346175E0DC, CE574F674DAE1A65F2DA7738670A43A618ACD2C055108251A99A6BA814590852 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll 12:48:03.0345 0x0760 PhoneSvc - ok 12:48:03.0382 0x0760 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll 12:48:03.0556 0x0760 PimIndexMaintenanceSvc - ok 12:48:03.0871 0x0760 [ 5D2DF0392FFD0BA4FF27F503999997C2, C4BD5145151AB08403E5B2B30894E6B95E7E4888EB3E89542FC039DD775A27C0 ] pla C:\WINDOWS\system32\pla.dll 12:48:04.0024 0x0760 pla - ok 12:48:04.0086 0x0760 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 12:48:04.0140 0x0760 PlugPlay - ok 12:48:04.0187 0x0760 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 12:48:04.0274 0x0760 PNRPAutoReg - ok 12:48:04.0305 0x0760 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 12:48:04.0343 0x0760 PNRPsvc - ok 12:48:04.0405 0x0760 [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 12:48:04.0505 0x0760 PolicyAgent - ok 12:48:04.0505 0x0760 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll 12:48:04.0556 0x0760 Power - ok 12:48:04.0603 0x0760 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys 12:48:04.0659 0x0760 PptpMiniport - ok 12:48:04.0907 0x0760 [ 2195908CEF288E1C10E5266B9DF75D29, 30E0664A03C58DD3B325A9A4A248AD1FA9297DD65F0D472C3AD90E21B238169F ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 12:48:05.0542 0x0760 PrintNotify - ok 12:48:05.0589 0x0760 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys 12:48:05.0634 0x0760 Processor - ok 12:48:05.0681 0x0760 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll 12:48:05.0750 0x0760 ProfSvc - ok 12:48:05.0781 0x0760 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys 12:48:05.0797 0x0760 Psched - ok 12:48:05.0882 0x0760 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll 12:48:06.0026 0x0760 QWAVE - ok 12:48:06.0067 0x0760 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 12:48:06.0100 0x0760 QWAVEdrv - ok 12:48:06.0136 0x0760 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 12:48:06.0215 0x0760 RasAcd - ok 12:48:06.0236 0x0760 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys 12:48:06.0284 0x0760 RasAgileVpn - ok 12:48:06.0353 0x0760 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll 12:48:06.0418 0x0760 RasAuto - ok 12:48:06.0468 0x0760 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys 12:48:06.0569 0x0760 Rasl2tp - ok 12:48:06.0670 0x0760 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll 12:48:06.0771 0x0760 RasMan - ok 12:48:06.0787 0x0760 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 12:48:06.0838 0x0760 RasPppoe - ok 12:48:06.0854 0x0760 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys 12:48:06.0901 0x0760 RasSstp - ok 12:48:06.0958 0x0760 [ 39B52DF786378EA1F72BE193D483941F, E42733CAF3564BF6BD112EAB9EC31541E8ED5033F34C640DDE20EBF4AD9ACEB8 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 12:48:07.0006 0x0760 rdbss - ok 12:48:07.0068 0x0760 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 12:48:07.0182 0x0760 rdpbus - ok 12:48:07.0213 0x0760 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 12:48:07.0251 0x0760 RDPDR - ok 12:48:07.0313 0x0760 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 12:48:07.0328 0x0760 RdpVideoMiniport - ok 12:48:07.0351 0x0760 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 12:48:07.0383 0x0760 rdyboost - ok 12:48:07.0531 0x0760 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys 12:48:07.0615 0x0760 ReFSv1 - ok 12:48:07.0699 0x0760 [ 23247F380832FB1BCF835587170B3E1F, 6F81F56381906CD4ED46E426EEA516FEF30EB1F4765AA4311116C9AB93A15892 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 12:48:07.0800 0x0760 RemoteAccess - ok 12:48:07.0869 0x0760 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 12:48:07.0918 0x0760 RemoteRegistry - ok 12:48:08.0014 0x0760 [ 3AC922E6BF296F0038F726C3F771E205, 6E0B3D40C763E394F09EC1CDED7EE59881EDCACCAEDF0EC37ED75ABC99D59E48 ] RetailDemo C:\WINDOWS\system32\RDXService.dll 12:48:08.0168 0x0760 RetailDemo - ok 12:48:08.0229 0x0760 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 12:48:08.0255 0x0760 RpcEptMapper - ok 12:48:08.0302 0x0760 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe 12:48:08.0356 0x0760 RpcLocator - ok 12:48:08.0456 0x0760 [ 68E07DF3E6D1DFED440B82D3D33542B1, A80C25C2B884F0A725B8256E985D670FCFBE9C870A0380C22B51BB140820B4A8 ] RpcSs C:\WINDOWS\system32\rpcss.dll 12:48:08.0563 0x0760 RpcSs - ok 12:48:08.0591 0x0760 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys 12:48:08.0638 0x0760 rspndr - ok 12:48:08.0661 0x0760 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 12:48:08.0676 0x0760 s3cap - ok 12:48:08.0723 0x0760 [ 28F844500ADA77447835BC586F15AAAE, A0368E0928E7AB459F7DF3E9C0ECAFDD33F5DAC6A7122689FA6CF4B55AFB4D15 ] SamSs C:\WINDOWS\system32\lsass.exe 12:48:08.0739 0x0760 SamSs - ok 12:48:08.0779 0x0760 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 12:48:08.0810 0x0760 sbp2port - ok 12:48:08.0880 0x0760 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 12:48:08.0927 0x0760 SCardSvr - ok 12:48:08.0960 0x0760 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 12:48:08.0999 0x0760 ScDeviceEnum - ok 12:48:09.0031 0x0760 [ EB02C33399FA1D1637E17320134CCBEB, EC36DCED9B86D545A302B89B933C5EC8E82186CA55AB27B84F9D108F1FE6E936 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 12:48:09.0078 0x0760 scfilter - ok 12:48:09.0143 0x0760 [ DE23637D300F44F2ECE9E776FD174617, 90503183A6C353D0DE103771CB2A59CD04976E447B1F676572A3B870A829BBE0 ] Schedule C:\WINDOWS\system32\schedsvc.dll 12:48:09.0284 0x0760 Schedule - ok 12:48:09.0346 0x0760 [ 1B41261BF9CD5AFD4722A1DB7D6755C7, FBE088BE6ADC9DEE4DD8F93E8E6391A9A8AE19E393AD851A40E117BAB02682DE ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 12:48:09.0399 0x0760 SCPolicySvc - ok 12:48:09.0431 0x0760 [ B32F13993145E815D7280C6F55B9523B, A3269AA65F89F9F0BFD5C98F66DDEA3FB92D1C097FA11959593A2074E7460DE3 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 12:48:09.0468 0x0760 sdbus - ok 12:48:09.0529 0x0760 [ 723C6C3DE056D3EB76F7520BEF5947B4, 49FFDAD56BBD652404A587F282867161BAE6D9E61BC2C819DDC75CE10A8E3C63 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 12:48:09.0615 0x0760 SDRSVC - ok 12:48:09.0646 0x0760 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 12:48:09.0669 0x0760 sdstor - ok 12:48:09.0700 0x0760 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll 12:48:09.0835 0x0760 seclogon - ok 12:48:09.0875 0x0760 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll 12:48:09.0921 0x0760 SENS - ok 12:48:10.0116 0x0760 [ F6A6B608881AAEED7A3ACA7806A7E74C, 653782C984E4C6F1A4BC6B4C7EF840C9263166DA9EE324BB072A1E7FFC25BED3 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe 12:48:10.0292 0x0760 SensorDataService - ok 12:48:10.0396 0x0760 [ 0F940F413D9F88E432C42D0F2ABE2BBB, 201BF2C7FCFF66DDB85F693FFD6C1E3303F8EEF6DC1154D0D99D38E6C5247130 ] SensorService C:\WINDOWS\system32\SensorService.dll 12:48:10.0547 0x0760 SensorService - ok 12:48:10.0600 0x0760 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 12:48:10.0747 0x0760 SensrSvc - ok 12:48:10.0785 0x0760 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 12:48:10.0800 0x0760 SerCx - ok 12:48:10.0847 0x0760 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 12:48:10.0883 0x0760 SerCx2 - ok 12:48:10.0916 0x0760 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 12:48:10.0948 0x0760 Serenum - ok 12:48:10.0984 0x0760 [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial C:\WINDOWS\System32\drivers\serial.sys 12:48:11.0001 0x0760 Serial - ok 12:48:11.0017 0x0760 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 12:48:11.0086 0x0760 sermouse - ok 12:48:11.0164 0x0760 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll 12:48:11.0252 0x0760 SessionEnv - ok 12:48:11.0268 0x0760 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 12:48:11.0301 0x0760 sfloppy - ok 12:48:11.0363 0x0760 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 12:48:11.0531 0x0760 SharedAccess - ok 12:48:11.0576 0x0760 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 12:48:11.0695 0x0760 ShellHWDetection - ok 12:48:11.0711 0x0760 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 12:48:11.0742 0x0760 SiSRaid2 - ok 12:48:11.0758 0x0760 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 12:48:11.0774 0x0760 SiSRaid4 - ok 12:48:11.0812 0x0760 [ 8A6571231D93C08434A56E19E33A35CB, 78A12B58D129D5B2017C9A94734656B9F1ED41345DF1D01F82702D4D95C1BE3F ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys 12:48:11.0828 0x0760 SmbDrvI - ok 12:48:11.0875 0x0760 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll 12:48:11.0979 0x0760 smphost - ok 12:48:12.0077 0x0760 [ 01177453C9F498EABD49CCF1E50437C8, CF8886916A93AB35E164D3F92337A2F7EF0475673CAB533EC56CBF24FB7F5231 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll 12:48:12.0174 0x0760 SmsRouter - ok 12:48:12.0217 0x0760 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 12:48:12.0280 0x0760 SNMPTRAP - ok 12:48:12.0348 0x0760 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 12:48:12.0402 0x0760 spaceport - ok 12:48:12.0432 0x0760 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 12:48:12.0451 0x0760 SpbCx - ok 12:48:12.0502 0x0760 [ 199C8C07241F1A14C5B0527647A6D2D7, 7A704F750BDEF21507230EAE437DAB565FDB0909177F05B8FC48DBF925E631A9 ] Spooler C:\WINDOWS\System32\spoolsv.exe 12:48:12.0704 0x0760 Spooler - ok 12:48:13.0013 0x0760 [ B7F4352F3720DBE492A27682FCBE33FE, E1E63EA743D581FAC150F9E859B846B10943F742DC9212226C3527BEAA3E2CE2 ] sppsvc C:\WINDOWS\system32\sppsvc.exe 12:48:13.0408 0x0760 sppsvc - ok 12:48:13.0454 0x0760 [ B5C5436E7DEA7048822809D16B6E861D, 608641408574CA07A23B2B94A096BC5D2D28828E33B5C2F86CBEA0E49CCE57A5 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 12:48:13.0554 0x0760 srv - ok 12:48:13.0612 0x0760 [ ACCFA2FAAF77F5F9D72D3496B36057A8, C874CFB46C732ABEAB5B2A1751E043AA32E5D8DA78C526368986E878A547897A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 12:48:13.0755 0x0760 srv2 - ok 12:48:13.0812 0x0760 [ FEABA2601AD0D819760F84D1A3ECE5AF, 838127FC6C54F643ADFE1BFBBBF5AA66A1C82272DB9AFAA5B3B14731834BC307 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 12:48:13.0859 0x0760 srvnet - ok 12:48:13.0912 0x0760 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 12:48:13.0990 0x0760 SSDPSRV - ok 12:48:14.0028 0x0760 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 12:48:14.0087 0x0760 SstpSvc - ok 12:48:14.0247 0x0760 [ A443DC17F146CDC8A39CDAB989A49CC2, A4F4371FE536F2DB8A76B04544B7364C1E9663C323D4B33858C8B9B33573AEFC ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll 12:48:14.0541 0x0760 StateRepository - ok 12:48:14.0588 0x0760 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 12:48:14.0611 0x0760 stexstor - ok 12:48:14.0644 0x0760 [ 031E6ABABF940133B92613E7BDF3A169, E47F1FCAA399BB4D0BDC37A1D124E63B26B17C1333073A3FD2E680AE3B5A0068 ] stisvc C:\WINDOWS\System32\wiaservc.dll 12:48:14.0776 0x0760 stisvc - ok 12:48:14.0791 0x0760 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 12:48:14.0825 0x0760 storahci - ok 12:48:14.0830 0x0760 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 12:48:14.0862 0x0760 storflt - ok 12:48:14.0877 0x0760 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 12:48:14.0893 0x0760 stornvme - ok 12:48:14.0914 0x0760 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys 12:48:15.0055 0x0760 storqosflt - ok 12:48:15.0145 0x0760 [ 0C3826B2DB8D45A6B577007EFA0D24C2, 0DBF01031597C33E85BABF1491CF903222C06175CBC39B4056D170F90674592F ] StorSvc C:\WINDOWS\system32\storsvc.dll 12:48:15.0294 0x0760 StorSvc - ok 12:48:15.0314 0x0760 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys 12:48:15.0316 0x0760 storufs - ok 12:48:15.0332 0x0760 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 12:48:15.0363 0x0760 storvsc - ok 12:48:15.0379 0x0760 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll 12:48:15.0432 0x0760 svsvc - ok 12:48:15.0448 0x0760 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 12:48:15.0464 0x0760 swenum - ok 12:48:15.0516 0x0760 [ 2EAC7BF69DC104F9AC913D5E00550334, 0698A48B45EF23D39370797D567326596687A3A5FA5D757374DE5BB93E9E4ACC ] swprv C:\WINDOWS\System32\swprv.dll 12:48:15.0617 0x0760 swprv - ok 12:48:15.0664 0x0760 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys 12:48:15.0734 0x0760 Synth3dVsc - ok 12:48:15.0814 0x0760 [ 7DC2B34FB6F1798F2D13453E0321D025, 60EF12A8824384DD88D9C5D188E8FB137F0F85A63C06AAF720CB2D616EB847F4 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 12:48:15.0853 0x0760 SynTP - ok 12:48:15.0957 0x0760 [ 6FBDBC24B1642868E041463795CBFA44, E9FA0DB094E7B2129ABD325BC91A48D6646380D6AA97BE6233C220E0C98637AF ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe 12:48:16.0011 0x0760 SynTPEnhService - ok 12:48:16.0087 0x0760 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll 12:48:16.0207 0x0760 SysMain - ok 12:48:16.0264 0x0760 [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 12:48:16.0410 0x0760 SystemEventsBroker - ok 12:48:16.0464 0x0760 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 12:48:16.0495 0x0760 TabletInputService - ok 12:48:16.0540 0x0760 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 12:48:16.0633 0x0760 TapiSrv - ok 12:48:16.0780 0x0760 [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 12:48:16.0934 0x0760 Tcpip - ok 12:48:17.0055 0x0760 [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys 12:48:17.0166 0x0760 Tcpip6 - ok 12:48:17.0198 0x0760 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 12:48:17.0235 0x0760 tcpipreg - ok 12:48:17.0282 0x0760 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 12:48:17.0313 0x0760 tdx - ok 12:48:17.0355 0x0760 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 12:48:17.0370 0x0760 terminpt - ok 12:48:17.0471 0x0760 [ 410EC733547D7FE5709D108015088460, CA12E46D6DB2897223C2113AE01D805E3E6CDE9ACAE17A1749DFB40CDE7A8736 ] TermService C:\WINDOWS\System32\termsrv.dll 12:48:17.0640 0x0760 TermService - ok 12:48:17.0687 0x0760 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll 12:48:17.0740 0x0760 Themes - ok 12:48:17.0787 0x0760 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe 12:48:17.0860 0x0760 TieringEngineService - ok 12:48:17.0906 0x0760 [ 004E2395FE15814BD8250430F5EEC523, 2649AA073FAF0F72835BD834465231C6A44BF5BB31DE0E18A3844BC967AE1C92 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll 12:48:18.0091 0x0760 tiledatamodelsvc - ok 12:48:18.0144 0x0760 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 12:48:18.0278 0x0760 TimeBroker - ok 12:48:18.0361 0x0760 [ 0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD, 26AE50F2263DDDE3C6678566E2B198966CE870DF4B254F2D655752F742F63C12 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe 12:48:18.0377 0x0760 TomTomHOMEService - ok 12:48:18.0430 0x0760 [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM C:\WINDOWS\System32\drivers\tpm.sys 12:48:18.0457 0x0760 TPM - ok 12:48:18.0530 0x0760 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll 12:48:18.0581 0x0760 TrkWks - ok 12:48:18.0663 0x0760 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 12:48:18.0747 0x0760 TrustedInstaller - ok 12:48:18.0779 0x0760 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys 12:48:18.0910 0x0760 tsusbflt - ok 12:48:18.0926 0x0760 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 12:48:18.0963 0x0760 TsUsbGD - ok 12:48:19.0011 0x0760 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys 12:48:19.0029 0x0760 tunnel - ok 12:48:19.0091 0x0760 [ 127925766866C52F147A2FFC0C0358A5, DCDF38A456E0BAAEE1E54FD67C3DEB4A036F116036FBD28073201B6C27C2C2DD ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll 12:48:19.0148 0x0760 tzautoupdate - ok 12:48:19.0180 0x0760 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 12:48:19.0195 0x0760 uagp35 - ok 12:48:19.0211 0x0760 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 12:48:19.0227 0x0760 UASPStor - ok 12:48:19.0264 0x0760 [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys 12:48:19.0328 0x0760 UcmCx0101 - ok 12:48:19.0349 0x0760 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys 12:48:19.0380 0x0760 UcmUcsi - ok 12:48:19.0411 0x0760 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys 12:48:19.0427 0x0760 Ucx01000 - ok 12:48:19.0449 0x0760 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys 12:48:19.0549 0x0760 UdeCx - ok 12:48:19.0565 0x0760 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 12:48:19.0645 0x0760 udfs - ok 12:48:19.0665 0x0760 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 12:48:19.0681 0x0760 UEFI - ok 12:48:19.0727 0x0760 [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys 12:48:19.0822 0x0760 Ufx01000 - ok 12:48:19.0855 0x0760 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys 12:48:19.0871 0x0760 UfxChipidea - ok 12:48:19.0951 0x0760 [ 0B1013A5204A6B9EEB38F4EE1E430CE6, 9E04DB9BCAB951F87D1D142818BDDE1526BA9FEBD5C8C6351E47EC7F00BEE036 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys 12:48:20.0002 0x0760 ufxsynopsys - ok 12:48:20.0051 0x0760 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 12:48:20.0086 0x0760 UI0Detect - ok 12:48:20.0101 0x0760 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 12:48:20.0133 0x0760 uliagpkx - ok 12:48:20.0152 0x0760 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 12:48:20.0188 0x0760 umbus - ok 12:48:20.0203 0x0760 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 12:48:20.0288 0x0760 UmPass - ok 12:48:20.0356 0x0760 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 12:48:20.0473 0x0760 UmRdpService - ok 12:48:20.0550 0x0760 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll 12:48:20.0692 0x0760 UnistoreSvc - ok 12:48:20.0927 0x0760 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 12:48:20.0980 0x0760 UNS - ok 12:48:21.0042 0x0760 [ ADF8DBE1212418207F6D5F6F4E8A9E07, 8999DA19B3C6BC5475AD1F55366DBA547B856FB2833552A708A223DF720CDC15 ] upnphost C:\WINDOWS\System32\upnphost.dll 12:48:21.0112 0x0760 upnphost - ok 12:48:21.0128 0x0760 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys 12:48:21.0143 0x0760 UrsChipidea - ok 12:48:21.0196 0x0760 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys 12:48:21.0243 0x0760 UrsCx01000 - ok 12:48:21.0265 0x0760 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys 12:48:21.0280 0x0760 UrsSynopsys - ok 12:48:21.0312 0x0760 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 12:48:21.0327 0x0760 usbccgp - ok 12:48:21.0360 0x0760 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 12:48:21.0396 0x0760 usbcir - ok 12:48:21.0443 0x0760 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 12:48:21.0481 0x0760 usbehci - ok 12:48:21.0512 0x0760 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 12:48:21.0565 0x0760 usbhub - ok 12:48:21.0612 0x0760 [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 12:48:21.0681 0x0760 USBHUB3 - ok 12:48:21.0697 0x0760 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 12:48:21.0766 0x0760 usbohci - ok 12:48:21.0781 0x0760 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 12:48:21.0881 0x0760 usbprint - ok 12:48:21.0913 0x0760 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 12:48:21.0928 0x0760 usbscan - ok 12:48:21.0959 0x0760 [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser C:\WINDOWS\System32\drivers\usbser.sys 12:48:22.0012 0x0760 usbser - ok 12:48:22.0028 0x0760 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 12:48:22.0062 0x0760 USBSTOR - ok 12:48:22.0076 0x0760 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 12:48:22.0101 0x0760 usbuhci - ok 12:48:22.0148 0x0760 [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 12:48:22.0181 0x0760 USBXHCI - ok 12:48:22.0213 0x0760 [ FECB9A2BDE6DB505C346490C3746FEEA, F2CFAC58DE3F467B74B660F68F44EE72AEDAE33499DCF92C7AACD108803C62A9 ] usb_rndisx C:\WINDOWS\System32\drivers\usb8023x.sys 12:48:22.0282 0x0760 usb_rndisx - ok 12:48:22.0382 0x0760 [ 22F544CF96E0810D5369CF39F7BE2FFD, 3D699A50675F2C795396E7C10E0721C8DD2AC4A49C425E86B1EB64D90C3895A7 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll 12:48:22.0583 0x0760 UserDataSvc - ok 12:48:22.0803 0x0760 [ 4500C83EE55F99487FBF0C03280B0628, F9CFB057CEE9AC562A8665CB2E56E686F0C34EFADF29ED058461456F129D1E00 ] UserManager C:\WINDOWS\System32\usermgr.dll 12:48:22.0968 0x0760 UserManager - ok 12:48:23.0018 0x0760 [ AAA289B8430C95D0C5A8B56EDFB08734, D2992E190D87B4C10324F3D744634D4370CC7ADCE4330476FECBA045BEDF7577 ] UsoSvc C:\WINDOWS\system32\usocore.dll 12:48:23.0169 0x0760 UsoSvc - ok 12:48:23.0187 0x0760 [ 28F844500ADA77447835BC586F15AAAE, A0368E0928E7AB459F7DF3E9C0ECAFDD33F5DAC6A7122689FA6CF4B55AFB4D15 ] VaultSvc C:\WINDOWS\system32\lsass.exe 12:48:23.0203 0x0760 VaultSvc - ok 12:48:23.0249 0x0760 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 12:48:23.0272 0x0760 vdrvroot - ok 12:48:23.0369 0x0760 [ EAD55A7EC50B0E93B73ABDA29E387548, E69625AA34F6A002C612376DDB756ACE161C23DEAC79A7811F862B1B8A670C78 ] vds C:\WINDOWS\System32\vds.exe 12:48:23.0450 0x0760 vds - ok 12:48:23.0488 0x0760 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 12:48:23.0519 0x0760 VerifierExt - ok 12:48:23.0565 0x0760 [ 5E6B235E7A64C3F7CBE456368E9B5368, DEDD57CA195D48FF6D755EC91115F22D12558430F0A610F10417D09A2F876B9F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 12:48:23.0619 0x0760 vhdmp - ok 12:48:23.0635 0x0760 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys 12:48:23.0688 0x0760 vhf - ok 12:48:23.0750 0x0760 [ 73A8377232E54A485E204165892B58FD, 9B3B9F14BB0C2967B8BCAC6E8C81ED6772CE5F6B014009BEB9946741FF78F771 ] vm331avs C:\WINDOWS\System32\Drivers\vm331avs.sys 12:48:23.0830 0x0760 vm331avs - ok 12:48:23.0845 0x0760 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 12:48:23.0851 0x0760 vmbus - ok 12:48:23.0876 0x0760 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 12:48:23.0908 0x0760 VMBusHID - ok 12:48:23.0955 0x0760 [ 31EFC43DA99BB96A35CE091F2FCAE58A, 925E7B7F5DC72EFFD1D6EF530BA9F088AF7B6A56486FB79BFBEECD9E428230AE ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 12:48:24.0145 0x0760 vmicguestinterface - ok 12:48:24.0179 0x0760 [ 31EFC43DA99BB96A35CE091F2FCAE58A, 925E7B7F5DC72EFFD1D6EF530BA9F088AF7B6A56486FB79BFBEECD9E428230AE ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 12:48:24.0226 0x0760 vmicheartbeat - ok 12:48:24.0276 0x0760 [ 31EFC43DA99BB96A35CE091F2FCAE58A, 925E7B7F5DC72EFFD1D6EF530BA9F088AF7B6A56486FB79BFBEECD9E428230AE ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 12:48:24.0310 0x0760 vmickvpexchange - ok 12:48:24.0342 0x0760 [ 31EFC43DA99BB96A35CE091F2FCAE58A, 925E7B7F5DC72EFFD1D6EF530BA9F088AF7B6A56486FB79BFBEECD9E428230AE ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 12:48:24.0379 0x0760 vmicrdv - ok 12:48:24.0426 0x0760 [ 31EFC43DA99BB96A35CE091F2FCAE58A, 925E7B7F5DC72EFFD1D6EF530BA9F088AF7B6A56486FB79BFBEECD9E428230AE ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 12:48:24.0458 0x0760 vmicshutdown - ok 12:48:24.0495 0x0760 [ 31EFC43DA99BB96A35CE091F2FCAE58A, 925E7B7F5DC72EFFD1D6EF530BA9F088AF7B6A56486FB79BFBEECD9E428230AE ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 12:48:24.0542 0x0760 vmictimesync - ok 12:48:24.0580 0x0760 [ 31EFC43DA99BB96A35CE091F2FCAE58A, 925E7B7F5DC72EFFD1D6EF530BA9F088AF7B6A56486FB79BFBEECD9E428230AE ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll 12:48:24.0611 0x0760 vmicvmsession - ok 12:48:24.0658 0x0760 [ 31EFC43DA99BB96A35CE091F2FCAE58A, 925E7B7F5DC72EFFD1D6EF530BA9F088AF7B6A56486FB79BFBEECD9E428230AE ] vmicvss C:\WINDOWS\System32\ICSvc.dll 12:48:24.0702 0x0760 vmicvss - ok 12:48:24.0725 0x0760 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 12:48:24.0738 0x0760 volmgr - ok 12:48:24.0776 0x0760 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 12:48:24.0811 0x0760 volmgrx - ok 12:48:24.0843 0x0760 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 12:48:24.0878 0x0760 volsnap - ok 12:48:24.0912 0x0760 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 12:48:24.0959 0x0760 vpci - ok 12:48:24.0980 0x0760 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 12:48:25.0011 0x0760 vsmraid - ok 12:48:25.0080 0x0760 [ 47721869B78A3B2B347419541A87046C, C0B1BF63393F1B777D29AE589273A585713E0672B3FD1EF37021DDC727733E99 ] VSS C:\WINDOWS\system32\vssvc.exe 12:48:25.0212 0x0760 VSS - ok 12:48:25.0243 0x0760 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 12:48:25.0281 0x0760 VSTXRAID - ok 12:48:25.0297 0x0760 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 12:48:25.0344 0x0760 vwifibus - ok 12:48:25.0359 0x0760 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys 12:48:25.0396 0x0760 vwififlt - ok 12:48:25.0412 0x0760 [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys 12:48:25.0443 0x0760 vwifimp - ok 12:48:25.0512 0x0760 [ 22CF3668BA7C3B037B3918678293B2BD, D24E33229EE86F5D371890C166F89FFCE1AA7DD3DE9F75101088A2A404AD485B ] W32Time C:\WINDOWS\system32\w32time.dll 12:48:25.0612 0x0760 W32Time - ok 12:48:25.0644 0x0760 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 12:48:25.0680 0x0760 WacomPen - ok 12:48:25.0728 0x0760 [ 46986CCBB5C9FCB02CC0E9DBD20A2F36, 387E989D4F6E35288B47C02CE9AD2E0B0467272903F2C0A1A9CEBF799452B2DA ] WalletService C:\WINDOWS\system32\WalletService.dll 12:48:25.0813 0x0760 WalletService - ok 12:48:25.0844 0x0760 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 12:48:25.0882 0x0760 wanarp - ok 12:48:25.0882 0x0760 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 12:48:25.0913 0x0760 wanarpv6 - ok 12:48:26.0033 0x0760 [ 43742B3E4001AC88446B4808C04B5D94, A783E1644B453A4840F26653E37F881E8B9B1CD35EE4C959AA4FE03571A673BB ] wbengine C:\WINDOWS\system32\wbengine.exe 12:48:26.0229 0x0760 wbengine - ok 12:48:26.0298 0x0760 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 12:48:26.0598 0x0760 WbioSrvc - ok 12:48:26.0698 0x0760 [ 5323162AB7D42F77B8D5BBB43981699B, A5961A43BDCC24B9054621C1A48B4D8FEAE9FB9C833400C02F28DC966AC4FCE8 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 12:48:26.0798 0x0760 Wcmsvc - ok 12:48:26.0860 0x0760 [ DD510082B0D2FBA111689EB8274BA336, EAD9824DA28EFB0440D0D4D5CF88F6AE802AD8BA7A915CED814161901C179998 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 12:48:26.0983 0x0760 wcncsvc - ok 12:48:27.0044 0x0760 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 12:48:27.0183 0x0760 WcsPlugInService - ok 12:48:27.0230 0x0760 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 12:48:27.0246 0x0760 WdBoot - ok 12:48:27.0314 0x0760 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 12:48:27.0383 0x0760 Wdf01000 - ok 12:48:27.0427 0x0760 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 12:48:27.0464 0x0760 WdFilter - ok 12:48:27.0484 0x0760 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 12:48:27.0515 0x0760 WdiServiceHost - ok 12:48:27.0515 0x0760 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 12:48:27.0546 0x0760 WdiSystemHost - ok 12:48:27.0600 0x0760 [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys 12:48:27.0684 0x0760 wdiwifi - ok 12:48:27.0700 0x0760 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 12:48:27.0734 0x0760 WdNisDrv - ok 12:48:27.0748 0x0760 WdNisSvc - ok 12:48:27.0816 0x0760 [ 4C38FCAC3F7A43D77D59877F2AA656D7, 5F3CC3D3B284F959C3C08E882211E61DF4F9AAACDD16ED4E8D70EFA768E41E4C ] WebClient C:\WINDOWS\System32\webclnt.dll 12:48:27.0920 0x0760 WebClient - ok 12:48:27.0936 0x0760 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 12:48:28.0009 0x0760 Wecsvc - ok 12:48:28.0028 0x0760 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 12:48:28.0060 0x0760 WEPHOSTSVC - ok 12:48:28.0093 0x0760 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 12:48:28.0172 0x0760 wercplsupport - ok 12:48:28.0194 0x0760 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 12:48:28.0257 0x0760 WerSvc - ok 12:48:28.0296 0x0760 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys 12:48:28.0313 0x0760 WFPLWFS - ok 12:48:28.0359 0x0760 [ 71DAE1FD62444A54301EA132FF737564, 9646AEE1F0CE2DC9B04C4F612019C02C7A7143A898EE3A834986ECD8B0FB1F93 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 12:48:28.0395 0x0760 WiaRpc - ok 12:48:28.0426 0x0760 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 12:48:28.0457 0x0760 WIMMount - ok 12:48:28.0457 0x0760 WinDefend - ok 12:48:28.0494 0x0760 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys 12:48:28.0510 0x0760 WindowsTrustedRT - ok 12:48:28.0525 0x0760 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys 12:48:28.0541 0x0760 WindowsTrustedRTProxy - ok 12:48:28.0615 0x0760 [ 5FBB753D670789A686E9D9C92F029182, 13F16408463EA368F68DEFCD06CE3719AD17D5F81F91D4E97C0BEF11AE0B4952 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 12:48:28.0731 0x0760 WinHttpAutoProxySvc - ok 12:48:28.0778 0x0760 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys 12:48:28.0793 0x0760 WinMad - ok 12:48:28.0931 0x0760 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 12:48:29.0359 0x0760 Winmgmt - ok 12:48:29.0527 0x0760 [ CF0CDB6987DA95350D43721758455B40, 97699778961ACA19E3F1811E571C814EDB6228CB8EF8B05CAFED3559DD2A0A9C ] WinRM C:\WINDOWS\system32\WsmSvc.dll 12:48:29.0843 0x0760 WinRM - ok 12:48:29.0890 0x0760 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS 12:48:29.0927 0x0760 WINUSB - ok 12:48:29.0959 0x0760 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys 12:48:29.0974 0x0760 WinVerbs - ok 12:48:30.0105 0x0760 [ BFBEBBA9ABB53EF0C623BD064D1F5619, C50F485EB42CED701BBC53708A0B0D7192127B4A09DCEF3E58F6ADC8CE7F6BDF ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 12:48:30.0300 0x0760 WlanSvc - ok 12:48:30.0406 0x0760 [ 1C6989AFCB13D1276DCD6E32A02C1244, 25914B2A7F1F575FD92980B44CA0B6B2912C1C0FE7B82F98961231E702D50E17 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 12:48:30.0629 0x0760 wlidsvc - ok 12:48:30.0645 0x0760 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 12:48:30.0707 0x0760 WmiAcpi - ok 12:48:30.0771 0x0760 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 12:48:30.0823 0x0760 wmiApSrv - ok 12:48:30.0845 0x0760 WMPNetworkSvc - ok 12:48:30.0892 0x0760 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys 12:48:30.0961 0x0760 Wof - ok 12:48:31.0093 0x0760 [ 916565ECDC9BB251CCD037E21AC8D5F8, 0DD808EDDCFD931EB5845D10E3725F7711C168E2A25AF9583743AE9BDCE37BA8 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 12:48:31.0331 0x0760 workfolderssvc - ok 12:48:31.0378 0x0760 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 12:48:31.0393 0x0760 wpcfltr - ok 12:48:31.0428 0x0760 [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 12:48:31.0534 0x0760 WPDBusEnum - ok 12:48:31.0543 0x0760 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 12:48:31.0574 0x0760 WpdUpFltr - ok 12:48:31.0622 0x0760 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll 12:48:31.0731 0x0760 WpnService - ok 12:48:31.0778 0x0760 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 12:48:31.0831 0x0760 ws2ifsl - ok 12:48:31.0894 0x0760 [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc C:\WINDOWS\System32\wscsvc.dll 12:48:31.0964 0x0760 wscsvc - ok 12:48:31.0980 0x0760 WSearch - ok 12:48:32.0164 0x0760 [ 5E540BC4B5CB9AA63F2AC108D0FC1EF3, F471A7AF3715BBAB32728404EC0B17025F6DD4F77F4F605A1DDDF96CB37B03E0 ] WSService C:\WINDOWS\System32\WSService.dll 12:48:32.0412 0x0760 WSService - ok 12:48:32.0449 0x0760 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys 12:48:32.0465 0x0760 wsvd - ok 12:48:32.0582 0x0760 [ F970E37C0020653227AAD3CC5E339EC6, 4FFAEEDD4CB46513440F21CA553CF9A7621672836F183E566324C354958C62D8 ] wuauserv C:\WINDOWS\system32\wuaueng.dll 12:48:32.0813 0x0760 wuauserv - ok 12:48:32.0870 0x0760 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 12:48:32.0996 0x0760 WudfPf - ok 12:48:33.0029 0x0760 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 12:48:33.0101 0x0760 WUDFRd - ok 12:48:33.0143 0x0760 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 12:48:33.0190 0x0760 wudfsvc - ok 12:48:33.0221 0x0760 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 12:48:33.0243 0x0760 WUDFWpdFs - ok 12:48:33.0275 0x0760 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 12:48:33.0306 0x0760 WUDFWpdMtp - ok 12:48:33.0374 0x0760 [ 76423BF8460C054F0B167A329F86ACFC, 25CE4FADD8BA9B48261034D22A9C24EFE9040BFB842A31E60A4A12D0AF22EBC1 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 12:48:33.0544 0x0760 WwanSvc - ok 12:48:33.0622 0x0760 [ 130AA463B4C1E0DAABF0A3A20E3ECE7C, 97CBD02ACE346308682230595E305BA7844C31550E6D8C2212418D6FA1CC67BE ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll 12:48:33.0729 0x0760 XblAuthManager - ok 12:48:33.0807 0x0760 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll 12:48:34.0040 0x0760 XblGameSave - ok 12:48:34.0086 0x0760 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys 12:48:34.0260 0x0760 xboxgip - ok 12:48:34.0345 0x0760 [ 6284743AFD613A1DAF20FA5FE3FBF9BB, 0010DA848A470613C2F70B6815E608B23E1AEABCAE3FF966F0957890D8F20F8E ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll 12:48:34.0523 0x0760 XboxNetApiSvc - ok 12:48:34.0561 0x0760 [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys 12:48:34.0608 0x0760 xinputhid - ok 12:48:34.0624 0x0760 ================ Scan global =============================== 12:48:34.0664 0x0760 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll 12:48:34.0727 0x0760 [ A3BC3B90FE6AE2B4152F62E2507DDA74, A2113246B8E139AB12D05F2B5A97DAB0F6B4C0CB3BF2D2215788EBDEEB50276D ] C:\WINDOWS\system32\winsrv.dll 12:48:34.0808 0x0760 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll 12:48:34.0877 0x0760 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe 12:48:34.0924 0x0760 [ Global ] - ok 12:48:34.0924 0x0760 ================ Scan MBR ================================== 12:48:34.0945 0x0760 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 12:48:35.0267 0x0760 \Device\Harddisk0\DR0 - ok 12:48:35.0282 0x0760 ================ Scan VBR ================================== 12:48:35.0358 0x0760 [ 5D5FA8E7A6D94FFDF12748AF8557A392 ] \Device\Harddisk0\DR0\Partition1 12:48:35.0478 0x0760 \Device\Harddisk0\DR0\Partition1 - ok 12:48:35.0494 0x0760 [ 3505FC8D23D5E0394C9AFE97AA4206B7 ] \Device\Harddisk0\DR0\Partition2 12:48:35.0494 0x0760 \Device\Harddisk0\DR0\Partition2 - ok 12:48:35.0517 0x0760 [ 9A0E68B75EF4C8AC1790D6D8E7A702D4 ] \Device\Harddisk0\DR0\Partition3 12:48:35.0519 0x0760 \Device\Harddisk0\DR0\Partition3 - ok 12:48:35.0538 0x0760 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4 12:48:35.0539 0x0760 \Device\Harddisk0\DR0\Partition4 - ok 12:48:35.0540 0x0760 [ 2A19D35EB8089501876C968863B85500 ] \Device\Harddisk0\DR0\Partition5 12:48:35.0540 0x0760 \Device\Harddisk0\DR0\Partition5 - ok 12:48:35.0574 0x0760 [ F74407385D63609053808146D07063CF ] \Device\Harddisk0\DR0\Partition6 12:48:35.0574 0x0760 \Device\Harddisk0\DR0\Partition6 - ok 12:48:35.0606 0x0760 [ B5A2D0D7491C1C87B82841080EDDF058 ] \Device\Harddisk0\DR0\Partition7 12:48:35.0606 0x0760 \Device\Harddisk0\DR0\Partition7 - ok 12:48:35.0637 0x0760 [ EA9B35AE5410D6D4B3F624E459AF6566 ] \Device\Harddisk0\DR0\Partition8 12:48:35.0637 0x0760 \Device\Harddisk0\DR0\Partition8 - ok 12:48:35.0637 0x0760 ================ Scan generic autorun ====================== 12:48:35.0706 0x0760 [ 0C3154D0620F974AD5C4E8D87626C8CF, 4E6B751F9C0D5D4833A12166BC5142E0A7402E98D00F570926ED9CA0936A8007 ] C:\WINDOWS\system32\igfxtray.exe 12:48:35.0737 0x0760 IgfxTray - ok 12:48:35.0775 0x0760 [ E4AA3D28753EF9DB333FE40079993B09, ECC60BAA7D21EF97CDA17F45277FBFE52B2169155DDB157E34A7AE2EC1BEC185 ] C:\WINDOWS\system32\hkcmd.exe 12:48:35.0806 0x0760 HotKeysCmds - ok 12:48:35.0838 0x0760 [ CF40080765D6F66FA93318C0DB6C7D1F, 015EE5BE439DAC6D3F7C7471EEF554C11F28947492E3F7AA14BB72622C327DCD ] C:\WINDOWS\system32\igfxpers.exe 12:48:35.0879 0x0760 Persistence - ok 12:48:36.0551 0x0760 [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 12:48:37.0224 0x0760 RtHDVCpl - ok 12:48:37.0324 0x0760 [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 12:48:37.0424 0x0760 RtHDVBg_Dolby - ok 12:48:37.0492 0x0760 [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 12:48:37.0539 0x0760 RtHDVBg_LENOVO_DOLBYDRAGON - ok 12:48:37.0608 0x0760 [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 12:48:37.0677 0x0760 RtHDVBg_LENOVO_MICPKEY - ok 12:48:37.0724 0x0760 [ 11446040CF8064AF540F40F371148819, 051543782393ACDD02C4BC67F4CC44E4CAD572BFDBE4FE4A33F84EBF13B6AF25 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe 12:48:37.0762 0x0760 AmIcoSinglun64 - ok 12:48:38.0571 0x0760 [ 65EE16AACAEBAF3D8EDEA422177B2DA0, D15F841043D04ACE2F3D376F0EA2A3F42B4FAAE78C82913529EB8576608D0B22 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe 12:48:39.0445 0x0760 Energy Management - ok 12:48:39.0523 0x0760 [ 5EAF38FC08B9DE07AE8A3D814A3CF959, F9F1844F20106EE77664B848A056D6E06105647C61FC2F2B64BDFD05F76E7E3D ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe 12:48:39.0547 0x0760 EnergyUtility - ok 12:48:39.0563 0x0760 SynTPEnh - ok 12:48:39.0610 0x0760 [ DD2764BF044F573EB40EF4ED65A53474, 920D1AF6E284F4E3E1D200B660F5DB65938D51D5E7FBD1AF6EBB2E0BB8F30F15 ] C:\Program Files (x86)\USB Camera\VM331STI.EXE 12:48:39.0679 0x0760 331BigDog - ok 12:48:39.0702 0x0760 332BigDog - ok 12:48:39.0935 0x0760 [ 51B22E0B6BEDD384FD13446A670E2011, F22B0D1479B1C6AA41677F2F1CF265B9BB9F7D25D0055EBCA2537C5E9B6EB60E ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe 12:48:40.0235 0x0760 Dolby Advanced Audio v2 - ok 12:48:40.0373 0x0760 [ A1741C3B79F9DF8895E05EF43579E74B, 446094FDBA93518ABE1CDEC50E24AB60BC7CA78022A289AF5C21461778FD8001 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe 12:48:40.0405 0x0760 YouCam Mirage - ok 12:48:40.0436 0x0760 [ 79EDDBCBFFC23585BC1495AFC03CC4D7, 325A6C067A52BAD7070C1C758EA69645FD8083AC6D0ABA8340BDBE1A712E005F ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe 12:48:40.0458 0x0760 YouCam Tray - ok 12:48:40.0558 0x0760 [ 16D807D8B07A868298A8044E576BE419, 148399752A497E7FEA07C59C89834E266652AC1C0793B5C9C429FDBB37AB7617 ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe 12:48:43.0690 0x0760 UpdateP2GShortCut - detected UnsignedFile.Multi.Generic ( 1 ) 12:48:43.0944 0x0760 Detect skipped due to KSN trusted 12:48:43.0944 0x0760 UpdateP2GShortCut - ok 12:48:44.0090 0x0760 [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe 12:48:44.0138 0x0760 RemoteControl10 - ok 12:48:44.0203 0x0760 [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe 12:48:44.0228 0x0760 Intel AppUp(SM) center - ok 12:48:44.0444 0x0760 [ C039D1E17B08CC50AA919452A6DFF7BD, AC6596E62FEF9A6C42CD68FD63775079E59979F6121CE9FBA970AF8915B0D7A5 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe 12:48:44.0556 0x0760 FUFAXSTM - ok 12:48:44.0701 0x0760 [ 494AB1A80F7BBF60D79116E4EEB86C71, 8130DFDB14558D484DC9B13D8951FBB6CCBC6ECFA9FE012F4F1C1DE0696DC41C ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe 12:48:44.0748 0x0760 FUFAXRCV - ok 12:48:45.0434 0x0760 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe 12:48:45.0866 0x0760 OneDriveSetup - ok 12:48:46.0305 0x0760 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe 12:48:46.0562 0x0760 OneDriveSetup - ok 12:48:46.0847 0x0760 [ 44348495F9D6ED21F4EFB3FF80677D99, 05B76248764B2BF7F9229626D7EFAFF96B724D38A82969EBE376CBE879E30450 ] C:\Users\Sina\AppData\Local\Microsoft\OneDrive\OneDrive.exe 12:48:46.0955 0x0760 OneDrive - ok 12:48:47.0127 0x0760 [ 24A6799C5007B9C25D186287166FE197, 0BACE9A63E5ABC975E3B5C3AD3EDF80EEA040446D373C8F56BC3580F30881F47 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe 12:48:47.0255 0x0760 MyDriveConnect.exe - ok 12:48:47.0334 0x0760 [ 706A181D11D8589B0A9E2625E72423CF, BC0624B3BF5312DF5B54D6B23ADD7C6E94708968E4ACC3340BE23A3E87A8D2E0 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe 12:48:47.0354 0x0760 TomTomHOME.exe - ok 12:48:47.0356 0x0760 Waiting for KSN requests completion. In queue: 9 12:48:49.0072 0x0760 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.672 ), 0x61100 ( enabled : updated ) 12:48:49.0176 0x0760 Win FW state via NFP2: enabled ( trusted ) 12:48:59.0394 0x0760 ============================================================ 12:48:59.0394 0x0760 Scan finished 12:48:59.0394 0x0760 ============================================================ 12:48:59.0458 0x019c Detected object count: 0 12:48:59.0458 0x019c Actual detected object count: 0 |
03.01.2017, 13:10 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
03.01.2017, 13:41 | #10 |
| Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchteCode:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 03/01/2017 um 13:25:55 # Aktualisiert am 16/12/2016 von Malwarebytes # Datenbank : 2017-01-02.1 [Lokal] # Betriebssystem : Windows 10 Home (X64) # Benutzername : Sina - SINAMARC # Gestartet von : C:\Users\Sina\Desktop\adwcleaner_6.041.exe # Modus: Löschen # Unterstützung : https://www.malwarebytes.com/support ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ***** [ Browser ] ***** ************************* :: "Tracing" Schlüssel gelöscht :: Winsock Einstellungen zurückgesetzt :: Proxy Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Einstellungen zurückgesetzt: C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [9298 Bytes] - [03/01/2017 06:24:42] C:\AdwCleaner\AdwCleaner[C2].txt - [1187 Bytes] - [03/01/2017 13:25:55] C:\AdwCleaner\AdwCleaner[S0].txt - [9214 Bytes] - [03/01/2017 06:23:24] C:\AdwCleaner\AdwCleaner[S1].txt - [1530 Bytes] - [03/01/2017 13:24:28] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1406 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.0 (12.05.2016) Operating System: Windows 10 Home x64 Ran by Sina (Administrator) on 03.01.2017 at 13:36:44,46 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Successfully deleted: C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default\searchplugins\aol-search.xml (File) Deleted the following from C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default\prefs.js user_pref(extensions.unitedinternet.email.runonceNewUsersShown, true); Registry: 1 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1B385CD4-875E-4FFE-B61D-3E894565A8D0} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 03.01.2017 at 13:40:13,08 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
03.01.2017, 14:19 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
03.01.2017, 19:41 | #12 |
| Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte Sou,dann mal den frischen Log von FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017 durchgeführt von Sina (Administrator) auf SINAMARC (03-01-2017 19:29:17) Gestartet von C:\Users\Sina\Desktop Geladene Profile: Sina (Verfügbare Profile: Sina) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\WINDOWS\System32\hkcmd.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\System32\NetworkUXBroker.exe (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (Alcor Micro Corp.) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2012-10-23] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2012-10-23] (Lenovo(beijing) Limited) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated) HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro) HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2016-11-21] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom) HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 83.169.186.161 192.168.0.1 Tcpip\..\Interfaces\{a99790b1-ab1e-4e86-99cd-b31ac52494a4}: [DhcpNameServer] 83.169.186.161 192.168.0.1 Tcpip\..\Interfaces\{bd491783-5434-40df-b039-a5365bf9d6b4}: [DhcpNameServer] 83.169.186.161 192.168.0.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) FireFox: ======== FF ProfilePath: C:\Users\Sina\AppData\Roaming\TomTom\HOME\Profiles\p6ew8nnn.default [2016-07-14] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-07-14] [ist nicht signiert] FF ProfilePath: C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default [2017-01-02] FF Homepage: Mozilla\Firefox\Profiles\c54ks38h.default -> hxxps://www.google.de/?gws_rd=ssl FF Extension: (GMX MailCheck) - C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default\Extensions\browser-mailcheck@gmx.net [2016-12-08] FF SearchPlugin: C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default\searchplugins\aol-suche.xml [2013-07-26] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2099553490-1702204881-2692438545-1001: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\Sina\AppData\Roaming\Mozilla\Plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Sina\AppData\Roaming\mozilla\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH) Chrome: ======= CHR Profile: C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default [2017-01-03] CHR Extension: (Google Präsentationen) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-03] CHR Extension: (Google Docs) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-03] CHR Extension: (Google Drive) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-03] CHR Extension: (YouTube) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-03] CHR Extension: (Google Tabellen) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-03] CHR Extension: (Avira Browserschutz) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-03] CHR Extension: (Google Docs Offline) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-03] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-03] CHR Extension: (Google Mail) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-03] CHR Extension: (Chrome Media Router) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-03] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated) R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-03 19:29 - 2017-01-03 19:29 - 00015104 _____ C:\Users\Sina\Desktop\FRST.txt 2017-01-03 13:40 - 2017-01-03 13:40 - 00000993 _____ C:\Users\Sina\Desktop\JRT.txt 2017-01-03 13:38 - 2017-01-03 13:38 - 00001485 _____ C:\Users\Sina\Desktop\AdwCleaner[C2].txt 2017-01-03 13:18 - 2017-01-03 13:35 - 01663040 _____ (Malwarebytes) C:\Users\Sina\Desktop\JRT.exe 2017-01-03 13:08 - 2017-01-03 13:10 - 00251322 _____ C:\TDSSKiller.3.1.0.12_03.01.2017_13.08.51_log.txt 2017-01-03 12:58 - 2017-01-03 13:02 - 00125616 _____ C:\Users\Sina\Desktop\Neues Textdokument (2).txt 2017-01-03 12:46 - 2017-01-03 13:03 - 00251318 _____ C:\TDSSKiller.3.1.0.12_03.01.2017_12.46.22_log.txt 2017-01-03 12:40 - 2017-01-03 12:41 - 00000562 _____ C:\TDSSKiller.3.1.0.12_03.01.2017_12.40.14_log.txt 2017-01-03 09:54 - 2017-01-03 09:54 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-01-03 09:53 - 2017-01-03 12:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-01-03 09:53 - 2017-01-03 11:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-03 09:53 - 2017-01-03 11:22 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2017-01-03 09:52 - 2017-01-03 12:42 - 00000000 ____D C:\Users\Sina\Desktop\mbar 2017-01-03 06:20 - 2017-01-03 13:38 - 00000000 ____D C:\AdwCleaner 2017-01-03 06:19 - 2017-01-03 06:19 - 03977168 _____ C:\Users\Sina\Desktop\adwcleaner_6.041.exe 2017-01-02 23:16 - 2017-01-03 12:39 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Sina\Desktop\tdsskiller.exe 2017-01-02 23:14 - 2017-01-03 09:52 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sina\Desktop\mbar-1.09.3.1001.exe 2017-01-02 23:05 - 2017-01-02 23:06 - 00000000 ____D C:\Users\Sina\AppData\LocalLow\Mozilla 2017-01-02 21:49 - 2017-01-03 13:02 - 00073707 _____ C:\Users\Sina\Desktop\OpenDocument Text (neu).odt 2017-01-02 21:44 - 2017-01-03 19:29 - 00000000 ____D C:\FRST 2017-01-02 21:42 - 2017-01-02 21:43 - 02418176 _____ (Farbar) C:\Users\Sina\Desktop\FRST64.exe 2017-01-02 10:59 - 2017-01-03 08:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-12-22 22:44 - 2016-12-22 22:45 - 00277332 _____ C:\WINDOWS\Minidump\122216-29921-01.dmp 2016-12-20 18:21 - 2016-12-20 18:21 - 00000000 _____ C:\WINDOWS\Minidump\122016-104250-01.dmp 2016-12-14 18:54 - 2016-11-22 12:42 - 00384864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-12-14 18:54 - 2016-11-22 11:43 - 03692040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-12-14 18:54 - 2016-11-22 11:38 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-12-14 18:54 - 2016-11-22 11:36 - 00159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2016-12-14 18:54 - 2016-11-22 11:35 - 00609056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-12-14 18:54 - 2016-11-22 11:04 - 02549456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-12-14 18:54 - 2016-11-22 11:03 - 01777280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-14 18:54 - 2016-11-22 11:02 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-12-14 18:54 - 2016-11-22 10:32 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-12-14 18:54 - 2016-11-22 10:24 - 02938408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-12-14 18:54 - 2016-11-22 10:17 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-14 18:54 - 2016-11-22 10:16 - 00064072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2016-12-14 18:54 - 2016-11-22 09:59 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-12-14 18:54 - 2016-11-22 09:54 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-12-14 18:54 - 2016-11-22 09:49 - 02195640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-14 18:54 - 2016-11-22 09:48 - 01522672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-14 18:54 - 2016-11-22 09:47 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-12-14 18:54 - 2016-11-22 09:47 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-12-14 18:54 - 2016-11-22 09:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-12-14 18:54 - 2016-11-22 09:32 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-12-14 18:54 - 2016-11-22 09:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-12-14 18:54 - 2016-11-22 09:12 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-12-14 18:54 - 2016-11-22 09:04 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-12-14 18:54 - 2016-11-22 08:57 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-12-14 18:54 - 2016-11-22 08:54 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2016-12-14 18:54 - 2016-11-22 08:53 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-12-14 18:54 - 2016-11-22 08:41 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-12-14 18:54 - 2016-11-22 08:38 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2016-12-14 18:54 - 2016-11-22 08:26 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-12-14 18:54 - 2016-11-22 08:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-12-14 18:54 - 2016-11-22 08:21 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-12-14 18:54 - 2016-11-22 08:15 - 22373376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-12-14 18:54 - 2016-11-22 08:14 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-14 18:54 - 2016-11-22 08:02 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-12-14 18:54 - 2016-11-22 08:01 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-14 18:54 - 2016-11-22 07:59 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-12-14 18:54 - 2016-11-22 07:55 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-12-14 18:54 - 2016-11-22 07:49 - 07839232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-12-14 18:54 - 2016-11-22 07:35 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-12-14 18:54 - 2016-11-22 07:34 - 18670080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-12-14 18:54 - 2016-11-22 07:34 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-14 18:54 - 2016-11-22 07:32 - 03663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-14 18:54 - 2016-11-22 07:17 - 05658624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-12-14 18:53 - 2016-11-22 11:38 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-12-14 18:53 - 2016-11-22 11:35 - 00075448 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2016-12-14 18:53 - 2016-11-22 11:02 - 01399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-12-14 18:53 - 2016-11-22 10:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe 2016-12-14 18:53 - 2016-11-22 10:13 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2016-12-14 18:53 - 2016-11-22 10:00 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe 2016-12-14 18:53 - 2016-11-22 09:55 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-12-14 18:53 - 2016-11-22 09:50 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-12-14 18:53 - 2016-11-22 09:20 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-12-14 18:53 - 2016-11-22 08:36 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-13 08:48 - 2016-12-13 08:48 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2016-12-12 22:38 - 2016-12-12 22:40 - 01020084 _____ C:\WINDOWS\Minidump\121216-60000-01.dmp 2016-12-09 00:37 - 2016-12-09 07:04 - 00285620 _____ C:\WINDOWS\Minidump\120916-33609-01.dmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-03 15:39 - 2013-04-18 04:49 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-01-03 13:27 - 2016-02-03 03:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-03 13:26 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI 2017-01-03 11:17 - 2016-02-03 03:35 - 00000000 ____D C:\Users\Sina 2017-01-03 06:25 - 2013-03-08 22:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-01-03 06:24 - 2012-10-23 19:39 - 00000000 ____D C:\Program Files (x86)\Amazon 2017-01-03 05:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-02 22:33 - 2014-08-05 11:37 - 00000000 ____D C:\ProgramData\Package Cache 2017-01-02 22:33 - 2013-03-08 22:37 - 00000000 ____D C:\Program Files (x86)\Avira 2017-01-02 22:32 - 2013-03-08 22:37 - 00000000 ____D C:\ProgramData\Avira 2017-01-02 22:23 - 2013-03-08 22:43 - 00000000 ____D C:\Users\Sina\AppData\Roaming\Avira 2017-01-02 20:30 - 2013-05-12 21:24 - 00432935 _____ C:\Users\Sina\AppData\Local\census.cache 2017-01-02 20:30 - 2013-05-12 21:24 - 00073141 _____ C:\Users\Sina\AppData\Local\ars.cache 2017-01-02 18:50 - 2016-01-13 05:06 - 00000000 ____D C:\Users\Sina\Desktop\Demenz Ordner 2017-01-02 18:50 - 2013-07-26 13:34 - 00000000 ____D C:\Musik 2017-01-02 18:50 - 2013-07-13 15:45 - 00000000 ____D C:\Users\Sina\Desktop\Allerlei 2017-01-02 18:50 - 2013-03-10 20:09 - 00000000 ____D C:\Users\Sina\Desktop\Bilder 2017-01-01 22:13 - 2013-03-08 22:49 - 00000000 ____D C:\Users\Sina\AppData\Roaming\vlc 2017-01-01 22:04 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat 2017-01-01 22:04 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat 2017-01-01 22:04 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2017-01-01 22:04 - 2015-08-19 12:10 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-01 08:15 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-12-31 05:11 - 2016-02-03 03:35 - 00000000 ____D C:\Users\Sina\AppData\Local 2016-12-25 08:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\config\RegBack 2016-12-22 22:44 - 2016-02-09 06:08 - 00000000 ____D C:\WINDOWS\Minidump 2016-12-22 22:44 - 2015-10-01 04:03 - 359685698 _____ C:\WINDOWS\MEMORY.DMP 2016-12-20 18:36 - 2013-09-04 21:48 - 00000000 ____D C:\Users\Sina\Desktop\Forge of Empires 2016-12-16 22:55 - 2016-10-22 08:49 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-16 22:55 - 2016-10-22 08:49 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-16 22:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks 2016-12-16 06:27 - 2015-10-30 07:28 - 47710208 _____ C:\WINDOWS\system32\config\COMPONENTS 2016-12-16 06:27 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\config 2016-12-15 11:13 - 2016-02-03 03:34 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{485596d2-7ed5-11e5-80df-e41d2d718e10}.TMContainer00000000000000000002.regtrans-ms 2016-12-15 11:13 - 2016-02-03 03:34 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{485596d2-7ed5-11e5-80df-e41d2d718e10}.TM.blf 2016-12-15 11:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-12-15 10:51 - 2016-02-03 03:34 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{485596d2-7ed5-11e5-80df-e41d2d718e10}.TMContainer00000000000000000001.regtrans-ms 2016-12-15 10:37 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\WinSxS 2016-12-15 10:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\catroot2 2016-12-15 06:54 - 2016-10-22 08:49 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-15 06:54 - 2016-10-22 08:49 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-15 05:56 - 2015-10-30 07:28 - 00262144 ___SH C:\Users\Default\NTUSER.DAT 2016-12-15 05:52 - 2016-02-03 03:26 - 00219536 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-12-14 23:56 - 2016-02-03 03:25 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{485596e0-7ed5-11e5-80df-e41d2d718e10}.TMContainer00000000000000000001.regtrans-ms 2016-12-14 23:56 - 2016-02-03 03:25 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{485596e0-7ed5-11e5-80df-e41d2d718e10}.TM.blf 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\de-DE 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\de-DE 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Internet Explorer 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Internet Explorer 2016-12-14 23:55 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64 2016-12-14 23:55 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\DriverStore 2016-12-14 21:33 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-12-14 21:27 - 2013-08-18 15:18 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-12-14 21:22 - 2013-03-07 20:00 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-12-14 11:56 - 2013-03-06 06:45 - 00000000 ___RD C:\Users\Sina\Downloads 2016-12-13 13:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-12-13 13:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-12-13 08:48 - 2016-02-03 03:35 - 00000000 ___RD C:\Users\Sina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-12-13 08:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks 2016-12-13 08:48 - 2015-08-19 12:34 - 00002434 _____ C:\Users\Sina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-13 08:48 - 2014-09-16 15:04 - 00000000 __RDO C:\Users\Sina\OneDrive 2016-12-12 00:03 - 2015-10-30 08:26 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-12-12 00:03 - 2015-10-30 08:26 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-05-12 21:24 - 2017-01-02 20:30 - 0073141 _____ () C:\Users\Sina\AppData\Local\ars.cache 2013-05-12 21:24 - 2017-01-02 20:30 - 0432935 _____ () C:\Users\Sina\AppData\Local\census.cache 2013-05-12 21:15 - 2013-05-12 21:15 - 0000036 _____ () C:\Users\Sina\AppData\Local\housecall.guid.cache 2016-02-03 03:31 - 2016-02-03 03:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Sina\AppData\Local\Temp\avgnt.exe C:\Users\Sina\AppData\Local\Temp\libeay32.dll C:\Users\Sina\AppData\Local\Temp\msvcr120.dll C:\Users\Sina\AppData\Local\Temp\OpenOffice_4.1.2_Win_x86_install_de.exe C:\Users\Sina\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-12-25 08:09 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017 durchgeführt von Sina (03-01-2017 19:36:23) Gestartet von C:\Users\Sina\Desktop Windows 10 Home Version 1511 (X64) (2016-02-03 03:08:03) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2099553490-1702204881-2692438545-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2099553490-1702204881-2692438545-503 - Limited - Disabled) Gast (S-1-5-21-2099553490-1702204881-2692438545-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2099553490-1702204881-2692438545-1003 - Limited - Enabled) Sina (S-1-5-21-2099553490-1702204881-2692438545-1001 - Administrator - Enabled) => C:\Users\Sina ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.8.42.71502 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.8.42.71502 - Alcor Micro Corp.) Hidden Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.) Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.4 - Atheros Communications Inc.) Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.20 - Broadcom Corporation) Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.13 - Dolby Laboratories Inc) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo) Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden EPSON BX305 Series Handbuch (HKLM-x32\...\EPSON BX305 Series Manual) (Version: - ) EPSON BX305 Series Printer Uninstall (HKLM\...\EPSON BX305 Series) (Version: - SEIKO EPSON Corporation) Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION) Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG) Flatcast Viewer Plugin 5.3.0.784 (HKLM-x32\...\Flatcast Viewer 5.3_is1) (Version: - 1 mal 1 Software GmbH) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro) Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden Lenovo Solution Center (HKLM\...\{1E939186-B443-4262-A278-3C82949EA7AC}) (Version: 1.1.009.00 - Lenovo Group Limited) Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.) Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_{2CA60D7F-961E-49F8-8A86-9E3BB58E9108}) (Version: 8.0.2.192 - MAGIX AG) MAGIX Foto Manager 10 (x32 Version: 8.0.2.192 - MAGIX AG) Hidden MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH) MAGIX Online Druck Service (x32 Version: 1.1.0 - myphotobook GmbH) Hidden MAGIX Screenshare (HKLM-x32\...\MAGIX_{0774105B-F220-4F82-A957-74B89B5BE60F}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden MAGIX Video easy SE (HKLM-x32\...\MAGIX_{4F450E50-09AD-452A-8804-0E3D2B1582A5}) (Version: 1.0.4.6 - MAGIX AG) MAGIX Video easy SE (x32 Version: 1.0.4.6 - MAGIX AG) Hidden Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla) OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated) TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN) Websuche (HKLM-x32\...\Websuche) (Version: - Websuche) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows-Treiberpaket - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo) Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo) WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-2099553490-1702204881-2692438545-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {14644AA1-AA64-4454-A2C7-DBA487112B2E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-08-08] (Lenovo) Task: {17EB7A1D-E47C-49BD-BA48-8E8390238629} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {22334BC7-984B-40F2-957E-0E8C6BBFDF7C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {25DC2CC2-2D4D-4A4F-9A2B-C842BAD2EC10} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] () Task: {29B48B56-5D23-45B8-9364-1F270194FBA5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {34B6F4E8-2D85-40C1-8234-5AEEA8AE486D} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] () Task: {399D304B-DBA9-413A-A39E-B72D37BCAF02} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) Task: {4CC35C51-0F46-4A45-8F62-76E91D0BB38D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {73608578-5E6D-4A90-A5F8-AC81E44B24FD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {805E8944-494F-4478-B6C1-0327B2583630} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {8FADB602-EF32-48B6-BC64-107498408D50} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {9496B041-93FB-4AE5-B7CC-62B0B5E5FA6D} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] () Task: {993CB1A8-8AC8-4DF6-A467-FFF36B167978} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {99BDFD84-F397-4D19-863E-E800B58D5EFA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated) Task: {9B3B8F2E-789E-446E-BB7E-4A3818B4E694} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {9E91AD8B-D950-4371-95B4-FB60706A1943} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation) Task: {A998A518-5BDE-4E20-9EE7-99C488FD76E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22] (Google Inc.) Task: {B13C26A1-731C-43B6-B615-B72AAE7D69DE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink) Task: {B2D820E3-19C7-4F3A-AD2C-2AC12048A8AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {D0610857-DFFA-45CE-B136-D1DD35D8387C} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] () Task: {D387F03A-F778-4314-9A09-88AEBC85A6FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22] (Google Inc.) Task: {D456B7BE-AD07-4502-AC24-16C99D35897E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {E20D62C3-C87B-42BB-9EB9-7CDA43F7E0CF} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\lsc.exe [2012-08-08] () Task: {ED805C47-E1F2-4135-B78D-7F84C2D2540C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-11-08 23:18 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-11-08 23:18 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-12-13 08:45 - 2016-12-13 08:45 - 01678560 _____ () C:\Users\Sina\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll 2016-04-19 05:50 - 2016-04-19 05:51 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-02-03 03:17 - 2016-02-03 03:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-12 22:22 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-11-08 23:22 - 2016-10-25 05:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-08 23:19 - 2016-10-25 05:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-08 23:22 - 2016-10-25 05:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-08 23:21 - 2016-10-25 05:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-12-15 06:54 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll 2016-12-15 06:54 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll 2016-04-19 05:50 - 2016-04-19 05:51 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 05:50 - 2016-04-19 05:51 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2012-10-23 19:18 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sina\Desktop\Bilder\Fun Bilder\animal-wallpapers-Big-cat-Wallpaper.jpg DNS Servers: 83.169.186.161 - 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{7B4EE75F-2814-4178-BF0D-D5025CE9A3A4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{584F03DE-9E32-4092-80E9-52CD06F103E4}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{05F6F5E1-E803-46A7-9CC5-EB3671D61B1C}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe FirewallRules: [{47797E9E-008A-4F1F-B361-E6301D645321}] => C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{1FAA2505-970F-4E0A-AF3C-3EBADCD0B057}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{81327794-F325-4218-8BD0-C3285B8BC881}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe FirewallRules: [{5B5106B4-519A-4AB8-9BC4-529CB6720DB0}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 14-12-2016 21:20:13 Windows Update 22-12-2016 08:52:29 Geplanter Prüfpunkt 31-12-2016 09:22:37 Geplanter Prüfpunkt 03-01-2017 13:35:22 JRT Pre-Junkware Removal 03-01-2017 13:36:44 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/03/2017 01:36:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (01/03/2017 01:35:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (01/03/2017 11:16:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/03/2017 10:04:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/02/2017 08:49:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/02/2017 08:49:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: SINAMARC) Description: Das Paket „Microsoft.MicrosoftEdge_25.10586.672.0_neutral__8wekyb3d8bbwe+MicrosoftEdge“ wurde beendet, da das Anhalten zu lange dauerte. Error: (01/02/2017 06:51:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/02/2017 06:47:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/02/2017 06:41:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/02/2017 04:11:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SINAMARC) Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Systemfehler: ============= Error: (01/03/2017 07:26:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst iphlpsvc erreicht. Error: (01/03/2017 07:26:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht. Error: (01/03/2017 07:26:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TimeBroker erreicht. Error: (01/03/2017 04:11:20 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (01/03/2017 01:31:38 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/03/2017 01:26:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_35f20" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/03/2017 01:26:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _35f20" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/03/2017 01:26:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_35f20" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/03/2017 01:26:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_35f20" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/03/2017 01:25:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. CodeIntegrity: =================================== Date: 2016-12-16 05:23:54.468 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-15 05:56:14.001 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-14 21:22:00.208 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-11-10 09:40:13.827 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-11-10 09:04:35.037 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-11-10 05:56:09.991 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-29 06:59:18.170 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-15 06:46:03.494 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-14 05:49:00.524 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-13 05:44:34.046 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Celeron(R) CPU B830 @ 1.80GHz Prozentuale Nutzung des RAM: 89% Installierter physikalischer RAM: 1893.41 MB Verfügbarer physikalischer RAM: 207.38 MB Summe virtueller Speicher: 3813.41 MB Verfügbarer virtueller Speicher: 1358.22 MB ==================== Laufwerke ================================ Drive c: (Windows8_OS) (Fixed) (Total:250.32 GB) (Free:197.35 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:16.67 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 8CCAE9A3) Partition: GPT. ==================== Ende von Addition.txt ============================ |
03.01.2017, 21:47 | #13 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter FF SearchPlugin: C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default\searchplugins\aol-suche.xml [2013-07-26] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden CHR Extension: (Avira Browserschutz) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-03] C:\Program Files (x86)\Avira C:\ProgramData\Avira C:\Users\Sina\AppData\Roaming\Avira Task: {17EB7A1D-E47C-49BD-BA48-8E8390238629} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {22334BC7-984B-40F2-957E-0E8C6BBFDF7C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {29B48B56-5D23-45B8-9364-1F270194FBA5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {4CC35C51-0F46-4A45-8F62-76E91D0BB38D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {73608578-5E6D-4A90-A5F8-AC81E44B24FD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {805E8944-494F-4478-B6C1-0327B2583630} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {993CB1A8-8AC8-4DF6-A467-FFF36B167978} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {9B3B8F2E-789E-446E-BB7E-4A3818B4E694} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {B2D820E3-19C7-4F3A-AD2C-2AC12048A8AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {D456B7BE-AD07-4502-AC24-16C99D35897E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {ED805C47-E1F2-4135-B78D-7F84C2D2540C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
03.01.2017, 22:06 | #14 |
| Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte Ich hoffe,das is der richtige Log... [CODE] FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017 durchgeführt von Sina (Administrator) auf SINAMARC (03-01-2017 19:29:17) Gestartet von C:\Users\Sina\Desktop Geladene Profile: Sina (Verfügbare Profile: Sina) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\WINDOWS\System32\hkcmd.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\System32\NetworkUXBroker.exe (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (Alcor Micro Corp.) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2012-10-23] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2012-10-23] (Lenovo(beijing) Limited) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated) HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Vimicro) HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2016-11-21] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom) HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 83.169.186.161 192.168.0.1 Tcpip\..\Interfaces\{a99790b1-ab1e-4e86-99cd-b31ac52494a4}: [DhcpNameServer] 83.169.186.161 192.168.0.1 Tcpip\..\Interfaces\{bd491783-5434-40df-b039-a5365bf9d6b4}: [DhcpNameServer] 83.169.186.161 192.168.0.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2099553490-1702204881-2692438545-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) FireFox: ======== FF ProfilePath: C:\Users\Sina\AppData\Roaming\TomTom\HOME\Profiles\p6ew8nnn.default [2016-07-14] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-07-14] [ist nicht signiert] FF ProfilePath: C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default [2017-01-02] FF Homepage: Mozilla\Firefox\Profiles\c54ks38h.default -> hxxps://www.google.de/?gws_rd=ssl FF Extension: (GMX MailCheck) - C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default\Extensions\browser-mailcheck@gmx.net [2016-12-08] FF SearchPlugin: C:\Users\Sina\AppData\Roaming\Mozilla\Firefox\Profiles\c54ks38h.default\searchplugins\aol-suche.xml [2013-07-26] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2099553490-1702204881-2692438545-1001: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\Sina\AppData\Roaming\Mozilla\Plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Sina\AppData\Roaming\mozilla\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH) Chrome: ======= CHR Profile: C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default [2017-01-03] CHR Extension: (Google Präsentationen) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-03] CHR Extension: (Google Docs) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-03] CHR Extension: (Google Drive) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-03] CHR Extension: (YouTube) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-03] CHR Extension: (Google Tabellen) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-03] CHR Extension: (Avira Browserschutz) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-01-03] CHR Extension: (Google Docs Offline) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-03] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-03] CHR Extension: (Google Mail) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-03] CHR Extension: (Chrome Media Router) - C:\Users\Sina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-03] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated) R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Vimicro Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-03 19:29 - 2017-01-03 19:29 - 00015104 _____ C:\Users\Sina\Desktop\FRST.txt 2017-01-03 13:40 - 2017-01-03 13:40 - 00000993 _____ C:\Users\Sina\Desktop\JRT.txt 2017-01-03 13:38 - 2017-01-03 13:38 - 00001485 _____ C:\Users\Sina\Desktop\AdwCleaner[C2].txt 2017-01-03 13:18 - 2017-01-03 13:35 - 01663040 _____ (Malwarebytes) C:\Users\Sina\Desktop\JRT.exe 2017-01-03 13:08 - 2017-01-03 13:10 - 00251322 _____ C:\TDSSKiller.3.1.0.12_03.01.2017_13.08.51_log.txt 2017-01-03 12:58 - 2017-01-03 13:02 - 00125616 _____ C:\Users\Sina\Desktop\Neues Textdokument (2).txt 2017-01-03 12:46 - 2017-01-03 13:03 - 00251318 _____ C:\TDSSKiller.3.1.0.12_03.01.2017_12.46.22_log.txt 2017-01-03 12:40 - 2017-01-03 12:41 - 00000562 _____ C:\TDSSKiller.3.1.0.12_03.01.2017_12.40.14_log.txt 2017-01-03 09:54 - 2017-01-03 09:54 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-01-03 09:53 - 2017-01-03 12:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-01-03 09:53 - 2017-01-03 11:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-03 09:53 - 2017-01-03 11:22 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2017-01-03 09:52 - 2017-01-03 12:42 - 00000000 ____D C:\Users\Sina\Desktop\mbar 2017-01-03 06:20 - 2017-01-03 13:38 - 00000000 ____D C:\AdwCleaner 2017-01-03 06:19 - 2017-01-03 06:19 - 03977168 _____ C:\Users\Sina\Desktop\adwcleaner_6.041.exe 2017-01-02 23:16 - 2017-01-03 12:39 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Sina\Desktop\tdsskiller.exe 2017-01-02 23:14 - 2017-01-03 09:52 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Sina\Desktop\mbar-1.09.3.1001.exe 2017-01-02 23:05 - 2017-01-02 23:06 - 00000000 ____D C:\Users\Sina\AppData\LocalLow\Mozilla 2017-01-02 21:49 - 2017-01-03 13:02 - 00073707 _____ C:\Users\Sina\Desktop\OpenDocument Text (neu).odt 2017-01-02 21:44 - 2017-01-03 19:29 - 00000000 ____D C:\FRST 2017-01-02 21:42 - 2017-01-02 21:43 - 02418176 _____ (Farbar) C:\Users\Sina\Desktop\FRST64.exe 2017-01-02 10:59 - 2017-01-03 08:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-12-22 22:44 - 2016-12-22 22:45 - 00277332 _____ C:\WINDOWS\Minidump\122216-29921-01.dmp 2016-12-20 18:21 - 2016-12-20 18:21 - 00000000 _____ C:\WINDOWS\Minidump\122016-104250-01.dmp 2016-12-14 18:54 - 2016-11-22 12:42 - 00384864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-12-14 18:54 - 2016-11-22 11:43 - 03692040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-12-14 18:54 - 2016-11-22 11:38 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-12-14 18:54 - 2016-11-22 11:36 - 00159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2016-12-14 18:54 - 2016-11-22 11:35 - 00609056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-12-14 18:54 - 2016-11-22 11:04 - 02549456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-12-14 18:54 - 2016-11-22 11:03 - 01777280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-14 18:54 - 2016-11-22 11:02 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-12-14 18:54 - 2016-11-22 10:32 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-12-14 18:54 - 2016-11-22 10:24 - 02938408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-12-14 18:54 - 2016-11-22 10:17 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-14 18:54 - 2016-11-22 10:16 - 00064072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2016-12-14 18:54 - 2016-11-22 09:59 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-12-14 18:54 - 2016-11-22 09:54 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-12-14 18:54 - 2016-11-22 09:49 - 02195640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-14 18:54 - 2016-11-22 09:48 - 01522672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-14 18:54 - 2016-11-22 09:47 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-12-14 18:54 - 2016-11-22 09:47 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-12-14 18:54 - 2016-11-22 09:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-12-14 18:54 - 2016-11-22 09:32 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-12-14 18:54 - 2016-11-22 09:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-12-14 18:54 - 2016-11-22 09:12 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-12-14 18:54 - 2016-11-22 09:04 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-12-14 18:54 - 2016-11-22 08:57 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-12-14 18:54 - 2016-11-22 08:54 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2016-12-14 18:54 - 2016-11-22 08:53 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-12-14 18:54 - 2016-11-22 08:41 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-12-14 18:54 - 2016-11-22 08:38 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2016-12-14 18:54 - 2016-11-22 08:26 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-12-14 18:54 - 2016-11-22 08:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-12-14 18:54 - 2016-11-22 08:21 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-12-14 18:54 - 2016-11-22 08:15 - 22373376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-12-14 18:54 - 2016-11-22 08:14 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-14 18:54 - 2016-11-22 08:02 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-12-14 18:54 - 2016-11-22 08:01 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-14 18:54 - 2016-11-22 07:59 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-12-14 18:54 - 2016-11-22 07:55 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-12-14 18:54 - 2016-11-22 07:49 - 07839232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-12-14 18:54 - 2016-11-22 07:35 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-12-14 18:54 - 2016-11-22 07:34 - 18670080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-12-14 18:54 - 2016-11-22 07:34 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-14 18:54 - 2016-11-22 07:32 - 03663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-14 18:54 - 2016-11-22 07:17 - 05658624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-12-14 18:53 - 2016-11-22 11:38 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-12-14 18:53 - 2016-11-22 11:35 - 00075448 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2016-12-14 18:53 - 2016-11-22 11:02 - 01399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-12-14 18:53 - 2016-11-22 10:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe 2016-12-14 18:53 - 2016-11-22 10:13 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2016-12-14 18:53 - 2016-11-22 10:00 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe 2016-12-14 18:53 - 2016-11-22 09:55 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-12-14 18:53 - 2016-11-22 09:50 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-12-14 18:53 - 2016-11-22 09:20 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-12-14 18:53 - 2016-11-22 08:36 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-13 08:48 - 2016-12-13 08:48 - 00003274 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2016-12-12 22:38 - 2016-12-12 22:40 - 01020084 _____ C:\WINDOWS\Minidump\121216-60000-01.dmp 2016-12-09 00:37 - 2016-12-09 07:04 - 00285620 _____ C:\WINDOWS\Minidump\120916-33609-01.dmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-03 15:39 - 2013-04-18 04:49 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-01-03 13:27 - 2016-02-03 03:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-03 13:26 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI 2017-01-03 11:17 - 2016-02-03 03:35 - 00000000 ____D C:\Users\Sina 2017-01-03 06:25 - 2013-03-08 22:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-01-03 06:24 - 2012-10-23 19:39 - 00000000 ____D C:\Program Files (x86)\Amazon 2017-01-03 05:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-02 22:33 - 2014-08-05 11:37 - 00000000 ____D C:\ProgramData\Package Cache 2017-01-02 22:33 - 2013-03-08 22:37 - 00000000 ____D C:\Program Files (x86)\Avira 2017-01-02 22:32 - 2013-03-08 22:37 - 00000000 ____D C:\ProgramData\Avira 2017-01-02 22:23 - 2013-03-08 22:43 - 00000000 ____D C:\Users\Sina\AppData\Roaming\Avira 2017-01-02 20:30 - 2013-05-12 21:24 - 00432935 _____ C:\Users\Sina\AppData\Local\census.cache 2017-01-02 20:30 - 2013-05-12 21:24 - 00073141 _____ C:\Users\Sina\AppData\Local\ars.cache 2017-01-02 18:50 - 2016-01-13 05:06 - 00000000 ____D C:\Users\Sina\Desktop\Demenz Ordner 2017-01-02 18:50 - 2013-07-26 13:34 - 00000000 ____D C:\Musik 2017-01-02 18:50 - 2013-07-13 15:45 - 00000000 ____D C:\Users\Sina\Desktop\Allerlei 2017-01-02 18:50 - 2013-03-10 20:09 - 00000000 ____D C:\Users\Sina\Desktop\Bilder 2017-01-01 22:13 - 2013-03-08 22:49 - 00000000 ____D C:\Users\Sina\AppData\Roaming\vlc 2017-01-01 22:04 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat 2017-01-01 22:04 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat 2017-01-01 22:04 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2017-01-01 22:04 - 2015-08-19 12:10 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-01 08:15 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-12-31 05:11 - 2016-02-03 03:35 - 00000000 ____D C:\Users\Sina\AppData\Local 2016-12-25 08:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\config\RegBack 2016-12-22 22:44 - 2016-02-09 06:08 - 00000000 ____D C:\WINDOWS\Minidump 2016-12-22 22:44 - 2015-10-01 04:03 - 359685698 _____ C:\WINDOWS\MEMORY.DMP 2016-12-20 18:36 - 2013-09-04 21:48 - 00000000 ____D C:\Users\Sina\Desktop\Forge of Empires 2016-12-16 22:55 - 2016-10-22 08:49 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-16 22:55 - 2016-10-22 08:49 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-16 22:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks 2016-12-16 06:27 - 2015-10-30 07:28 - 47710208 _____ C:\WINDOWS\system32\config\COMPONENTS 2016-12-16 06:27 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\config 2016-12-15 11:13 - 2016-02-03 03:34 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{485596d2-7ed5-11e5-80df-e41d2d718e10}.TMContainer00000000000000000002.regtrans-ms 2016-12-15 11:13 - 2016-02-03 03:34 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{485596d2-7ed5-11e5-80df-e41d2d718e10}.TM.blf 2016-12-15 11:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-12-15 10:51 - 2016-02-03 03:34 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{485596d2-7ed5-11e5-80df-e41d2d718e10}.TMContainer00000000000000000001.regtrans-ms 2016-12-15 10:37 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\WinSxS 2016-12-15 10:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\catroot2 2016-12-15 06:54 - 2016-10-22 08:49 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-15 06:54 - 2016-10-22 08:49 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-15 05:56 - 2015-10-30 07:28 - 00262144 ___SH C:\Users\Default\NTUSER.DAT 2016-12-15 05:52 - 2016-02-03 03:26 - 00219536 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-12-14 23:56 - 2016-02-03 03:25 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{485596e0-7ed5-11e5-80df-e41d2d718e10}.TMContainer00000000000000000001.regtrans-ms 2016-12-14 23:56 - 2016-02-03 03:25 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{485596e0-7ed5-11e5-80df-e41d2d718e10}.TM.blf 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\de-DE 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\de-DE 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Internet Explorer 2016-12-14 23:55 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Internet Explorer 2016-12-14 23:55 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64 2016-12-14 23:55 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\DriverStore 2016-12-14 21:33 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-12-14 21:27 - 2013-08-18 15:18 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-12-14 21:22 - 2013-03-07 20:00 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-12-14 11:56 - 2013-03-06 06:45 - 00000000 ___RD C:\Users\Sina\Downloads 2016-12-13 13:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-12-13 13:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-12-13 08:48 - 2016-02-03 03:35 - 00000000 ___RD C:\Users\Sina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-12-13 08:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks 2016-12-13 08:48 - 2015-08-19 12:34 - 00002434 _____ C:\Users\Sina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-13 08:48 - 2014-09-16 15:04 - 00000000 __RDO C:\Users\Sina\OneDrive 2016-12-12 00:03 - 2015-10-30 08:26 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-12-12 00:03 - 2015-10-30 08:26 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-05-12 21:24 - 2017-01-02 20:30 - 0073141 _____ () C:\Users\Sina\AppData\Local\ars.cache 2013-05-12 21:24 - 2017-01-02 20:30 - 0432935 _____ () C:\Users\Sina\AppData\Local\census.cache 2013-05-12 21:15 - 2013-05-12 21:15 - 0000036 _____ () C:\Users\Sina\AppData\Local\housecall.guid.cache 2016-02-03 03:31 - 2016-02-03 03:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Sina\AppData\Local\Temp\avgnt.exe C:\Users\Sina\AppData\Local\Temp\libeay32.dll C:\Users\Sina\AppData\Local\Temp\msvcr120.dll C:\Users\Sina\AppData\Local\Temp\OpenOffice_4.1.2_Win_x86_install_de.exe C:\Users\Sina\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-12-25 08:09 ==================== Ende von FRST.txt ============================ |
03.01.2017, 22:07 | #15 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte Nein, bitte Anleitung richtig lesen. Du sollst nen Fix machen und nicht einfach wieder ein neues normales Log. Das ergibt überhaupt keinen Sinn wenn nix signifikantes am System verändert wurde.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Mein Internetbrowser zeigt mir Werbung, die ich nicht haben möchte |
andere, benötigt, browser, hijack, hijackthis, interne, internetbrowser, internetseite, internetseiten, kleine, kleinen, laufen, löschen, nervige, nicht löschen, nichts, problem, schön, seite, seiten, spiele, weiteres, werbung, zahlen, zusammen |