KarlKlumpfuß | 27.05.2016 00:29 | Und hier die anderen beiden Logfiles:
Addition Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-05-2016 01
durchgeführt von Jan (2016-05-27 01:15:32)
Gestartet von C:\Users\Jan\Desktop
Windows 10 Home Version 1511 (X64) (2016-01-12 22:46:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3269387173-1632535565-1785944569-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3269387173-1632535565-1785944569-503 - Limited - Disabled)
Gast (S-1-5-21-3269387173-1632535565-1785944569-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3269387173-1632535565-1785944569-1006 - Limited - Enabled)
Jan (S-1-5-21-3269387173-1632535565-1785944569-1002 - Administrator - Enabled) => C:\Users\Jan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version: - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version: - )
Akamai NetSession Interface (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Akamai) (Version: - Akamai Technologies, Inc)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Contrast (HKLM\...\Steam App 224460) (Version: - Compulsion Games)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
DriverTuner 3.1.0.1 (HKLM-x32\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.1 - LionSea SoftWare)
Dropbox (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
EPSON BX305 Series Printer Uninstall (HKLM\...\EPSON BX305 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
Fable III (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Java-Editor 12.29, 2014.09.14 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version: - Gerhard Röhner)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6001.1078 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
MT66 Software Update (HKLM-x32\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version: - )
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
osu! (HKLM-x32\...\{c33dd273-042b-46de-97d1-d2e3773e5c7a}) (Version: latest - ppy Pty Ltd)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
Portal (HKLM\...\Steam App 400) (Version: - Valve)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.0.1.50 - Steppschuh)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Spotify (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Spotify (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Sweet Home 3D version 5.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1 - eTeks)
System Ninja version 3.0.2 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0.2 - SingularLabs)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Last Remnant (HKLM\...\Steam App 23310) (Version: - SQUARE ENIX)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED)
Unity Web Player (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3269387173-1632535565-1785944569-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {029D5554-27DA-4A0A-AEB1-7CA9B92B6DCD} - System32\Tasks\{501744D0-01AF-42A5-9C6C-CF6164A6F16B} => pcalua.exe -a "C:\Program Files (x86)\CHIP Free MP3 converter for YouTube\unins000.exe"
Task: {03A66420-8319-437F-9EB1-7A3841C9F96C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {1702F54C-02F7-4B8F-BD8E-F2C49417A7B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {1BDBF439-BA01-4AC3-9804-93E58EF98135} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {2075AD21-2E0B-471E-90DA-1BEBEEF9A6CE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {22418A53-71C1-42B2-B2A3-FF15BF331FAC} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {237508C6-5E91-4D0F-8B32-39B287A4DD47} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {3BD6DDD4-A622-4253-B9BD-60E1C9549EE9} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {41171503-56DA-433A-827B-59008ED4FD8E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {48521A33-5796-4E2A-82C1-E7610D577EE0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {57E61F39-1E8D-4AAA-B4A4-7B3D2AC2FC05} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {5A2E348B-B349-403D-8576-C99FD61D5157} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3269387173-1632535565-1785944569-1002Core => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {5B4C0274-61BF-4518-947D-65AD2058B628} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {654B5E2B-055D-4D19-94BC-E0E517F63AC5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-05-01] (Microsoft Corporation)
Task: {682C0099-8358-48E3-9212-3FA6FC92CBD7} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {7469E45C-AFEA-4F66-ACD4-34E4AB3CE19B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {74D300BB-71A0-49C5-B012-B88B084808B6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {78CF8FCD-FBF9-472E-BCB6-59B6B9D1A974} - System32\Tasks\DriverTuner Startup => C:\Program Files (x86)\DriverTuner\DriverTuner.exe [2013-07-11] (LionSea)
Task: {79642198-4FDA-4DBB-A3B9-3436A7B35122} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {800D8BCB-939B-44EA-8657-38435BDF372E} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {80E40ADD-605F-4D82-85E1-01073BBC1CE3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-01] (Microsoft Corporation)
Task: {90E70647-69F1-4C19-8619-CB2FF162B632} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {A6E79FCA-76E0-4585-B5BA-E98CB2974AE5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-01] (Microsoft Corporation)
Task: {B774DC57-2BEF-4640-B8D5-978D48A646CC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {BFA015E0-A16C-4CD1-BC74-C49047396F65} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {C4482991-8174-470A-9701-B74D5F66D56C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {C5ABD1DA-5FD3-499B-A160-FE9EB197E1AD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3269387173-1632535565-1785944569-1002UA => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {D673A6BB-9B55-4E3C-838B-6E397FD8E634} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {D86C765C-EC49-4150-A1D7-3A6FC8B80DD9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {D8F4228F-E5BC-435D-AB46-2934B134CB11} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E16D035D-36EA-450C-8F11-858D0785384B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-01] (Microsoft Corporation)
Task: {EAB41E7C-C656-421A-B2C7-6C77E5E1D64B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {F9592A6D-B8BC-49F0-90E9-1BCA729D63FF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-01] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3269387173-1632535565-1785944569-1002Core.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3269387173-1632535565-1785944569-1002UA.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-13 00:02 - 2016-03-08 08:42 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2016-01-18 19:12 - 2016-05-01 04:52 - 00171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2016-04-13 20:40 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 20:40 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-12-18 16:27 - 2014-12-18 16:27 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2016-01-12 23:45 - 2016-01-12 23:45 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 19:12 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 19:12 - 2016-04-23 06:25 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-05-11 19:12 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 19:12 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 19:12 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 19:12 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-11 22:31 - 2016-03-11 22:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2016-01-21 17:48 - 2016-01-21 17:48 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-15 18:14 - 2015-12-15 18:14 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2014-12-18 16:25 - 2014-12-18 16:25 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-12-18 16:29 - 2014-12-18 16:29 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-12-18 16:31 - 2014-12-18 16:31 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-05-16 16:03 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-07-17 19:40 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3269387173-1632535565-1785944569-1008.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\petit_000.JASUS\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dsci0482.jpg
HKU\S-1-5-21-3269387173-1632535565-1785944569-1008.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\petit_000.JASUS\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dsci0482.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "Nvtmru"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\StartupApproved\StartupFolder: => "wlans-1.lnk"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\StartupApproved\Run: => "Remote Mouse"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\StartupApproved\Run: => "EPSON BX305 Series"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "wlans-1.lnk"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Remote Mouse"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "EPSON BX305 Series"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\StartupFolder: => "wlans-1.lnk"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Remote Mouse"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "EPSON BX305 Series"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3269387173-1632535565-1785944569-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Lync"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D800CFF5-4F42-4F67-BA6F-DD273481FBAD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCFD7E63-F5DD-4007-8EE5-05D27032E03F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20A25898-600C-4B82-82AA-4D76C631C14D}] => (Allow) D:\Spiele\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{42D1D308-1E70-4D24-83D9-80447BBA0EC9}] => (Allow) D:\Spiele\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{E85658AD-804E-491A-BE3F-BF05FB38AFD8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B8D93BF8-4545-4960-9078-D08946E5B65F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5CFCE3CC-7518-4D97-AD5B-30DD4C950FD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{068CAED2-025F-4D7B-A18B-BB8A03A966F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EB8BACE-82B4-4CF8-83B5-C24F3821A101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{61985DEA-0F3C-4432-8A17-FAC24F33EF1C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [UDP Query User{0EFCBA60-9DCA-40D8-A2D0-F08CF46ABFD7}C:\users\jan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jan\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{00F35B38-6B68-45A9-8874-CC76F8B95A6C}C:\users\jan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{F7A075E7-F857-40F8-BB64-33E5D0F2E136}C:\users\jan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jan\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D33D310B-B298-404D-9FB9-746C9788C0F6}C:\users\jan\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jan\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{CA30D581-1744-4C53-BD93-23F839965B9D}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [TCP Query User{78974626-0AE9-457F-8E89-171A4265D68C}C:\users\jan\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\jan\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [UDP Query User{FB45F947-CBAE-4969-9429-50411D984FFD}C:\users\jan\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\jan\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [{50983B8C-134D-48D5-970C-EA478F594CB9}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{3E2144CB-3CF8-4CB3-B8F3-A67FD32FF259}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{571A7142-F4EA-442B-BD15-353A5F4C6968}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F305C368-7F34-48B2-8159-77D2D674B478}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5813F03A-EEAD-40E4-8560-0EB7EFB47A50}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1CAC2FEE-7F61-4385-B57A-C743E3CCB95C}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{6CD74839-3A57-4479-BA68-AB70208B3D31}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{0DE83F82-3E72-492D-B683-A9B2F42542A8}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{923996B6-12E1-40F0-8FEE-E802A67CA902}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [TCP Query User{DB4C3008-F7AD-45E8-B9E6-7AA96C9E5FFC}D:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) D:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1765D9B8-007A-410D-A015-47002B2EA636}D:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) D:\spiele\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0C5B2E2C-39F4-49A7-A844-0C0C2CF86611}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{74E44021-A075-4F88-BC50-9CF5106C1463}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{82A05BEF-68AF-4ADF-9472-C757BB1C046C}C:\users\jan\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\jan\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [UDP Query User{4BC98B53-31FB-4277-8B3E-67E95F2502CF}C:\users\jan\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\jan\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [{4047159A-EACD-4494-8CEB-55161EBC4535}] => (Allow) D:\Spiele\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{99EB936C-B298-452B-AF46-117245DE43E8}] => (Allow) D:\Spiele\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{FC74CF5D-E405-4491-8867-6CE31713EACE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{373FCA87-B442-42A6-97FB-4FC672D090A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{63937DF3-DFB9-42EF-9931-3C29EA767A70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6BF139EC-D60B-49AE-B2E8-00B1CA374DFA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B37DF070-1C82-42A5-B01A-13DAEB8BE648}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4C09678E-0E22-41A9-BF21-FFA19E1376D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2358120-22AF-4794-999A-64389855B08C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14DC46C8-6866-40A8-9102-D2491E54AF32}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F42E6012-DBDA-4326-B459-09DD3526683B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F2DFAB11-7645-4075-A4B2-1E48041600A9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C8EE7DA1-AA6E-41FD-BED4-DE87ACDE246C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B07D335C-1813-4E02-97DF-DC89D86A8F89}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{C8F4B272-A533-481E-BF21-AE1D97296799}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3681DF8C-475A-4EC0-BEAB-CD066D7FCE48}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5CA16FD9-760A-49F7-A42E-B2C19BC6FD38}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{01CBC9EE-6BAA-4781-B471-F1E7E4D0D523}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A777935B-E489-40C1-93D1-C0C4A0BA4280}] => (Allow) D:\Spiele\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{567EA03D-3199-4D11-B190-9F00855BE886}] => (Allow) D:\Spiele\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{148594B6-C195-4813-8A82-8C13C6120B02}] => (Allow) D:\Spiele\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{675C9058-2D9B-48F3-AEF8-5975B73DBC6F}] => (Allow) D:\Spiele\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E7DA96FA-6D31-4D2C-8923-9D352E681B72}] => (Allow) D:\Spiele\Steam\SteamApps\common\Contrast\Binaries\Win32\ContrastGame.exe
FirewallRules: [{77AA4E77-9429-49BE-802F-A6E19AED3CE1}] => (Allow) D:\Spiele\Steam\SteamApps\common\Contrast\Binaries\Win32\ContrastGame.exe
FirewallRules: [{66768965-030A-4A2D-895C-8CDB82704EAC}] => (Allow) D:\Spiele\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{9573BEBC-9DC7-48A2-AD16-93778DEFD596}] => (Allow) D:\Spiele\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{4A8E6241-E44A-4292-9A86-1F799417443F}] => (Allow) D:\Spiele\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{B58B94BE-A07C-4540-803A-5E1D3969FB59}] => (Allow) D:\Spiele\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{EC7AADB6-81E6-4269-B516-12B93F53496A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
27-05-2016 01:01:34 Windows Update
27-05-2016 01:03:26 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/27/2016 01:08:01 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (05/27/2016 01:04:09 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/27/2016 01:03:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-3269387173-1632535565-1785944569-1008.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {ba1b9802-a883-44bb-81c4-31ba52e0d26c}
Error: (05/27/2016 01:02:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/27/2016 01:02:25 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-3269387173-1632535565-1785944569-1008.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {ba1b9802-a883-44bb-81c4-31ba52e0d26c}
Error: (05/25/2016 10:39:08 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (05/25/2016 07:12:42 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (05/24/2016 10:04:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JASUS)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/24/2016 06:29:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/24/2016 06:29:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-3269387173-1632535565-1785944569-1008.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {e75a208b-28b4-47aa-ace6-28e5ebc511d8}
Systemfehler:
=============
Error: (05/27/2016 01:05:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: Qualcomm Atheros Communications Inc. driver update for Qualcomm Atheros AR9485 Wireless Network Adapter
Error: (05/27/2016 01:05:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: Intel Corporation driver update for Intel(R) HD Graphics 4000
Error: (05/27/2016 01:03:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: Realtek Semiconduct Corp. - Other hardware - Realtek PCIE CardReader
Error: (05/27/2016 12:58:02 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/26/2016 12:45:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/26/2016 09:11:46 AM) (Source: MEIx64) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware.
Error: (05/26/2016 09:11:29 AM) (Source: MEIx64) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware.
Error: (05/26/2016 09:11:11 AM) (Source: MEIx64) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware.
Error: (05/26/2016 09:11:03 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/26/2016 09:10:53 AM) (Source: MEIx64) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware.
CodeIntegrity:
===================================
Date: 2016-05-21 15:06:53.793
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-21 11:49:23.335
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-19 09:03:26.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-17 21:16:39.919
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-17 21:03:57.463
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-20 20:14:43.067
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-16 00:04:56.177
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-15 18:03:46.531
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-13 22:16:36.575
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-23 16:59:49.167
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 8077.62 MB
Verfügbarer physikalischer RAM: 3902.28 MB
Summe virtueller Speicher: 9357.62 MB
Verfügbarer virtueller Speicher: 5084.98 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:91.93 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:93.24 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 32FAA5A0)
Partition: GPT.
==================== Ende von Addition.txt ============================ TDSSKiller: Code:
01:31:31.0901 0x1578 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
01:31:31.0901 0x1578 UEFI system
01:31:34.0701 0x1578 ============================================================
01:31:34.0701 0x1578 Current date / time: 2016/05/27 01:31:34.0701
01:31:34.0701 0x1578 SystemInfo:
01:31:34.0702 0x1578
01:31:34.0702 0x1578 OS Version: 10.0.10586 ServicePack: 0.0
01:31:34.0702 0x1578 Product type: Workstation
01:31:34.0702 0x1578 ComputerName: JASUS
01:31:34.0702 0x1578 UserName: Jan
01:31:34.0702 0x1578 Windows directory: C:\WINDOWS
01:31:34.0702 0x1578 System windows directory: C:\WINDOWS
01:31:34.0702 0x1578 Running under WOW64
01:31:34.0702 0x1578 Processor architecture: Intel x64
01:31:34.0702 0x1578 Number of processors: 4
01:31:34.0702 0x1578 Page size: 0x1000
01:31:34.0702 0x1578 Boot type: Normal boot
01:31:34.0702 0x1578 ============================================================
01:31:36.0142 0x1578 KLMD registered as C:\WINDOWS\system32\drivers\19719905.sys
01:31:36.0745 0x1578 System UUID: {8286A5C8-3275-DF9C-C869-5D30C9E18B0D}
01:31:37.0567 0x1578 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:31:37.0585 0x1578 ============================================================
01:31:37.0585 0x1578 \Device\Harddisk0\DR0:
01:31:37.0592 0x1578 GPT partitions:
01:31:37.0592 0x1578 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6CFA5FFD-0E06-4FDC-B7FB-128C2F484337}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
01:31:37.0592 0x1578 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {18E4C5E1-0D65-4B87-9FA8-2E9170DBFE6F}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000
01:31:37.0592 0x1578 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4071251F-5C92-4840-A1D8-7F9442443023}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000
01:31:37.0592 0x1578 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A3C1702D-0B32-4E69-8925-4BC528342DB9}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x173ED000
01:31:37.0592 0x1578 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5C357F3C-0681-4AB8-94F7-BEA8A358860F}, Name: , StartLBA 0x17685800, BlocksNum 0xAF000
01:31:37.0592 0x1578 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C680589A-21A9-41B5-8A6B-D3F9FDCF2A86}, Name: Basic data partition, StartLBA 0x17734800, BlocksNum 0x2044C800
01:31:37.0592 0x1578 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F3620292-A897-46CA-B0AB-AD3FA6C797BA}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000
01:31:37.0592 0x1578 MBR partitions:
01:31:37.0592 0x1578 ============================================================
01:31:37.0641 0x1578 C: <-> \Device\Harddisk0\DR0\Partition4
01:31:37.0733 0x1578 D: <-> \Device\Harddisk0\DR0\Partition6
01:31:37.0733 0x1578 ============================================================
01:31:37.0733 0x1578 Initialize success
01:31:37.0733 0x1578 ============================================================
01:31:45.0197 0x1ae0 ============================================================
01:31:45.0197 0x1ae0 Scan started
01:31:45.0197 0x1ae0 Mode: Manual; SigCheck; TDLFS;
01:31:45.0197 0x1ae0 ============================================================
01:31:45.0197 0x1ae0 KSN ping started
01:31:47.0573 0x1ae0 KSN ping finished: true
01:32:00.0315 0x1ae0 ================ Scan system memory ========================
01:32:00.0315 0x1ae0 System memory - ok
01:32:00.0316 0x1ae0 ================ Scan services =============================
01:32:00.0684 0x1ae0 1394ohci - ok
01:32:00.0697 0x1ae0 3ware - ok
01:32:00.0731 0x1ae0 ACPI - ok
01:32:00.0744 0x1ae0 acpiex - ok
01:32:00.0747 0x1ae0 acpipagr - ok
01:32:00.0777 0x1ae0 AcpiPmi - ok
01:32:00.0817 0x1ae0 acpitime - ok
01:32:00.0913 0x1ae0 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
01:32:00.0963 0x1ae0 acsock - ok
01:32:01.0153 0x1ae0 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:32:01.0161 0x1ae0 AdobeARMservice - ok
01:32:01.0411 0x1ae0 [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:32:01.0422 0x1ae0 AdobeFlashPlayerUpdateSvc - ok
01:32:01.0439 0x1ae0 ADP80XX - ok
01:32:01.0467 0x1ae0 AFD - ok
01:32:01.0489 0x1ae0 agp440 - ok
01:32:01.0511 0x1ae0 ahcache - ok
01:32:01.0558 0x1ae0 [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys
01:32:01.0564 0x1ae0 AiCharger - ok
01:32:01.0585 0x1ae0 AJRouter - ok
01:32:01.0613 0x1ae0 ALG - ok
01:32:01.0616 0x1ae0 AmdK8 - ok
01:32:01.0619 0x1ae0 AmdPPM - ok
01:32:01.0639 0x1ae0 amdsata - ok
01:32:01.0643 0x1ae0 amdsbs - ok
01:32:01.0654 0x1ae0 amdxata - ok
01:32:01.0858 0x1ae0 [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
01:32:01.0896 0x1ae0 AntiVirMailService - ok
01:32:02.0021 0x1ae0 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
01:32:02.0044 0x1ae0 AntiVirSchedulerService - ok
01:32:02.0116 0x1ae0 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
01:32:02.0133 0x1ae0 AntiVirService - ok
01:32:02.0252 0x1ae0 [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
01:32:02.0316 0x1ae0 AntiVirWebService - ok
01:32:02.0342 0x1ae0 AppID - ok
01:32:02.0364 0x1ae0 AppIDSvc - ok
01:32:02.0368 0x1ae0 Appinfo - ok
01:32:02.0380 0x1ae0 AppReadiness - ok
01:32:02.0427 0x1ae0 AppXSvc - ok
01:32:02.0431 0x1ae0 arcsas - ok
01:32:02.0594 0x1ae0 [ E40AF754F43E3B44E2D6DE829267AD52, 5F9427E595A56464807D071205FB4DFD6BB21B68058E67529DC1727D32FAB0AD ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
01:32:02.0603 0x1ae0 ASLDRService - ok
01:32:02.0624 0x1ae0 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
01:32:02.0630 0x1ae0 ASMMAP64 - ok
01:32:02.0706 0x1ae0 [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
01:32:02.0723 0x1ae0 ASUS InstantOn - ok
01:32:02.0799 0x1ae0 [ AAE374280DDC307061A43ED9FAD1AD57, BFBE60D67B4283868D148C38502689FFE52CC7F13F4294E21F47B37D14FB5821 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
01:32:02.0808 0x1ae0 Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )
01:32:05.0141 0x1ae0 Detect skipped due to KSN trusted
01:32:05.0141 0x1ae0 Asus WebStorage Windows Service - ok
01:32:05.0150 0x1ae0 AsyncMac - ok
01:32:05.0153 0x1ae0 atapi - ok
01:32:05.0544 0x1ae0 [ 238D669CE5F661F1E9A8CD19CB13A304, 8889ADFC31DCEBE8DB613B1968F62440B78EA3D464C6636ACDEE4AAB96D903BF ] athr C:\WINDOWS\System32\drivers\athw10x.sys
01:32:05.0720 0x1ae0 athr - ok
01:32:05.0757 0x1ae0 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
01:32:05.0767 0x1ae0 ATKGFNEXSrv - ok
01:32:05.0823 0x1ae0 [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
01:32:05.0830 0x1ae0 ATKWMIACPIIO - ok
01:32:05.0885 0x1ae0 [ 9BD46423250EE6D39A2647B7BB89BFC3, 4D8499F5E170E42C22932FA519444A8A37190D7DFA0F449F016436ADEBC85865 ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
01:32:05.0893 0x1ae0 ATP - ok
01:32:05.0932 0x1ae0 AudioEndpointBuilder - ok
01:32:05.0962 0x1ae0 Audiosrv - ok
01:32:06.0029 0x1ae0 [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
01:32:06.0038 0x1ae0 avgntflt - ok
01:32:06.0090 0x1ae0 [ 8EF22CC03EFA1CB6810003C6A3B287D3, 352FE3194713D86BBD900A74AF033D5FE96A71389CC63DFC4821B43A55837206 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
01:32:06.0098 0x1ae0 avipbb - ok
01:32:06.0209 0x1ae0 [ 125DFFF37D51A45A72934C3BF89A64CD, 19208A6544DC822D5010C835A6FA5E8AC5406CBFB277C4C9E034EF6309B113EE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
01:32:06.0232 0x1ae0 Avira.ServiceHost - ok
01:32:06.0272 0x1ae0 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
01:32:06.0280 0x1ae0 avkmgr - ok
01:32:06.0313 0x1ae0 [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
01:32:06.0321 0x1ae0 avnetflt - ok
01:32:06.0333 0x1ae0 AxInstSV - ok
01:32:06.0362 0x1ae0 b06bdrv - ok
01:32:06.0384 0x1ae0 BasicDisplay - ok
01:32:06.0388 0x1ae0 BasicRender - ok
01:32:06.0398 0x1ae0 bcmfn - ok
01:32:06.0401 0x1ae0 bcmfn2 - ok
01:32:06.0919 0x1ae0 BDESVC - ok
01:32:06.0955 0x1ae0 Beep - ok
01:32:06.0979 0x1ae0 BFE - ok
01:32:07.0003 0x1ae0 BITS - ok
01:32:07.0005 0x1ae0 bowser - ok
01:32:07.0035 0x1ae0 BrokerInfrastructure - ok
01:32:07.0046 0x1ae0 Browser - ok
01:32:07.0074 0x1ae0 BthAvrcpTg - ok
01:32:07.0111 0x1ae0 BthHFEnum - ok
01:32:07.0114 0x1ae0 bthhfhid - ok
01:32:07.0146 0x1ae0 BthHFSrv - ok
01:32:07.0160 0x1ae0 BTHMODEM - ok
01:32:07.0170 0x1ae0 bthserv - ok
01:32:07.0207 0x1ae0 buttonconverter - ok
01:32:07.0231 0x1ae0 CapImg - ok
01:32:07.0235 0x1ae0 cdfs - ok
01:32:07.0258 0x1ae0 CDPSvc - ok
01:32:07.0261 0x1ae0 cdrom - ok
01:32:07.0270 0x1ae0 CertPropSvc - ok
01:32:07.0300 0x1ae0 circlass - ok
01:32:07.0329 0x1ae0 CLFS - ok
01:32:07.0369 0x2700 Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
01:32:07.0678 0x1ae0 [ 55A12DDEEA13E13035987C1592498CBF, 370578B00182713BAC19C9ABB0B923AA31A4D4A6C8B2DD7CA9394208C2EA3600 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
01:32:07.0819 0x1ae0 ClickToRunSvc - ok
01:32:07.0844 0x1ae0 ClipSVC - ok
01:32:07.0873 0x1ae0 CmBatt - ok
01:32:07.0907 0x1ae0 CNG - ok
01:32:07.0923 0x1ae0 cnghwassist - ok
01:32:08.0178 0x1ae0 CompositeBus - ok
01:32:08.0181 0x1ae0 COMSysApp - ok
01:32:08.0186 0x1ae0 condrv - ok
01:32:08.0231 0x1ae0 CoreMessagingRegistrar - ok
01:32:08.0606 0x1ae0 [ BB812787B838A74943DEF209350C3883, 2C168F48A68644AA3CB6167BEC2A260E3E9C78D0766A15AA0FAA39CDBD7FA040 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
01:32:08.0650 0x1ae0 cphs - ok
01:32:08.0663 0x1ae0 CryptSvc - ok
01:32:08.0689 0x1ae0 dam - ok
01:32:08.0726 0x1ae0 DcomLaunch - ok
01:32:08.0755 0x1ae0 DcpSvc - ok
01:32:08.0785 0x1ae0 defragsvc - ok
01:32:08.0811 0x1ae0 DeviceAssociationService - ok
01:32:08.0827 0x1ae0 DeviceInstall - ok
01:32:08.0844 0x1ae0 DevQueryBroker - ok
01:32:08.0872 0x1ae0 Dfsc - ok
01:32:08.0948 0x1ae0 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
01:32:08.0996 0x1ae0 dg_ssudbus - ok
01:32:09.0019 0x1ae0 Dhcp - ok
01:32:09.0116 0x1ae0 diagnosticshub.standardcollector.service - ok
01:32:09.0147 0x1ae0 DiagTrack - ok
01:32:09.0184 0x1ae0 disk - ok
01:32:09.0325 0x1ae0 DmEnrollmentSvc - ok
01:32:09.0337 0x1ae0 dmvsc - ok
01:32:09.0360 0x1ae0 dmwappushservice - ok
01:32:09.0393 0x1ae0 Dnscache - ok
01:32:09.0422 0x1ae0 dot3svc - ok
01:32:09.0515 0x1ae0 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
01:32:09.0561 0x1ae0 dot4 - ok
01:32:09.0607 0x1ae0 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
01:32:09.0635 0x1ae0 Dot4Print - ok
01:32:09.0676 0x1ae0 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
01:32:09.0709 0x1ae0 dot4usb - ok
01:32:09.0728 0x1ae0 DPS - ok
01:32:09.0765 0x1ae0 drmkaud - ok
01:32:09.0789 0x1ae0 DsmSvc - ok
01:32:09.0808 0x1ae0 DsSvc - ok
01:32:09.0864 0x2700 Object send P2P result: true
01:32:09.0864 0x2700 Object required for P2P: [ 157DA3885AA4F03C80C10DAEB0949CAA ] AntiVirMailService
01:32:09.0950 0x1ae0 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
01:32:09.0983 0x1ae0 dtsoftbus01 - ok
01:32:10.0007 0x1ae0 DXGKrnl - ok
01:32:10.0041 0x1ae0 Eaphost - ok
01:32:10.0061 0x1ae0 ebdrv - ok
01:32:10.0085 0x1ae0 EFS - ok
01:32:10.0096 0x1ae0 EhStorClass - ok
01:32:10.0118 0x1ae0 EhStorTcgDrv - ok
01:32:10.0142 0x1ae0 embeddedmode - ok
01:32:10.0155 0x1ae0 EntAppSvc - ok
01:32:10.0245 0x1ae0 [ 7DB097F4F6786307168C0DDDEC43A565, 963C0D3D88FB4BF9C2FBCB296B03603E2F8AA8B4E8976162842863B7538C1A9F ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
01:32:10.0307 0x1ae0 EPSON_EB_RPCV4_04 - ok
01:32:10.0343 0x1ae0 [ 258AA65A0862E19B7DE6981FDA3758AD, C090F19BEDC2CFB0B5265BCE48BD52102E06CBC15EEFE4CDB747D44F2E42D545 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
01:32:10.0417 0x1ae0 EPSON_PM_RPCV4_04 - ok
01:32:10.0421 0x1ae0 ErrDev - ok
01:32:10.0467 0x1ae0 EventSystem - ok
01:32:10.0484 0x1ae0 exfat - ok
01:32:10.0505 0x1ae0 fastfat - ok
01:32:10.0534 0x1ae0 Fax - ok
01:32:10.0537 0x1ae0 fdc - ok
01:32:10.0548 0x1ae0 fdPHost - ok
01:32:10.0561 0x1ae0 FDResPub - ok
01:32:10.0569 0x1ae0 fhsvc - ok
01:32:10.0592 0x1ae0 FileCrypt - ok
01:32:10.0617 0x1ae0 FileInfo - ok
01:32:10.0621 0x1ae0 Filetrace - ok
01:32:10.0624 0x1ae0 flpydisk - ok
01:32:10.0632 0x1ae0 FltMgr - ok
01:32:10.0662 0x1ae0 FontCache - ok
01:32:10.0665 0x1ae0 FsDepends - ok
01:32:10.0668 0x1ae0 Fs_Rec - ok
01:32:10.0683 0x1ae0 fvevol - ok
01:32:10.0698 0x1ae0 gagp30kx - ok
01:32:10.0754 0x1ae0 gencounter - ok
01:32:10.0786 0x1ae0 genericusbfn - ok
01:32:10.0973 0x1ae0 [ C5FA929A389F11330C780C1E97EF0740, A83EAD4A2F4DB236CC569CCAD619021C1E011CD70DEE249FE8594E8822640BBF ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
01:32:11.0040 0x1ae0 GfExperienceService - ok
01:32:11.0052 0x1ae0 GPIOClx0101 - ok
01:32:11.0075 0x1ae0 gpsvc - ok
01:32:11.0100 0x1ae0 GpuEnergyDrv - ok
01:32:11.0239 0x1ae0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:32:11.0247 0x1ae0 gupdate - ok
01:32:11.0266 0x1ae0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:32:11.0274 0x1ae0 gupdatem - ok
01:32:11.0295 0x1ae0 HDAudBus - ok
01:32:11.0299 0x1ae0 HidBatt - ok
01:32:11.0301 0x1ae0 HidBth - ok
01:32:11.0311 0x1ae0 hidi2c - ok
01:32:11.0331 0x1ae0 hidinterrupt - ok
01:32:11.0356 0x1ae0 HidIr - ok
01:32:11.0375 0x1ae0 hidserv - ok
01:32:11.0425 0x1ae0 [ 7222DC0F811BBD1B4B4A7C28B7C31AE5, B161D32B2EDD4BB110C80918A36B05D7990CE76567BE59FD1C3C07D53C3AFE03 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
01:32:11.0436 0x1ae0 HIDSwitch - ok
01:32:11.0484 0x1ae0 HidUsb - ok
01:32:11.0558 0x1ae0 [ 852681A14AFEE00C0C3179429A08C868, 405B26901E066062E424768662FF9E9009C8D381E9D41167B0024CB6DE348895 ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys
01:32:11.0568 0x1ae0 HipShieldK - ok
01:32:11.0616 0x1ae0 HomeGroupListener - ok
01:32:11.0647 0x1ae0 HomeGroupProvider - ok
01:32:11.0650 0x1ae0 HpSAMD - ok
01:32:11.0677 0x1ae0 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys
01:32:11.0690 0x1ae0 HTCAND64 - ok
01:32:11.0786 0x1ae0 [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
01:32:11.0795 0x1ae0 HTCMonitorService - ok
01:32:11.0831 0x1ae0 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
01:32:11.0840 0x1ae0 htcnprot - ok
01:32:11.0884 0x1ae0 [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32 C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys
01:32:11.0919 0x1ae0 HtcVCom32 - ok
01:32:11.0934 0x1ae0 HTTP - ok
01:32:11.0978 0x1ae0 hwpolicy - ok
01:32:12.0007 0x1ae0 hyperkbd - ok
01:32:12.0013 0x1ae0 i8042prt - ok
01:32:12.0027 0x1ae0 iai2c - ok
01:32:12.0042 0x1ae0 iaLPSS2i_I2C - ok
01:32:12.0049 0x1ae0 iaLPSSi_GPIO - ok
01:32:12.0060 0x1ae0 iaLPSSi_I2C - ok
01:32:12.0133 0x1ae0 [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
01:32:12.0151 0x1ae0 iaStorA - ok
01:32:12.0173 0x1ae0 iaStorAV - ok
01:32:12.0188 0x1ae0 iaStorV - ok
01:32:12.0191 0x1ae0 ibbus - ok
01:32:12.0279 0x2700 Object send P2P result: true
01:32:12.0318 0x1ae0 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
01:32:12.0342 0x1ae0 ICCS - ok
01:32:12.0527 0x1ae0 [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
01:32:12.0619 0x1ae0 IconMan_R - ok
01:32:12.0640 0x1ae0 icssvc - ok
01:32:12.0645 0x1ae0 IEEtwCollectorService - ok
01:32:12.0949 0x1ae0 [ CEFA6BDB4789F3DA003ACBDCC64F5877, 0FE78AEFA9A75B4A99AD6B73AC3252E4C6DFA9D306FEC02D26C1FD574108BFBA ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
01:32:13.0067 0x1ae0 igfx - ok
01:32:13.0139 0x1ae0 [ 75909533EECD0CD9D5974B59474AA6C0, F81D0F949F1F01D09C91735C79288395B82C27B8FB78804752E5A678D7EF3860 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
01:32:13.0154 0x1ae0 igfxCUIService1.0.0.0 - ok
01:32:13.0182 0x1ae0 IKEEXT - ok
01:32:13.0244 0x1ae0 [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
01:32:13.0255 0x1ae0 intaud_WaveExtensible - ok
01:32:13.0596 0x1ae0 [ 7A3585C4000C8340AE6B7FA08F9EF50F, B93F23464E7D929B90D80650698372128546CFEDA72216823CBE51A08D3368E0 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
01:32:13.0706 0x1ae0 IntcAzAudAddService - ok
01:32:13.0771 0x1ae0 [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
01:32:13.0792 0x1ae0 IntcDAud - ok
01:32:13.0970 0x1ae0 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
01:32:13.0996 0x1ae0 Intel(R) Capability Licensing Service Interface - ok
01:32:14.0062 0x1ae0 [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
01:32:14.0087 0x1ae0 Intel(R) ME Service - ok
01:32:14.0107 0x1ae0 intelide - ok
01:32:14.0110 0x1ae0 intelpep - ok
01:32:14.0114 0x1ae0 intelppm - ok
01:32:14.0124 0x1ae0 IoQos - ok
01:32:14.0127 0x1ae0 IpFilterDriver - ok
01:32:14.0147 0x1ae0 iphlpsvc - ok
01:32:14.0149 0x1ae0 IPMIDRV - ok
01:32:14.0152 0x1ae0 IPNAT - ok
01:32:14.0178 0x1ae0 IRENUM - ok
01:32:14.0180 0x1ae0 isapnp - ok
01:32:14.0197 0x1ae0 iScsiPrt - ok
01:32:14.0246 0x1ae0 [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
01:32:14.0254 0x1ae0 iwdbus - ok
01:32:14.0322 0x1ae0 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
01:32:14.0358 0x1ae0 jhi_service - ok
01:32:14.0418 0x1ae0 kbdclass - ok
01:32:14.0432 0x1ae0 kbdhid - ok
01:32:14.0488 0x1ae0 [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys
01:32:14.0530 0x1ae0 kbfiltr - ok
01:32:14.0540 0x1ae0 kdnic - ok
01:32:14.0543 0x1ae0 KeyIso - ok
01:32:14.0556 0x1ae0 KSecDD - ok
01:32:14.0589 0x1ae0 KSecPkg - ok
01:32:14.0594 0x1ae0 ksthunk - ok
01:32:14.0622 0x1ae0 KtmRm - ok
01:32:14.0638 0x1ae0 LanmanServer - ok
01:32:14.0651 0x1ae0 LanmanWorkstation - ok
01:32:14.0712 0x1ae0 lfsvc - ok
01:32:14.0715 0x1ae0 LicenseManager - ok
01:32:14.0744 0x1ae0 lltdio - ok
01:32:14.0762 0x1ae0 lltdsvc - ok
01:32:14.0779 0x1ae0 lmhosts - ok
01:32:14.0844 0x1ae0 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:32:14.0856 0x1ae0 LMS - ok
01:32:14.0896 0x1ae0 LSI_SAS - ok
01:32:14.0920 0x1ae0 LSI_SAS2i - ok
01:32:14.0923 0x1ae0 LSI_SAS3i - ok
01:32:14.0937 0x1ae0 LSI_SSS - ok
01:32:14.0945 0x1ae0 LSM - ok
01:32:14.0948 0x1ae0 luafv - ok
01:32:14.0975 0x1ae0 MapsBroker - ok
01:32:15.0105 0x1ae0 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
01:32:15.0115 0x1ae0 MBAMProtector - ok
01:32:15.0330 0x1ae0 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
01:32:15.0394 0x1ae0 MBAMScheduler - ok
01:32:15.0589 0x1ae0 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
01:32:15.0627 0x1ae0 MBAMService - ok
01:32:15.0762 0x1ae0 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
01:32:15.0771 0x1ae0 MBAMSwissArmy - ok
01:32:15.0832 0x1ae0 [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
01:32:15.0840 0x1ae0 MBAMWebAccessControl - ok
01:32:15.0863 0x1ae0 megasas - ok
01:32:15.0883 0x1ae0 megasr - ok
01:32:15.0946 0x1ae0 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
01:32:15.0955 0x1ae0 MEIx64 - ok
01:32:15.0972 0x1ae0 MessagingService - ok
01:32:16.0091 0x1ae0 [ B36E18A55B31C11EE43DCC3283E866B7, D51846322BB568256832B337DCC4D6765B1DD18FE164EA97168862722CA44B7E ] mfencbdc C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
01:32:16.0112 0x1ae0 mfencbdc - ok
01:32:16.0153 0x1ae0 [ E585108E51FAF2FD949135D0A20F3525, 0B8CD9F827A7E16755EB22430643E09ACA78D789EF6C44C7B00EACDBBF3EB7E2 ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys
01:32:16.0161 0x1ae0 mfencrk - ok
01:32:16.0185 0x1ae0 mlx4_bus - ok
01:32:16.0200 0x1ae0 MMCSS - ok
01:32:16.0203 0x1ae0 Modem - ok
01:32:16.0215 0x1ae0 monitor - ok
01:32:16.0218 0x1ae0 mouclass - ok
01:32:16.0224 0x1ae0 mouhid - ok
01:32:16.0229 0x1ae0 mountmgr - ok
01:32:16.0309 0x1ae0 [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:32:16.0332 0x1ae0 MozillaMaintenance - ok
01:32:16.0352 0x1ae0 mpsdrv - ok
01:32:16.0374 0x1ae0 MpsSvc - ok
01:32:16.0464 0x1ae0 MRxDAV - ok
01:32:16.0498 0x1ae0 mrxsmb - ok
01:32:16.0508 0x1ae0 mrxsmb10 - ok
01:32:16.0530 0x1ae0 mrxsmb20 - ok
01:32:16.0542 0x1ae0 MsBridge - ok
01:32:16.0571 0x1ae0 MSDTC - ok
01:32:16.0602 0x1ae0 Msfs - ok
01:32:16.0630 0x1ae0 msgpiowin32 - ok
01:32:16.0633 0x1ae0 mshidkmdf - ok
01:32:16.0649 0x1ae0 mshidumdf - ok
01:32:16.0653 0x1ae0 msisadrv - ok
01:32:16.0669 0x1ae0 MSiSCSI - ok
01:32:16.0672 0x1ae0 msiserver - ok
01:32:16.0686 0x1ae0 MSKSSRV - ok
01:32:16.0689 0x1ae0 MsLldp - ok
01:32:16.0692 0x1ae0 MSPCLOCK - ok
01:32:16.0696 0x1ae0 MSPQM - ok
01:32:16.0699 0x1ae0 MsRPC - ok
01:32:16.0710 0x1ae0 mssmbios - ok
01:32:16.0713 0x1ae0 MSTEE - ok
01:32:16.0722 0x1ae0 MTConfig - ok
01:32:16.0730 0x1ae0 Mup - ok
01:32:16.0733 0x1ae0 mvumis - ok
01:32:16.0760 0x1ae0 NativeWifiP - ok
01:32:16.0796 0x1ae0 NcaSvc - ok
01:32:16.0870 0x1ae0 NcbService - ok
01:32:16.0907 0x1ae0 NcdAutoSetup - ok
01:32:16.0941 0x1ae0 ndfltr - ok
01:32:16.0973 0x1ae0 NDIS - ok
01:32:17.0000 0x1ae0 NdisCap - ok
01:32:17.0003 0x1ae0 NdisImPlatform - ok
01:32:17.0014 0x1ae0 NdisTapi - ok
01:32:17.0017 0x1ae0 Ndisuio - ok
01:32:17.0020 0x1ae0 NdisVirtualBus - ok
01:32:17.0025 0x1ae0 NdisWan - ok
01:32:17.0029 0x1ae0 ndiswanlegacy - ok
01:32:17.0033 0x1ae0 ndproxy - ok
01:32:17.0037 0x1ae0 Ndu - ok
01:32:17.0040 0x1ae0 NetBIOS - ok
01:32:17.0064 0x1ae0 NetBT - ok
01:32:17.0066 0x1ae0 Netlogon - ok
01:32:17.0080 0x1ae0 Netman - ok
01:32:17.0100 0x1ae0 netprofm - ok
01:32:17.0149 0x1ae0 NetSetupSvc - ok
01:32:17.0309 0x1ae0 NetTcpPortSharing - ok
01:32:17.0358 0x1ae0 NgcCtnrSvc - ok
01:32:17.0378 0x1ae0 NgcSvc - ok
01:32:17.0414 0x1ae0 NlaSvc - ok
01:32:17.0442 0x1ae0 Npfs - ok
01:32:17.0475 0x1ae0 npsvctrig - ok
01:32:17.0490 0x1ae0 nsi - ok
01:32:17.0492 0x1ae0 nsiproxy - ok
01:32:17.0511 0x1ae0 NTFS - ok
01:32:17.0524 0x1ae0 Null - ok
01:32:18.0328 0x1ae0 [ 597C022F2A7E5D31ED3BAD18C75D5552, 1D0A32A2A23FC8BA5E02A8EB248902EF234DBCEFA53454C4AEA3B92D7043A2B3 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
01:32:18.0775 0x1ae0 nvlddmkm - ok
01:32:19.0140 0x1ae0 [ 3D596244C1B93A506292DA07CC2B123F, 1604F8B4B89D599C1944E6FF9A0D35DDB1E34BAEC0315E23070180959644DCF2 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
01:32:19.0230 0x1ae0 NvNetworkService - ok
01:32:19.0272 0x1ae0 [ 5264D90A68ECB813C9E8EB2BE7FB98EA, 0C4FDB211B1FB52992E5AB7AA9D93262DBC6106EA952F14A35967E2E1CCC2490 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
01:32:19.0281 0x1ae0 nvpciflt - ok
01:32:19.0297 0x1ae0 nvraid - ok
01:32:19.0301 0x1ae0 nvstor - ok
01:32:19.0382 0x1ae0 [ 27DF221148B9C1A3EA8900D87ABC30F5, 904B4C99EB039C6D2474E30A0E03B700486BED61D226A1A5095BFF729B91C3F2 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
01:32:19.0389 0x1ae0 NvStreamKms - ok
01:32:19.0883 0x1ae0 [ 4B8F9A38BBE8ACCA6D48E253FFE2393A, 11D9ED3E3C5C3D544E83284E24A93632B9B5FF277639DF18046C0564FB838155 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
01:32:20.0092 0x1ae0 NvStreamNetworkSvc - ok
01:32:20.0290 0x1ae0 [ 2035827FCA3BDF5F37A3B64C8D284176, B3CCCF3AEBBF1D5BC756EEA433CD06A7650294CA4FF09FBCD985085B4692B846 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
01:32:20.0371 0x1ae0 NvStreamSvc - ok
01:32:20.0573 0x1ae0 [ 38885AE14957B271496CD7DA19CF2697, 1A506872585B6C5B5DD3F2927F70DE6393977167D72DC0A31FB2267B9FF89A49 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
01:32:23.0596 0x1ae0 nvsvc - ok
01:32:23.0677 0x1ae0 [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
01:32:23.0686 0x1ae0 nvvad_WaveExtensible - ok
01:32:23.0730 0x1ae0 nv_agp - ok
01:32:23.0808 0x1ae0 OneSyncSvc - ok
01:32:24.0081 0x1ae0 [ A714845CA0443AF9DC7211CCB4308B3A, 25FB9B0FDF1782005A2FEC041A5C6F41E012A8DFABF88328D23EA59B20807BBE ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:32:24.0116 0x1ae0 ose - ok
01:32:24.0125 0x1ae0 p2pimsvc - ok
01:32:24.0137 0x1ae0 p2psvc - ok
01:32:24.0233 0x1ae0 Parport - ok
01:32:24.0236 0x1ae0 partmgr - ok
01:32:24.0350 0x1ae0 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
01:32:24.0359 0x1ae0 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
01:32:25.0318 0x1bf4 Object required for P2P: [ 5CF5E80616F74B769AABCF76FEA791D1 ] avgntflt
01:32:26.0734 0x1ae0 Detect skipped due to KSN trusted
01:32:26.0734 0x1ae0 PassThru Service - ok
01:32:26.0759 0x1ae0 PcaSvc - ok
01:32:26.0794 0x1ae0 pci - ok
01:32:26.0830 0x1ae0 pciide - ok
01:32:26.0868 0x1ae0 pcmcia - ok
01:32:26.0872 0x1ae0 pcw - ok
01:32:26.0893 0x1ae0 pdc - ok
01:32:26.0900 0x1ae0 PEAUTH - ok
01:32:26.0922 0x1ae0 percsas2i - ok
01:32:26.0952 0x1ae0 percsas3i - ok
01:32:27.0316 0x1ae0 PerfHost - ok
01:32:27.0372 0x1ae0 PhoneSvc - ok
01:32:27.0414 0x1ae0 PimIndexMaintenanceSvc - ok
01:32:27.0429 0x1ae0 pla - ok
01:32:27.0450 0x1ae0 PlugPlay - ok
01:32:27.0456 0x1ae0 PNRPAutoReg - ok
01:32:27.0459 0x1ae0 PNRPsvc - ok
01:32:27.0475 0x1ae0 PolicyAgent - ok
01:32:27.0480 0x1ae0 Power - ok
01:32:27.0509 0x1ae0 PptpMiniport - ok
01:32:27.0789 0x1ae0 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
01:32:28.0522 0x1bf4 Object send P2P result: true
01:32:28.0522 0x1bf4 Object required for P2P: [ 125DFFF37D51A45A72934C3BF89A64CD ] Avira.ServiceHost
01:32:29.0550 0x05d8 Object required for P2P: [ 38885AE14957B271496CD7DA19CF2697 ] nvsvc
01:32:30.0020 0x1ae0 PrintNotify - ok
01:32:30.0064 0x1ae0 Processor - ok
01:32:30.0095 0x1ae0 ProfSvc - ok
01:32:30.0111 0x1ae0 Psched - ok
01:32:30.0151 0x1ae0 [ 65D32E9BBCC9FFD36F2BF38C595D283F, 185ADC9094D302B42C1B3080CCEDE16606027FDBE24FE9C70291291F2E38E3B1 ] qcusbser C:\WINDOWS\system32\DRIVERS\qcusbser.sys
01:32:31.0436 0x1bf4 Object send P2P result: true
01:32:31.0444 0x1bf4 Object required for P2P: [ 597C022F2A7E5D31ED3BAD18C75D5552 ] nvlddmkm
01:32:31.0456 0x1ae0 qcusbser - ok
01:32:31.0469 0x1ae0 QWAVE - ok
01:32:31.0489 0x1ae0 QWAVEdrv - ok
01:32:31.0511 0x1ae0 RasAcd - ok
01:32:31.0550 0x1ae0 RasAgileVpn - ok
01:32:31.0572 0x1ae0 RasAuto - ok
01:32:31.0619 0x1ae0 Rasl2tp - ok
01:32:31.0636 0x1ae0 RasMan - ok
01:32:31.0640 0x1ae0 RasPppoe - ok
01:32:31.0653 0x1ae0 RasSstp - ok
01:32:31.0658 0x1ae0 rdbss - ok
01:32:31.0664 0x1ae0 rdpbus - ok
01:32:31.0668 0x1ae0 RDPDR - ok
01:32:31.0677 0x1ae0 RdpVideoMiniport - ok
01:32:31.0712 0x1ae0 rdyboost - ok
01:32:31.0715 0x1ae0 ReFSv1 - ok
01:32:31.0741 0x1ae0 RemoteAccess - ok
01:32:31.0759 0x1ae0 RemoteRegistry - ok
01:32:31.0839 0x1ae0 RetailDemo - ok
01:32:31.0870 0x1ae0 RpcEptMapper - ok
01:32:31.0925 0x1ae0 RpcLocator - ok
01:32:31.0970 0x1ae0 RpcSs - ok
01:32:32.0064 0x1ae0 [ C167028F97C6DEC11A5F845707BB892F, B03F2861FFB92E1355F0C61B2A5291A2FAE593501D6DB5493F1490111B98A7DA ] RSBASTOR C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys
01:32:32.0086 0x1ae0 RSBASTOR - ok
01:32:32.0112 0x1ae0 rspndr - ok
01:32:32.0235 0x1ae0 [ DFE1602D6A08A0C27C48DD8C4EFB11CA, 18368C921075780ABAFCC489BB69C5CBCE788A8C29B5CEAFB23C8EAB42CD1129 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
01:32:32.0291 0x1ae0 rt640x64 - ok
01:32:32.0334 0x1ae0 s3cap - ok
01:32:32.0363 0x1ae0 SamSs - ok
01:32:32.0387 0x1ae0 sbp2port - ok
01:32:32.0407 0x1ae0 SCardSvr - ok
01:32:32.0419 0x1ae0 ScDeviceEnum - ok
01:32:32.0434 0x1ae0 scfilter - ok
01:32:32.0443 0x1ae0 Schedule - ok
01:32:32.0451 0x05d8 Object send P2P result: true
01:32:32.0452 0x05d8 Object required for P2P: [ A714845CA0443AF9DC7211CCB4308B3A ] ose
01:32:32.0458 0x1ae0 SCPolicySvc - ok
01:32:32.0493 0x1ae0 sdbus - ok
01:32:32.0541 0x1ae0 SDRSVC - ok
01:32:32.0564 0x1ae0 sdstor - ok
01:32:32.0597 0x1ae0 seclogon - ok
01:32:32.0616 0x1ae0 SENS - ok
01:32:32.0629 0x1ae0 SensorDataService - ok
01:32:32.0685 0x1ae0 SensorService - ok
01:32:32.0720 0x1ae0 SensrSvc - ok
01:32:32.0742 0x1ae0 SerCx - ok
01:32:32.0756 0x1ae0 SerCx2 - ok
01:32:32.0810 0x1ae0 Serenum - ok
01:32:32.0823 0x1ae0 Serial - ok
01:32:32.0843 0x1ae0 sermouse - ok
01:32:32.0864 0x1ae0 SessionEnv - ok
01:32:32.0898 0x1ae0 sfloppy - ok
01:32:32.0923 0x1ae0 SharedAccess - ok
01:32:33.0033 0x1ae0 ShellHWDetection - ok
01:32:33.0108 0x1ae0 SiSRaid2 - ok
01:32:33.0130 0x1ae0 SiSRaid4 - ok
01:32:33.0243 0x1ae0 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:32:33.0258 0x1ae0 SkypeUpdate - ok
01:32:33.0337 0x1ae0 smphost - ok
01:32:33.0471 0x1ae0 SmsRouter - ok
01:32:33.0531 0x1ae0 SNMPTRAP - ok
01:32:33.0589 0x1ae0 spaceport - ok
01:32:33.0592 0x1ae0 SpbCx - ok
01:32:33.0620 0x1ae0 Spooler - ok
01:32:33.0668 0x1ae0 sppsvc - ok
01:32:33.0677 0x1ae0 srv - ok
01:32:33.0709 0x1ae0 srv2 - ok
01:32:33.0731 0x1ae0 srvnet - ok
01:32:33.0842 0x1ae0 SSDPSRV - ok
01:32:33.0871 0x1ae0 SstpSvc - ok
01:32:33.0937 0x1ae0 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
01:32:33.0978 0x1bf4 Object send P2P result: true
01:32:33.0981 0x1ae0 ssudmdm - ok
01:32:34.0020 0x1ae0 StateRepository - ok
01:32:34.0234 0x1ae0 [ 81433E112B6BD31B59519BA31EF927DB, DD1776E5729F22C58A4969132E0C105B0E48672ADC4E8FD958A8D5A627596BBA ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
01:32:34.0281 0x1ae0 Steam Client Service - ok
01:32:34.0284 0x1ae0 stexstor - ok
01:32:34.0321 0x1ae0 stisvc - ok
01:32:34.0331 0x1ae0 storahci - ok
01:32:34.0355 0x1ae0 storflt - ok
01:32:34.0359 0x1ae0 stornvme - ok
01:32:34.0370 0x1ae0 storqosflt - ok
01:32:34.0416 0x1ae0 StorSvc - ok
01:32:34.0419 0x1ae0 storufs - ok
01:32:34.0430 0x1ae0 storvsc - ok
01:32:34.0460 0x1ae0 svsvc - ok
01:32:34.0475 0x1ae0 swenum - ok
01:32:34.0478 0x1ae0 swprv - ok
01:32:34.0519 0x1ae0 Synth3dVsc - ok
01:32:34.0543 0x1ae0 SysMain - ok
01:32:34.0577 0x1ae0 SystemEventsBroker - ok
01:32:34.0592 0x1ae0 TabletInputService - ok
01:32:34.0622 0x1ae0 TapiSrv - ok
01:32:34.0652 0x1ae0 Tcpip - ok
01:32:34.0654 0x1ae0 Tcpip6 - ok
01:32:34.0659 0x1ae0 tcpipreg - ok
01:32:34.0689 0x1ae0 tdx - ok
01:32:34.0723 0x1ae0 terminpt - ok
01:32:34.0748 0x1ae0 TermService - ok
01:32:34.0772 0x1ae0 Themes - ok
01:32:34.0842 0x1ae0 TieringEngineService - ok
01:32:34.0867 0x05d8 Object send P2P result: true
01:32:34.0926 0x1ae0 tiledatamodelsvc - ok
01:32:34.0956 0x1ae0 TimeBroker - ok
01:32:34.0965 0x1ae0 TPM - ok
01:32:34.0972 0x1ae0 TrkWks - ok
01:32:35.0042 0x1ae0 TrustedInstaller - ok
01:32:35.0046 0x1ae0 tsusbflt - ok
01:32:35.0050 0x1ae0 TsUsbGD - ok
01:32:35.0067 0x1ae0 tunnel - ok
01:32:35.0115 0x1ae0 tzautoupdate - ok
01:32:35.0165 0x1ae0 uagp35 - ok
01:32:35.0179 0x1ae0 UASPStor - ok
01:32:35.0215 0x1ae0 UcmCx0101 - ok
01:32:35.0218 0x1ae0 UcmUcsi - ok
01:32:35.0221 0x1ae0 Ucx01000 - ok
01:32:35.0225 0x1ae0 UdeCx - ok
01:32:35.0256 0x1ae0 udfs - ok
01:32:35.0260 0x1ae0 UEFI - ok
01:32:35.0295 0x1ae0 Ufx01000 - ok
01:32:35.0323 0x1ae0 UfxChipidea - ok
01:32:35.0326 0x1ae0 ufxsynopsys - ok
01:32:35.0398 0x1ae0 UI0Detect - ok
01:32:35.0443 0x1ae0 uliagpkx - ok
01:32:35.0461 0x1ae0 umbus - ok
01:32:35.0465 0x1ae0 UmPass - ok
01:32:35.0506 0x1ae0 UmRdpService - ok
01:32:35.0521 0x1ae0 UnistoreSvc - ok
01:32:35.0785 0x1ae0 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
01:32:35.0802 0x1ae0 UNS - ok
01:32:35.0873 0x1ae0 upnphost - ok
01:32:35.0920 0x1ae0 UrsChipidea - ok
01:32:35.0923 0x1ae0 UrsCx01000 - ok
01:32:35.0927 0x1ae0 UrsSynopsys - ok
01:32:35.0930 0x1ae0 usbccgp - ok
01:32:35.0945 0x1ae0 usbcir - ok
01:32:35.0977 0x1ae0 usbehci - ok
01:32:35.0982 0x1ae0 usbhub - ok
01:32:35.0984 0x1ae0 USBHUB3 - ok
01:32:35.0995 0x1ae0 usbohci - ok
01:32:36.0000 0x1ae0 usbprint - ok
01:32:36.0085 0x1ae0 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:32:36.0756 0x1ae0 usbscan - ok
01:32:36.0793 0x1ae0 usbser - ok
01:32:36.0831 0x1ae0 USBSTOR - ok
01:32:36.0854 0x1ae0 usbuhci - ok
01:32:36.0890 0x1ae0 usbvideo - ok
01:32:36.0939 0x1ae0 USBXHCI - ok
01:32:36.0981 0x1ae0 UserDataSvc - ok
01:32:37.0075 0x1ae0 UserManager - ok
01:32:37.0107 0x1ae0 UsoSvc - ok
01:32:37.0111 0x1ae0 VaultSvc - ok
01:32:37.0143 0x1ae0 vdrvroot - ok
01:32:37.0198 0x1ae0 vds - ok
01:32:37.0201 0x1ae0 VerifierExt - ok
01:32:37.0205 0x1ae0 vhdmp - ok
01:32:37.0209 0x1ae0 vhf - ok
01:32:37.0220 0x1ae0 vmbus - ok
01:32:37.0224 0x1ae0 VMBusHID - ok
01:32:37.0253 0x1ae0 vmicguestinterface - ok
01:32:37.0256 0x1ae0 vmicheartbeat - ok
01:32:37.0261 0x1ae0 vmickvpexchange - ok
01:32:37.0264 0x1ae0 vmicrdv - ok
01:32:37.0268 0x1ae0 vmicshutdown - ok
01:32:37.0272 0x1ae0 vmictimesync - ok
01:32:37.0276 0x1ae0 vmicvmsession - ok
01:32:37.0280 0x1ae0 vmicvss - ok
01:32:37.0284 0x1ae0 volmgr - ok
01:32:37.0305 0x1ae0 volmgrx - ok
01:32:37.0308 0x1ae0 volsnap - ok
01:32:37.0356 0x1ae0 vpci - ok
01:32:37.0452 0x1ae0 [ 86C96C079293E2E06708E146A011F4C4, 10F8DBA78B76B304525FC72C83990F10133936010E26D2F9AEB2FB747F8B75C2 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
01:32:38.0262 0x1ae0 vpnagent - ok
01:32:38.0480 0x1ae0 [ 5932B2999AEF21C4599A792599F28D89, 78B2842BA71F9DAB5BB64BA4AB97BD19DEEFB075F83D735244906D046E78B2DC ] vpnva C:\WINDOWS\System32\drivers\vpnva64-6.sys
01:32:39.0647 0x1ae0 vpnva - ok
01:32:39.0743 0x1ae0 vsmraid - ok
01:32:39.0776 0x1ae0 VSS - ok
01:32:39.0786 0x1ae0 VSTXRAID - ok
01:32:39.0813 0x1ae0 vwifibus - ok
01:32:39.0816 0x1ae0 vwififlt - ok
01:32:39.0820 0x1ae0 vwifimp - ok
01:32:39.0861 0x1ae0 W32Time - ok
01:32:39.0865 0x1ae0 WacomPen - ok
01:32:39.0876 0x1ae0 WalletService - ok
01:32:39.0899 0x1ae0 wanarp - ok
01:32:39.0903 0x1ae0 wanarpv6 - ok
01:32:39.0920 0x1ae0 wbengine - ok
01:32:39.0945 0x1ae0 WbioSrvc - ok
01:32:39.0985 0x1ae0 Wcmsvc - ok
01:32:40.0009 0x1ae0 wcncsvc - ok
01:32:40.0028 0x1ae0 WcsPlugInService - ok
01:32:40.0068 0x1ae0 WdBoot - ok
01:32:40.0121 0x1ae0 Wdf01000 - ok
01:32:40.0124 0x1ae0 WdFilter - ok
01:32:40.0131 0x1ae0 WdiServiceHost - ok
01:32:40.0135 0x1ae0 WdiSystemHost - ok
01:32:40.0159 0x1ae0 wdiwifi - ok
01:32:40.0167 0x1ae0 WdNisDrv - ok
01:32:40.0227 0x1ae0 WdNisSvc - ok
01:32:40.0253 0x1ae0 WebClient - ok
01:32:40.0270 0x1ae0 Wecsvc - ok
01:32:40.0278 0x1ae0 WEPHOSTSVC - ok
01:32:40.0298 0x1ae0 wercplsupport - ok
01:32:40.0312 0x1ae0 WerSvc - ok
01:32:40.0325 0x1ae0 WFPLWFS - ok
01:32:40.0375 0x1ae0 WiaRpc - ok
01:32:40.0396 0x1ae0 WIMMount - ok
01:32:40.0398 0x1ae0 WinDefend - ok
01:32:40.0423 0x1ae0 WindowsTrustedRT - ok
01:32:40.0475 0x1ae0 WindowsTrustedRTProxy - ok
01:32:40.0512 0x1ae0 WinHttpAutoProxySvc - ok
01:32:40.0544 0x1ae0 WinMad - ok
01:32:40.0717 0x1ae0 Winmgmt - ok
01:32:40.0743 0x1ae0 WinRM - ok
01:32:40.0767 0x1ae0 WINUSB - ok
01:32:40.0788 0x1ae0 WinVerbs - ok
01:32:40.0813 0x1ae0 WlanSvc - ok
01:32:40.0834 0x1ae0 wlidsvc - ok
01:32:40.0837 0x1ae0 WmiAcpi - ok
01:32:40.0864 0x1ae0 wmiApSrv - ok
01:32:40.0961 0x1ae0 WMPNetworkSvc - ok
01:32:41.0005 0x1ae0 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
01:32:41.0019 0x1ae0 Wof - ok
01:32:41.0049 0x1ae0 workfolderssvc - ok
01:32:41.0078 0x1ae0 wpcfltr - ok
01:32:41.0122 0x1ae0 WPDBusEnum - ok
01:32:41.0132 0x1ae0 WpdUpFltr - ok
01:32:41.0143 0x1ae0 WpnService - ok
01:32:41.0146 0x1ae0 ws2ifsl - ok
01:32:41.0167 0x1ae0 wscsvc - ok
01:32:41.0170 0x1ae0 WSearch - ok
01:32:41.0217 0x1ae0 WSService - ok
01:32:41.0229 0x1ae0 wuauserv - ok
01:32:41.0257 0x1ae0 WudfPf - ok
01:32:41.0260 0x1ae0 WUDFRd - ok
01:32:41.0277 0x1ae0 wudfsvc - ok
01:32:41.0280 0x1ae0 WUDFWpdFs - ok
01:32:41.0284 0x1ae0 WUDFWpdMtp - ok
01:32:41.0291 0x1ae0 WwanSvc - ok
01:32:41.0315 0x1ae0 XblAuthManager - ok
01:32:41.0387 0x1ae0 XblGameSave - ok
01:32:41.0393 0x1ae0 xboxgip - ok
01:32:41.0409 0x1ae0 XboxNetApiSvc - ok
01:32:41.0449 0x1ae0 xinputhid - ok
01:32:41.0461 0x1ae0 ================ Scan global ===============================
01:32:41.0811 0x1ae0 [ Global ] - ok
01:32:41.0811 0x1ae0 ================ Scan MBR ==================================
01:32:41.0833 0x1ae0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
01:32:42.0534 0x1ae0 \Device\Harddisk0\DR0 - ok
01:32:42.0535 0x1ae0 ================ Scan VBR ==================================
01:32:42.0618 0x1ae0 [ 98B8A21AE22EF689448163D2AC271685 ] \Device\Harddisk0\DR0\Partition1
01:32:42.0652 0x1ae0 \Device\Harddisk0\DR0\Partition1 - ok
01:32:42.0677 0x1ae0 [ 27687AD731BCB2337FA9957D1C72BD31 ] \Device\Harddisk0\DR0\Partition2
01:32:42.0747 0x1ae0 \Device\Harddisk0\DR0\Partition2 - ok
01:32:42.0782 0x1ae0 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
01:32:42.0793 0x1ae0 \Device\Harddisk0\DR0\Partition3 - ok
01:32:42.0815 0x1ae0 [ FFFD06CD32C76DF617760BE3E277AE1E ] \Device\Harddisk0\DR0\Partition4
01:32:42.0916 0x1ae0 \Device\Harddisk0\DR0\Partition4 - ok
01:32:42.0943 0x1ae0 [ 00381BEFD08018651A5EC64F10B8F7DE ] \Device\Harddisk0\DR0\Partition5
01:32:43.0049 0x1ae0 \Device\Harddisk0\DR0\Partition5 - ok
01:32:43.0129 0x1ae0 [ A27508504FB24D21B105B11FCC70B3B8 ] \Device\Harddisk0\DR0\Partition6
01:32:43.0249 0x1ae0 \Device\Harddisk0\DR0\Partition6 - ok
01:32:43.0296 0x1ae0 [ 44591B12289934D05671111EBDFEE01B ] \Device\Harddisk0\DR0\Partition7
01:32:43.0445 0x1ae0 \Device\Harddisk0\DR0\Partition7 - ok
01:32:43.0446 0x1ae0 ================ Scan generic autorun ======================
01:32:44.0281 0x1ae0 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
01:32:46.0504 0x1ae0 RTHDVCPL - ok
01:32:46.0721 0x1ae0 [ F31CDC26F3624750C2AE2DEFF1E598DA, 06B606E849FB946A9E4CFC8E6799A6B18C4E3233A77ED62DEBCC375649F3D7A8 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
01:32:48.0314 0x1ae0 RtHDVBg - ok
01:32:48.0698 0x1ae0 [ BC293F3C9621D40E1924A5715417F77C, 3EB1B0040566CE0DBA3FC65C5005B0F1E79BE9AB39CAD1398A45AAC3AB7AD733 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
01:32:48.0825 0x1ae0 NvBackend - ok
01:32:49.0284 0x1ae0 [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
01:32:49.0432 0x1ae0 ASUSPRP - detected UnsignedFile.Multi.Generic ( 1 )
01:32:52.0022 0x1ae0 Detect skipped due to KSN trusted
01:32:52.0022 0x1ae0 ASUSPRP - ok
01:32:52.0555 0x1ae0 [ B15880A58755DA0FADB15923013A7957, 4090342AF93538C5F3157605164CF5EC051B6D767B1B7FCCF3265F1D426E88AA ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe
01:32:54.0066 0x1ae0 ASUSWebStorage - ok
01:32:54.0257 0x1ae0 [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
01:32:55.0301 0x1ae0 RemoteControl10 - ok
01:32:55.0513 0x1ae0 [ 81800928E0F713DF31F3393CC26F4013, 0ABCC70297C83C01BCCAF03083BE67EB7A50A28557B2F9578EDB73B382F54182 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
01:32:55.0552 0x1ae0 DivXUpdate - ok
01:32:55.0670 0x1ae0 [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
01:32:55.0713 0x1ae0 avgnt - ok
01:32:55.0863 0x1ae0 [ 5F7EE76129F9A591F22F99F95D97AC95, D3446BD4CAB8017B44BAD94EBB88468D080AC65E14444C12B09B6BF3E70B2AED ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
01:32:55.0892 0x1ae0 IJNetworkScannerSelectorEX - ok
01:32:56.0106 0x1ae0 [ 81DE43CF2ECB6AFF58BBBB938BA0814C, 55E1229BCAC23D5F426043976B95907912F33DE8024F531E8F1373DF74227A7D ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
01:32:56.0132 0x1ae0 Cisco AnyConnect Secure Mobility Agent for Windows - ok
01:32:56.0316 0x1ae0 [ 62634246BADBB538F78309510CAAEFDA, 74AEF5CA769BF72AC64D22A5C8CFA84438DD7611011987D10DFD81D447B65F5D ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
01:32:56.0326 0x1ae0 Avira SystrayStartTrigger - ok
01:32:56.0506 0x1ae0 [ 6513807FEE68E6C32E67437EE3FFB6C8, 2AB388BD68E984C38EAAF2D42DE918A64B42DA229627FC0B1A896A8AD60B5F91 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
01:32:56.0528 0x1ae0 SunJavaUpdateSched - ok
01:32:56.0921 0x1ae0 [ 297C1BDCC26ADB339D4C0F0550E434D6, EFF4EC2543421BE537B1EDC8E88CFF7C529F3774F54BD9A71CCDB33EE9ED6370 ] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
01:32:56.0948 0x1ae0 Malwarebytes Anti-Malware (cleanup) - ok
01:32:57.0537 0x1ae0 OneDriveSetup - ok
01:32:57.0539 0x1ae0 OneDriveSetup - ok
01:32:57.0930 0x1ae0 [ E74BF46DE94E62FA01C61EF084F7A7DD, 51CD74F0790C7FBDF0DEA16F1A582F07F4BCF7C9A87EA72B7D0FBC0B8EFD42EF ] C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
01:32:58.0081 0x1ae0 Spotify Web Helper - ok
01:32:59.0708 0x1ae0 [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Jan\AppData\Local\Akamai\netsession_win.exe
01:32:59.0995 0x1ae0 Akamai NetSession Interface - ok
01:33:01.0224 0x1ae0 [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
01:33:01.0431 0x1ae0 DAEMON Tools Lite - ok
01:33:02.0006 0x1ae0 [ 42E974C4428C22980B17547D0AE32A83, 33C55B98C9001F2F999025E43BCE6ACC2A8E95FD5D6B5BB7DF2E31C88828A210 ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE
01:33:03.0017 0x1ae0 EPSON BX305 Series - ok
01:33:03.0409 0x1ae0 [ C6D47B4367DFCE8480F58E9B28D4C782, B4F5D07E091DC4846A942D76394DC506440D2E58D0DEC1720C8018C392086D30 ] C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
01:33:04.0369 0x1ae0 Spotify - ok
01:33:04.0477 0x1ae0 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
01:33:05.0363 0x1ae0 Dropbox Update - ok
01:33:05.0830 0x1ae0 [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
01:33:05.0861 0x1ae0 OneDrive - ok
01:33:06.0081 0x1ae0 Lync - ok
01:33:06.0366 0x1ae0 [ C224456660839CFCAD2CD8DFB293F38B, D99B862217BBF99BF26B78615B3FDC1484607BA0A34E61C445345CD8D49501D4 ] C:\Program Files\CCleaner\CCleaner64.exe
01:33:06.0611 0x1ae0 CCleaner Monitoring - ok
01:33:06.0759 0x1ae0 OneDriveSetup - ok
01:33:06.0878 0x1ae0 WAB Migrate - ok
01:33:07.0129 0x1ae0 [ 1F93DAF10BC91666F52FC5B9632C86EB, 3D2AE1090198AAEE7CDB587ED1D2784B9FF4E4B03F4F65BC2F46E28B136F3F01 ] C:\Users\petit_000.JASUS\AppData\Local\Microsoft\OneDrive\OneDrive.exe
01:33:07.0158 0x1ae0 OneDrive - ok
01:33:07.0784 0x1ae0 Uninstall C:\Users\petit_000.JASUS\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 - ok
01:33:07.0790 0x1ae0 Uninstall C:\Users\petit_000.JASUS\AppData\Local\Microsoft\OneDrive\17.3.5892.0626 - ok
01:33:07.0792 0x1ae0 OneDriveSetup - ok
01:33:07.0792 0x1ae0 WAB Migrate - ok
01:33:07.0794 0x1ae0 Waiting for KSN requests completion. In queue: 18
01:33:08.0794 0x1ae0 Waiting for KSN requests completion. In queue: 18
01:33:09.0795 0x1ae0 Waiting for KSN requests completion. In queue: 18
01:33:10.0594 0x2a4c Object required for P2P: [ 297C1BDCC26ADB339D4C0F0550E434D6 ] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
01:33:10.0796 0x1ae0 Waiting for KSN requests completion. In queue: 10
01:33:11.0796 0x1ae0 Waiting for KSN requests completion. In queue: 10
01:33:12.0797 0x1ae0 Waiting for KSN requests completion. In queue: 10
01:33:13.0797 0x1ae0 Waiting for KSN requests completion. In queue: 10
01:33:14.0155 0x2a4c Object send P2P result: true
01:33:14.0155 0x2a4c Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
01:33:14.0797 0x1ae0 Waiting for KSN requests completion. In queue: 3
01:33:15.0798 0x1ae0 Waiting for KSN requests completion. In queue: 3
01:33:16.0798 0x1ae0 Waiting for KSN requests completion. In queue: 3
01:33:16.0817 0x2a4c Object send P2P result: true
01:33:16.0817 0x2a4c Object required for P2P: [ C224456660839CFCAD2CD8DFB293F38B ] C:\Program Files\CCleaner\CCleaner64.exe
01:33:17.0818 0x1ae0 Waiting for KSN requests completion. In queue: 2
01:33:18.0819 0x1ae0 Waiting for KSN requests completion. In queue: 2
01:33:19.0328 0x2a4c Object send P2P result: true
01:33:19.0953 0x1ae0 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated )
01:33:20.0126 0x1ae0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x62100 ( disabled : updated )
01:33:20.0149 0x1ae0 Win FW state via NFP2: enabled ( trusted )
01:33:23.0611 0x1ae0 ============================================================
01:33:23.0611 0x1ae0 Scan finished
01:33:23.0611 0x1ae0 ============================================================
01:33:23.0619 0x1550 Detected object count: 0
01:33:23.0619 0x1550 Actual detected object count: 0 |