| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: ADWARE Spigot.IWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.08.2015, 10:21
| #1 |
 |  ADWARE Spigot.I ich esel hab mir was eingefangen warscheinlich weil ich meine orginal psx 1 spiele mit nem emulator spielen wollte. ich habe folgende meldung bekommen bei bei ner überprüfung... --> C:\Users\Traumhexe\AppData\Roaming\Browser Extensions\coupons_2.9.xpi [1] Archivtyp: ZIP --> chrome/content/spigot.js [FUND] Enthält Erkennungsmuster der Adware ADWARE/Spigot.I [WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden C:\Users\Traumhexe\AppData\Roaming\Browser Extensions\coupons_2.9.xpi [FUND] Enthält Erkennungsmuster der Adware ADWARE/Spigot.I [WARNUNG] Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004 [WARNUNG] Die Quelldatei konnte nicht gefunden werden. [HINWEIS] Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen. [WARNUNG] Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden! [WARNUNG] Fehler in der ARK Library [WARNUNG] Die Datei wurde ignoriert. --> C:\ProgramData\Avira\Antivirus\TEMP\AVSCAN-20150815-093651-7B9F2D2C\AVSCAN-0000001C.xpi [1] Archivtyp: ZIP --> chrome/content/spigot.js [FUND] Enthält Erkennungsmuster der Adware ADWARE/Spigot.I [WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden C:\Users\Traumhexe\AppData\Roaming\Browser Extensions\startpage_2.1.xpi [FUND] Enthält Erkennungsmuster der Adware ADWARE/Spigot.I [WARNUNG] Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004 [WARNUNG] Die Quelldatei konnte nicht gefunden werden. [HINWEIS] Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen. [WARNUNG] Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden! [WARNUNG] Fehler in der ARK Library [HINWEIS] Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet. [WARNUNG] Die Datei wurde ignoriert. Beginne mit der Suche in 'D:\' <DATA> Beginne mit der Suche in 'Q:\' Der zu durchsuchende Pfad Q:\ konnte nicht geöffnet werden! Systemfehler [5]: Zugriff verweigert Beginne mit der Suche in 'E:\' Der zu durchsuchende Pfad E:\ konnte nicht geöffnet werden! Systemfehler [21]: Das Gerät ist nicht bereit. Ende des Suchlaufs: Samstag, 15. August 2015 10:38 Benötigte Zeit: 1:01:54 Stunde(n) Der Suchlauf wurde vollständig durchgeführt. 30879 Verzeichnisse wurden überprüft 532423 Dateien wurden geprüft 4 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 0 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 0 Dateien konnten nicht durchsucht werden 532419 Dateien ohne Befall 5094 Archive wurden durchsucht 4 Warnungen 2 Hinweise könnt ihr da was mit anfangen und mir evtl. helfen? ich habe die besagten dateien nicht auf meinem laptop sondern auf nem stick abgespeichert wo sie noch drauf sind. mit den daten muß was mitgekommen sein denn sonst hab ich nichts runtergeladen auser von otr-recorder. |
|
15.08.2015, 10:24
| #2 |
| /// TB-Ausbilder   | ADWARE Spigot.I Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
15.08.2015, 10:24
| #3 |
| | ADWARE Spigot.I mein router geht immer wieder mal aus und startet neu.?
__________________ |
|
15.08.2015, 10:26
| #4 | |
| /// TB-Ausbilder | ADWARE Spigot.IZitat:
Ggf. Router resetten und Zugangsdaten wieder eingeben. Bitte dann die geposteten Schritte durchführen.  |
|
15.08.2015, 10:47
| #5 | |
| | ADWARE Spigot.I ich kann grad nicht Farbar's Recovery Scan Tool runter laden, es startet einfach nicht. ich versuch es weiterhin zu machen. Zitat:
|
|
15.08.2015, 10:52
| #6 |
| /// TB-Ausbilder | ADWARE Spigot.I Servus, Router gesetten, wenn es nicht besser wird. |
|
15.08.2015, 11:18
| #7 |
| | ADWARE Spigot.ICode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
durchgeführt von Traumhexe (Administrator) auf WOLFSBRUT (15-08-2015 11:51:19)
Gestartet von D:\neu v save tv
Geladene Profile: Traumhexe (Verfügbare Profile: UpdatusUser & Traumhexe)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Freemake) C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVC.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\Chrome\fdm_nativehost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-31] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\S-1-5-21-2371498755-3460560373-1758893587-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2371498755-3460560373-1758893587-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-2371498755-3460560373-1758893587-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: IeCatch5 Class -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\FlashGet\Jccatch.dll [2006-05-16] (FlashGet)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-10-25] (FreeDownloadManager.ORG)
BHO-x32: gFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\FlashGet\getflash.dll [2006-09-12] ()
Toolbar: HKLM-x32 - FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\fgiebar.dll [2005-06-07] (Amaze Soft)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{076F9436-173D-460F-8D7B-F61A14913FBB}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Extension: Avira Browser Safety - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\abs@avira.com [2014-09-12]
FF Extension: Flashblock - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-10-21]
FF Extension: WOT - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-10-21]
FF Extension: DownloadHelper - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-10-21]
FF Extension: Translate This! - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2012-10-14]
FF Extension: FlashGot - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012-01-10]
FF Extension: ImTranslator - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2011-11-29]
FF Extension: Adblock Plus - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-02]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-09-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2014-08-13]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [nicht gefunden]
Chrome:
=======
CHR Profile: C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2014-09-04]
CHR Extension: (Beautiful landscape) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2014-05-17]
CHR Extension: (Google Docs) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-05]
CHR Extension: (Google Drive) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-05]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-04-18]
CHR Extension: (YouTube) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-05]
CHR Extension: (Adblock Plus) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-18]
CHR Extension: (Adblock for Youtube™) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-04-18]
CHR Extension: (Google Search) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-05]
CHR Extension: (Gmail) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-05]
CHR HKLM-x32\...\Chrome\Extension: [bbecdmcnlcoebdcidcfdkoimbjkcegbc] - C:\Users\Traumhexe\AppData\Roaming\Browser Extensions\amazonsh_1.0.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-08-13]
CHR HKLM-x32\...\Chrome\Extension: [lahnefkgcakmobpefnkhmbbpacfbmjnc] - C:\Users\Traumhexe\AppData\Roaming\Browser Extensions\be_1.0.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-31] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-31] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-30] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-15 11:51 - 2015-08-15 11:51 - 00000000 ____D C:\FRST
2015-08-15 11:27 - 2015-08-15 11:27 - 00000000 ____D C:\Users\Traumhexe\Desktop\trojanerboard
2015-08-07 06:03 - 2015-08-15 11:01 - 00029095 _____ C:\Windows\WindowsUpdate.log
2015-07-22 06:01 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-22 06:01 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 06:01 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-22 06:01 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-22 06:01 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-22 06:01 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-22 06:01 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-22 06:01 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-22 06:01 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 06:01 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-15 11:48 - 2014-04-05 17:16 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-15 11:06 - 2013-10-12 15:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-15 07:45 - 2014-04-05 17:16 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-15 04:17 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-15 04:17 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-15 04:07 - 2011-02-19 06:24 - 00711546 _____ C:\Windows\system32\perfh007.dat
2015-08-15 04:07 - 2011-02-19 06:24 - 00153736 _____ C:\Windows\system32\perfc007.dat
2015-08-15 04:07 - 2009-07-14 07:13 - 01653060 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-15 04:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-12 21:06 - 2013-10-12 15:54 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 21:06 - 2012-10-14 07:30 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 21:06 - 2011-11-01 00:34 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 06:47 - 2011-10-01 17:47 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-08-11 17:19 - 2013-12-16 12:13 - 00000000 ____D C:\Users\Traumhexe\AppData\Local\CrashDumps
2015-08-11 17:14 - 2011-10-02 05:57 - 00000154 _____ C:\Users\Traumhexe\AppData\Roaming\default.rss
2015-08-09 08:17 - 2014-12-18 03:40 - 00212175 _____ C:\Users\Traumhexe\Desktop\MultidecoderLog.log
2015-07-31 20:56 - 2014-09-12 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-31 20:55 - 2014-09-12 16:48 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-31 20:55 - 2014-09-12 16:48 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-31 08:56 - 2014-09-12 16:52 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-25 07:26 - 2015-04-04 20:22 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-19 14:22 - 2012-12-15 03:53 - 00000000 ____D C:\Users\Traumhexe\AppData\Local\SMPlayer2
2015-07-16 07:40 - 2014-04-05 17:16 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 07:40 - 2014-04-05 17:16 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 00:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-10-02 05:57 - 2015-08-11 17:14 - 0000154 _____ () C:\Users\Traumhexe\AppData\Roaming\default.rss
2011-11-05 09:49 - 2011-11-05 09:49 - 0000000 _____ () C:\Users\Traumhexe\AppData\Roaming\downloads.m3u
2013-05-12 12:52 - 2013-05-12 12:59 - 0000305 _____ () C:\Users\Traumhexe\AppData\Roaming\profile1
2013-05-12 12:52 - 2013-05-12 12:52 - 0000295 _____ () C:\Users\Traumhexe\AppData\Roaming\profile2
2013-05-12 12:52 - 2013-05-12 12:52 - 0000295 _____ () C:\Users\Traumhexe\AppData\Roaming\profile3
2013-05-12 12:52 - 2013-05-12 12:52 - 0000063 _____ () C:\Users\Traumhexe\AppData\Roaming\profiles
2013-05-12 12:53 - 2013-05-12 12:59 - 0000137 _____ () C:\Users\Traumhexe\AppData\Roaming\top_ten
2011-04-13 04:48 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-07-12 11:15 - 2011-07-12 11:15 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-07-12 11:14 - 2011-07-12 11:14 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Einige Dateien in TEMP:
====================
C:\Users\Traumhexe\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-12 09:20
==================== Ende von Ergebnis ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
durchgeführt von Traumhexe (2015-08-15 11:52:08)
Gestartet von D:\neu v save tv
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2371498755-3460560373-1758893587-500 - Administrator - Disabled)
Gast (S-1-5-21-2371498755-3460560373-1758893587-501 - Limited - Disabled)
Traumhexe (S-1-5-21-2371498755-3460560373-1758893587-1001 - Administrator - Enabled) => C:\Users\Traumhexe
UpdatusUser (S-1-5-21-2371498755-3460560373-1758893587-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
"Nero SoundTrax Help (x32 Version: 4.2.5.0 - Nero AG) Hidden
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}) (Version: 1.8.17.26026 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.17.26026 - Alcor Micro Corp.) Hidden
ArcSoft MediaImpression 2 (HKLM-x32\...\{210E8562-74DA-4D97-945B-88B2ED9C8028}) (Version: 2.0.15.667 - ArcSoft)
ArcSoft PhotoStudio 2000 (HKLM-x32\...\ArcSoft PhotoStudio 2000) (Version: - )
Ashampoo WinOptimizer 6.60 (HKLM-x32\...\Ashampoo WinOptimizer 6_is1) (Version: 6.6.0 - Ashampoo GmbH & Co. KG)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG_Basic (HKLM-x32\...\AsusScr_K3 Series_ENG_Basic) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.6.125 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 3.11 - Piriform)
Color LaserJet 1600 (HKLM-x32\...\HP-Color LaserJet 1600) (Version: - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Der alte Piratenschatz (HKLM-x32\...\Der alte Piratenschatz_is1) (Version: - MMBuilder)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
ETDWare PS/2-X64 8.0.5.0_WHQL (HKLM\...\Elantech) (Version: 8.0.5.0 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.8 - ASUS)
FlashGet(JetCar) (HKLM-x32\...\FlashGet(JetCar)) (Version: - )
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Free Video to Samsung Phones Converter version 5.0.40.514 (HKLM-x32\...\Free Video to Samsung Phones Converter_is1) (Version: 5.0.40.514 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.35.514 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.35.514 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Media Player Utilities 4.35 (HKLM-x32\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.35 - )
Menu Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{205ee360-7f4d-4dc2-bcef-f7e71203785e}) (Version: - Nero AG)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA Grafiktreiber 311.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.44 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.1 - Frank Heindörfer, Philip Chinery)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.9.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6324 - Realtek Semiconductor Corp.)
SoundTrax (x32 Version: 4.4.39.0 - Nero AG) Hidden
Supermarket Management (HKLM-x32\...\Supermarket Management1.1.6) (Version: 1.1.6 - Adnan_Boy 2008)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
XMedia Recode 3.0.3.4 (HKLM-x32\...\XMedia Recode) (Version: 3.0.3.4 - Sebastian Dörfler)
YTD Video Downloader 4.8 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL) <==== ACHTUNG
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
22-07-2015 06:01:46 Windows Update
29-07-2015 15:28:57 Geplanter Prüfpunkt
06-08-2015 09:20:38 Geplanter Prüfpunkt
13-08-2015 11:23:31 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2013-10-28 01:37 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E0734B5-EC46-46AF-A1F5-3E83C135C7DA} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {10D3C11E-FB02-4F6D-9E22-067C7058A9DC} - System32\Tasks\{1911079F-4B58-436B-84D4-B6BA4226C482} => D:\neu v save tv\SoftonicDownloader_fuer_free-download-manager (1).exe
Task: {17D0CB3E-919B-4606-AFA8-C9D3B1DD301E} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {234A6615-3D23-45FF-82D2-AB334128AA31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-05] (Google Inc.)
Task: {2AE2812B-977B-47AA-B4B5-3CCA3A453FA6} - System32\Tasks\{A69E34EA-083D-4B08-8C7B-96923401BF34} => pcalua.exe -a "C:\Windows\Supermarket Management\uninstall.exe" -c "/U:C:\Users\Traumhexe\Desktop\spielerei\Uninstall\uninstall.xml"
Task: {57377C6D-D27A-47E9-9F90-7CE71A12E5DB} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {5C770FB1-0120-4356-9145-83BEBD7EF224} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {69CBC151-FA0D-44AB-A2B8-31795B00D30A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {893910F9-DEFA-41C5-964F-46EA42360B6B} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {AC575EBE-6735-45CC-9BC0-99586FF7F96E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-05] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-05-02 15:14 - 2013-03-14 08:28 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-03 14:36 - 2012-12-06 14:09 - 00136704 _____ () C:\Windows\System32\zlhp1600.dll
2011-04-20 10:18 - 2011-01-27 02:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-09-24 01:53 - 2010-09-24 01:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-04-02 19:21 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-07-12 11:11 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 14447630 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avcodec-54.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 01078557 _____ () C:\Program Files (x86)\Freemake\COM\1.1\xvidcore.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 00190990 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avutil-52.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 03028494 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avformat-54.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 00333838 _____ () C:\Program Files (x86)\Freemake\COM\1.1\swscale-2.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 00138766 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avresample-1.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 00234717 _____ () C:\Program Files (x86)\Freemake\COM\1.1\libdvdnav.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 00054182 _____ () C:\Program Files (x86)\Freemake\COM\1.1\libdvdcss-2.dll
2014-06-18 11:24 - 2013-10-04 14:15 - 00106496 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll
2015-08-13 08:46 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-13 08:46 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2014-06-18 11:24 - 2014-09-24 00:21 - 03553280 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2371498755-3460560373-1758893587-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Traumhexe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{50D76052-134E-46DB-AF8E-63827F883C0F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}] => (Allow) LPort=2869
FirewallRules: [{B827E1C7-5A7A-484C-9653-2FE388A8B888}] => (Allow) LPort=1900
FirewallRules: [{25BDD843-A815-48A8-A216-66D065687049}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}] => (Allow) LPort=5353
FirewallRules: [{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}] => (Allow) LPort=8182
FirewallRules: [{A28B8A88-8E2D-4CDB-9684-C152B3A264C8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{91A16C0F-0402-4FF4-A031-F5366F810DDB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{724F30DE-6523-418B-ADF3-518F1D9E191F}C:\program files (x86)\free download manager\fdmwi.exe] => (Allow) C:\program files (x86)\free download manager\fdmwi.exe
FirewallRules: [UDP Query User{64583947-1565-4DEE-B310-F239B2C75E1B}C:\program files (x86)\free download manager\fdmwi.exe] => (Allow) C:\program files (x86)\free download manager\fdmwi.exe
FirewallRules: [{BF5F4B7D-7248-4E13-89E2-0C295FB302A9}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.exe
FirewallRules: [{A9A03B50-A14A-46E4-8715-6095BF615B45}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
FirewallRules: [{3ED44BDA-132B-4831-9DB7-450B3C27B4F7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{F225C0D1-CBF9-43F3-BA95-BA02BC685F57}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{B01287A9-2F61-4A0F-90E1-A9472A104152}C:\program files (x86)\free download manager\fdm.exe] => (Block) C:\program files (x86)\free download manager\fdm.exe
FirewallRules: [UDP Query User{2A9A2E85-BED7-4FF9-A7C7-2B7D81765A38}C:\program files (x86)\free download manager\fdm.exe] => (Block) C:\program files (x86)\free download manager\fdm.exe
FirewallRules: [{B559086F-779A-46B4-AACA-071C7CD4BD1C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/15/2015 04:32:30 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (08/15/2015 04:32:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Systemfehler:
=============
Error: (08/15/2015 04:04:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/15/2015 04:04:59 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/14/2015 06:00:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/14/2015 06:00:09 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/14/2015 05:58:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/14/2015 05:58:27 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (08/14/2015 05:57:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 14.08.2015 um 17:54:25 unerwartet heruntergefahren.
Error: (08/14/2015 11:34:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/14/2015 11:34:15 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (08/14/2015 11:34:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Microsoft Office:
=========================
Error: (08/15/2015 04:32:30 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
Error: (08/15/2015 04:32:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
4700
CodeIntegrity:
===================================
Date: 2013-10-28 00:37:13.403
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-28 00:37:13.341
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-08 13:06:45.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-08 12:19:37.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8104.16 MB
Verfügbarer physikalischer RAM: 5378.32 MB
Summe virtueller Speicher: 16206.53 MB
Verfügbarer virtueller Speicher: 13038.98 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:121.58 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (DATA) (Fixed) (Total:254.45 GB) (Free:217.06 GB) NTFS
Drive f: () (Removable) (Total:14.81 GB) (Free:14.8 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 38601C96)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=254.5 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 1BF3DBC1)
Partition 1: (Not Active) - (Size=14.8 GB) - (Type=0C)
==================== Ende von Ergebnis ============================
|
|
15.08.2015, 11:23
| #8 | |
| /// TB-Ausbilder | ADWARE Spigot.IZitat:
|
|
15.08.2015, 11:25
| #9 | |
| /// TB-Ausbilder | ADWARE Spigot.IZitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Nochmal FRST bitte vom Desktop:
|
|
15.08.2015, 11:35
| #10 |
| | ADWARE Spigot.I teil 1 Code:
ATTFilter 11:59:55.0874 0x0cc0 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
12:00:09.0810 0x0cc0 ============================================================
12:00:09.0810 0x0cc0 Current date / time: 2015/08/15 12:00:09.0810
12:00:09.0810 0x0cc0 SystemInfo:
12:00:09.0810 0x0cc0
12:00:09.0810 0x0cc0 OS Version: 6.1.7601 ServicePack: 1.0
12:00:09.0810 0x0cc0 Product type: Workstation
12:00:09.0811 0x0cc0 ComputerName: WOLFSBRUT
12:00:09.0811 0x0cc0 UserName: Traumhexe
12:00:09.0811 0x0cc0 Windows directory: C:\Windows
12:00:09.0811 0x0cc0 System windows directory: C:\Windows
12:00:09.0811 0x0cc0 Running under WOW64
12:00:09.0811 0x0cc0 Processor architecture: Intel x64
12:00:09.0811 0x0cc0 Number of processors: 4
12:00:09.0811 0x0cc0 Page size: 0x1000
12:00:09.0811 0x0cc0 Boot type: Normal boot
12:00:09.0811 0x0cc0 ============================================================
12:00:10.0573 0x0cc0 KLMD registered as C:\Windows\system32\drivers\80314844.sys
12:00:11.0029 0x0cc0 System UUID: {06759605-917D-F230-08BC-AC8815468CE0}
12:00:11.0854 0x0cc0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:00:11.0862 0x0cc0 Drive \Device\Harddisk1\DR1 - Size: 0x3B4C00000 ( 14.82 Gb ), SectorSize: 0x200, Cylinders: 0x78F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:00:11.0866 0x0cc0 ============================================================
12:00:11.0866 0x0cc0 \Device\Harddisk0\DR0:
12:00:11.0867 0x0cc0 MBR partitions:
12:00:11.0867 0x0cc0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x1749C000
12:00:11.0891 0x0cc0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A69D000, BlocksNum 0x1FCE8800
12:00:11.0891 0x0cc0 \Device\Harddisk1\DR1:
12:00:11.0893 0x0cc0 MBR partitions:
12:00:11.0893 0x0cc0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x360, BlocksNum 0x1DA5CA0
12:00:11.0893 0x0cc0 ============================================================
12:00:11.0930 0x0cc0 C: <-> \Device\Harddisk0\DR0\Partition1
12:00:11.0964 0x0cc0 D: <-> \Device\Harddisk0\DR0\Partition2
12:00:11.0964 0x0cc0 ============================================================
12:00:11.0964 0x0cc0 Initialize success
12:00:11.0964 0x0cc0 ============================================================
12:00:18.0616 0x1584 ============================================================
12:00:18.0616 0x1584 Scan started
12:00:18.0616 0x1584 Mode: Manual;
12:00:18.0616 0x1584 ============================================================
12:00:18.0616 0x1584 KSN ping started
12:00:52.0748 0x1584 KSN ping finished: true
12:00:58.0026 0x1584 ================ Scan system memory ========================
12:00:58.0026 0x1584 System memory - ok
12:00:58.0027 0x1584 ================ Scan services =============================
12:00:58.0213 0x1584 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:00:58.0225 0x1584 1394ohci - ok
12:00:58.0352 0x1584 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:00:58.0360 0x1584 ACDaemon - ok
12:00:58.0404 0x1584 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:00:58.0417 0x1584 ACPI - ok
12:00:58.0441 0x1584 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:00:58.0442 0x1584 AcpiPmi - ok
12:00:58.0571 0x1584 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:00:58.0583 0x1584 AdobeFlashPlayerUpdateSvc - ok
12:00:58.0645 0x1584 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:00:58.0662 0x1584 adp94xx - ok
12:00:58.0721 0x1584 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:00:58.0738 0x1584 adpahci - ok
12:00:58.0765 0x1584 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:00:58.0775 0x1584 adpu320 - ok
12:00:58.0806 0x1584 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:00:58.0808 0x1584 AeLookupSvc - ok
12:00:58.0877 0x1584 [ 079CBA3C5C9AB11B2B4E6BD729A860F2, 86D58003D34E93D1C9154940B5DF2BD8AD77A6840FB52BF81978420A5FC68370 ] AFBAgent C:\Windows\system32\FBAgent.exe
12:00:58.0891 0x1584 AFBAgent - ok
12:00:58.0976 0x1584 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys
12:00:58.0979 0x1584 Afc - ok
12:00:59.0055 0x1584 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:00:59.0068 0x1584 AFD - ok
12:00:59.0101 0x1584 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:00:59.0103 0x1584 agp440 - ok
12:00:59.0121 0x1584 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:00:59.0123 0x1584 ALG - ok
12:00:59.0155 0x1584 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:00:59.0156 0x1584 aliide - ok
12:00:59.0173 0x1584 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:00:59.0174 0x1584 amdide - ok
12:00:59.0198 0x1584 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:00:59.0200 0x1584 AmdK8 - ok
12:00:59.0208 0x1584 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:00:59.0211 0x1584 AmdPPM - ok
12:00:59.0242 0x1584 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:00:59.0246 0x1584 amdsata - ok
12:00:59.0264 0x1584 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:00:59.0270 0x1584 amdsbs - ok
12:00:59.0285 0x1584 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:00:59.0287 0x1584 amdxata - ok
12:00:59.0342 0x1584 [ 9C7F164B49CADC658D1B3C575782F346, 7C5FD203735041B6AEB2E551A63CE5F46DB41044BC72E7E77A72F316197C80DA ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
12:00:59.0344 0x1584 AmUStor - ok
12:00:59.0481 0x1584 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
12:00:59.0496 0x1584 AntiVirMailService - ok
12:00:59.0581 0x1584 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:00:59.0601 0x1584 AntiVirSchedulerService - ok
12:00:59.0656 0x1584 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:00:59.0668 0x1584 AntiVirService - ok
12:00:59.0752 0x1584 [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:00:59.0781 0x1584 AntiVirWebService - ok
12:00:59.0821 0x1584 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
12:00:59.0822 0x1584 AppID - ok
12:00:59.0838 0x1584 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:00:59.0840 0x1584 AppIDSvc - ok
12:00:59.0864 0x1584 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
12:00:59.0866 0x1584 Appinfo - ok
12:00:59.0916 0x1584 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:00:59.0918 0x1584 arc - ok
12:00:59.0932 0x1584 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:00:59.0934 0x1584 arcsas - ok
12:01:00.0026 0x1584 [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
12:01:00.0032 0x1584 ASLDRService - ok
12:01:00.0051 0x1584 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
12:01:00.0054 0x1584 ASMMAP64 - ok
12:01:00.0169 0x1584 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:01:00.0174 0x1584 aspnet_state - ok
12:01:00.0205 0x1584 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:01:00.0208 0x1584 AsyncMac - ok
12:01:00.0235 0x1584 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:01:00.0237 0x1584 atapi - ok
12:01:00.0351 0x1584 [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr C:\Windows\system32\DRIVERS\athrx.sys
12:01:00.0377 0x1584 athr - ok
12:01:00.0398 0x1584 [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
12:01:00.0400 0x1584 ATKGFNEXSrv - ok
12:01:00.0458 0x1584 [ 1F7238A37389ED92E9D8EEE975CABD54, AFEE4B89A330C106651BB230920FC623813B075D2B75DFEDCC68A3207B291365 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
12:01:00.0459 0x1584 ATKWMIACPIIO - ok
12:01:00.0561 0x1584 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:01:00.0580 0x1584 AudioEndpointBuilder - ok
12:01:00.0618 0x1584 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:01:00.0631 0x1584 AudioSrv - ok
12:01:00.0669 0x1584 [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:01:00.0672 0x1584 avgntflt - ok
12:01:00.0693 0x1584 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:01:00.0696 0x1584 avipbb - ok
12:01:00.0777 0x1584 [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:01:00.0792 0x1584 Avira.ServiceHost - ok
12:01:00.0827 0x1584 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:01:00.0829 0x1584 avkmgr - ok
12:01:00.0881 0x1584 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
12:01:00.0884 0x1584 avnetflt - ok
12:01:00.0955 0x1584 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:01:00.0961 0x1584 AxInstSV - ok
12:01:01.0000 0x1584 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:01:01.0010 0x1584 b06bdrv - ok
12:01:01.0048 0x1584 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:01:01.0054 0x1584 b57nd60a - ok
12:01:01.0079 0x1584 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:01:01.0082 0x1584 BDESVC - ok
12:01:01.0109 0x1584 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:01:01.0110 0x1584 Beep - ok
12:01:01.0190 0x1584 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:01:01.0203 0x1584 BFE - ok
12:01:01.0288 0x1584 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
12:01:01.0311 0x1584 BITS - ok
12:01:01.0339 0x1584 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:01:01.0340 0x1584 blbdrive - ok
12:01:01.0383 0x1584 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:01:01.0385 0x1584 bowser - ok
12:01:01.0398 0x1584 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:01:01.0399 0x1584 BrFiltLo - ok
12:01:01.0411 0x1584 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:01:01.0412 0x1584 BrFiltUp - ok
12:01:01.0463 0x1584 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:01:01.0468 0x1584 BridgeMP - ok
12:01:01.0511 0x1584 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:01:01.0519 0x1584 Browser - ok
12:01:01.0557 0x1584 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:01:01.0563 0x1584 Brserid - ok
12:01:01.0580 0x1584 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:01:01.0582 0x1584 BrSerWdm - ok
12:01:01.0593 0x1584 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:01:01.0593 0x1584 BrUsbMdm - ok
12:01:01.0610 0x1584 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:01:01.0611 0x1584 BrUsbSer - ok
12:01:01.0642 0x1584 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:01:01.0647 0x1584 BthEnum - ok
12:01:01.0676 0x1584 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:01:01.0679 0x1584 BTHMODEM - ok
12:01:01.0708 0x1584 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:01:01.0713 0x1584 BthPan - ok
12:01:01.0760 0x1584 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:01:01.0777 0x1584 BTHPORT - ok
12:01:01.0814 0x1584 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:01:01.0819 0x1584 bthserv - ok
12:01:01.0848 0x1584 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:01:01.0853 0x1584 BTHUSB - ok
12:01:01.0877 0x1584 catchme - ok
12:01:01.0907 0x1584 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:01:01.0911 0x1584 cdfs - ok
12:01:01.0943 0x1584 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:01:01.0947 0x1584 cdrom - ok
12:01:01.0986 0x1584 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:01:01.0988 0x1584 CertPropSvc - ok
12:01:02.0018 0x1584 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:01:02.0020 0x1584 circlass - ok
12:01:02.0060 0x1584 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
12:01:02.0068 0x1584 CLFS - ok
12:01:02.0131 0x1584 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:01:02.0132 0x1584 clr_optimization_v2.0.50727_32 - ok
12:01:02.0165 0x1584 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:01:02.0168 0x1584 clr_optimization_v2.0.50727_64 - ok
12:01:02.0247 0x1584 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:01:02.0255 0x1584 clr_optimization_v4.0.30319_32 - ok
12:01:02.0274 0x1584 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:01:02.0279 0x1584 clr_optimization_v4.0.30319_64 - ok
12:01:02.0313 0x1584 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:01:02.0315 0x1584 CmBatt - ok
12:01:02.0328 0x1584 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:01:02.0329 0x1584 cmdide - ok
12:01:02.0382 0x1584 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
12:01:02.0404 0x1584 CNG - ok
12:01:02.0427 0x1584 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:01:02.0428 0x1584 Compbatt - ok
12:01:02.0451 0x1584 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:01:02.0453 0x1584 CompositeBus - ok
12:01:02.0469 0x1584 COMSysApp - ok
12:01:02.0538 0x1584 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:01:02.0544 0x1584 cphs - ok
12:01:02.0558 0x1584 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:01:02.0559 0x1584 crcdisk - ok
12:01:02.0609 0x1584 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:01:02.0613 0x1584 CryptSvc - ok
12:01:02.0749 0x1584 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:01:02.0767 0x1584 cvhsvc - ok
12:01:02.0839 0x1584 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:01:02.0859 0x1584 DcomLaunch - ok
12:01:02.0887 0x1584 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:01:02.0893 0x1584 defragsvc - ok
12:01:02.0935 0x1584 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:01:02.0943 0x1584 DfsC - ok
12:01:03.0070 0x1584 [ D51B32BA3897F630D99713B74B40D6A2, 5EB136A8248E6FA1316CFA273D9DC8F9C8E8CCB9AC00AE23C1337FBF5F6FDBEC ] DfSdkS C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
12:01:03.0091 0x1584 DfSdkS - ok
12:01:03.0139 0x1584 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:01:03.0146 0x1584 Dhcp - ok
12:01:03.0260 0x1584 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
12:01:03.0281 0x1584 DiagTrack - ok
12:01:03.0303 0x1584 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:01:03.0304 0x1584 discache - ok
12:01:03.0345 0x1584 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:01:03.0347 0x1584 Disk - ok
12:01:03.0391 0x1584 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:01:03.0394 0x1584 Dnscache - ok
12:01:03.0424 0x1584 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:01:03.0429 0x1584 dot3svc - ok
12:01:03.0450 0x1584 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:01:03.0454 0x1584 DPS - ok
12:01:03.0474 0x1584 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:01:03.0475 0x1584 drmkaud - ok
12:01:03.0526 0x1584 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:01:03.0558 0x1584 DXGKrnl - ok
12:01:03.0580 0x1584 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:01:03.0583 0x1584 EapHost - ok
12:01:03.0736 0x1584 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:01:03.0793 0x1584 ebdrv - ok
12:01:03.0822 0x1584 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
12:01:03.0824 0x1584 EFS - ok
12:01:03.0915 0x1584 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:01:03.0931 0x1584 ehRecvr - ok
12:01:03.0977 0x1584 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:01:03.0980 0x1584 ehSched - ok
12:01:04.0071 0x1584 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:01:04.0089 0x1584 elxstor - ok
12:01:04.0104 0x1584 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:01:04.0105 0x1584 ErrDev - ok
12:01:04.0151 0x1584 [ 5B042AA9CEBDAB5B61E747DDCEBFF51B, FBB174A6FE372F55758D6CD118F3746146866383527F5784C3AE513145F4C193 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
12:01:04.0154 0x1584 ETD - ok
12:01:04.0213 0x1584 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:01:04.0234 0x1584 EventSystem - ok
12:01:04.0261 0x1584 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:01:04.0265 0x1584 exfat - ok
12:01:04.0298 0x1584 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:01:04.0305 0x1584 fastfat - ok
12:01:04.0354 0x1584 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:01:04.0371 0x1584 Fax - ok
12:01:04.0387 0x1584 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:01:04.0388 0x1584 fdc - ok
12:01:04.0413 0x1584 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:01:04.0414 0x1584 fdPHost - ok
12:01:04.0431 0x1584 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:01:04.0432 0x1584 FDResPub - ok
12:01:04.0457 0x1584 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:01:04.0460 0x1584 FileInfo - ok
12:01:04.0467 0x1584 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:01:04.0469 0x1584 Filetrace - ok
12:01:04.0475 0x1584 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:01:04.0476 0x1584 flpydisk - ok
12:01:04.0503 0x1584 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:01:04.0508 0x1584 FltMgr - ok
12:01:04.0576 0x1584 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
12:01:04.0597 0x1584 FontCache - ok
12:01:04.0649 0x1584 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:01:04.0653 0x1584 FontCache3.0.0.0 - ok
12:01:04.0678 0x1584 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:01:04.0682 0x1584 FsDepends - ok
12:01:04.0720 0x1584 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:01:04.0724 0x1584 fssfltr - ok
12:01:04.0864 0x1584 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:01:04.0895 0x1584 fsssvc - ok
12:01:04.0918 0x1584 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:01:04.0919 0x1584 Fs_Rec - ok
12:01:04.0952 0x1584 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:01:04.0957 0x1584 fvevol - ok
12:01:04.0990 0x1584 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:01:04.0991 0x1584 gagp30kx - ok
12:01:05.0056 0x1584 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:01:05.0073 0x1584 gpsvc - ok
12:01:05.0161 0x1584 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:01:05.0168 0x1584 gupdate - ok
12:01:05.0205 0x1584 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:01:05.0213 0x1584 gupdatem - ok
12:01:05.0235 0x1584 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:01:05.0237 0x1584 hcw85cir - ok
12:01:05.0290 0x1584 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:01:05.0298 0x1584 HdAudAddService - ok
12:01:05.0325 0x1584 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:01:05.0328 0x1584 HDAudBus - ok
12:01:05.0337 0x1584 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:01:05.0338 0x1584 HidBatt - ok
12:01:05.0350 0x1584 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:01:05.0352 0x1584 HidBth - ok
12:01:05.0384 0x1584 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:01:05.0388 0x1584 HidIr - ok
12:01:05.0418 0x1584 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
12:01:05.0423 0x1584 hidserv - ok
12:01:05.0469 0x1584 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:01:05.0471 0x1584 HidUsb - ok
12:01:05.0509 0x1584 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:01:05.0515 0x1584 hkmsvc - ok
12:01:05.0535 0x1584 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:01:05.0541 0x1584 HomeGroupListener - ok
12:01:05.0565 0x1584 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:01:05.0570 0x1584 HomeGroupProvider - ok
12:01:05.0604 0x1584 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:01:05.0606 0x1584 HpSAMD - ok
12:01:05.0660 0x1584 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:01:05.0673 0x1584 HTTP - ok
12:01:05.0699 0x1584 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:01:05.0700 0x1584 hwpolicy - ok
12:01:05.0725 0x1584 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:01:05.0727 0x1584 i8042prt - ok
12:01:05.0774 0x1584 [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:01:05.0782 0x1584 iaStor - ok
12:01:05.0824 0x1584 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:01:05.0832 0x1584 iaStorV - ok
12:01:05.0909 0x1584 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:01:05.0931 0x1584 idsvc - ok
12:01:05.0963 0x1584 IEEtwCollectorService - ok
12:01:06.0189 0x1584 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:01:06.0282 0x1584 igfx - ok
12:01:06.0317 0x1584 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:01:06.0318 0x1584 iirsp - ok
12:01:06.0383 0x1584 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:01:06.0402 0x1584 IKEEXT - ok
12:01:06.0547 0x1584 [ C15A21B1E2291952424F361093734F95, 48B2205A07FC4F8264E64B654824EF44AEECD9A9914B66DD8A74FA41CFE73317 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:01:06.0594 0x1584 IntcAzAudAddService - ok
12:01:06.0654 0x1584 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:01:06.0670 0x1584 IntcDAud - ok
12:01:06.0702 0x1584 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:01:06.0702 0x1584 intelide - ok
12:01:06.0722 0x1584 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:01:06.0724 0x1584 intelppm - ok
12:01:06.0744 0x1584 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:01:06.0747 0x1584 IPBusEnum - ok
12:01:06.0771 0x1584 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:01:06.0772 0x1584 IpFilterDriver - ok
12:01:06.0852 0x1584 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:01:06.0872 0x1584 iphlpsvc - ok
12:01:06.0888 0x1584 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:01:06.0889 0x1584 IPMIDRV - ok
12:01:06.0904 0x1584 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:01:06.0907 0x1584 IPNAT - ok
12:01:06.0943 0x1584 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:01:06.0944 0x1584 IRENUM - ok
12:01:06.0956 0x1584 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:01:06.0957 0x1584 isapnp - ok
12:01:06.0993 0x1584 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:01:06.0998 0x1584 iScsiPrt - ok
12:01:07.0026 0x1584 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:01:07.0028 0x1584 kbdclass - ok
12:01:07.0063 0x1584 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:01:07.0064 0x1584 kbdhid - ok
12:01:07.0111 0x1584 [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
12:01:07.0113 0x1584 kbfiltr - ok
12:01:07.0136 0x1584 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
12:01:07.0138 0x1584 KeyIso - ok
12:01:07.0161 0x1584 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:01:07.0164 0x1584 KSecDD - ok
12:01:07.0185 0x1584 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:01:07.0189 0x1584 KSecPkg - ok
12:01:07.0220 0x1584 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:01:07.0221 0x1584 ksthunk - ok
12:01:07.0251 0x1584 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:01:07.0258 0x1584 KtmRm - ok
12:01:07.0309 0x1584 [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
12:01:07.0311 0x1584 L1C - ok
12:01:07.0350 0x1584 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:01:07.0355 0x1584 LanmanServer - ok
12:01:07.0368 0x1584 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:01:07.0372 0x1584 LanmanWorkstation - ok
12:01:07.0413 0x1584 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:01:07.0414 0x1584 lltdio - ok
12:01:07.0454 0x1584 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:01:07.0471 0x1584 lltdsvc - ok
12:01:07.0494 0x1584 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:01:07.0496 0x1584 lmhosts - ok
12:01:07.0567 0x1584 [ 0803906D607A9B83184447B75B60ECC2, A7A599C4CEDD4AC4196A558442E80B4F852AF6C6104A53C8819A79AA5D388DE8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:01:07.0574 0x1584 LMS - ok
12:01:07.0622 0x1584 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:01:07.0631 0x1584 LSI_FC - ok
12:01:07.0651 0x1584 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:01:07.0655 0x1584 LSI_SAS - ok
12:01:07.0668 0x1584 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:01:07.0671 0x1584 LSI_SAS2 - ok
12:01:07.0693 0x1584 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:01:07.0697 0x1584 LSI_SCSI - ok
12:01:07.0734 0x1584 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:01:07.0738 0x1584 luafv - ok
12:01:07.0797 0x1584 [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
12:01:07.0801 0x1584 MBAMSwissArmy - ok
12:01:07.0822 0x1584 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:01:07.0826 0x1584 Mcx2Svc - ok
12:01:07.0841 0x1584 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:01:07.0843 0x1584 megasas - ok
12:01:07.0886 0x1584 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:01:07.0895 0x1584 MegaSR - ok
12:01:07.0924 0x1584 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:01:07.0926 0x1584 MEIx64 - ok
12:01:07.0950 0x1584 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:01:07.0953 0x1584 MMCSS - ok
12:01:07.0966 0x1584 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:01:07.0967 0x1584 Modem - ok
12:01:08.0001 0x1584 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:01:08.0002 0x1584 monitor - ok
12:01:08.0031 0x1584 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:01:08.0032 0x1584 mouclass - ok
12:01:08.0059 0x1584 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:01:08.0061 0x1584 mouhid - ok
12:01:08.0081 0x1584 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:01:08.0083 0x1584 mountmgr - ok
12:01:08.0099 0x1584 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:01:08.0102 0x1584 mpio - ok
12:01:08.0118 0x1584 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:01:08.0120 0x1584 mpsdrv - ok
12:01:08.0174 0x1584 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:01:08.0188 0x1584 MpsSvc - ok
12:01:08.0221 0x1584 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:01:08.0224 0x1584 MRxDAV - ok
12:01:08.0262 0x1584 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:01:08.0265 0x1584 mrxsmb - ok
12:01:08.0287 0x1584 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:01:08.0293 0x1584 mrxsmb10 - ok
12:01:08.0311 0x1584 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:01:08.0314 0x1584 mrxsmb20 - ok
12:01:08.0343 0x1584 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:01:08.0344 0x1584 msahci - ok
12:01:08.0373 0x1584 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:01:08.0376 0x1584 msdsm - ok
12:01:08.0389 0x1584 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:01:08.0392 0x1584 MSDTC - ok
12:01:08.0419 0x1584 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:01:08.0420 0x1584 Msfs - ok
12:01:08.0436 0x1584 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:01:08.0436 0x1584 mshidkmdf - ok
12:01:08.0449 0x1584 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:01:08.0450 0x1584 msisadrv - ok
12:01:08.0483 0x1584 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:01:08.0493 0x1584 MSiSCSI - ok
12:01:08.0500 0x1584 msiserver - ok
12:01:08.0513 0x1584 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:01:08.0514 0x1584 MSKSSRV - ok
12:01:08.0520 0x1584 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:01:08.0521 0x1584 MSPCLOCK - ok
12:01:08.0531 0x1584 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:01:08.0532 0x1584 MSPQM - ok
12:01:08.0554 0x1584 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:01:08.0565 0x1584 MsRPC - ok
12:01:08.0580 0x1584 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:01:08.0581 0x1584 mssmbios - ok
12:01:08.0584 0x1584 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:01:08.0585 0x1584 MSTEE - ok
12:01:08.0598 0x1584 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:01:08.0599 0x1584 MTConfig - ok
12:01:08.0630 0x1584 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:01:08.0634 0x1584 Mup - ok
12:01:08.0688 0x1584 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:01:08.0716 0x1584 napagent - ok
12:01:08.0755 0x1584 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:01:08.0762 0x1584 NativeWifiP - ok
12:01:08.0819 0x1584 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:01:08.0839 0x1584 NDIS - ok
12:01:08.0867 0x1584 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:01:08.0868 0x1584 NdisCap - ok
12:01:08.0887 0x1584 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:01:08.0888 0x1584 NdisTapi - ok
12:01:08.0905 0x1584 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:01:08.0907 0x1584 Ndisuio - ok
12:01:08.0921 0x1584 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:01:08.0925 0x1584 NdisWan - ok
12:01:08.0950 0x1584 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:01:08.0952 0x1584 NDProxy - ok
12:01:09.0080 0x1584 [ 0FF3C6AA3E0FE0EB316DF5449B569463, 7EDB0349F5E4714368EB27667385FF7B935D6C050E7E45C25E792D9825082C52 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
12:01:09.0109 0x1584 Nero BackItUp Scheduler 4.0 - ok
12:01:09.0127 0x1584 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:01:09.0129 0x1584 NetBIOS - ok
12:01:09.0152 0x1584 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:01:09.0157 0x1584 NetBT - ok
12:01:09.0172 0x1584 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
12:01:09.0173 0x1584 Netlogon - ok
12:01:09.0215 0x1584 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:01:09.0222 0x1584 Netman - ok
12:01:09.0304 0x1584 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:01:09.0313 0x1584 NetMsmqActivator - ok
12:01:09.0344 0x1584 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:01:09.0350 0x1584 NetPipeActivator - ok
12:01:09.0394 0x1584 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:01:09.0409 0x1584 netprofm - ok
12:01:09.0550 0x1584 [ 8CE69B2C4934A1C0321F4C8E9C6C4A41, 880A57194D52E4C90BCFAF149C74E3119B5FA5A91C6A3F50A1BBB3C8C35C6921 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
12:01:09.0591 0x1584 netr28x - ok
12:01:09.0628 0x1584 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:01:09.0631 0x1584 NetTcpActivator - ok
12:01:09.0638 0x1584 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:01:09.0641 0x1584 NetTcpPortSharing - ok
12:01:09.0683 0x1584 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:01:09.0688 0x1584 nfrd960 - ok
12:01:09.0728 0x1584 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:01:09.0742 0x1584 NlaSvc - ok
12:01:09.0760 0x1584 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:01:09.0763 0x1584 Npfs - ok
12:01:09.0791 0x1584 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:01:09.0794 0x1584 nsi - ok
12:01:09.0806 0x1584 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:01:09.0808 0x1584 nsiproxy - ok
12:01:09.0902 0x1584 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:01:09.0973 0x1584 Ntfs - ok
12:01:09.0994 0x1584 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:01:09.0994 0x1584 Null - ok
12:01:10.0427 0x1584 [ 48D26FF990099C1AD51F81BAEDDB3B98, 15C75B85EC7C1E4B1C2CEF74E400B2BA75FF7952EBBD2A6AD0CD9D0A5D1C5263 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:01:10.0615 0x1584 nvlddmkm - ok
12:01:10.0752 0x1584 [ 3393E8972E95F6C985150A1DC1D4B026, 03603BA886B83C7552D39ADEE5BCB6656FEB8ADA6EB344F28424DC0A1BEAE2AB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
12:01:10.0756 0x1584 nvpciflt - ok
12:01:10.0787 0x1584 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:01:10.0798 0x1584 nvraid - ok
12:01:10.0824 0x1584 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:01:10.0831 0x1584 nvstor - ok
12:01:10.0928 0x1584 [ 708547B06809A454B953803CBC449BC0, DA296BD93460114D90CCA491BBA1002D88AEA6508AAA91493F7B443A0D452EAF ] NVSvc C:\Windows\system32\nvvsvc.exe
12:01:10.0947 0x1584 NVSvc - ok
12:01:11.0055 0x1584 [ CEA3A0FBE6B86EF7A85B62EB41ED5DCB, 31415162853CEAE68B98D09D350225C16D94F325650DB38F90D18D034B759014 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:01:11.0077 0x1584 nvUpdatusService - ok
12:01:11.0106 0x1584 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:01:11.0108 0x1584 nv_agp - ok
12:01:11.0119 0x1584 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:01:11.0121 0x1584 ohci1394 - ok
12:01:11.0173 0x1584 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:01:11.0176 0x1584 ose - ok
12:01:11.0412 0x1584 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:01:11.0497 0x1584 osppsvc - ok
12:01:11.0531 0x1584 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:01:11.0538 0x1584 p2pimsvc - ok
12:01:11.0578 0x1584 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:01:11.0586 0x1584 p2psvc - ok
12:01:11.0638 0x1584 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:01:11.0645 0x1584 Parport - ok
12:01:11.0679 0x1584 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:01:11.0682 0x1584 partmgr - ok
12:01:11.0718 0x1584 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:01:11.0726 0x1584 PcaSvc - ok
12:01:11.0751 0x1584 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:01:11.0754 0x1584 pci - ok
12:01:11.0786 0x1584 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:01:11.0787 0x1584 pciide - ok
12:01:11.0813 0x1584 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:01:11.0817 0x1584 pcmcia - ok
12:01:11.0829 0x1584 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:01:11.0831 0x1584 pcw - ok
12:01:11.0878 0x1584 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:01:11.0892 0x1584 PEAUTH - ok
12:01:11.0978 0x1584 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:01:11.0980 0x1584 PerfHost - ok
12:01:12.0059 0x1584 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:01:12.0087 0x1584 pla - ok
12:01:12.0122 0x1584 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:01:12.0130 0x1584 PlugPlay - ok
12:01:12.0148 0x1584 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:01:12.0150 0x1584 PNRPAutoReg - ok
12:01:12.0170 0x1584 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:01:12.0177 0x1584 PNRPsvc - ok
12:01:12.0216 0x1584 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:01:12.0225 0x1584 PolicyAgent - ok
12:01:12.0270 0x1584 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:01:12.0274 0x1584 Power - ok
12:01:12.0310 0x1584 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:01:12.0313 0x1584 PptpMiniport - ok
12:01:12.0325 0x1584 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:01:12.0327 0x1584 Processor - ok
12:01:12.0352 0x1584 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:01:12.0357 0x1584 ProfSvc - ok
12:01:12.0374 0x1584 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
12:01:12.0376 0x1584 ProtectedStorage - ok
12:01:12.0387 0x1584 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:01:12.0390 0x1584 Psched - ok
12:01:12.0522 0x1584 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:01:12.0550 0x1584 ql2300 - ok
12:01:12.0567 0x1584 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:01:12.0569 0x1584 ql40xx - ok
12:01:12.0590 0x1584 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:01:12.0595 0x1584 QWAVE - ok
12:01:12.0613 0x1584 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:01:12.0615 0x1584 QWAVEdrv - ok
12:01:12.0626 0x1584 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:01:12.0626 0x1584 RasAcd - ok
12:01:12.0652 0x1584 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:01:12.0654 0x1584 RasAgileVpn - ok
12:01:12.0682 0x1584 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:01:12.0686 0x1584 RasAuto - ok
12:01:12.0708 0x1584 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:01:12.0710 0x1584 Rasl2tp - ok
12:01:12.0736 0x1584 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:01:12.0743 0x1584 RasMan - ok
12:01:12.0762 0x1584 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:01:12.0764 0x1584 RasPppoe - ok
12:01:12.0779 0x1584 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:01:12.0781 0x1584 RasSstp - ok
12:01:12.0803 0x1584 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:01:12.0809 0x1584 rdbss - ok
12:01:12.0837 0x1584 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:01:12.0838 0x1584 rdpbus - ok
12:01:12.0868 0x1584 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:01:12.0870 0x1584 RDPCDD - ok
12:01:12.0886 0x1584 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:01:12.0888 0x1584 RDPENCDD - ok
12:01:12.0908 0x1584 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:01:12.0909 0x1584 RDPREFMP - ok
12:01:12.0990 0x1584 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:01:12.0992 0x1584 RdpVideoMiniport - ok
12:01:13.0022 0x1584 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:01:13.0031 0x1584 RDPWD - ok
12:01:13.0057 0x1584 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:01:13.0065 0x1584 rdyboost - ok
12:01:13.0090 0x1584 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:01:13.0095 0x1584 RemoteAccess - ok
12:01:13.0125 0x1584 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:01:13.0133 0x1584 RemoteRegistry - ok
12:01:13.0170 0x1584 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:01:13.0176 0x1584 RFCOMM - ok
12:01:13.0194 0x1584 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:01:13.0197 0x1584 RpcEptMapper - ok
12:01:13.0226 0x1584 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:01:13.0228 0x1584 RpcLocator - ok
12:01:13.0270 0x1584 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:01:13.0284 0x1584 RpcSs - ok
12:01:13.0309 0x1584 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:01:13.0311 0x1584 rspndr - ok
12:01:13.0321 0x1584 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
12:01:13.0322 0x1584 SamSs - ok
12:01:13.0340 0x1584 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:01:13.0343 0x1584 sbp2port - ok
12:01:13.0365 0x1584 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:01:13.0369 0x1584 SCardSvr - ok
12:01:13.0386 0x1584 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:01:13.0387 0x1584 scfilter - ok
12:01:13.0437 0x1584 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:01:13.0460 0x1584 Schedule - ok
12:01:13.0487 0x1584 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:01:13.0489 0x1584 SCPolicySvc - ok
12:01:13.0511 0x1584 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:01:13.0516 0x1584 SDRSVC - ok
12:01:13.0553 0x1584 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:01:13.0554 0x1584 secdrv - ok
12:01:13.0571 0x1584 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:01:13.0573 0x1584 seclogon - ok
12:01:13.0603 0x1584 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
12:01:13.0605 0x1584 SENS - ok
12:01:13.0614 0x1584 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:01:13.0618 0x1584 SensrSvc - ok
12:01:13.0635 0x1584 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:01:13.0636 0x1584 Serenum - ok
12:01:13.0663 0x1584 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
12:01:13.0665 0x1584 Serial - ok
12:01:13.0689 0x1584 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:01:13.0690 0x1584 sermouse - ok
12:01:13.0716 0x1584 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:01:13.0719 0x1584 SessionEnv - ok
12:01:13.0731 0x1584 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:01:13.0732 0x1584 sffdisk - ok
12:01:13.0750 0x1584 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:01:13.0751 0x1584 sffp_mmc - ok
12:01:13.0762 0x1584 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:01:13.0763 0x1584 sffp_sd - ok
12:01:13.0780 0x1584 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:01:13.0781 0x1584 sfloppy - ok
12:01:13.0839 0x1584 [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:01:13.0853 0x1584 Sftfs - ok
12:01:13.0928 0x1584 [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:01:13.0938 0x1584 sftlist - ok
12:01:13.0961 0x1584 [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:01:13.0967 0x1584 Sftplay - ok
12:01:13.0986 0x1584 [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:01:13.0987 0x1584 Sftredir - ok
12:01:14.0002 0x1584 [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:01:14.0003 0x1584 Sftvol - ok
12:01:14.0023 0x1584 [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:01:14.0027 0x1584 sftvsa - ok
12:01:14.0060 0x1584 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:01:14.0067 0x1584 SharedAccess - ok
12:01:14.0094 0x1584 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:01:14.0102 0x1584 ShellHWDetection - ok
12:01:14.0121 0x1584 [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
12:01:14.0123 0x1584 SiSGbeLH - ok
12:01:14.0158 0x1584 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:01:14.0160 0x1584 SiSRaid2 - ok
12:01:14.0177 0x1584 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:01:14.0179 0x1584 SiSRaid4 - ok
12:01:14.0189 0x1584 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:01:14.0191 0x1584 Smb - ok
12:01:14.0226 0x1584 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:01:14.0228 0x1584 SNMPTRAP - ok
12:01:14.0231 0x1584 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:01:14.0233 0x1584 spldr - ok
12:01:14.0269 0x1584 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:01:14.0279 0x1584 Spooler - ok
12:01:14.0421 0x1584 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:01:14.0482 0x1584 sppsvc - ok
12:01:14.0499 0x1584 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:01:14.0501 0x1584 sppuinotify - ok
12:01:14.0556 0x1584 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:01:14.0576 0x1584 srv - ok
12:01:14.0604 0x1584 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:01:14.0611 0x1584 srv2 - ok
12:01:14.0628 0x1584 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:01:14.0632 0x1584 srvnet - ok
12:01:14.0669 0x1584 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:01:14.0674 0x1584 SSDPSRV - ok
12:01:14.0691 0x1584 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:01:14.0694 0x1584 SstpSvc - ok
12:01:14.0713 0x1584 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:01:14.0714 0x1584 stexstor - ok
12:01:14.0777 0x1584 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:01:14.0791 0x1584 stisvc - ok
12:01:14.0800 0x1584 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:01:14.0801 0x1584 swenum - ok
12:01:14.0830 0x1584 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:01:14.0842 0x1584 swprv - ok
12:01:14.0912 0x1584 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:01:14.0949 0x1584 SysMain - ok
12:01:14.0970 0x1584 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:01:14.0973 0x1584 TabletInputService - ok
12:01:14.0992 0x1584 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:01:14.0999 0x1584 TapiSrv - ok
12:01:15.0014 0x1584 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:01:15.0017 0x1584 TBS - ok
12:01:15.0108 0x1584 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:01:15.0144 0x1584 Tcpip - ok
12:01:15.0228 0x1584 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:01:15.0263 0x1584 TCPIP6 - ok
12:01:15.0307 0x1584 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:01:15.0309 0x1584 tcpipreg - ok
12:01:15.0350 0x1584 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:01:15.0351 0x1584 TDPIPE - ok
12:01:15.0375 0x1584 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:01:15.0376 0x1584 TDTCP - ok
12:01:15.0394 0x1584 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:01:15.0397 0x1584 tdx - ok
12:01:15.0419 0x1584 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:01:15.0420 0x1584 TermDD - ok
12:01:15.0464 0x1584 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:01:15.0478 0x1584 TermService - ok
12:01:15.0513 0x1584 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:01:15.0515 0x1584 Themes - ok
12:01:15.0544 0x1584 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:01:15.0546 0x1584 THREADORDER - ok
12:01:15.0561 0x1584 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:01:15.0565 0x1584 TrkWks - ok
12:01:15.0622 0x1584 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:01:15.0626 0x1584 TrustedInstal
|
|
15.08.2015, 11:37
| #11 |
| | ADWARE Spigot.I teil 2 Code:
ATTFilter ler - ok
12:01:15.0649 0x1584 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:01:15.0651 0x1584 tssecsrv - ok
12:01:15.0686 0x1584 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:01:15.0688 0x1584 TsUsbFlt - ok
12:01:15.0715 0x1584 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:01:15.0716 0x1584 TsUsbGD - ok
12:01:15.0749 0x1584 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:01:15.0751 0x1584 tunnel - ok
12:01:15.0783 0x1584 [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
12:01:15.0783 0x1584 TurboB - ok
12:01:15.0815 0x1584 [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:01:15.0818 0x1584 TurboBoost - ok
12:01:15.0835 0x1584 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:01:15.0836 0x1584 uagp35 - ok
12:01:15.0856 0x1584 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:01:15.0862 0x1584 udfs - ok
12:01:15.0886 0x1584 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:01:15.0888 0x1584 UI0Detect - ok
12:01:15.0908 0x1584 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:01:15.0910 0x1584 uliagpkx - ok
12:01:15.0923 0x1584 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:01:15.0925 0x1584 umbus - ok
12:01:15.0940 0x1584 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:01:15.0941 0x1584 UmPass - ok
12:01:16.0085 0x1584 [ EB79C6C91A99930015EF29AE7FA802D1, 96D00BA330854C7763BF385D84D47C3D1B87C4085A91D73B558C86829930DC4B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:01:16.0143 0x1584 UNS - ok
12:01:16.0176 0x1584 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:01:16.0184 0x1584 upnphost - ok
12:01:16.0219 0x1584 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:01:16.0222 0x1584 usbccgp - ok
12:01:16.0249 0x1584 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:01:16.0251 0x1584 usbcir - ok
12:01:16.0282 0x1584 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:01:16.0283 0x1584 usbehci - ok
12:01:16.0328 0x1584 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:01:16.0334 0x1584 usbhub - ok
12:01:16.0355 0x1584 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:01:16.0356 0x1584 usbohci - ok
12:01:16.0397 0x1584 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:01:16.0400 0x1584 usbprint - ok
12:01:16.0443 0x1584 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
12:01:16.0445 0x1584 usbscan - ok
12:01:16.0471 0x1584 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:01:16.0474 0x1584 USBSTOR - ok
12:01:16.0488 0x1584 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:01:16.0490 0x1584 usbuhci - ok
12:01:16.0526 0x1584 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:01:16.0532 0x1584 usbvideo - ok
12:01:16.0561 0x1584 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:01:16.0564 0x1584 UxSms - ok
12:01:16.0578 0x1584 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
12:01:16.0581 0x1584 VaultSvc - ok
12:01:16.0599 0x1584 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:01:16.0601 0x1584 vdrvroot - ok
12:01:16.0640 0x1584 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:01:16.0656 0x1584 vds - ok
12:01:16.0682 0x1584 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:01:16.0683 0x1584 vga - ok
12:01:16.0693 0x1584 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:01:16.0694 0x1584 VgaSave - ok
12:01:16.0716 0x1584 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:01:16.0720 0x1584 vhdmp - ok
12:01:16.0743 0x1584 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:01:16.0744 0x1584 viaide - ok
12:01:16.0755 0x1584 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:01:16.0758 0x1584 volmgr - ok
12:01:16.0782 0x1584 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:01:16.0789 0x1584 volmgrx - ok
12:01:16.0806 0x1584 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:01:16.0813 0x1584 volsnap - ok
12:01:16.0837 0x1584 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:01:16.0840 0x1584 vsmraid - ok
12:01:16.0936 0x1584 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:01:16.0964 0x1584 VSS - ok
12:01:16.0974 0x1584 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:01:16.0975 0x1584 vwifibus - ok
12:01:16.0984 0x1584 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:01:16.0985 0x1584 vwififlt - ok
12:01:17.0011 0x1584 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:01:17.0012 0x1584 vwifimp - ok
12:01:17.0041 0x1584 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:01:17.0048 0x1584 W32Time - ok
12:01:17.0057 0x1584 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:01:17.0058 0x1584 WacomPen - ok
12:01:17.0074 0x1584 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:01:17.0076 0x1584 WANARP - ok
12:01:17.0080 0x1584 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:01:17.0082 0x1584 Wanarpv6 - ok
12:01:17.0181 0x1584 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:01:17.0204 0x1584 WatAdminSvc - ok
12:01:17.0305 0x1584 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:01:17.0342 0x1584 wbengine - ok
12:01:17.0382 0x1584 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:01:17.0388 0x1584 WbioSrvc - ok
12:01:17.0412 0x1584 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:01:17.0420 0x1584 wcncsvc - ok
12:01:17.0434 0x1584 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:01:17.0436 0x1584 WcsPlugInService - ok
12:01:17.0464 0x1584 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:01:17.0465 0x1584 Wd - ok
12:01:17.0513 0x1584 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:01:17.0527 0x1584 Wdf01000 - ok
12:01:17.0554 0x1584 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:01:17.0557 0x1584 WdiServiceHost - ok
12:01:17.0562 0x1584 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:01:17.0565 0x1584 WdiSystemHost - ok
12:01:17.0594 0x1584 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:01:17.0600 0x1584 WebClient - ok
12:01:17.0636 0x1584 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:01:17.0642 0x1584 Wecsvc - ok
12:01:17.0660 0x1584 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:01:17.0663 0x1584 wercplsupport - ok
12:01:17.0693 0x1584 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:01:17.0696 0x1584 WerSvc - ok
12:01:17.0708 0x1584 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:01:17.0709 0x1584 WfpLwf - ok
12:01:17.0756 0x1584 [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:01:17.0759 0x1584 WimFltr - ok
12:01:17.0781 0x1584 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:01:17.0784 0x1584 WIMMount - ok
12:01:17.0806 0x1584 WinDefend - ok
12:01:17.0830 0x1584 WinHttpAutoProxySvc - ok
12:01:17.0907 0x1584 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:01:17.0924 0x1584 Winmgmt - ok
12:01:18.0047 0x1584 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:01:18.0083 0x1584 WinRM - ok
12:01:18.0143 0x1584 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:01:18.0146 0x1584 WinUsb - ok
12:01:18.0205 0x1584 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:01:18.0229 0x1584 Wlansvc - ok
12:01:18.0270 0x1584 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:01:18.0271 0x1584 wlcrasvc - ok
12:01:18.0415 0x1584 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:01:18.0454 0x1584 wlidsvc - ok
12:01:18.0469 0x1584 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:01:18.0470 0x1584 WmiAcpi - ok
12:01:18.0506 0x1584 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:01:18.0510 0x1584 wmiApSrv - ok
12:01:18.0534 0x1584 WMPNetworkSvc - ok
12:01:18.0549 0x1584 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:01:18.0551 0x1584 WPCSvc - ok
12:01:18.0562 0x1584 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:01:18.0565 0x1584 WPDBusEnum - ok
12:01:18.0592 0x1584 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:01:18.0593 0x1584 ws2ifsl - ok
12:01:18.0611 0x1584 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
12:01:18.0614 0x1584 wscsvc - ok
12:01:18.0616 0x1584 WSearch - ok
12:01:18.0754 0x1584 [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
12:01:18.0801 0x1584 wuauserv - ok
12:01:18.0833 0x1584 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:01:18.0835 0x1584 WudfPf - ok
12:01:18.0863 0x1584 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:01:18.0867 0x1584 WUDFRd - ok
12:01:18.0883 0x1584 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:01:18.0886 0x1584 wudfsvc - ok
12:01:18.0913 0x1584 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:01:18.0918 0x1584 WwanSvc - ok
12:01:18.0930 0x1584 ================ Scan global ===============================
12:01:18.0952 0x1584 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:01:18.0980 0x1584 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
12:01:19.0002 0x1584 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
12:01:19.0028 0x1584 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:01:19.0058 0x1584 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:01:19.0064 0x1584 [ Global ] - ok
12:01:19.0065 0x1584 ================ Scan MBR ==================================
12:01:19.0081 0x1584 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:01:19.0372 0x1584 \Device\Harddisk0\DR0 - ok
12:01:19.0380 0x1584 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
12:01:19.0388 0x1584 \Device\Harddisk1\DR1 - ok
12:01:19.0389 0x1584 ================ Scan VBR ==================================
12:01:19.0394 0x1584 [ B64A48BFD40272B21C9532B283E55DD8 ] \Device\Harddisk0\DR0\Partition1
12:01:19.0399 0x1584 \Device\Harddisk0\DR0\Partition1 - ok
12:01:19.0431 0x1584 [ D31C467CF1F7B2D519F8B1565DA2F104 ] \Device\Harddisk0\DR0\Partition2
12:01:19.0435 0x1584 \Device\Harddisk0\DR0\Partition2 - ok
12:01:19.0441 0x1584 [ 6A78BD98A5B6F005E98ABDEA7CCEB705 ] \Device\Harddisk1\DR1\Partition1
12:01:19.0443 0x1584 \Device\Harddisk1\DR1\Partition1 - ok
12:01:19.0444 0x1584 ================ Scan generic autorun ======================
12:01:19.0600 0x1584 [ 29052F387998AF3E5A55A016FF4028D4, 2241E9D3E247BA01DB0C89EAABD6EC74597F6E38220696BC2B916A39F9D1D7B6 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:01:19.0727 0x1584 RtHDVBg - ok
12:01:19.0815 0x1584 [ 0E6C6542856BBD380356983179F859E7, 6519E585348DF1E64B147D682D0962191306FEE57E596ECC5E8BD310C14698F6 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
12:01:19.0838 0x1584 AmIcoSinglun64 - ok
12:01:19.0840 0x1584 ETDCtrl - ok
12:01:19.0844 0x1584 IntelTBRunOnce - ok
12:01:19.0867 0x1584 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
12:01:19.0874 0x1584 IgfxTray - ok
12:01:19.0897 0x1584 [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
12:01:19.0919 0x1584 HotKeysCmds - ok
12:01:19.0950 0x1584 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
12:01:19.0979 0x1584 Persistence - ok
12:01:20.0020 0x1584 [ 757A595F75E7840A7132EC11E6E6188A, 95085E8B5432F76E0C50D79F74DECAD54662BB32FFDD575BC8CBAC2C79B1C069 ] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe
12:01:20.0029 0x1584 Nuance PDF Reader-reminder - ok
12:01:20.0123 0x1584 [ BD87D5F5D68AC07243010A6F5176F897, D6518C2990DDAE5E88C9BE649B34A09A0C19A2EAA14967B45F6B176E34DC2EEB ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
12:01:20.0189 0x1584 ASUSPRP - ok
12:01:20.0256 0x1584 [ BBE8B2B11C5903995802B2565DF4947B, 9C199205C93CD87347B75A0FBDC9BD0304E1B8DDE7EDCEAE5F951D647CEBB2AF ] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe
12:01:20.0289 0x1584 ASUSWebStorage - ok
12:01:20.0562 0x1584 [ 5BB1F77C8AF725A15EC9366498D275BB, 87146A81FB6F313ACF087C72F219CFAA92D4CA456810C49241BD182384B2DAAC ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
12:01:20.0778 0x1584 ATKOSD2 - ok
12:01:20.0817 0x1584 [ 79A3B950988F8D2B81906D0C0473158B, 7D9EDB4F9A4800D31C103CF2BBC93C0F5F31888E93E899C43EC5984B4807C3D8 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
12:01:20.0823 0x1584 ATKMEDIA - ok
12:01:20.0843 0x1584 [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
12:01:20.0847 0x1584 HControlUser - ok
12:01:20.0900 0x1584 [ FD22B00049F775E952371E9C3DAC631B, CBC3BF5DBF3E0D5EA4095F9FE90D8688D43BEF352B657D5EF5D843267ED35388 ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
12:01:20.0955 0x1584 Wireless Console 3 - ok
12:01:21.0028 0x1584 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
12:01:21.0048 0x1584 UpdateLBPShortCut - ok
12:01:21.0128 0x1584 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
12:01:21.0152 0x1584 UpdateP2GoShortCut - ok
12:01:21.0219 0x1584 [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
12:01:21.0240 0x1584 ArcSoft Connection Service - ok
12:01:21.0349 0x1584 [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
12:01:21.0394 0x1584 avgnt - ok
12:01:21.0451 0x1584 [ F2BC40E35AB242AA27BCD8FBA9D0B5CB, 4F89E1F57E8E4897D1614DAA852B0CBF7C1FD705641895E874C52377DC3F3403 ] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
12:01:21.0463 0x1584 Avira Systray - ok
12:01:21.0564 0x1584 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:01:21.0773 0x1584 Sidebar - ok
12:01:21.0838 0x1584 [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
12:01:21.0857 0x1584 ISUSPM - ok
12:01:22.0141 0x1584 [ 359CEDC8C822A5566098C6645411D496, 71982B1B158180F34A59E92D7C53DBBC6A26802F11CE01ACA26FE9A4F1C16016 ] C:\Program Files (x86)\Free Download Manager\fdm.exe
12:01:22.0381 0x1584 Free Download Manager - ok
12:01:22.0390 0x1584 Software Informer - ok
12:01:22.0412 0x1584 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:01:22.0445 0x1584 mctadmin - ok
12:01:22.0551 0x1584 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:01:22.0596 0x1584 Sidebar - ok
12:01:22.0713 0x1584 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x41000 ( enabled : updated )
12:01:22.0757 0x1584 Win FW state via NFP2: enabled ( trusted )
12:01:22.0758 0x1584 ============================================================
12:01:22.0758 0x1584 Scan finished
12:01:22.0758 0x1584 ============================================================
12:01:22.0772 0x12b0 Detected object count: 0
12:01:22.0772 0x12b0 Actual detected object count: 0
12:02:25.0828 0x06d4 ============================================================
12:02:25.0829 0x06d4 Scan started
12:02:25.0829 0x06d4 Mode: Manual; SigCheck; TDLFS;
12:02:25.0829 0x06d4 ============================================================
12:02:25.0829 0x06d4 KSN ping started
12:02:28.0510 0x06d4 KSN ping finished: true
12:02:29.0096 0x06d4 ================ Scan system memory ========================
12:02:29.0096 0x06d4 System memory - ok
12:02:29.0097 0x06d4 ================ Scan services =============================
12:02:29.0213 0x06d4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:02:29.0284 0x06d4 1394ohci - ok
12:02:29.0369 0x06d4 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:02:29.0398 0x06d4 ACDaemon - ok
12:02:29.0430 0x06d4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:02:29.0451 0x06d4 ACPI - ok
12:02:29.0468 0x06d4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:02:29.0496 0x06d4 AcpiPmi - ok
12:02:29.0588 0x06d4 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:02:29.0601 0x06d4 AdobeFlashPlayerUpdateSvc - ok
12:02:29.0643 0x06d4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:02:29.0662 0x06d4 adp94xx - ok
12:02:29.0683 0x06d4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:02:29.0699 0x06d4 adpahci - ok
12:02:29.0722 0x06d4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:02:29.0733 0x06d4 adpu320 - ok
12:02:29.0756 0x06d4 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:02:29.0767 0x06d4 AeLookupSvc - ok
12:02:29.0829 0x06d4 [ 079CBA3C5C9AB11B2B4E6BD729A860F2, 86D58003D34E93D1C9154940B5DF2BD8AD77A6840FB52BF81978420A5FC68370 ] AFBAgent C:\Windows\system32\FBAgent.exe
12:02:29.0857 0x06d4 AFBAgent - ok
12:02:29.0915 0x06d4 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys
12:02:29.0935 0x06d4 Afc - ok
12:02:29.0988 0x06d4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:02:30.0037 0x06d4 AFD - ok
12:02:30.0062 0x06d4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:02:30.0073 0x06d4 agp440 - ok
12:02:30.0093 0x06d4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:02:30.0107 0x06d4 ALG - ok
12:02:30.0128 0x06d4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:02:30.0138 0x06d4 aliide - ok
12:02:30.0146 0x06d4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:02:30.0155 0x06d4 amdide - ok
12:02:30.0170 0x06d4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:02:30.0183 0x06d4 AmdK8 - ok
12:02:30.0192 0x06d4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:02:30.0204 0x06d4 AmdPPM - ok
12:02:30.0225 0x06d4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:02:30.0237 0x06d4 amdsata - ok
12:02:30.0257 0x06d4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:02:30.0271 0x06d4 amdsbs - ok
12:02:30.0291 0x06d4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:02:30.0301 0x06d4 amdxata - ok
12:02:30.0326 0x06d4 [ 9C7F164B49CADC658D1B3C575782F346, 7C5FD203735041B6AEB2E551A63CE5F46DB41044BC72E7E77A72F316197C80DA ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
12:02:30.0346 0x06d4 AmUStor - ok
12:02:30.0443 0x06d4 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
12:02:30.0479 0x06d4 AntiVirMailService - ok
12:02:30.0524 0x06d4 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:02:30.0542 0x06d4 AntiVirSchedulerService - ok
12:02:30.0581 0x06d4 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:02:30.0599 0x06d4 AntiVirService - ok
12:02:30.0651 0x06d4 [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:02:30.0691 0x06d4 AntiVirWebService - ok
12:02:30.0717 0x06d4 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
12:02:30.0730 0x06d4 AppID - ok
12:02:30.0745 0x06d4 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:02:30.0756 0x06d4 AppIDSvc - ok
12:02:30.0781 0x06d4 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
12:02:30.0798 0x06d4 Appinfo - ok
12:02:30.0834 0x06d4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:02:30.0845 0x06d4 arc - ok
12:02:30.0860 0x06d4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:02:30.0870 0x06d4 arcsas - ok
12:02:30.0951 0x06d4 [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
12:02:30.0960 0x06d4 ASLDRService - ok
12:02:30.0968 0x06d4 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
12:02:30.0976 0x06d4 ASMMAP64 - ok
12:02:31.0065 0x06d4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:02:31.0098 0x06d4 aspnet_state - ok
12:02:31.0111 0x06d4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:02:31.0144 0x06d4 AsyncMac - ok
12:02:31.0157 0x06d4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:02:31.0165 0x06d4 atapi - ok
12:02:31.0224 0x06d4 [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr C:\Windows\system32\DRIVERS\athrx.sys
12:02:31.0285 0x06d4 athr - ok
12:02:31.0304 0x06d4 [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
12:02:31.0313 0x06d4 ATKGFNEXSrv - ok
12:02:31.0354 0x06d4 [ 1F7238A37389ED92E9D8EEE975CABD54, AFEE4B89A330C106651BB230920FC623813B075D2B75DFEDCC68A3207B291365 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
12:02:31.0361 0x06d4 ATKWMIACPIIO - ok
12:02:31.0421 0x06d4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:02:31.0447 0x06d4 AudioEndpointBuilder - ok
12:02:31.0492 0x06d4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:02:31.0515 0x06d4 AudioSrv - ok
12:02:31.0542 0x06d4 [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:02:31.0554 0x06d4 avgntflt - ok
12:02:31.0578 0x06d4 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:02:31.0590 0x06d4 avipbb - ok
12:02:31.0663 0x06d4 [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:02:31.0685 0x06d4 Avira.ServiceHost - ok
12:02:31.0722 0x06d4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:02:31.0736 0x06d4 avkmgr - ok
12:02:31.0755 0x06d4 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
12:02:31.0768 0x06d4 avnetflt - ok
12:02:31.0793 0x06d4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:02:31.0809 0x06d4 AxInstSV - ok
12:02:31.0839 0x06d4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:02:31.0869 0x06d4 b06bdrv - ok
12:02:31.0888 0x06d4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:02:31.0903 0x06d4 b57nd60a - ok
12:02:31.0919 0x06d4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:02:31.0931 0x06d4 BDESVC - ok
12:02:31.0950 0x06d4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:02:31.0977 0x06d4 Beep - ok
12:02:32.0015 0x06d4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:02:32.0055 0x06d4 BFE - ok
12:02:32.0145 0x06d4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
12:02:32.0256 0x06d4 BITS - ok
12:02:32.0279 0x06d4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:02:32.0289 0x06d4 blbdrive - ok
12:02:32.0323 0x06d4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:02:32.0349 0x06d4 bowser - ok
12:02:32.0360 0x06d4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:02:32.0372 0x06d4 BrFiltLo - ok
12:02:32.0384 0x06d4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:02:32.0396 0x06d4 BrFiltUp - ok
12:02:32.0411 0x06d4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:02:32.0441 0x06d4 BridgeMP - ok
12:02:32.0467 0x06d4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:02:32.0480 0x06d4 Browser - ok
12:02:32.0508 0x06d4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:02:32.0523 0x06d4 Brserid - ok
12:02:32.0542 0x06d4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:02:32.0554 0x06d4 BrSerWdm - ok
12:02:32.0565 0x06d4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:02:32.0577 0x06d4 BrUsbMdm - ok
12:02:32.0605 0x06d4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:02:32.0615 0x06d4 BrUsbSer - ok
12:02:32.0635 0x06d4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:02:32.0650 0x06d4 BthEnum - ok
12:02:32.0670 0x06d4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:02:32.0683 0x06d4 BTHMODEM - ok
12:02:32.0700 0x06d4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:02:32.0714 0x06d4 BthPan - ok
12:02:32.0748 0x06d4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:02:32.0768 0x06d4 BTHPORT - ok
12:02:32.0798 0x06d4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:02:32.0827 0x06d4 bthserv - ok
12:02:32.0840 0x06d4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:02:32.0851 0x06d4 BTHUSB - ok
12:02:32.0865 0x06d4 catchme - ok
12:02:32.0888 0x06d4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:02:32.0917 0x06d4 cdfs - ok
12:02:32.0938 0x06d4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:02:32.0950 0x06d4 cdrom - ok
12:02:32.0969 0x06d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:02:32.0997 0x06d4 CertPropSvc - ok
12:02:33.0013 0x06d4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:02:33.0025 0x06d4 circlass - ok
12:02:33.0065 0x06d4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
12:02:33.0081 0x06d4 CLFS - ok
12:02:33.0150 0x06d4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:02:33.0175 0x06d4 clr_optimization_v2.0.50727_32 - ok
12:02:33.0205 0x06d4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:02:33.0225 0x06d4 clr_optimization_v2.0.50727_64 - ok
12:02:33.0281 0x06d4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:02:33.0313 0x06d4 clr_optimization_v4.0.30319_32 - ok
12:02:33.0335 0x06d4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:02:33.0349 0x06d4 clr_optimization_v4.0.30319_64 - ok
12:02:33.0375 0x06d4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:02:33.0387 0x06d4 CmBatt - ok
12:02:33.0400 0x06d4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:02:33.0410 0x06d4 cmdide - ok
12:02:33.0461 0x06d4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
12:02:33.0501 0x06d4 CNG - ok
12:02:33.0521 0x06d4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:02:33.0532 0x06d4 Compbatt - ok
12:02:33.0546 0x06d4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:02:33.0560 0x06d4 CompositeBus - ok
12:02:33.0563 0x06d4 COMSysApp - ok
12:02:33.0635 0x06d4 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:02:33.0656 0x06d4 cphs - ok
12:02:33.0675 0x06d4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:02:33.0688 0x06d4 crcdisk - ok
12:02:33.0714 0x06d4 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:02:33.0727 0x06d4 CryptSvc - ok
12:02:33.0837 0x06d4 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:02:33.0870 0x06d4 cvhsvc - ok
12:02:33.0916 0x06d4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:02:33.0954 0x06d4 DcomLaunch - ok
12:02:33.0982 0x06d4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:02:34.0016 0x06d4 defragsvc - ok
12:02:34.0048 0x06d4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:02:34.0077 0x06d4 DfsC - ok
12:02:34.0159 0x06d4 [ D51B32BA3897F630D99713B74B40D6A2, 5EB136A8248E6FA1316CFA273D9DC8F9C8E8CCB9AC00AE23C1337FBF5F6FDBEC ] DfSdkS C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
12:02:34.0183 0x06d4 DfSdkS - detected UnsignedFile.Multi.Generic ( 1 )
12:02:34.0237 0x06d4 DfSdkS ( UnsignedFile.Multi.Generic ) - warning
12:02:34.0275 0x06d4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:02:34.0303 0x06d4 Dhcp - ok
12:02:34.0392 0x06d4 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
12:02:34.0438 0x06d4 DiagTrack - ok
12:02:34.0453 0x06d4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:02:34.0480 0x06d4 discache - ok
12:02:34.0506 0x06d4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:02:34.0516 0x06d4 Disk - ok
12:02:34.0551 0x06d4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:02:34.0575 0x06d4 Dnscache - ok
12:02:34.0607 0x06d4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:02:34.0638 0x06d4 dot3svc - ok
12:02:34.0655 0x06d4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:02:34.0684 0x06d4 DPS - ok
12:02:34.0701 0x06d4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:02:34.0710 0x06d4 drmkaud - ok
12:02:34.0762 0x06d4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:02:34.0790 0x06d4 DXGKrnl - ok
12:02:34.0818 0x06d4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:02:34.0848 0x06d4 EapHost - ok
12:02:35.0012 0x06d4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:02:35.0090 0x06d4 ebdrv - ok
12:02:35.0115 0x06d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
12:02:35.0140 0x06d4 EFS - ok
12:02:35.0227 0x06d4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:02:35.0274 0x06d4 ehRecvr - ok
12:02:35.0288 0x06d4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:02:35.0302 0x06d4 ehSched - ok
12:02:35.0336 0x06d4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:02:35.0355 0x06d4 elxstor - ok
12:02:35.0375 0x06d4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:02:35.0384 0x06d4 ErrDev - ok
12:02:35.0411 0x06d4 [ 5B042AA9CEBDAB5B61E747DDCEBFF51B, FBB174A6FE372F55758D6CD118F3746146866383527F5784C3AE513145F4C193 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
12:02:35.0421 0x06d4 ETD - ok
12:02:35.0461 0x06d4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:02:35.0497 0x06d4 EventSystem - ok
12:02:35.0520 0x06d4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:02:35.0551 0x06d4 exfat - ok
12:02:35.0577 0x06d4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:02:35.0610 0x06d4 fastfat - ok
12:02:35.0639 0x06d4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:02:35.0663 0x06d4 Fax - ok
12:02:35.0680 0x06d4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:02:35.0689 0x06d4 fdc - ok
12:02:35.0706 0x06d4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:02:35.0734 0x06d4 fdPHost - ok
12:02:35.0746 0x06d4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:02:35.0773 0x06d4 FDResPub - ok
12:02:35.0794 0x06d4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:02:35.0803 0x06d4 FileInfo - ok
12:02:35.0815 0x06d4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:02:35.0843 0x06d4 Filetrace - ok
12:02:35.0856 0x06d4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:02:35.0867 0x06d4 flpydisk - ok
12:02:35.0883 0x06d4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:02:35.0897 0x06d4 FltMgr - ok
12:02:35.0957 0x06d4 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
12:02:35.0998 0x06d4 FontCache - ok
12:02:36.0052 0x06d4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:02:36.0079 0x06d4 FontCache3.0.0.0 - ok
12:02:36.0104 0x06d4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:02:36.0153 0x06d4 FsDepends - ok
12:02:36.0179 0x06d4 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:02:36.0201 0x06d4 fssfltr - ok
12:02:36.0333 0x06d4 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:02:36.0375 0x06d4 fsssvc - ok
12:02:36.0398 0x06d4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:02:36.0407 0x06d4 Fs_Rec - ok
12:02:36.0432 0x06d4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:02:36.0447 0x06d4 fvevol - ok
12:02:36.0470 0x06d4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:02:36.0479 0x06d4 gagp30kx - ok
12:02:36.0526 0x06d4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:02:36.0569 0x06d4 gpsvc - ok
12:02:36.0640 0x06d4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:02:36.0662 0x06d4 gupdate - ok
12:02:36.0680 0x06d4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:02:36.0690 0x06d4 gupdatem - ok
12:02:36.0714 0x06d4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:02:36.0725 0x06d4 hcw85cir - ok
12:02:36.0767 0x06d4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:02:36.0790 0x06d4 HdAudAddService - ok
12:02:36.0805 0x06d4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:02:36.0819 0x06d4 HDAudBus - ok
12:02:36.0828 0x06d4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:02:36.0838 0x06d4 HidBatt - ok
12:02:36.0852 0x06d4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:02:36.0864 0x06d4 HidBth - ok
12:02:36.0875 0x06d4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:02:36.0887 0x06d4 HidIr - ok
12:02:36.0908 0x06d4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
12:02:36.0936 0x06d4 hidserv - ok
12:02:36.0959 0x06d4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:02:36.0993 0x06d4 HidUsb - ok
12:02:37.0032 0x06d4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:02:37.0072 0x06d4 hkmsvc - ok
12:02:37.0088 0x06d4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:02:37.0121 0x06d4 HomeGroupListener - ok
12:02:37.0144 0x06d4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:02:37.0159 0x06d4 HomeGroupProvider - ok
12:02:37.0183 0x06d4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:02:37.0194 0x06d4 HpSAMD - ok
12:02:37.0239 0x06d4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:02:37.0272 0x06d4 HTTP - ok
12:02:37.0289 0x06d4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:02:37.0298 0x06d4 hwpolicy - ok
12:02:37.0315 0x06d4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:02:37.0328 0x06d4 i8042prt - ok
12:02:37.0375 0x06d4 [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:02:37.0392 0x06d4 iaStor - ok
12:02:37.0453 0x06d4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:02:37.0488 0x06d4 iaStorV - ok
12:02:37.0598 0x06d4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:02:37.0629 0x06d4 idsvc - ok
12:02:37.0632 0x06d4 IEEtwCollectorService - ok
12:02:37.0833 0x06d4 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:02:37.0972 0x06d4 igfx - ok
12:02:37.0994 0x06d4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:02:38.0004 0x06d4 iirsp - ok
12:02:38.0055 0x06d4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:02:38.0083 0x06d4 IKEEXT - ok
12:02:38.0205 0x06d4 [ C15A21B1E2291952424F361093734F95, 48B2205A07FC4F8264E64B654824EF44AEECD9A9914B66DD8A74FA41CFE73317 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:02:38.0270 0x06d4 IntcAzAudAddService - ok
12:02:38.0314 0x06d4 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:02:38.0345 0x06d4 IntcDAud - ok
12:02:38.0368 0x06d4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:02:38.0376 0x06d4 intelide - ok
12:02:38.0399 0x06d4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:02:38.0409 0x06d4 intelppm - ok
12:02:38.0432 0x06d4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:02:38.0462 0x06d4 IPBusEnum - ok
12:02:38.0481 0x06d4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:02:38.0517 0x06d4 IpFilterDriver - ok
12:02:38.0554 0x06d4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:02:38.0576 0x06d4 iphlpsvc - ok
12:02:38.0587 0x06d4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:02:38.0597 0x06d4 IPMIDRV - ok
12:02:38.0614 0x06d4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:02:38.0644 0x06d4 IPNAT - ok
12:02:38.0664 0x06d4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:02:38.0678 0x06d4 IRENUM - ok
12:02:38.0688 0x06d4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:02:38.0697 0x06d4 isapnp - ok
12:02:38.0725 0x06d4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:02:38.0739 0x06d4 iScsiPrt - ok
12:02:38.0747 0x06d4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:02:38.0757 0x06d4 kbdclass - ok
12:02:38.0773 0x06d4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:02:38.0783 0x06d4 kbdhid - ok
12:02:38.0809 0x06d4 [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
12:02:38.0816 0x06d4 kbfiltr - ok
12:02:38.0824 0x06d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
12:02:38.0834 0x06d4 KeyIso - ok
12:02:38.0860 0x06d4 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:02:38.0870 0x06d4 KSecDD - ok
12:02:38.0884 0x06d4 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:02:38.0895 0x06d4 KSecPkg - ok
12:02:38.0919 0x06d4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:02:38.0946 0x06d4 ksthunk - ok
12:02:38.0972 0x06d4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:02:39.0007 0x06d4 KtmRm - ok
12:02:39.0041 0x06d4 [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
12:02:39.0049 0x06d4 L1C - ok
12:02:39.0083 0x06d4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:02:39.0115 0x06d4 LanmanServer - ok
12:02:39.0133 0x06d4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:02:39.0163 0x06d4 LanmanWorkstation - ok
12:02:39.0189 0x06d4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:02:39.0218 0x06d4 lltdio - ok
12:02:39.0239 0x06d4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:02:39.0273 0x06d4 lltdsvc - ok
12:02:39.0292 0x06d4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:02:39.0321 0x06d4 lmhosts - ok
12:02:39.0399 0x06d4 [ 0803906D607A9B83184447B75B60ECC2, A7A599C4CEDD4AC4196A558442E80B4F852AF6C6104A53C8819A79AA5D388DE8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:02:39.0425 0x06d4 LMS - ok
12:02:39.0449 0x06d4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:02:39.0459 0x06d4 LSI_FC - ok
12:02:39.0470 0x06d4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:02:39.0480 0x06d4 LSI_SAS - ok
12:02:39.0498 0x06d4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:02:39.0508 0x06d4 LSI_SAS2 - ok
12:02:39.0523 0x06d4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:02:39.0533 0x06d4 LSI_SCSI - ok
12:02:39.0552 0x06d4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:02:39.0582 0x06d4 luafv - ok
12:02:39.0604 0x06d4 [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
12:02:39.0614 0x06d4 MBAMSwissArmy - ok
12:02:39.0630 0x06d4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:02:39.0642 0x06d4 Mcx2Svc - ok
12:02:39.0650 0x06d4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:02:39.0659 0x06d4 megasas - ok
12:02:39.0722 0x06d4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:02:39.0746 0x06d4 MegaSR - ok
12:02:39.0802 0x06d4 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:02:39.0826 0x06d4 MEIx64 - ok
12:02:39.0848 0x06d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:02:39.0890 0x06d4 MMCSS - ok
12:02:39.0893 0x06d4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:02:39.0922 0x06d4 Modem - ok
12:02:39.0931 0x06d4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:02:39.0943 0x06d4 monitor - ok
12:02:39.0950 0x06d4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:02:39.0959 0x06d4 mouclass - ok
12:02:39.0968 0x06d4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:02:39.0977 0x06d4 mouhid - ok
12:02:40.0000 0x06d4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:02:40.0011 0x06d4 mountmgr - ok
12:02:40.0029 0x06d4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:02:40.0040 0x06d4 mpio - ok
12:02:40.0059 0x06d4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:02:40.0088 0x06d4 mpsdrv - ok
12:02:40.0156 0x06d4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:02:40.0205 0x06d4 MpsSvc - ok
12:02:40.0228 0x06d4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:02:40.0247 0x06d4 MRxDAV - ok
12:02:40.0279 0x06d4 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:02:40.0292 0x06d4 mrxsmb - ok
12:02:40.0306 0x06d4 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:02:40.0321 0x06d4 mrxsmb10 - ok
12:02:40.0340 0x06d4 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:02:40.0353 0x06d4 mrxsmb20 - ok
12:02:40.0383 0x06d4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:02:40.0391 0x06d4 msahci - ok
12:02:40.0424 0x06d4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:02:40.0434 0x06d4 msdsm - ok
12:02:40.0451 0x06d4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:02:40.0464 0x06d4 MSDTC - ok
12:02:40.0481 0x06d4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:02:40.0509 0x06d4 Msfs - ok
12:02:40.0520 0x06d4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:02:40.0547 0x06d4 mshidkmdf - ok
12:02:40.0555 0x06d4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:02:40.0563 0x06d4 msisadrv - ok
12:02:40.0584 0x06d4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:02:40.0615 0x06d4 MSiSCSI - ok
12:02:40.0617 0x06d4 msiserver - ok
12:02:40.0630 0x06d4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:02:40.0658 0x06d4 MSKSSRV - ok
12:02:40.0671 0x06d4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:02:40.0697 0x06d4 MSPCLOCK - ok
12:02:40.0714 0x06d4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:02:40.0741 0x06d4 MSPQM - ok
12:02:40.0760 0x06d4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:02:40.0775 0x06d4 MsRPC - ok
12:02:40.0785 0x06d4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:02:40.0794 0x06d4 mssmbios - ok
12:02:40.0797 0x06d4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:02:40.0824 0x06d4 MSTEE - ok
12:02:40.0837 0x06d4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:02:40.0846 0x06d4 MTConfig - ok
12:02:40.0866 0x06d4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:02:40.0876 0x06d4 Mup - ok
12:02:40.0912 0x06d4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:02:40.0949 0x06d4 napagent - ok
12:02:40.0970 0x06d4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:02:40.0989 0x06d4 NativeWifiP - ok
12:02:41.0067 0x06d4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:02:41.0102 0x06d4 NDIS - ok
12:02:41.0116 0x06d4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:02:41.0144 0x06d4 NdisCap - ok
12:02:41.0181 0x06d4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:02:41.0238 0x06d4 NdisTapi - ok
12:02:41.0264 0x06d4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:02:41.0292 0x06d4 Ndisuio - ok
12:02:41.0312 0x06d4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:02:41.0342 0x06d4 NdisWan - ok
12:02:41.0353 0x06d4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:02:41.0381 0x06d4 NDProxy - ok
12:02:41.0479 0x06d4 [ 0FF3C6AA3E0FE0EB316DF5449B569463, 7EDB0349F5E4714368EB27667385FF7B935D6C050E7E45C25E792D9825082C52 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
12:02:41.0509 0x06d4 Nero BackItUp Scheduler 4.0 - ok
12:02:41.0519 0x06d4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:02:41.0547 0x06d4 NetBIOS - ok
12:02:41.0577 0x06d4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:02:41.0608 0x06d4 NetBT - ok
12:02:41.0619 0x06d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
12:02:41.0630 0x06d4 Netlogon - ok
12:02:41.0662 0x06d4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:02:41.0697 0x06d4 Netman - ok
12:02:41.0773 0x06d4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:02:41.0808 0x06d4 NetMsmqActivator - ok
12:02:41.0834 0x06d4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:02:41.0848 0x06d4 NetPipeActivator - ok
12:02:41.0891 0x06d4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:02:41.0936 0x06d4 netprofm - ok
12:02:42.0075 0x06d4 [ 8CE69B2C4934A1C0321F4C8E9C6C4A41, 880A57194D52E4C90BCFAF149C74E3119B5FA5A91C6A3F50A1BBB3C8C35C6921 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
12:02:42.0133 0x06d4 netr28x - ok
12:02:42.0152 0x06d4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:02:42.0165 0x06d4 NetTcpActivator - ok
12:02:42.0183 0x06d4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:02:42.0195 0x06d4 NetTcpPortSharing - ok
12:02:42.0230 0x06d4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:02:42.0257 0x06d4 nfrd960 - ok
12:02:42.0312 0x06d4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:02:42.0351 0x06d4 NlaSvc - ok
12:02:42.0361 0x06d4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:02:42.0389 0x06d4 Npfs - ok
12:02:42.0414 0x06d4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:02:42.0442 0x06d4 nsi - ok
12:02:42.0462 0x06d4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:02:42.0490 0x06d4 nsiproxy - ok
12:02:42.0589 0x06d4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:02:42.0632 0x06d4 Ntfs - ok
12:02:42.0650 0x06d4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:02:42.0678 0x06d4 Null - ok
12:02:43.0061 0x06d4 [ 48D26FF990099C1AD51F81BAEDDB3B98, 15C75B85EC7C1E4B1C2CEF74E400B2BA75FF7952EBBD2A6AD0CD9D0A5D1C5263 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:02:43.0458 0x06d4 nvlddmkm - ok
12:02:43.0485 0x06d4 [ 3393E8972E95F6C985150A1DC1D4B026, 03603BA886B83C7552D39ADEE5BCB6656FEB8ADA6EB344F28424DC0A1BEAE2AB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
12:02:43.0493 0x06d4 nvpciflt - ok
12:02:43.0514 0x06d4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:02:43.0525 0x06d4 nvraid - ok
12:02:43.0544 0x06d4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:02:43.0555 0x06d4 nvstor - ok
12:02:43.0613 0x06d4 [ 708547B06809A454B953803CBC449BC0, DA296BD93460114D90CCA491BBA1002D88AEA6508AAA91493F7B443A0D452EAF ] NVSvc C:\Windows\system32\nvvsvc.exe
12:02:43.0657 0x06d4 NVSvc - ok
12:02:43.0767 0x06d4 [ CEA3A0FBE6B86EF7A85B62EB41ED5DCB, 31415162853CEAE68B98D09D350225C16D94F325650DB38F90D18D034B759014 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:02:43.0833 0x06d4 nvUpdatusService - ok
12:02:43.0861 0x06d4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:02:43.0872 0x06d4 nv_agp - ok
12:02:43.0885 0x06d4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:02:43.0896 0x06d4 ohci1394 - ok
12:02:43.0928 0x06d4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:02:43.0940 0x06d4 ose - ok
12:02:44.0191 0x06d4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:02:44.0401 0x06d4 osppsvc - ok
12:02:44.0441 0x06d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:02:44.0472 0x06d4 p2pimsvc - ok
12:02:44.0498 0x06d4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:02:44.0531 0x06d4 p2psvc - ok
12:02:44.0554 0x06d4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:02:44.0566 0x06d4 Parport - ok
12:02:44.0598 0x06d4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:02:44.0609 0x06d4 partmgr - ok
12:02:44.0636 0x06d4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:02:44.0659 0x06d4 PcaSvc - ok
12:02:44.0682 0x06d4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:02:44.0696 0x06d4 pci - ok
12:02:44.0717 0x06d4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:02:44.0727 0x06d4 pciide - ok
12:02:44.0745 0x06d4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:02:44.0757 0x06d4 pcmcia - ok
12:02:44.0772 0x06d4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:02:44.0782 0x06d4 pcw - ok
12:02:44.0829 0x06d4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:02:44.0874 0x06d4 PEAUTH - ok
12:02:44.0943 0x06d4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:02:44.0957 0x06d4 PerfHost - ok
12:02:45.0034 0x06d4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:02:45.0116 0x06d4 pla - ok
12:02:45.0163 0x06d4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:02:45.0196 0x06d4 PlugPlay - ok
12:02:45.0211 0x06d4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:02:45.0223 0x06d4 PNRPAutoReg - ok
12:02:45.0244 0x06d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:02:45.0261 0x06d4 PNRPsvc - ok
12:02:45.0301 0x06d4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:02:45.0351 0x06d4 PolicyAgent - ok
12:02:45.0378 0x06d4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:02:45.0411 0x06d4 Power - ok
12:02:45.0440 0x06d4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:02:45.0470 0x06d4 PptpMiniport - ok
12:02:45.0488 0x06d4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:02:45.0498 0x06d4 Processor - ok
12:02:45.0527 0x06d4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:02:45.0553 0x06d4 ProfSvc - ok
12:02:45.0570 0x06d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
12:02:45.0580 0x06d4 ProtectedStorage - ok
12:02:45.0594 0x06d4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:02:45.0625 0x06d4 Psched - ok
12:02:45.0697 0x06d4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:02:45.0736 0x06d4 ql2300 - ok
12:02:45.0751 0x06d4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:02:45.0762 0x06d4 ql40xx - ok
12:02:45.0785 0x06d4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:02:45.0806 0x06d4 QWAVE - ok
12:02:45.0820 0x06d4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:02:45.0836 0x06d4 QWAVEdrv - ok
12:02:45.0843 0x06d4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:02:45.0871 0x06d4 RasAcd - ok
12:02:45.0892 0x06d4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:02:45.0921 0x06d4 RasAgileVpn - ok
12:02:45.0933 0x06d4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:02:45.0964 0x06d4 RasAuto - ok
12:02:45.0980 0x06d4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:02:46.0010 0x06d4 Rasl2tp - ok
12:02:46.0031 0x06d4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:02:46.0068 0x06d4 RasMan - ok
12:02:46.0079 0x06d4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:02:46.0110 0x06d4 RasPppoe - ok
12:02:46.0118 0x06d4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:02:46.0148 0x06d4 RasSstp - ok
12:02:46.0164 0x06d4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:02:46.0200 0x06d4 rdbss - ok
12:02:46.0208 0x06d4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:02:46.0222 0x06d4 rdpbus - ok
12:02:46.0239 0x06d4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:02:46.0269 0x06d4 RDPCDD - ok
12:02:46.0277 0x06d4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:02:46.0305 0x06d4 RDPENCDD - ok
12:02:46.0313 0x06d4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:02:46.0342 0x06d4 RDPREFMP - ok
12:02:46.0416 0x06d4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:02:46.0440 0x06d4 RdpVideoMiniport - ok
12:02:46.0467 0x06d4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:02:46.0500 0x06d4 RDPWD - ok
12:02:46.0525 0x06d4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:02:46.0539 0x06d4 rdyboost - ok
12:02:46.0559 0x06d4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:02:46.0590 0x06d4 RemoteAccess - ok
12:02:46.0615 0x06d4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:02:46.0649 0x06d4 RemoteRegistry - ok
12:02:46.0671 0x06d4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:02:46.0686 0x06d4 RFCOMM - ok
12:02:46.0709 0x06d4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:02:46.0740 0x06d4 RpcEptMapper - ok
12:02:46.0763 0x06d4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:02:46.0775 0x06d4 RpcLocator - ok
12:02:46.0803 0x06d4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:02:46.0842 0x06d4 RpcSs - ok
12:02:46.0857 0x06d4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:02:46.0889 0x06d4 rspndr - ok
12:02:46.0895 0x06d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
12:02:46.0905 0x06d4 SamSs - ok
12:02:46.0921 0x06d4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:02:46.0932 0x06d4 sbp2port - ok
12:02:46.0945 0x06d4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:02:46.0981 0x06d4 SCardSvr - ok
12:02:46.0989 0x06d4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:02:47.0018 0x06d4 scfilter - ok
12:02:47.0062 0x06d4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:02:47.0136 0x06d4 Schedule - ok
12:02:47.0167 0x06d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:02:47.0195 0x06d4 SCPolicySvc - ok
12:02:47.0213 0x06d4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:02:47.0229 0x06d4 SDRSVC - ok
12:02:47.0255 0x06d4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:02:47.0298 0x06d4 secdrv - ok
12:02:47.0328 0x06d4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:02:47.0357 0x06d4 seclogon - ok
12:02:47.0371 0x06d4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
12:02:47.0402 0x06d4 SENS - ok
12:02:47.0426 0x06d4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:02:47.0438 0x06d4 SensrSvc - ok
12:02:47.0447 0x06d4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:02:47.0456 0x06d4 Serenum - ok
12:02:47.0475 0x06d4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
12:02:47.0487 0x06d4 Serial - ok
12:02:47.0501 0x06d4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:02:47.0514 0x06d4 sermouse - ok
12:02:47.0538 0x06d4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:02:47.0569 0x06d4 SessionEnv - ok
12:02:47.0598 0x06d4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:02:47.0611 0x06d4 sffdisk - ok
12:02:47.0616 0x06d4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:02:47.0629 0x06d4 sffp_mmc - ok
12:02:47.0640 0x06d4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:02:47.0653 0x06d4 sffp_sd - ok
12:02:47.0669 0x06d4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:02:47.0680 0x06d4 sfloppy - ok
12:02:47.0716 0x06d4 [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:02:47.0740 0x06d4 Sftfs - ok
12:02:47.0849 0x06d4 [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:02:47.0906 0x06d4 sftlist - ok
12:02:47.0929 0x06d4 [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:02:47.0944 0x06d4 Sftplay - ok
12:02:47.0963 0x06d4 [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:02:47.0973 0x06d4 Sftredir - ok
12:02:47.0990 0x06d4 [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:02:47.0998 0x06d4 Sftvol - ok
12:02:48.0023 0x06d4 [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:02:48.0036 0x06d4 sftvsa - ok
12:02:48.0095 0x06d4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:02:48.0147 0x06d4 SharedAccess - ok
12:02:48.0182 0x06d4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:02:48.0218 0x06d4 ShellHWDetection - ok
12:02:48.0230 0x06d4 [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
12:02:48.0241 0x06d4 SiSGbeLH - ok
12:02:48.0267 0x06d4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:02:48.0276 0x06d4 SiSRaid2 - ok
12:02:48.0286 0x06d4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:02:48.0297 0x06d4 SiSRaid4 - ok
12:02:48.0309 0x06d4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:02:48.0339 0x06d4 Smb - ok
12:02:48.0357 0x06d4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:02:48.0369 0x06d4 SNMPTRAP - ok
12:02:48.0372 0x06d4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:02:48.0381 0x06d4 spldr - ok
12:02:48.0422 0x06d4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:02:48.0443 0x06d4 Spooler - ok
12:02:48.0608 0x06d4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:02:48.0762 0x06d4 sppsvc - ok
12:02:48.0784 0x06d4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:02:48.0814 0x06d4 sppuinotify - ok
12:02:48.0849 0x06d4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:02:48.0884 0x06d4 srv - ok
12:02:48.0911 0x06d4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:02:48.0929 0x06d4 srv2 - ok
12:02:48.0947 0x06d4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:02:48.0959 0x06d4 srvnet - ok
12:02:48.0987 0x06d4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:02:49.0019 0x06d4 SSDPSRV - ok
12:02:49.0032 0x06d4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:02:49.0061 0x06d4 SstpSvc - ok
12:02:49.0075 0x06d4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:02:49.0084 0x06d4 stexstor - ok
12:02:49.0109 0x06d4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:02:49.0136 0x06d4 stisvc - ok
12:02:49.0151 0x06d4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:02:49.0159 0x06d4 swenum - ok
12:02:49.0191 0x06d4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:02:49.0232 0x06d4 swprv - ok
12:02:49.0305 0x06d4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:02:49.0383 0x06d4 SysMain - ok
12:02:49.0399 0x06d4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:02:49.0418 0x06d4 TabletInputService - ok
12:02:49.0465 0x06d4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:02:49.0500 0x06d4 TapiSrv - ok
12:02:49.0520 0x06d4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:02:49.0553 0x06d4 TBS - ok
12:02:49.0632 0x06d4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:02:49.0681 0x06d4 Tcpip - ok
12:02:49.0753 0x06d4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:02:49.0800 0x06d4 TCPIP6 - ok
12:02:49.0824 0x06d4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:02:49.0834 0x06d4 tcpipreg - ok
12:02:49.0866 0x06d4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:02:49.0880 0x06d4 TDPIPE - ok
12:02:49.0902 0x06d4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:02:49.0915 0x06d4 TDTCP - ok
12:02:49.0933 0x06d4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:02:49.0954 0x06d4 tdx - ok
12:02:49.0968 0x06d4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:02:49.0977 0x06d4 TermDD - ok
12:02:50.0024 0x06d4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:02:50.0049 0x06d4 TermService - ok
12:02:50.0073 0x06d4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:02:50.0088 0x06d4 Themes - ok
12:02:50.0115 0x06d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:02:50.0151 0x06d4 THREADORDER - ok
12:02:50.0166 0x06d4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:02:50.0196 0x06d4 TrkWks - ok
12:02:50.0248 0x06d4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:02:50.0281 0x06d4 TrustedInstaller - ok
12:02:50.0309 0x06d4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:02:50.0319 0x06d4 tssecsrv - ok
12:02:50.0346 0x06d4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:02:50.0357 0x06d4 TsUsbFlt - ok
12:02:50.0385 0x06d4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:02:50.0394 0x06d4 TsUsbGD - ok
12:02:50.0419 0x06d4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:02:50.0447 0x06d4 tunnel - ok
12:02:50.0475 0x06d4 [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
12:02:50.0494 0x06d4 TurboB - ok
12:02:50.0529 0x06d4 [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:02:50.0542 0x06d4 TurboBoost - ok
12:02:50.0561 0x06d4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:02:50.0575 0x06d4 uagp35 - ok
12:02:50.0614 0x06d4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:02:50.0648 0x06d4 udfs - ok
12:02:50.0677 0x06d4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:02:50.0689 0x06d4 UI0Detect - ok
12:02:50.0699 0x06d4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:02:50.0708 0x06d4 uliagpkx
|
|
15.08.2015, 11:41
| #12 |
| | ADWARE Spigot.I teil 3 Code:
ATTFilter teil 3 |
|
15.08.2015, 11:58
| #13 |
| | ADWARE Spigot.I teil 4 und letzte Code:
ATTFilter 12:06:29.0651 0x0874 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:06:29.0662 0x0874 uagp35 - ok
12:06:29.0682 0x0874 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:06:29.0718 0x0874 udfs - ok
12:06:29.0745 0x0874 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:06:29.0759 0x0874 UI0Detect - ok
12:06:29.0767 0x0874 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:06:29.0777 0x0874 uliagpkx - ok
12:06:29.0794 0x0874 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:06:29.0806 0x0874 umbus - ok
12:06:29.0822 0x0874 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:06:29.0838 0x0874 UmPass - ok
12:06:30.0003 0x0874 [ EB79C6C91A99930015EF29AE7FA802D1, 96D00BA330854C7763BF385D84D47C3D1B87C4085A91D73B558C86829930DC4B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:06:30.0099 0x0874 UNS - ok
12:06:30.0134 0x0874 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:06:30.0173 0x0874 upnphost - ok
12:06:30.0199 0x0874 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:06:30.0212 0x0874 usbccgp - ok
12:06:30.0229 0x0874 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:06:30.0248 0x0874 usbcir - ok
12:06:30.0273 0x0874 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:06:30.0285 0x0874 usbehci - ok
12:06:30.0329 0x0874 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:06:30.0382 0x0874 usbhub - ok
12:06:30.0413 0x0874 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:06:30.0424 0x0874 usbohci - ok
12:06:30.0454 0x0874 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:06:30.0469 0x0874 usbprint - ok
12:06:30.0501 0x0874 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
12:06:30.0524 0x0874 usbscan - ok
12:06:30.0550 0x0874 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:06:30.0562 0x0874 USBSTOR - ok
12:06:30.0579 0x0874 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:06:30.0593 0x0874 usbuhci - ok
12:06:30.0616 0x0874 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:06:30.0642 0x0874 usbvideo - ok
12:06:30.0673 0x0874 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:06:30.0707 0x0874 UxSms - ok
12:06:30.0713 0x0874 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
12:06:30.0723 0x0874 VaultSvc - ok
12:06:30.0744 0x0874 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:06:30.0754 0x0874 vdrvroot - ok
12:06:30.0780 0x0874 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:06:30.0830 0x0874 vds - ok
12:06:30.0849 0x0874 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:06:30.0862 0x0874 vga - ok
12:06:30.0871 0x0874 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:06:30.0900 0x0874 VgaSave - ok
12:06:30.0916 0x0874 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:06:30.0928 0x0874 vhdmp - ok
12:06:30.0944 0x0874 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:06:30.0952 0x0874 viaide - ok
12:06:30.0966 0x0874 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:06:30.0977 0x0874 volmgr - ok
12:06:30.0994 0x0874 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:06:31.0012 0x0874 volmgrx - ok
12:06:31.0028 0x0874 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:06:31.0045 0x0874 volsnap - ok
12:06:31.0070 0x0874 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:06:31.0081 0x0874 vsmraid - ok
12:06:31.0189 0x0874 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:06:31.0458 0x0874 VSS - ok
12:06:31.0472 0x0874 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:06:31.0484 0x0874 vwifibus - ok
12:06:31.0492 0x0874 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:06:31.0508 0x0874 vwififlt - ok
12:06:31.0530 0x0874 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:06:31.0543 0x0874 vwifimp - ok
12:06:31.0572 0x0874 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:06:31.0617 0x0874 W32Time - ok
12:06:31.0632 0x0874 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:06:31.0646 0x0874 WacomPen - ok
12:06:31.0660 0x0874 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:06:31.0702 0x0874 WANARP - ok
12:06:31.0707 0x0874 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:06:31.0742 0x0874 Wanarpv6 - ok
12:06:31.0811 0x0874 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:06:31.0875 0x0874 WatAdminSvc - ok
12:06:31.0935 0x0874 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:06:32.0033 0x0874 wbengine - ok
12:06:32.0052 0x0874 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:06:32.0073 0x0874 WbioSrvc - ok
12:06:32.0095 0x0874 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:06:32.0119 0x0874 wcncsvc - ok
12:06:32.0130 0x0874 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:06:32.0142 0x0874 WcsPlugInService - ok
12:06:32.0171 0x0874 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:06:32.0187 0x0874 Wd - ok
12:06:32.0256 0x0874 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:06:32.0298 0x0874 Wdf01000 - ok
12:06:32.0327 0x0874 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:06:32.0345 0x0874 WdiServiceHost - ok
12:06:32.0350 0x0874 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:06:32.0362 0x0874 WdiSystemHost - ok
12:06:32.0411 0x0874 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:06:32.0439 0x0874 WebClient - ok
12:06:32.0478 0x0874 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:06:32.0545 0x0874 Wecsvc - ok
12:06:32.0565 0x0874 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:06:32.0594 0x0874 wercplsupport - ok
12:06:32.0609 0x0874 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:06:32.0642 0x0874 WerSvc - ok
12:06:32.0657 0x0874 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:06:32.0685 0x0874 WfpLwf - ok
12:06:32.0716 0x0874 [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:06:32.0728 0x0874 WimFltr - ok
12:06:32.0752 0x0874 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:06:32.0762 0x0874 WIMMount - ok
12:06:32.0777 0x0874 WinDefend - ok
12:06:32.0782 0x0874 WinHttpAutoProxySvc - ok
12:06:32.0857 0x0874 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:06:32.0907 0x0874 Winmgmt - ok
12:06:33.0022 0x0874 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:06:33.0107 0x0874 WinRM - ok
12:06:33.0160 0x0874 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:06:33.0200 0x0874 WinUsb - ok
12:06:33.0351 0x0874 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:06:33.0430 0x0874 Wlansvc - ok
12:06:33.0474 0x0874 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:06:33.0499 0x0874 wlcrasvc - ok
12:06:33.0684 0x0874 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:06:33.0822 0x0874 wlidsvc - ok
12:06:33.0836 0x0874 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:06:33.0846 0x0874 WmiAcpi - ok
12:06:33.0884 0x0874 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:06:33.0900 0x0874 wmiApSrv - ok
12:06:33.0923 0x0874 WMPNetworkSvc - ok
12:06:33.0938 0x0874 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:06:33.0949 0x0874 WPCSvc - ok
12:06:33.0962 0x0874 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:06:33.0976 0x0874 WPDBusEnum - ok
12:06:34.0003 0x0874 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:06:34.0031 0x0874 ws2ifsl - ok
12:06:34.0070 0x0874 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
12:06:34.0105 0x0874 wscsvc - ok
12:06:34.0107 0x0874 WSearch - ok
12:06:34.0234 0x0874 [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
12:06:34.0341 0x0874 wuauserv - ok
12:06:34.0376 0x0874 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:06:34.0397 0x0874 WudfPf - ok
12:06:34.0417 0x0874 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:06:34.0431 0x0874 WUDFRd - ok
12:06:34.0460 0x0874 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:06:34.0473 0x0874 wudfsvc - ok
12:06:34.0500 0x0874 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:06:34.0523 0x0874 WwanSvc - ok
12:06:34.0540 0x0874 ================ Scan global ===============================
12:06:34.0562 0x0874 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:06:34.0590 0x0874 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
12:06:34.0612 0x0874 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
12:06:34.0638 0x0874 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:06:34.0667 0x0874 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:06:34.0675 0x0874 [ Global ] - ok
12:06:34.0676 0x0874 ================ Scan MBR ==================================
12:06:34.0690 0x0874 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:06:35.0093 0x0874 \Device\Harddisk0\DR0 - ok
12:06:35.0101 0x0874 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
12:06:35.0313 0x0874 \Device\Harddisk1\DR1 - ok
12:06:35.0314 0x0874 ================ Scan VBR ==================================
12:06:35.0319 0x0874 [ B64A48BFD40272B21C9532B283E55DD8 ] \Device\Harddisk0\DR0\Partition1
12:06:35.0323 0x0874 \Device\Harddisk0\DR0\Partition1 - ok
12:06:35.0337 0x0874 [ D31C467CF1F7B2D519F8B1565DA2F104 ] \Device\Harddisk0\DR0\Partition2
12:06:35.0342 0x0874 \Device\Harddisk0\DR0\Partition2 - ok
12:06:35.0351 0x0874 [ 6A78BD98A5B6F005E98ABDEA7CCEB705 ] \Device\Harddisk1\DR1\Partition1
12:06:35.0354 0x0874 \Device\Harddisk1\DR1\Partition1 - ok
12:06:35.0355 0x0874 ================ Scan generic autorun ======================
12:06:35.0506 0x0874 [ 29052F387998AF3E5A55A016FF4028D4, 2241E9D3E247BA01DB0C89EAABD6EC74597F6E38220696BC2B916A39F9D1D7B6 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:06:35.0612 0x0874 RtHDVBg - ok
12:06:35.0678 0x0874 [ 0E6C6542856BBD380356983179F859E7, 6519E585348DF1E64B147D682D0962191306FEE57E596ECC5E8BD310C14698F6 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
12:06:35.0712 0x0874 AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
12:06:35.0712 0x0874 AmIcoSinglun64 ( UnsignedFile.Multi.Generic ) - warning
12:06:35.0712 0x0874 Force sending object to P2P due to detect: C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
12:06:35.0716 0x0874 Object send P2P result: false
12:06:35.0716 0x0874 ETDCtrl - ok
12:06:35.0719 0x0874 IntelTBRunOnce - ok
12:06:35.0749 0x0874 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
12:06:35.0764 0x0874 IgfxTray - ok
12:06:35.0789 0x0874 [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
12:06:35.0808 0x0874 HotKeysCmds - ok
12:06:35.0830 0x0874 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
12:06:35.0860 0x0874 Persistence - ok
12:06:35.0918 0x0874 [ 757A595F75E7840A7132EC11E6E6188A, 95085E8B5432F76E0C50D79F74DECAD54662BB32FFDD575BC8CBAC2C79B1C069 ] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe
12:06:35.0956 0x0874 Nuance PDF Reader-reminder - ok
12:06:36.0094 0x0874 [ BD87D5F5D68AC07243010A6F5176F897, D6518C2990DDAE5E88C9BE649B34A09A0C19A2EAA14967B45F6B176E34DC2EEB ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
12:06:36.0181 0x0874 ASUSPRP - detected UnsignedFile.Multi.Generic ( 1 )
12:06:36.0182 0x0874 ASUSPRP ( UnsignedFile.Multi.Generic ) - warning
12:06:36.0262 0x0874 [ BBE8B2B11C5903995802B2565DF4947B, 9C199205C93CD87347B75A0FBDC9BD0304E1B8DDE7EDCEAE5F951D647CEBB2AF ] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe
12:06:36.0317 0x0874 ASUSWebStorage - ok
12:06:36.0559 0x0874 [ 5BB1F77C8AF725A15EC9366498D275BB, 87146A81FB6F313ACF087C72F219CFAA92D4CA456810C49241BD182384B2DAAC ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
12:06:36.0790 0x0874 ATKOSD2 - ok
12:06:36.0840 0x0874 [ 79A3B950988F8D2B81906D0C0473158B, 7D9EDB4F9A4800D31C103CF2BBC93C0F5F31888E93E899C43EC5984B4807C3D8 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
12:06:36.0871 0x0874 ATKMEDIA - ok
12:06:36.0894 0x0874 [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
12:06:36.0905 0x0874 HControlUser - ok
12:06:36.0966 0x0874 [ FD22B00049F775E952371E9C3DAC631B, CBC3BF5DBF3E0D5EA4095F9FE90D8688D43BEF352B657D5EF5D843267ED35388 ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
12:06:37.0027 0x0874 Wireless Console 3 - detected UnsignedFile.Multi.Generic ( 1 )
12:06:37.0027 0x0874 Wireless Console 3 ( UnsignedFile.Multi.Generic ) - warning
12:06:37.0098 0x0874 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
12:06:37.0130 0x0874 UpdateLBPShortCut - ok
12:06:37.0208 0x0874 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
12:06:37.0234 0x0874 UpdateP2GoShortCut - ok
12:06:37.0301 0x0874 [ A7810B302294793DE88542AAE177D1B1, F0EE3684DBEB0AAAD912DC04D060976D1EAE92489E192BAE900FA0F417AD20A7 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
12:06:37.0341 0x0874 ArcSoft Connection Service - ok
12:06:37.0452 0x0874 [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
12:06:37.0497 0x0874 avgnt - ok
12:06:37.0539 0x0874 [ F2BC40E35AB242AA27BCD8FBA9D0B5CB, 4F89E1F57E8E4897D1614DAA852B0CBF7C1FD705641895E874C52377DC3F3403 ] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
12:06:37.0553 0x0874 Avira Systray - ok
12:06:37.0665 0x0874 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:06:37.0720 0x0874 Sidebar - ok
12:06:37.0788 0x0874 [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
12:06:37.0819 0x0874 ISUSPM - ok
12:06:38.0104 0x0874 [ 359CEDC8C822A5566098C6645411D496, 71982B1B158180F34A59E92D7C53DBBC6A26802F11CE01ACA26FE9A4F1C16016 ] C:\Program Files (x86)\Free Download Manager\fdm.exe
12:06:38.0254 0x0874 Free Download Manager - detected UnsignedFile.Multi.Generic ( 1 )
12:06:38.0254 0x0874 Free Download Manager ( UnsignedFile.Multi.Generic ) - warning
12:06:38.0256 0x0874 Software Informer - ok
12:06:38.0286 0x0874 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:06:38.0302 0x0874 mctadmin - ok
12:06:38.0402 0x0874 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:06:38.0441 0x0874 Sidebar - ok
12:06:38.0448 0x0874 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x41000 ( enabled : updated )
12:06:38.0450 0x0874 Win FW state via NFP2: enabled ( trusted )
12:06:38.0450 0x0874 ============================================================
12:06:38.0450 0x0874 Scan finished
12:06:38.0450 0x0874 ============================================================
12:06:38.0455 0x16e8 Detected object count: 5
12:06:38.0455 0x16e8 Actual detected object count: 5
12:06:57.0612 0x16e8 DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:57.0612 0x16e8 DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:06:57.0613 0x16e8 AmIcoSinglun64 ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:57.0613 0x16e8 AmIcoSinglun64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:06:57.0616 0x16e8 ASUSPRP ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:57.0616 0x16e8 ASUSPRP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:06:57.0617 0x16e8 Wireless Console 3 ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:57.0617 0x16e8 Wireless Console 3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:06:57.0618 0x16e8 Free Download Manager ( UnsignedFile.Multi.Generic ) - skipped by user
12:06:57.0618 0x16e8 Free Download Manager ( UnsignedFile.Multi.Generic ) - User select action: Skip
habe nochmal frst gemacht hoffentlich richtig Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
durchgeführt von Traumhexe (Administrator) auf WOLFSBRUT (15-08-2015 12:45:59)
Gestartet von D:\neu v save tv
Geladene Profile: Traumhexe (Verfügbare Profile: UpdatusUser & Traumhexe)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Freemake) C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVC.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\Chrome\fdm_nativehost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-31] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\S-1-5-21-2371498755-3460560373-1758893587-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2371498755-3460560373-1758893587-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-2371498755-3460560373-1758893587-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: IeCatch5 Class -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\FlashGet\Jccatch.dll [2006-05-16] (FlashGet)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-10-25] (FreeDownloadManager.ORG)
BHO-x32: gFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\FlashGet\getflash.dll [2006-09-12] ()
Toolbar: HKLM-x32 - FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\fgiebar.dll [2005-06-07] (Amaze Soft)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{076F9436-173D-460F-8D7B-F61A14913FBB}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Extension: Avira Browser Safety - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\abs@avira.com [2014-09-12]
FF Extension: Flashblock - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-10-21]
FF Extension: WOT - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-10-21]
FF Extension: DownloadHelper - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-10-21]
FF Extension: Translate This! - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2012-10-14]
FF Extension: FlashGot - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012-01-10]
FF Extension: ImTranslator - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2011-11-29]
FF Extension: Adblock Plus - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-02]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-09-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2014-08-13]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [nicht gefunden]
Chrome:
=======
CHR Profile: C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2014-09-04]
CHR Extension: (Beautiful landscape) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2014-05-17]
CHR Extension: (Google Docs) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-05]
CHR Extension: (Google Drive) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-05]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-04-18]
CHR Extension: (YouTube) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-05]
CHR Extension: (Adblock Plus) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-18]
CHR Extension: (Adblock for Youtube™) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-04-18]
CHR Extension: (Google Search) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-05]
CHR Extension: (Gmail) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-05]
CHR HKLM-x32\...\Chrome\Extension: [bbecdmcnlcoebdcidcfdkoimbjkcegbc] - C:\Users\Traumhexe\AppData\Roaming\Browser Extensions\amazonsh_1.0.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-08-13]
CHR HKLM-x32\...\Chrome\Extension: [lahnefkgcakmobpefnkhmbbpacfbmjnc] - C:\Users\Traumhexe\AppData\Roaming\Browser Extensions\be_1.0.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-31] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-31] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-30] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-15 11:53 - 2015-08-15 11:53 - 00037067 _____ C:\Users\Traumhexe\Desktop\Addition.txt
2015-08-15 11:53 - 2015-08-15 11:53 - 00026599 _____ C:\Users\Traumhexe\Desktop\FRST.txt
2015-08-15 11:51 - 2015-08-15 12:46 - 00000000 ____D C:\FRST
2015-08-07 06:03 - 2015-08-15 11:01 - 00029095 _____ C:\Windows\WindowsUpdate.log
2015-07-22 06:01 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-22 06:01 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 06:01 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-22 06:01 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-22 06:01 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-22 06:01 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-22 06:01 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-22 06:01 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-22 06:01 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 06:01 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-15 12:45 - 2014-04-05 17:16 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-15 12:06 - 2013-10-12 15:54 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-15 12:06 - 2013-10-12 15:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-15 12:06 - 2012-10-14 07:30 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-15 12:06 - 2011-11-01 00:34 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-15 11:53 - 2011-02-19 06:24 - 00711546 _____ C:\Windows\system32\perfh007.dat
2015-08-15 11:53 - 2011-02-19 06:24 - 00153736 _____ C:\Windows\system32\perfc007.dat
2015-08-15 11:53 - 2009-07-14 07:13 - 01653060 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-15 07:45 - 2014-04-05 17:16 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-15 04:17 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-15 04:17 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-15 04:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-12 06:47 - 2011-10-01 17:47 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-08-11 17:19 - 2013-12-16 12:13 - 00000000 ____D C:\Users\Traumhexe\AppData\Local\CrashDumps
2015-08-11 17:14 - 2011-10-02 05:57 - 00000154 _____ C:\Users\Traumhexe\AppData\Roaming\default.rss
2015-08-09 08:17 - 2014-12-18 03:40 - 00212175 _____ C:\Users\Traumhexe\Desktop\MultidecoderLog.log
2015-07-31 20:56 - 2014-09-12 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-31 20:55 - 2014-09-12 16:48 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-31 20:55 - 2014-09-12 16:48 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-31 08:56 - 2014-09-12 16:52 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-25 07:26 - 2015-04-04 20:22 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-19 14:22 - 2012-12-15 03:53 - 00000000 ____D C:\Users\Traumhexe\AppData\Local\SMPlayer2
2015-07-16 07:40 - 2014-04-05 17:16 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 07:40 - 2014-04-05 17:16 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 00:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-10-02 05:57 - 2015-08-11 17:14 - 0000154 _____ () C:\Users\Traumhexe\AppData\Roaming\default.rss
2011-11-05 09:49 - 2011-11-05 09:49 - 0000000 _____ () C:\Users\Traumhexe\AppData\Roaming\downloads.m3u
2013-05-12 12:52 - 2013-05-12 12:59 - 0000305 _____ () C:\Users\Traumhexe\AppData\Roaming\profile1
2013-05-12 12:52 - 2013-05-12 12:52 - 0000295 _____ () C:\Users\Traumhexe\AppData\Roaming\profile2
2013-05-12 12:52 - 2013-05-12 12:52 - 0000295 _____ () C:\Users\Traumhexe\AppData\Roaming\profile3
2013-05-12 12:52 - 2013-05-12 12:52 - 0000063 _____ () C:\Users\Traumhexe\AppData\Roaming\profiles
2013-05-12 12:53 - 2013-05-12 12:59 - 0000137 _____ () C:\Users\Traumhexe\AppData\Roaming\top_ten
2011-04-13 04:48 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-07-12 11:15 - 2011-07-12 11:15 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-07-12 11:14 - 2011-07-12 11:14 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Einige Dateien in TEMP:
====================
C:\Users\Traumhexe\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-12 09:20
==================== Ende von Ergebnis ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
durchgeführt von Traumhexe (2015-08-15 12:46:25)
Gestartet von D:\neu v save tv
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2371498755-3460560373-1758893587-500 - Administrator - Disabled)
Gast (S-1-5-21-2371498755-3460560373-1758893587-501 - Limited - Disabled)
Traumhexe (S-1-5-21-2371498755-3460560373-1758893587-1001 - Administrator - Enabled) => C:\Users\Traumhexe
UpdatusUser (S-1-5-21-2371498755-3460560373-1758893587-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
"Nero SoundTrax Help (x32 Version: 4.2.5.0 - Nero AG) Hidden
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}) (Version: 1.8.17.26026 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.17.26026 - Alcor Micro Corp.) Hidden
ArcSoft MediaImpression 2 (HKLM-x32\...\{210E8562-74DA-4D97-945B-88B2ED9C8028}) (Version: 2.0.15.667 - ArcSoft)
ArcSoft PhotoStudio 2000 (HKLM-x32\...\ArcSoft PhotoStudio 2000) (Version: - )
Ashampoo WinOptimizer 6.60 (HKLM-x32\...\Ashampoo WinOptimizer 6_is1) (Version: 6.6.0 - Ashampoo GmbH & Co. KG)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG_Basic (HKLM-x32\...\AsusScr_K3 Series_ENG_Basic) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.6.125 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 3.11 - Piriform)
Color LaserJet 1600 (HKLM-x32\...\HP-Color LaserJet 1600) (Version: - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Der alte Piratenschatz (HKLM-x32\...\Der alte Piratenschatz_is1) (Version: - MMBuilder)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
ETDWare PS/2-X64 8.0.5.0_WHQL (HKLM\...\Elantech) (Version: 8.0.5.0 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.8 - ASUS)
FlashGet(JetCar) (HKLM-x32\...\FlashGet(JetCar)) (Version: - )
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Free Video to Samsung Phones Converter version 5.0.40.514 (HKLM-x32\...\Free Video to Samsung Phones Converter_is1) (Version: 5.0.40.514 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.35.514 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.35.514 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Media Player Utilities 4.35 (HKLM-x32\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.35 - )
Menu Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{205ee360-7f4d-4dc2-bcef-f7e71203785e}) (Version: - Nero AG)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA Grafiktreiber 311.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.44 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.1 - Frank Heindörfer, Philip Chinery)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.9.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6324 - Realtek Semiconductor Corp.)
SoundTrax (x32 Version: 4.4.39.0 - Nero AG) Hidden
Supermarket Management (HKLM-x32\...\Supermarket Management1.1.6) (Version: 1.1.6 - Adnan_Boy 2008)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
XMedia Recode 3.0.3.4 (HKLM-x32\...\XMedia Recode) (Version: 3.0.3.4 - Sebastian Dörfler)
YTD Video Downloader 4.8 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL) <==== ACHTUNG
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
22-07-2015 06:01:46 Windows Update
29-07-2015 15:28:57 Geplanter Prüfpunkt
06-08-2015 09:20:38 Geplanter Prüfpunkt
13-08-2015 11:23:31 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2013-10-28 01:37 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E0734B5-EC46-46AF-A1F5-3E83C135C7DA} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {10D3C11E-FB02-4F6D-9E22-067C7058A9DC} - System32\Tasks\{1911079F-4B58-436B-84D4-B6BA4226C482} => D:\neu v save tv\SoftonicDownloader_fuer_free-download-manager (1).exe
Task: {17D0CB3E-919B-4606-AFA8-C9D3B1DD301E} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {234A6615-3D23-45FF-82D2-AB334128AA31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-05] (Google Inc.)
Task: {2AE2812B-977B-47AA-B4B5-3CCA3A453FA6} - System32\Tasks\{A69E34EA-083D-4B08-8C7B-96923401BF34} => pcalua.exe -a "C:\Windows\Supermarket Management\uninstall.exe" -c "/U:C:\Users\Traumhexe\Desktop\spielerei\Uninstall\uninstall.xml"
Task: {57377C6D-D27A-47E9-9F90-7CE71A12E5DB} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {5C770FB1-0120-4356-9145-83BEBD7EF224} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {69CBC151-FA0D-44AB-A2B8-31795B00D30A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-15] (Adobe Systems Incorporated)
Task: {893910F9-DEFA-41C5-964F-46EA42360B6B} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {AC575EBE-6735-45CC-9BC0-99586FF7F96E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-05] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-05-02 15:14 - 2013-03-14 08:28 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-03 14:36 - 2012-12-06 14:09 - 00136704 _____ () C:\Windows\System32\zlhp1600.dll
2011-04-20 10:18 - 2011-01-27 02:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-09-24 01:53 - 2010-09-24 01:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-04-02 19:21 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2011-07-12 11:11 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 14447630 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avcodec-54.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 01078557 _____ () C:\Program Files (x86)\Freemake\COM\1.1\xvidcore.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 00190990 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avutil-52.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 03028494 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avformat-54.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 00333838 _____ () C:\Program Files (x86)\Freemake\COM\1.1\swscale-2.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 00138766 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avresample-1.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 00234717 _____ () C:\Program Files (x86)\Freemake\COM\1.1\libdvdnav.dll
2014-08-13 15:20 - 2014-07-14 08:18 - 00054182 _____ () C:\Program Files (x86)\Freemake\COM\1.1\libdvdcss-2.dll
2014-06-18 11:24 - 2014-09-24 00:21 - 03553280 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
2014-06-18 11:24 - 2013-10-04 14:15 - 00106496 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll
2015-08-13 08:46 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-13 08:46 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2371498755-3460560373-1758893587-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Traumhexe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{50D76052-134E-46DB-AF8E-63827F883C0F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}] => (Allow) LPort=2869
FirewallRules: [{B827E1C7-5A7A-484C-9653-2FE388A8B888}] => (Allow) LPort=1900
FirewallRules: [{25BDD843-A815-48A8-A216-66D065687049}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}] => (Allow) LPort=5353
FirewallRules: [{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}] => (Allow) LPort=8182
FirewallRules: [{A28B8A88-8E2D-4CDB-9684-C152B3A264C8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{91A16C0F-0402-4FF4-A031-F5366F810DDB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{724F30DE-6523-418B-ADF3-518F1D9E191F}C:\program files (x86)\free download manager\fdmwi.exe] => (Allow) C:\program files (x86)\free download manager\fdmwi.exe
FirewallRules: [UDP Query User{64583947-1565-4DEE-B310-F239B2C75E1B}C:\program files (x86)\free download manager\fdmwi.exe] => (Allow) C:\program files (x86)\free download manager\fdmwi.exe
FirewallRules: [{BF5F4B7D-7248-4E13-89E2-0C295FB302A9}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.exe
FirewallRules: [{A9A03B50-A14A-46E4-8715-6095BF615B45}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
FirewallRules: [{3ED44BDA-132B-4831-9DB7-450B3C27B4F7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{F225C0D1-CBF9-43F3-BA95-BA02BC685F57}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{B01287A9-2F61-4A0F-90E1-A9472A104152}C:\program files (x86)\free download manager\fdm.exe] => (Block) C:\program files (x86)\free download manager\fdm.exe
FirewallRules: [UDP Query User{2A9A2E85-BED7-4FF9-A7C7-2B7D81765A38}C:\program files (x86)\free download manager\fdm.exe] => (Block) C:\program files (x86)\free download manager\fdm.exe
FirewallRules: [{B559086F-779A-46B4-AACA-071C7CD4BD1C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/15/2015 04:32:30 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (08/15/2015 04:32:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Systemfehler:
=============
Error: (08/15/2015 04:04:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/15/2015 04:04:59 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/14/2015 06:00:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/14/2015 06:00:09 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/14/2015 05:58:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/14/2015 05:58:27 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (08/14/2015 05:57:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 14.08.2015 um 17:54:25 unerwartet heruntergefahren.
Error: (08/14/2015 11:34:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/14/2015 11:34:15 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (08/14/2015 11:34:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Microsoft Office:
=========================
Error: (08/15/2015 04:32:30 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
Error: (08/15/2015 04:32:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
4700
CodeIntegrity:
===================================
Date: 2013-10-28 00:37:13.403
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-28 00:37:13.341
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-08 13:06:45.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-08 12:19:37.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8104.16 MB
Verfügbarer physikalischer RAM: 5306.64 MB
Summe virtueller Speicher: 16206.53 MB
Verfügbarer virtueller Speicher: 12925.42 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:121.57 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (DATA) (Fixed) (Total:254.45 GB) (Free:217.05 GB) NTFS
Drive f: () (Removable) (Total:14.81 GB) (Free:14.8 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 38601C96)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=254.5 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 1BF3DBC1)
Partition 1: (Not Active) - (Size=14.8 GB) - (Type=0C)
==================== Ende von Ergebnis ============================
frst64.exe läßt sich nicht verschieben. reicht ne verknüpfung auf desktop oder soll ich es neu runterladen? |
|
15.08.2015, 12:13
| #14 | |||
| /// TB-Ausbilder | ADWARE Spigot.IZitat:
Zitat:
FRST markieren > STRG + c drücken > zum desktop wechseln > STRG + v drücken Zitat:
 |
|
15.08.2015, 12:44
| #15 |
| | ADWARE Spigot.I also jetzt hab ich es auf desktop und im neu v. save tv. also ich les eigentlich gründlich durch, aaaber irgendwo ist mir doch was entgangen sorry vor allen dingen hab ich nicht daran gedacht, daß FDM automatisch alles in den neu v. save tv packt habe den scan nochmal von desktop aus gemacht Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
durchgeführt von Traumhexe (Administrator) auf WOLFSBRUT (15-08-2015 13:31:17)
Gestartet von C:\Users\Traumhexe\Desktop
Geladene Profile: Traumhexe (Verfügbare Profile: UpdatusUser & Traumhexe)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Freemake) C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVC.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-31] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\S-1-5-21-2371498755-3460560373-1758893587-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2371498755-3460560373-1758893587-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-2371498755-3460560373-1758893587-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: IeCatch5 Class -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\FlashGet\Jccatch.dll [2006-05-16] (FlashGet)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-10-25] (FreeDownloadManager.ORG)
BHO-x32: gFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\FlashGet\getflash.dll [2006-09-12] ()
Toolbar: HKLM-x32 - FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\fgiebar.dll [2005-06-07] (Amaze Soft)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{076F9436-173D-460F-8D7B-F61A14913FBB}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Extension: Avira Browser Safety - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\abs@avira.com [2014-09-12]
FF Extension: Flashblock - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-10-21]
FF Extension: WOT - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-10-21]
FF Extension: DownloadHelper - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-10-21]
FF Extension: Translate This! - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2012-10-14]
FF Extension: FlashGot - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012-01-10]
FF Extension: ImTranslator - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2011-11-29]
FF Extension: Adblock Plus - C:\Users\Traumhexe\AppData\Roaming\Mozilla\Firefox\Profiles\s2dv7mhb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-02]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-09-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-10]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2014-08-13]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [nicht gefunden]
Chrome:
=======
CHR Profile: C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2014-09-04]
CHR Extension: (Beautiful landscape) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2014-05-17]
CHR Extension: (Google Docs) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-05]
CHR Extension: (Google Drive) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-05]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-04-18]
CHR Extension: (YouTube) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-05]
CHR Extension: (Adblock Plus) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-18]
CHR Extension: (Adblock for Youtube™) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-04-18]
CHR Extension: (Google Search) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-05]
CHR Extension: (Gmail) - C:\Users\Traumhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-05]
CHR HKLM-x32\...\Chrome\Extension: [bbecdmcnlcoebdcidcfdkoimbjkcegbc] - C:\Users\Traumhexe\AppData\Roaming\Browser Extensions\amazonsh_1.0.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-08-13]
CHR HKLM-x32\...\Chrome\Extension: [lahnefkgcakmobpefnkhmbbpacfbmjnc] - C:\Users\Traumhexe\AppData\Roaming\Browser Extensions\be_1.0.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-31] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-31] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-30] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-15 13:20 - 2015-08-15 11:59 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Traumhexe\Desktop\tdsskiller.exe
2015-08-15 13:19 - 2015-08-15 11:50 - 02173952 _____ (Farbar) C:\Users\Traumhexe\Desktop\FRST64.exe
2015-08-15 13:15 - 2015-08-15 13:15 - 00001068 _____ C:\Users\Traumhexe\Desktop\TDSSKiller.3.1.0.5_15.08.2015_11.59.55_log.txt - Verknüpfung.lnk
2015-08-15 12:54 - 2015-08-15 13:26 - 00000020 ____H C:\Users\Traumhexe\Desktop\sites.sav
2015-08-15 12:54 - 2015-08-15 12:56 - 00000030 ____H C:\Users\Traumhexe\Desktop\downloads.his.sav
2015-08-15 12:54 - 2015-08-15 11:59 - 00576581 ____H C:\Users\Traumhexe\Desktop\history.sav
2015-08-15 12:54 - 2015-08-15 11:59 - 00001880 ____H C:\Users\Traumhexe\Desktop\downloads.sav
2015-08-15 12:54 - 2015-08-15 11:59 - 00000026 ____H C:\Users\Traumhexe\Desktop\dlmgrsi.sav
2015-08-15 12:54 - 2015-08-15 11:38 - 00000024 ____H C:\Users\Traumhexe\Desktop\downloads.del.sav
2015-08-15 12:54 - 2015-05-20 00:30 - 00000034 ____H C:\Users\Traumhexe\Desktop\btdht.sav
2015-08-15 12:54 - 2014-07-14 15:54 - 00000294 ____H C:\Users\Traumhexe\Desktop\groups.sav
2015-08-15 11:52 - 2015-08-15 12:46 - 00037067 _____ C:\Users\Traumhexe\Desktop\Addition.txt
2015-08-15 11:51 - 2015-08-15 13:31 - 00018928 _____ C:\Users\Traumhexe\Desktop\FRST.txt
2015-08-15 11:51 - 2015-08-15 13:31 - 00000000 ____D C:\FRST
2015-08-07 06:03 - 2015-08-15 11:01 - 00029095 ____N C:\Windows\WindowsUpdate.log
2015-07-22 06:01 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-22 06:01 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 06:01 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-22 06:01 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-22 06:01 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-22 06:01 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-22 06:01 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-22 06:01 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-22 06:01 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-22 06:01 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-15 13:28 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-15 13:28 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-15 13:06 - 2013-10-12 15:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-15 12:45 - 2014-04-05 17:16 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-15 12:06 - 2013-10-12 15:54 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-15 12:06 - 2012-10-14 07:30 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-15 12:06 - 2011-11-01 00:34 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-15 11:53 - 2011-02-19 06:24 - 00711546 _____ C:\Windows\system32\perfh007.dat
2015-08-15 11:53 - 2011-02-19 06:24 - 00153736 _____ C:\Windows\system32\perfc007.dat
2015-08-15 11:53 - 2009-07-14 07:13 - 01653060 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-15 07:45 - 2014-04-05 17:16 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-15 04:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-12 06:47 - 2011-10-01 17:47 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-08-11 17:19 - 2013-12-16 12:13 - 00000000 ____D C:\Users\Traumhexe\AppData\Local\CrashDumps
2015-08-11 17:14 - 2011-10-02 05:57 - 00000154 _____ C:\Users\Traumhexe\AppData\Roaming\default.rss
2015-08-09 08:17 - 2014-12-18 03:40 - 00212175 _____ C:\Users\Traumhexe\Desktop\MultidecoderLog.log
2015-07-31 20:56 - 2014-09-12 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-31 20:55 - 2014-09-12 16:48 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-31 20:55 - 2014-09-12 16:48 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-31 08:56 - 2014-09-12 16:52 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-25 07:26 - 2015-04-04 20:22 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-19 14:22 - 2012-12-15 03:53 - 00000000 ____D C:\Users\Traumhexe\AppData\Local\SMPlayer2
2015-07-16 07:40 - 2014-04-05 17:16 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 07:40 - 2014-04-05 17:16 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 00:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-10-02 05:57 - 2015-08-11 17:14 - 0000154 _____ () C:\Users\Traumhexe\AppData\Roaming\default.rss
2011-11-05 09:49 - 2011-11-05 09:49 - 0000000 _____ () C:\Users\Traumhexe\AppData\Roaming\downloads.m3u
2013-05-12 12:52 - 2013-05-12 12:59 - 0000305 _____ () C:\Users\Traumhexe\AppData\Roaming\profile1
2013-05-12 12:52 - 2013-05-12 12:52 - 0000295 _____ () C:\Users\Traumhexe\AppData\Roaming\profile2
2013-05-12 12:52 - 2013-05-12 12:52 - 0000295 _____ () C:\Users\Traumhexe\AppData\Roaming\profile3
2013-05-12 12:52 - 2013-05-12 12:52 - 0000063 _____ () C:\Users\Traumhexe\AppData\Roaming\profiles
2013-05-12 12:53 - 2013-05-12 12:59 - 0000137 _____ () C:\Users\Traumhexe\AppData\Roaming\top_ten
2011-04-13 04:48 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-07-12 11:15 - 2011-07-12 11:15 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-07-12 11:14 - 2011-07-12 11:14 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Einige Dateien in TEMP:
====================
C:\Users\Traumhexe\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-12 09:20
==================== Ende von Ergebnis ============================
durchgeführt von Traumhexe (2015-08-15 13:31:36) Gestartet von C:\Users\Traumhexe\Desktop Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2371498755-3460560373-1758893587-500 - Administrator - Disabled) Gast (S-1-5-21-2371498755-3460560373-1758893587-501 - Limited - Disabled) Traumhexe (S-1-5-21-2371498755-3460560373-1758893587-1001 - Administrator - Enabled) => C:\Users\Traumhexe UpdatusUser (S-1-5-21-2371498755-3460560373-1758893587-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) "Nero SoundTrax Help (x32 Version: 4.2.5.0 - Nero AG) Hidden Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}) (Version: 1.8.17.26026 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.8.17.26026 - Alcor Micro Corp.) Hidden ArcSoft MediaImpression 2 (HKLM-x32\...\{210E8562-74DA-4D97-945B-88B2ED9C8028}) (Version: 2.0.15.667 - ArcSoft) ArcSoft PhotoStudio 2000 (HKLM-x32\...\ArcSoft PhotoStudio 2000) (Version: - ) Ashampoo WinOptimizer 6.60 (HKLM-x32\...\Ashampoo WinOptimizer 6_is1) (Version: 6.6.0 - Ashampoo GmbH & Co. KG) ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS) ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS) ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus) ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.) AsusScr_K3 Series_ENG_Basic (HKLM-x32\...\AsusScr_K3 Series_ENG_Basic) (Version: 1.0.0001 - ASUS) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.6.125 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS) Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG) CCleaner (HKLM\...\CCleaner) (Version: 3.11 - Piriform) Color LaserJet 1600 (HKLM-x32\...\HP-Color LaserJet 1600) (Version: - ) Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation) Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Der alte Piratenschatz (HKLM-x32\...\Der alte Piratenschatz_is1) (Version: - MMBuilder) DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden ETDWare PS/2-X64 8.0.5.0_WHQL (HKLM\...\Elantech) (Version: 8.0.5.0 - ELAN Microelectronic Corp.) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.8 - ASUS) FlashGet(JetCar) (HKLM-x32\...\FlashGet(JetCar)) (Version: - ) Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG) Free Video to Samsung Phones Converter version 5.0.40.514 (HKLM-x32\...\Free Video to Samsung Phones Converter_is1) (Version: 5.0.40.514 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.35.514 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.35.514 - DVDVideoSoft Ltd.) Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Media Player Utilities 4.35 (HKLM-x32\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.35 - ) Menu Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 9 (HKLM-x32\...\{205ee360-7f4d-4dc2-bcef-f7e71203785e}) (Version: - Nero AG) Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.) NVIDIA Grafiktreiber 311.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.44 - NVIDIA Corporation) NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.1 - Frank Heindörfer, Philip Chinery) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.9.0 - Ralink) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6324 - Realtek Semiconductor Corp.) SoundTrax (x32 Version: 4.4.39.0 - Nero AG) Hidden Supermarket Management (HKLM-x32\...\Supermarket Management1.1.6) (Version: 1.1.6 - Adnan_Boy 2008) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS) XMedia Recode 3.0.3.4 (HKLM-x32\...\XMedia Recode) (Version: 3.0.3.4 - Sebastian Dörfler) YTD Video Downloader 4.8 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL) <==== ACHTUNG Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation) גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation) بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation) معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden 適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Wiederherstellungspunkte ========================= 22-07-2015 06:01:46 Windows Update 29-07-2015 15:28:57 Geplanter Prüfpunkt 06-08-2015 09:20:38 Geplanter Prüfpunkt 13-08-2015 11:23:31 Geplanter Prüfpunkt ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2013-10-28 01:37 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0E0734B5-EC46-46AF-A1F5-3E83C135C7DA} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS) Task: {10D3C11E-FB02-4F6D-9E22-067C7058A9DC} - System32\Tasks\{1911079F-4B58-436B-84D4-B6BA4226C482} => D:\neu v save tv\SoftonicDownloader_fuer_free-download-manager (1).exe Task: {17D0CB3E-919B-4606-AFA8-C9D3B1DD301E} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS) Task: {234A6615-3D23-45FF-82D2-AB334128AA31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-05] (Google Inc.) Task: {2AE2812B-977B-47AA-B4B5-3CCA3A453FA6} - System32\Tasks\{A69E34EA-083D-4B08-8C7B-96923401BF34} => pcalua.exe -a "C:\Windows\Supermarket Management\uninstall.exe" -c "/U:C:\Users\Traumhexe\Desktop\spielerei\Uninstall\uninstall.xml" Task: {57377C6D-D27A-47E9-9F90-7CE71A12E5DB} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS) Task: {5C770FB1-0120-4356-9145-83BEBD7EF224} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {69CBC151-FA0D-44AB-A2B8-31795B00D30A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-15] (Adobe Systems Incorporated) Task: {893910F9-DEFA-41C5-964F-46EA42360B6B} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS) Task: {AC575EBE-6735-45CC-9BC0-99586FF7F96E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-05] (Google Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-05-02 15:14 - 2013-03-14 08:28 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-11-03 14:36 - 2012-12-06 14:09 - 00136704 _____ () C:\Windows\System32\zlhp1600.dll 2011-04-20 10:18 - 2011-01-27 02:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2010-09-24 01:53 - 2010-09-24 01:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 2010-04-02 19:21 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll 2011-07-12 11:11 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe 2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2014-08-13 15:20 - 2014-07-14 08:18 - 14447630 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avcodec-54.dll 2014-08-13 15:20 - 2014-07-14 08:18 - 01078557 _____ () C:\Program Files (x86)\Freemake\COM\1.1\xvidcore.dll 2014-08-13 15:20 - 2014-07-14 08:18 - 00190990 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avutil-52.dll 2014-08-13 15:20 - 2014-07-14 08:18 - 03028494 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avformat-54.dll 2014-08-13 15:20 - 2014-07-14 08:18 - 00333838 _____ () C:\Program Files (x86)\Freemake\COM\1.1\swscale-2.dll 2014-08-13 15:20 - 2014-07-14 08:18 - 00138766 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avresample-1.dll 2014-08-13 15:20 - 2014-07-14 08:18 - 00234717 _____ () C:\Program Files (x86)\Freemake\COM\1.1\libdvdnav.dll 2014-08-13 15:20 - 2014-07-14 08:18 - 00054182 _____ () C:\Program Files (x86)\Freemake\COM\1.1\libdvdcss-2.dll 2014-06-18 11:24 - 2014-09-24 00:21 - 03553280 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2371498755-3460560373-1758893587-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Traumhexe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{50D76052-134E-46DB-AF8E-63827F883C0F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}] => (Allow) LPort=2869 FirewallRules: [{B827E1C7-5A7A-484C-9653-2FE388A8B888}] => (Allow) LPort=1900 FirewallRules: [{25BDD843-A815-48A8-A216-66D065687049}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}] => (Allow) LPort=5353 FirewallRules: [{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}] => (Allow) LPort=8182 FirewallRules: [{A28B8A88-8E2D-4CDB-9684-C152B3A264C8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{91A16C0F-0402-4FF4-A031-F5366F810DDB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [TCP Query User{724F30DE-6523-418B-ADF3-518F1D9E191F}C:\program files (x86)\free download manager\fdmwi.exe] => (Allow) C:\program files (x86)\free download manager\fdmwi.exe FirewallRules: [UDP Query User{64583947-1565-4DEE-B310-F239B2C75E1B}C:\program files (x86)\free download manager\fdmwi.exe] => (Allow) C:\program files (x86)\free download manager\fdmwi.exe FirewallRules: [{BF5F4B7D-7248-4E13-89E2-0C295FB302A9}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.exe FirewallRules: [{A9A03B50-A14A-46E4-8715-6095BF615B45}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe FirewallRules: [{3ED44BDA-132B-4831-9DB7-450B3C27B4F7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{F225C0D1-CBF9-43F3-BA95-BA02BC685F57}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [TCP Query User{B01287A9-2F61-4A0F-90E1-A9472A104152}C:\program files (x86)\free download manager\fdm.exe] => (Block) C:\program files (x86)\free download manager\fdm.exe FirewallRules: [UDP Query User{2A9A2E85-BED7-4FF9-A7C7-2B7D81765A38}C:\program files (x86)\free download manager\fdm.exe] => (Block) C:\program files (x86)\free download manager\fdm.exe FirewallRules: [{B559086F-779A-46B4-AACA-071C7CD4BD1C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/15/2015 04:32:30 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Error: (08/15/2015 04:32:29 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Der Index kann nicht initialisiert werden. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Systemfehler: ============= Error: (08/15/2015 04:04:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error: (08/15/2015 04:04:59 AM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (08/14/2015 06:00:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error: (08/14/2015 06:00:09 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (08/14/2015 05:58:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/14/2015 05:58:27 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535. Error: (08/14/2015 05:57:09 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 14.08.2015 um 17:54:25 unerwartet heruntergefahren. Error: (08/14/2015 11:34:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/14/2015 11:34:15 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535. Error: (08/14/2015 11:34:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Microsoft Office: ========================= Error: (08/15/2015 04:32:30 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest Error: (08/15/2015 04:32:29 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) Search.TripoliIndexer Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Search.JetPropStore Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800) Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) The catalog is corrupt Error: (08/14/2015 05:58:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) 4700 CodeIntegrity: =================================== Date: 2013-10-28 00:37:13.403 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-10-28 00:37:13.341 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-03-08 13:06:45.245 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-03-08 12:19:37.329 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz Prozentuale Nutzung des RAM: 29% Installierter physikalischer RAM: 8104.16 MB Verfügbarer physikalischer RAM: 5686.94 MB Summe virtueller Speicher: 16206.53 MB Verfügbarer virtueller Speicher: 13358.96 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:121.59 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)] Drive d: (DATA) (Fixed) (Total:254.45 GB) (Free:217.05 GB) NTFS Drive f: () (Removable) (Total:14.81 GB) (Free:14.8 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 38601C96) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=254.5 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 14.8 GB) (Disk ID: 1BF3DBC1) Partition 1: (Not Active) - (Size=14.8 GB) - (Type=0C) ==================== Ende von Ergebnis ============================][/CODE] komisch, ich hab das rautezeichen benutzt, aber das untere ist nicht in gelb. |
|
| Themen zu ADWARE Spigot.I |
| adware, antivirus, appdata, archive, avira, browser, coupons, dateien, eingefangen, fehler, folge, fund, gen, hinweis, infizierte, meldung, neustart, programme, roaming, spiele, startpage, suche, temp, viren, warnung, zugriff |
Linear-Darstellung
