| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ordner sind jetzt scr Dateien!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.08.2015, 17:13
| #1 |
| |  Ordner sind jetzt scr Dateien! Hallo an Alle! Mein Problem: Meine ganzen Ordner, sowohl auf meiner C-Festplatte, als auch auf meine Partion-D-Festplatte sind jetzt scr-Dateien, Bildschirmschoner. Immer wenn ich ein neuen Ordner erstelle, wandelt er sich in kürze in eine scr Datei um. Habe ich mir ein Virus, Tojaner, oder ähnliches eingefangen? Ich habe riskanterweise jahrelang kein Antivirus-progamm oder ähnliches laufen lassen. Nur Windows 7 Firewall Control, als Firewall benutzt. Kriege ich dieses Problem weg, ohne C formatieren zu müssen? Bzw. wenn ich Festplatte C formatiere, sind die Ordner auf der D-Festplatte vom Problem befreit? Wie kriege ich denn meine Daten gesichert? sobald ich ein USB-Stick anschliesse, und ein Ordner erstelle, wandelt er sich ebenfalls sofort in eine scr-Datei. Fotos, Videos, und selbst erstellte Dateien(Word,Excel,...) scheinen nicht direkt betroffen zu sein. Ich könnte sie ohne Ordnerstruktur auf externe Festplatte speichern, habe aber dann ein Dateien-Salat. Mir fällt sonst nichts ein. Ich muss irgendwie die Daten mit Ordner sichern können. Wenn ich ausgeblendete Ordner sichtbar mache, dann sind alle Ordner nochmal in versteckter Weise doppelt vorhanden. lassen sich aber nicht sichtbar machen. Ich bitte Euch um Hilfe, und bedanke mich schon mal im voraus. Mein PC: windows7, 64-bit, Intel-i7, 2 Partionen: C=Betriebssystem, D=private Daten |
|
18.08.2015, 18:08
| #2 |
| /// the machine /// TB-Ausbilder    | Ordner sind jetzt scr Dateien! hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
18.08.2015, 18:27
| #3 |
| | Ordner sind jetzt scr Dateien!Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
durchgeführt von sv-sos (Administrator) auf SV-SOS-VAIO (18-08-2015 19:17:53)
Gestartet von C:\Users\sv-sos\Downloads
Geladene Profile: sv-sos (Verfügbare Profile: sv-sos)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AuthenTec, Inc) C:\Program Files\TrueSuite\TrueSuite.Service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Firebird Project) C:\Audatex\Firebird_2_1\bin\fbguard.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(Octoshape ApS) C:\Users\sv-sos\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AuthenTec Inc.) C:\Program Files\TrueSuite\TrueSuite.TouchControl.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(AVM Berlin) C:\Users\sv-sos\AppData\Local\Apps\2.0\YT6M67N0.JOA\W8148AB0.VXY\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Firebird Project) C:\Audatex\Firebird_2_1\bin\fbserver.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com
() C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-11-10] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2772264 2011-06-15] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2012-01-04] (Intel(R) Corporation)
HKLM\...\Run: [Windows7FirewallControl] => C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1126400 2012-04-12] (Sphinx Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [60552 2011-09-20] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Filme_auf_DVD_7_TerraTec_Edition\TrayServer.exe [90112 2008-01-17] (MAGIX AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-07-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\Run: [Octoshape Streaming Services] => C:\Users\sv-sos\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\Run: [] => [X]
HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\sv-sos\AppData\Local\Apps\2.0\YT6M67N0.JOA\W8148AB0.VXY\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2013-02-20] (AVM Berlin)
HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\Run: [d0430daa7990795ed945471b6f6bbd76] => "C:\Users\sv-sos\AppData\Local\d0430daa7990795ed945471b6f6bbd76.exe"
HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com [2013-12-12] ()
Startup: C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com [2013-12-12] ()
Startup: C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AudaUpdate.lnk [2013-11-07]
ShortcutTarget: AudaUpdate.lnk -> C:\Audatex\AudaUpdate\AudaUpdt.exe (Audatex (Switzerland) GmbH, Zurich)
Startup: C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update Loader.lnk [2013-11-07]
ShortcutTarget: Update Loader.lnk -> C:\Audatex\AUDAFUSION\AUDAFUSION\AEUL.exe (Exsoft GmbH)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-3196472479-254760899-211853663-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-3196472479-254760899-211853663-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-3196472479-254760899-211853663-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3196472479-254760899-211853663-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3196472479-254760899-211853663-1001 -> {191B2F90-8E79-4C4D-806E-73B46A3B8066} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q112&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3196472479-254760899-211853663-1001 -> {1C7554A7-0018-4EE6-A58F-A08A5F75CDF8} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: TrueSuite WebStore -> {5cb2b77d-c8ca-44db-af20-a7a4df462a12} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\TrueSuite\TrueSuite.IEBHO.dll [2011-04-26] (AuthenTec Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-01-11] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: TrueSuite WebStore -> {5cb2b77d-c8ca-44db-af20-a7a4df462a12} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\TrueSuite\x86\TrueSuite.IEBHO.dll [2011-04-26] (AuthenTec Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3196472479-254760899-211853663-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9870E344-050F-40E7-B865-276F51B760EC}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BB3A6402-46B9-4049-A37A-FD35928C3B4D}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: www.google.de
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll [2013-06-02] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2012-01-11] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll [2013-06-02] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-05-16] ( )
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin HKU\S-1-5-21-3196472479-254760899-211853663-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\sv-sos\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-3196472479-254760899-211853663-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\sv-sos\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Users\sv-sos\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-22] (Octoshape ApS)
FF SearchPlugin: C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\searchplugins\11-suche.xml [2013-07-31]
FF SearchPlugin: C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\searchplugins\englische-ergebnisse.xml [2013-07-31]
FF SearchPlugin: C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\searchplugins\gmx-suche.xml [2013-07-31]
FF SearchPlugin: C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\searchplugins\lastminute.xml [2013-07-31]
FF SearchPlugin: C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\searchplugins\webde-suche.xml [2013-07-31]
FF Extension: Print pages to PDF - C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\Extensions\printPages2Pdf@reinhold.ripper [2015-06-01]
FF Extension: ZenMate Security, Privacy & Unblock VPN - C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\Extensions\firefox@zenmate.com.xpi [2015-07-16]
FF Extension: ProxTube - Unblock YouTube - C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: Save as PDF - C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2012-05-25]
FF Extension: All-in-One Sidebar - C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2012-05-25]
FF Extension: Flagfox - C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: Multirow Bookmarks Toolbar Plus - C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\Extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi [2012-05-25]
FF Extension: Video DownloadHelper - C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-01]
FF Extension: Tab Mix Plus - C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2012-05-25]
FF Extension: Multirow Bookmarks Toolbar - C:\Users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\Extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.xpi [2012-05-25]
FF Extension: TrueSuite Website Log On - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon_toolbar@truesuite.com [2015-08-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-01-11]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [oiokdoppleiafjmfmggefbkghfblaplo] - C:\Program Files\TrueSuite\x86\tschrome.crx [2010-11-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-07-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-11-14] (Intel Corporation) [Datei ist nicht signiert]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1355840 2011-11-14] (Intel Corporation) [Datei ist nicht signiert]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-11-14] (Intel Corporation) [Datei ist nicht signiert]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert]
R2 FirebirdGuardianDefaultInstance; C:\audatex\Firebird_2_1\bin\fbguard.exe [81920 2008-06-13] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerDefaultInstance; C:\audatex\Firebird_2_1\bin\fbserver.exe [2723840 2008-06-13] (Firebird Project) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert]
R2 FPLService; C:\Program Files\TrueSuite\TrueSuite.Service.exe [294216 2011-04-26] (AuthenTec, Inc)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2011-10-24] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2012-01-04] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [260768 2011-11-30] (Sony Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [760320 2012-04-12] (Sphinx Software) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138360 2012-03-27] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138360 2012-03-27] (SlySoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-02-20] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-11] (DT Soft Ltd)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2010-05-20] (Paragon Software Group)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 19:17 - 2015-08-18 19:18 - 00027455 _____ C:\Users\sv-sos\Downloads\FRST.txt
2015-08-18 19:17 - 2015-08-18 19:18 - 00000000 ___HD C:\FRST
2015-08-18 19:14 - 2015-08-18 19:14 - 02173440 _____ (Farbar) C:\Users\sv-sos\Downloads\FRST64.exe
2015-08-18 16:37 - 2015-08-18 16:37 - 00000000 ___HD C:\AllShare - Kopie
2015-08-18 12:20 - 2015-08-18 12:30 - 00001084 _____ C:\Users\Public\Desktop\Avira.lnk
2015-08-18 12:20 - 2015-08-18 12:20 - 00000000 ____D C:\Users\sv-sos\AppData\Roaming\Avira
2015-08-18 12:18 - 2015-08-18 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-18 12:16 - 2015-08-18 12:20 - 00000000 ____D C:\ProgramData\Avira
2015-08-18 12:16 - 2015-08-18 12:20 - 00000000 ____D C:\Program Files (x86)\Avira
2015-08-18 12:16 - 2015-07-15 08:37 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-08-18 12:16 - 2015-07-15 08:37 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-08-18 12:16 - 2015-07-15 08:37 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-08-18 12:16 - 2015-07-15 08:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-08-18 12:11 - 2015-08-18 12:13 - 205012312 _____ C:\Users\sv-sos\Downloads\avira_antivirus_de-de_15.0.12.408.exe
2015-08-18 11:43 - 2015-08-18 11:43 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-18 11:43 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-18 11:27 - 2015-08-18 12:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-18 11:27 - 2015-08-18 11:43 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-18 11:27 - 2015-08-18 11:27 - 00001355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-08-18 11:27 - 2015-08-18 11:27 - 00001343 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-08-18 11:27 - 2015-08-18 11:27 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-18 11:27 - 2015-08-18 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-08-18 11:27 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-08-18 11:23 - 2015-08-18 11:24 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\sv-sos\Downloads\spybot-2.4.exe
2015-08-18 00:26 - 2015-08-18 02:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-21 01:12 - 2015-07-21 01:21 - 00000000 ____D C:\Users\sv-sos\Desktop\TI-Schwimmvideos-18.07.15
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 17:10 - 2012-08-18 11:05 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196472479-254760899-211853663-1001UA.job
2015-08-18 14:24 - 2012-05-07 22:19 - 01205896 _____ C:\Windows\WindowsUpdate.log
2015-08-18 12:35 - 2012-01-11 04:35 - 00697082 _____ C:\Windows\system32\perfh007.dat
2015-08-18 12:35 - 2012-01-11 04:35 - 00148346 _____ C:\Windows\system32\perfc007.dat
2015-08-18 12:35 - 2009-07-14 07:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-18 12:34 - 2009-07-14 06:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-18 12:34 - 2009-07-14 06:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-18 12:30 - 2015-05-20 00:16 - 00000000 ___HD C:\ProgramData\Package Cache
2015-08-18 12:29 - 2013-04-14 15:24 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2015-08-18 12:29 - 2012-05-11 02:40 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-08-18 12:28 - 2015-05-20 18:34 - 00061560 _____ C:\Windows\avmacc.log
2015-08-18 12:28 - 2015-05-20 00:17 - 00000408 _____ C:\Windows\Tasks\simplitec Service Provider.job
2015-08-18 12:27 - 2015-05-20 18:34 - 00011812 _____ C:\Windows\setupact.log
2015-08-18 12:27 - 2015-05-20 18:33 - 00164434 _____ C:\Windows\PFRO.log
2015-08-18 12:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-18 11:44 - 2012-05-25 22:59 - 00000000 ____D C:\Users\sv-sos\AppData\Roaming\vlc
2015-08-18 11:10 - 2012-08-18 11:05 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196472479-254760899-211853663-1001Core.job
2015-08-18 10:40 - 2012-06-08 01:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-20 00:18 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Adobe .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\ATI .scr
2015-05-19 23:53 - 2015-05-19 23:53 - 0000426 _____ () C:\Program Files\Autoexec.bat
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Bonjour .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Common Files .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\DIFX .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\DVD Maker .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Fingerprint Sensor .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Firebird_2_1 .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Gemeinsame Dateien .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\GIMP 2 .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\HP .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\iLoad .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Intel .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Internet Explorer .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\iPod .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\iTunes .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Java .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\MAGIX .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Microsoft Office .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Microsoft Silverlight .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\MSBuild .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\RawTherapee-4.0.12.113 .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Realtek .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Recuva .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Reference Assemblies .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Sony .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Synaptics .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\TrueSuite .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Uninstall Information .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Windows Defender .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Windows Journal .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Windows Live .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Windows Mail .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Windows Media Player .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Windows NT .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Windows Photo Viewer .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Windows Portable Devices .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Windows Sidebar .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\Windows7FirewallControl .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\Program Files\WinRAR .scr
2012-11-24 23:10 - 2012-12-16 21:47 - 0000132 _____ () C:\Users\sv-sos\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-04-21 14:13 - 2014-04-21 14:13 - 0000874 _____ () C:\Users\sv-sos\AppData\Local\recently-used.xbel
2012-05-31 00:50 - 2012-06-17 01:12 - 0000125 ___SH () C:\ProgramData\.zreglib
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Adobe .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\ALM .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Anwendungsdaten .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Apple .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Apple Computer .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Application Data .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\ArcSoft .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\ATI .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Audatex .scr
2015-05-20 00:42 - 2015-05-20 00:42 - 0000426 _____ () C:\ProgramData\Autoexec.bat
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Canneverbe Limited .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\createpart .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\DAEMON Tools Lite .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Desktop .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Documents .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Dokumente .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Downloaded Installations .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Evernote .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\explauncher .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Favoriten .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Favorites .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\HP .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Intel .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\iolo .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\launcher .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\MAGIX .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\McAfee .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Microsoft .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Microsoft Help .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Mozilla .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Nokia .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\NokiaInstallerCache .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Oracle .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Package Cache .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\PC Suite .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Real .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\regid.1986-12.com.adobe .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Roaming .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Rosetta Stone .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\simplitec .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Skype .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\SlySoft .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Sony Corporation .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Start Menu .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Startmenü .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Sun .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\TEMP .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Templates .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\TrueSuite .scr
2013-12-12 18:06 - 2012-03-01 10:19 - 0118784 ____R () C:\ProgramData\Vorlagen .scr
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Autoexec.bat
Einige Dateien in TEMP:
====================
C:\Users\sv-sos\AppData\Local\Temp\AEUL.EXE
C:\Users\sv-sos\AppData\Local\Temp\avgnt.exe
C:\Users\sv-sos\AppData\Local\Temp\GDS32.DLL
C:\Users\sv-sos\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2014-07-12 21:41
==================== Ende von Ergebnis ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-08-2015
durchgeführt von sv-sos (2015-08-18 19:19:57)
Gestartet von C:\Users\sv-sos\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3196472479-254760899-211853663-500 - Administrator - Disabled)
Gast (S-1-5-21-3196472479-254760899-211853663-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3196472479-254760899-211853663-1002 - Limited - Enabled)
sv-sos (S-1-5-21-3196472479-254760899-211853663-1001 - Administrator - Enabled) => C:\Users\sv-sos
W7FirewallControl (S-1-5-21-3196472479-254760899-211853663-1007 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat X Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19460 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Design Premium (HKLM-x32\...\{60E59A6C-7399-495A-B85C-C829F4E59602}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x64) (HKLM\...\{A10EE46B-C2E8-4FAB-A8F8-3E80D0662BA9}) (Version: 11.0.1.152 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.0.4.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aquamarin Haushaltsbuch 2.9.2 b (HKLM-x32\...\{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1) (Version: - makasy.com)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{B77DE05C-7C84-4011-B93F-A29D0D2840F4}) (Version: 4.0.21.457 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{B092BB55-6CE5-A4D7-1A24-13B68C8A1911}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AudaFusion (HKLM-x32\...\{3227AC4E-FCA2-4CC0-8123-C5EF8285C266}) (Version: 2.2.45 - Audatex Deutschland GmbH)
AudaPen/AudaStation v.2.85 (Remove Only) (HKLM-x32\...\{FE58DBD8-129B-11D7-8D51-005056CAD6CB}) (Version: 2.85.1.12 - Audatex)
AuthenTec TrueSuite (HKLM\...\{81B43AC9-B334-45D0-8D15-0A3642AFBDA1}) (Version: 4.0.100.26 - AuthenTec, Inc.)
AuthenTec WinBio FingerPrint Software (HKLM\...\{20F5F93B-9A27-4508-87B0-BFD7494FBEC4}) (Version: 3.1.0.80 - AuthenTec, Inc.)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3184 - CDBurnerXP)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dvr CMS (HKLM-x32\...\Dvr CMS) (Version: - )
EaseUS Data Recovery Wizard 5.6.5 (HKLM-x32\...\EaseUS Data Recovery Wizard 5.6.5_is1) (Version: - EaseUS)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Firebird 2.1.1.17910 (Win32) (HKLM-x32\...\FBDBServer_2_1_is1) (Version: 2.1.1.17910 - Firebird Project)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\f018cf21c0452c64) (Version: 2.3.0.2 - AVM Berlin)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Grabby Driver Installation (64 Bit) (HKLM-x32\...\{90CA4931-4A1F-4D30-A60B-C2BBFD53D30F}) (Version: 5.09.1202.00 - TERRATEC Electronic GmbH)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{E0FE1E14-3A7A-4DB0-9FFA-0DD945AE84DB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iLoad (HKLM\...\{EBAA339B-9F18-40C8-90DD-10E57A373DB2}) (Version: 5.24.0 - Paloma Networks, Inc.)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{077BF055-512A-4D48-B3C2-44AD860FEB0A}) (Version: 1.3.0.0621 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{E7DC06A3-8516-4929-B712-80987AFFFB57}) (Version: 14.03.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Java(TM) 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kies Air Discovery Service (HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\Kies Air Discovery Service) (Version: - Samsung)
KingBill 2011 (HKLM-x32\...\{75C213E2-3C88-4269-B9C4-6EE69382FB2F}) (Version: 6.2.5 - KingBill GmbH)
KingNotes 3.6 (HKLM-x32\...\{803DDB48-1573-469A-97A9-73D2FD47BE36}) (Version: 3.6.1 - KingBill GmbH)
KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
MAGIX Filme auf DVD TerraTec Edition 7.0.3.8 (D) (HKLM-x32\...\MAGIX Filme auf DVD TerraTec Edition D) (Version: 7.0.3.8 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{FBE6F998-E9A0-4A15-974B-6592DCEEE7AC}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Demo) (HKLM\...\MX.{42A357FC-1256-4413-8425-CE7DB166D57B}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium (Demo) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (HKLM\...\MX.{EAC79752-A0A4-45DB-9F99-9F6445920F77}) (Version: 14.0.0.140 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium (Überblendeffekte) (HKLM\...\MX.{093884CE-A062-43DE-9125-90309EFF6BF2}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium (Überblendeffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Version: 14.0.0.140 - MAGIX Software GmbH) Hidden
MAGIX Web Designer 7 Premium Content Pack (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Web Designer 7 Premium Download-Version (x32 Version: 7.0.4.16490 - MAGIX AG) Hidden
MAGIX Web Designer MX Premium (HKLM-x32\...\MAGIX_{4D5A1C12-2F7B-4A67-B186-ECAE22EF4FCB}) (Version: 8.0.2.21761 - MAGIX AG)
MAGIX Web Designer MX Premium (Version: 8.0.2.21761 - MAGIX AG) Hidden
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
Media Go (HKLM-x32\...\{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}) (Version: 2.0.317 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MetaTrader 4 (HKLM-x32\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Minderwert (HKLM-x32\...\{A3C2266A-85AE-43DA-A5F6-56363B82A87A}) (Version: - )
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.4.49.0 - Nokia)
Nokia Suite (x32 Version: 3.4.49.0 - Nokia) Hidden
Octoshape Streaming Services (HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
OpticalSmartHub (HKLM-x32\...\OpticalSmartHub) (Version: - )
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Paragon Partition Manager™ 11 Professional (HKLM-x32\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.5.15.13232 - Sony Computer Entertainment Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PYV_x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.8.1 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.8.1 - Sony Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RawTherapee Version 4.0.12 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 4.0.12 - rawtherapee.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6487 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.82 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.0 - Renesas Electronics Corporation) Hidden
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
simpliclean (HKLM-x32\...\simplitec POWER SUITE_is1) (Version: 1.5.2.2 - simplitec GmbH)
Skype™ 6.7 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.7.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.2.4 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO Care (HKLM\...\{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}) (Version: 7.3.0.14170 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.1.3.12120 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.8.0.09210 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.8.0.09210 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.1.12200 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.1.12200 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.1.09230 - Sony Corporation)
VAIO Gate (x32 Version: 2.4.1.09230 - Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.5.1.09230 - Sony Corporation)
VAIO Hero Screensaver - Fall 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Fall 2011 Screensaver) (Version: - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.10.0.09300 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.6.0.10270 - Sony Corporation)
VAIO Update Merge Module x64 (Version: 5.6.10270 - Sony Corporation) Hidden
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.5.0.09200 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.6.0.09220 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Microsoft) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WebRipper 1.33 (HKLM-x32\...\WebRipper) (Version: 1.33 - SamsonSoft)
Win2PDF 2.55 (HKLM-x32\...\Win2PDF_is1) (Version: 2.55 - Dane Prairie Systems, LLC.)
Win2PDF 3.43.5 (HKLM\...\Win2PDF_is1) (Version: 3.43.5 - Dane Prairie Systems, LLC.)
Win2PDF Font Helper 1.22 (GPL Ghostscript 8.62) (HKLM\...\Win2PDF Font Helper_is1) (Version: - )
WinDirStat 1.1.2 (HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows7FirewallControl (x64) 5.0.0.15 (HKLM\...\Windows7FirewallControl_is1) (Version: 5.0.0.15 - Sphinx Software)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - TERRATEC (USB28xxBGA) Media (03/16/2010 5.09.1202.00) (HKLM\...\22B1739EAEA711117281C678C9005F17A0D9D420) (Version: 03/16/2010 5.09.1202.00 - TERRATEC )
Windows-Treiberpaket - TERRATEC (emAudio) Media (03/16/2010 5.09.1202.00) (HKLM\...\0812DA72EAD4FBFA883430ED6EC04AC1F88DBBAD) (Version: 03/16/2010 5.09.1202.00 - TERRATEC)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wondershare Data Recovery(Build 4.2.0.0) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 4.2.0.0 - Wondershare Software Co.,Ltd.)
Xerox Support Centre (HKLM\...\Xerox_Support_Centre) (Version: - )
XNote Stopwatch (HKLM-x32\...\XNote Stopwatch) (Version: 1.66 - dnSoft Research Group)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02D1CE1F-0FF2-4CB9-8FAE-038B662FE114} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1196A000-9C84-4ABB-84A5-617715E1EC98} - \YourFile Update -> Keine Datei <==== ACHTUNG
Task: {152FE0B8-CC56-4353-AC0D-9213F72AF56F} - System32\Tasks\simplitec Service Provider => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe [2014-03-05] (simplitec GmbH)
Task: {1FB965CB-3F46-4348-98DD-56051F1F6C0B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-12-12] (Sony Corporation)
Task: {2A8EBD14-9685-4B9E-883E-07D96ADF1DC5} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {2B4D74B8-4923-4436-96FA-B49EA6DE2D29} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {3971CC83-B484-45EC-95F5-82F9ED82555A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {41321A21-8791-4604-9C95-E23C61EF11D8} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-05-08] (Sony Corporation)
Task: {45DD7D81-FDBA-466D-AA67-35973DC5E7D3} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {4F962CF0-57B1-40AF-AABB-5CF22A230361} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {5D347AE9-11B0-48FA-8BC1-7022D283FE26} - System32\Tasks\AdobeAAMUpdater-1.0-sv-sos-VAIO-sv-sos => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30] (Adobe Systems Incorporated)
Task: {620545AC-9EF8-4D5E-9595-D520F332549B} - System32\Tasks\Sony Corporation\VAIO Care\VAU => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {66862F21-AB08-48F9-8F27-7616F9F4B2FD} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {6D744DE2-B40C-4004-AB14-04EBBB474786} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {74824715-A120-48B4-BE46-FC0F527ECAE0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3196472479-254760899-211853663-1001Core => C:\Users\sv-sos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-18] (Facebook Inc.)
Task: {7EDCAA2E-615C-4508-B28E-F6ED56672B5D} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {8649424D-44A4-4902-84A7-C23053E58B1A} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-09-20] (Sony Corporation)
Task: {8691551E-441C-4038-A09A-7E3DDBDD67DD} - System32\Tasks\{8262EEDD-DEE4-4357-B1C3-D27F1E3B1E78} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.3.0.105&LastError=12029
Task: {8B545845-25A8-450D-9802-0A173F0D05AC} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => net
Task: {A0F97F5F-32C9-482A-B87D-B6939DB685A1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-05-11] ()
Task: {A67C608A-71DE-44BC-8068-A2E99D925B2A} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {B6D45C6E-72BF-4AF4-A10F-A4C22AD47EF9} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-09-20] (Sony Corporation)
Task: {BE390F3E-8E90-4242-9C8D-1A4FCC01393A} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-09-27] (Sony Corporation)
Task: {BF04A8CE-90C2-4533-9B8D-F5BAC3A0E4A8} - System32\Tasks\Sony Corporation\VAIO Care\AutoCheckMessage => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {CEF9A6ED-385C-4036-9F1B-4D0936ED5C6C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3196472479-254760899-211853663-1001UA => C:\Users\sv-sos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-18] (Facebook Inc.)
Task: {EA1CA982-E96C-46AE-A6E1-9423FCBDC003} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-09-20] (Sony Corporation)
Task: {F291AD48-335D-4470-949B-9FD690645328} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-12-12] (Sony Corporation)
Task: {F39541A9-CE86-4E7F-80DE-571F3A640075} - System32\Tasks\{0E681363-D8AE-45AB-A5AB-4B6118F6911D} => pcalua.exe -a C:\Users\sv-sos\Downloads\mt4setup.exe -d C:\Users\sv-sos\Downloads
Task: {FB6367CE-1DC1-4C6A-A1B8-C398EDDCC542} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe [2014-03-05] (simplitec GmbH)
Task: {FDC9151C-F625-4C7F-944B-2CFF446C7955} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {FFEDA2C4-5DBD-4262-8750-EBDA6904F416} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196472479-254760899-211853663-1001Core.job => C:\Users\sv-sos\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196472479-254760899-211853663-1001UA.job => C:\Users\sv-sos\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: C:\Windows\Tasks\simplitec Service Provider.job => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-01-04 11:28 - 2012-01-04 11:28 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-06-06 17:24 - 2009-03-17 12:29 - 00075056 _____ () C:\Windows\System32\win2pdfm.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-10-31 04:25 - 2011-10-28 03:58 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-01-04 11:28 - 2012-01-04 11:28 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-04-11 17:04 - 2011-04-11 17:04 - 00016384 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-10-11 07:55 - 2011-10-11 07:55 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00276992 _____ () C:\Program Files\Sony\VAIO Care\READ\RecoveryPartitionManagerREAD.dll
2013-12-12 18:06 - 2012-03-01 10:19 - 00118784 _____ () C:\USERS\SV-SOS\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\Adobe update.com
2013-12-12 18:06 - 2012-03-01 10:19 - 00118784 _____ () C:\USERS\SV-SOS\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\Adobe Online.com
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-18 11:27 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-08-18 11:27 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-08-18 11:27 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-05-20 00:16 - 2014-03-05 14:17 - 00150816 _____ () C:\Program Files (x86)\simplitec\simpliclean\modules\common\asp_ipc32.dll
2015-05-20 00:16 - 2014-03-05 14:16 - 00009504 _____ () C:\Program Files (x86)\simplitec\simpliclean\language\ServiceProvider_de.dll
2015-05-20 00:16 - 2014-03-05 14:16 - 00010528 _____ () C:\Program Files (x86)\simplitec\simpliclean\modules\BrowsercleanerModule\BrowsercleanerModule_de.dll
2012-01-11 05:13 - 2011-12-12 20:36 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2015-08-18 11:27 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-08-18 11:27 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-11-20 17:30 - 2012-11-20 17:30 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae136247d7bf2a93e9470640c56ed488\IsdiInterop.ni.dll
2012-01-11 04:53 - 2011-05-20 11:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-03-01 09:19 - 2012-03-01 09:19 - 01388544 ___RH () C:\Windows\Thumbs .db
2015-08-18 11:27 - 2014-04-25 14:11 - 02972112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll
2015-05-25 02:08 - 2015-05-25 02:08 - 03350640 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-05-25 02:08 - 2015-05-25 02:08 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-05-25 02:08 - 2015-05-25 02:08 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3196472479-254760899-211853663-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: BBSvc => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: ClientAppLogon => C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe
MSCONFIG\startupreg: ClientAppLogon32 => C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\sv-sos\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: McAfeeWrapperApplication => "C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe"
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A2CBFCCA-4EAA-44DC-828F-77CD7929882C}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{D0027844-D712-494C-A72D-B29E2F2F67D2}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{4B22A1AA-4009-4FD2-BDBB-35BE630F0235}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DC79F776-0123-4CD1-98BC-70724246C0D4}] => (Allow) LPort=2869
FirewallRules: [{F0702EA8-B827-4030-B86F-7F13FEBAAB08}] => (Allow) LPort=1900
FirewallRules: [{01022D27-9CAA-4BC8-A361-5406C38C1515}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{03243BF2-1825-4512-B203-A843C77BB10B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{C4C886B4-FD2C-4328-92EE-1146C9A87521}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{059A095D-1D22-4D78-B13C-7720D0A79CD1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{1CBE7629-BA8C-46B8-8187-B016A1BF4144}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{8D8A86C5-1FD1-415E-B26B-7E5E7C5A109E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{50869505-7F35-4602-BB08-E6630A751884}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{98ADB0A2-52F2-4814-8C21-BD4C5F77ED13}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{F30AFF0F-C876-4D99-8953-892C43CE0239}C:\users\sv-sos\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\sv-sos\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{5722DC37-733F-4C65-82B1-7CCED2F048C3}C:\users\sv-sos\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\sv-sos\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{AADBFCB2-0390-4000-B28D-5D00368DAF98}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{64FCC01C-9C8B-4473-B079-6389A66E0A57}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{0D80B494-E039-4769-B39A-72A2CCF9FECE}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [TCP Query User{9DE6692E-75F1-45E4-BE29-41FB7BC83745}C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\catsysdemon.exe] => (Block) C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\catsysdemon.exe
FirewallRules: [UDP Query User{6633FE1B-D8DB-4C5C-B3CF-B0F8C1C02589}C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\catsysdemon.exe] => (Block) C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\catsysdemon.exe
FirewallRules: [TCP Query User{6C155C84-A3D6-47FC-AE2C-F607F476F460}C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\cnext.exe] => (Block) C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\cnext.exe
FirewallRules: [UDP Query User{73A569C2-9949-4ACC-88F4-B891C967C46A}C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\cnext.exe] => (Block) C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\cnext.exe
FirewallRules: [TCP Query User{BDB2A661-668C-4D00-B63C-A32647384B84}C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\catsysdemon.exe] => (Block) C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\catsysdemon.exe
FirewallRules: [UDP Query User{770CE2EA-E75E-4CEB-8EF2-AF44FA71D23C}C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\catsysdemon.exe] => (Block) C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\catsysdemon.exe
FirewallRules: [{779815D4-8498-41B8-83C2-E55158163B6D}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{F1B9B31C-BF5D-479F-BBB2-C6B5E4A17617}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{EF1D1EBB-9B89-4562-8A95-378DC194C321}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{BCBD1D48-F62A-40E6-8AA3-720D27DDA5EB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{552F2D17-27E7-4DF6-A2A6-58CF74988D4F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{4C2DF183-3EB7-452C-BD4E-D476049DCF62}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{EA6AD94C-225E-4D3B-A8E6-22E1A2B515D9}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{5C4DEEBE-1986-4D44-8AA9-EFFA7241FD22}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{F5ED7C42-41BE-49A3-900B-4806209F2247}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{4881D3A9-978F-46E9-AE90-AF58846C42AE}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{AB209D7C-A76C-4F32-BE52-26E23208CD6B}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe
FirewallRules: [{2FCBCEA0-9FB9-4ADC-A56A-4E7E0D6D97CB}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe
FirewallRules: [{117ECB75-BDC7-419A-BFC1-C2EE03BF4D51}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe
FirewallRules: [{B30FD8C1-8A4C-4437-AED6-A30297896810}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe
FirewallRules: [{ECC49284-4F2A-4672-A7BD-745BAE7375DA}] => (Allow) C:\Users\sv-sos\AppData\Local\Temp\{3F30FC38-802B-4304-8E1F-541BE52C2CDA}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe
FirewallRules: [{8C0C9969-A057-40CD-AC62-43BF7A3548FE}] => (Allow) C:\Users\sv-sos\AppData\Local\Temp\{3F30FC38-802B-4304-8E1F-541BE52C2CDA}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe
FirewallRules: [TCP Query User{670A0A68-2329-474E-9B1F-10A457D83054}C:\program files (x86)\magix\web designer mx premium\webdesigner.exe] => (Allow) C:\program files (x86)\magix\web designer mx premium\webdesigner.exe
FirewallRules: [UDP Query User{B4115E1B-8A6D-472C-AC92-B5D819D5433D}C:\program files (x86)\magix\web designer mx premium\webdesigner.exe] => (Allow) C:\program files (x86)\magix\web designer mx premium\webdesigner.exe
FirewallRules: [TCP Query User{40A56D9B-43B3-4691-9D0B-807B2D2F3EB8}E:\windows utilities\installer64\xdriverinstaller.exe] => (Block) E:\windows utilities\installer64\xdriverinstaller.exe
FirewallRules: [UDP Query User{A61F7FD5-61D4-4D88-93A9-413F2B3F8568}E:\windows utilities\installer64\xdriverinstaller.exe] => (Block) E:\windows utilities\installer64\xdriverinstaller.exe
FirewallRules: [{F709C72E-25DB-49B4-875E-2D2FE6130E86}] => (Allow) C:\Users\sv-sos\AppData\Local\Apps\2.0\YT6M67N0.JOA\W8148AB0.VXY\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{06815CB4-0219-4F80-999A-4E7EDEFE522F}] => (Allow) C:\Users\sv-sos\AppData\Local\Apps\2.0\YT6M67N0.JOA\W8148AB0.VXY\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{AA582536-9A65-4150-89A4-A3202DF80A3F}] => (Allow) C:\Users\sv-sos\AppData\Local\Apps\2.0\YT6M67N0.JOA\W8148AB0.VXY\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{504CE0E2-6772-48FE-B56D-ECAC832147A1}] => (Allow) C:\Users\sv-sos\AppData\Local\Apps\2.0\YT6M67N0.JOA\W8148AB0.VXY\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{EFAC4234-DE8B-4222-82C8-9EABE6EACAFD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{EA8B7077-D10E-4A2A-9B55-1E44EA6DFE61}C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\cnext.exe] => (Block) C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\cnext.exe
FirewallRules: [UDP Query User{F0D09AF5-AC40-4F99-9961-2D43B69FDED1}C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\cnext.exe] => (Block) C:\users\sv-sos\appdata\local\xenocode\sandbox\dassault systemes product\5.20.0.9268\2010.08.01t09.28\virtual\stubexe\8.0.1135\@programfiles@\dassault systemes\b20\intel_a\code\bin\cnext.exe
FirewallRules: [TCP Query User{65A79FD7-C2A6-4E8D-9140-0874F9E84D94}C:\users\sv-sos\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\sv-sos\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{A947B808-6E5A-4DDB-BCEA-7BB0E0E529A8}C:\users\sv-sos\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\sv-sos\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{6C27E9BA-0FAF-4FD3-A033-4EF28109C74E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{0FCE0F5B-FF3F-4F2E-8DAC-FA72A8B0CF0A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{629E13B6-45BF-43EA-AAB9-8FF06B0925D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{604ABAB6-0AA9-4F1A-9554-0EB11090D56C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6F666551-A93C-4AC7-9CE6-009211896167}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0DF17CF3-04C1-42A6-8D5F-109D1AF82053}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{71C7276F-4346-426E-9C5A-CA417B09ACF6}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{AF21B3B6-CD62-4FFF-80AE-F9799336355C}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe
FirewallRules: [{6DE5AD75-9B21-4888-B417-3552A086DB19}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{027442BF-2B95-4602-BF87-A68057E92C3A}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{02A80A5B-09B9-470E-926C-D9FAE30450E3}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{8C6AD519-8750-46E7-BBB9-DD61BD0FBB5A}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{1E3D63AC-69B7-4127-948E-988BB967AEF8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{ED88DF5E-DF7B-40ED-A826-933B109BB6B3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{53F6C6E4-D31C-4228-BB69-FF423989C991}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{2A0E2F21-0A4E-44DB-8B96-935B7E21D6D5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{FAF67E57-4542-4300-A4B3-3DE189E2F1D4}] => (Allow) C:\Users\sv-sos\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{E5A4394A-1EBD-4109-97A7-E9FDA17C4CFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7A222337-8BEC-4413-B0F5-15638E85C09C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F909A465-F5D5-4C82-BABC-092926D57FF0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{290F40D3-3F5F-4166-9AB8-131438C5711C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FAEE75E1-A930-4603-A8E7-12B4BD2D0EB1}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2015 Premium\Videodeluxe.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/18/2015 04:08:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1392450
Error: (08/18/2015 04:08:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1392450
Error: (08/18/2015 04:08:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/18/2015 04:08:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1388939
Error: (08/18/2015 04:08:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1388939
Error: (08/18/2015 04:08:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/18/2015 03:45:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1139
Error: (08/18/2015 03:45:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1139
Error: (08/18/2015 03:45:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/18/2015 02:25:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: update.exe_Avira Product Family, Version: 15.0.12.402, Zeitstempel: 0x559fa6c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xcc2b1dd2
ID des fehlerhaften Prozesses: 0x2b80
Startzeit der fehlerhaften Anwendung: 0xupdate.exe_Avira Product Family0
Pfad der fehlerhaften Anwendung: update.exe_Avira Product Family1
Pfad des fehlerhaften Moduls: update.exe_Avira Product Family2
Berichtskennung: update.exe_Avira Product Family3
Systemfehler:
=============
Error: (08/18/2015 04:08:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (08/18/2015 04:08:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (08/18/2015 04:08:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (08/18/2015 04:08:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (08/18/2015 04:08:37 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (08/18/2015 04:08:37 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (08/18/2015 02:24:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (08/18/2015 02:24:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (08/18/2015 02:24:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (08/18/2015 02:24:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Microsoft Office:
=========================
Error: (08/18/2015 04:08:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1392450
Error: (08/18/2015 04:08:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1392450
Error: (08/18/2015 04:08:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/18/2015 04:08:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1388939
Error: (08/18/2015 04:08:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1388939
Error: (08/18/2015 04:08:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/18/2015 03:45:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1139
Error: (08/18/2015 03:45:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1139
Error: (08/18/2015 03:45:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/18/2015 02:25:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.exe_Avira Product Family15.0.12.402559fa6c4unknown0.0.0.000000000c0000005cc2b1dd22b8001d0d9b0cc8d6e50C:\Program Files (x86)\Avira\Antivirus\update.exeunknown29cdb016-45a4-11e5-b0d3-f0bf97e4d2d0
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8107.82 MB
Verfügbarer physikalischer RAM: 4074.89 MB
Summe virtueller Speicher: 12267.84 MB
Verfügbarer virtueller Speicher: 7633.91 MB
==================== Laufwerke ================================
Drive c: (win7) (Fixed) (Total:107.61 GB) (Free:2.4 GB) NTFS
Drive d: (Laufwerk) (Fixed) (Total:474.56 GB) (Free:0.5 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 0D263932)
Partition 1: (Not Active) - (Size=13.9 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=107.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=474.6 GB) - (Type=07 NTFS)
==================== Ende von Ergebnis ============================
|
|
18.08.2015, 19:53
| #4 |
| | Ordner sind jetzt scr Dateien! aaa |
|
19.08.2015, 10:42
| #5 | |
| /// the machine /// TB-Ausbilder | Ordner sind jetzt scr Dateien!Zitat:
 Thema bumpen? Ungeil, wirft dich nämlich komplett nach hinten. Wer am längsten wartet bekommt die erste Antwort, durch Bumpen springst du an den Anfang, bist dann also der Letzte. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\Run: [d0430daa7990795ed945471b6f6bbd76] => "C:\Users\sv-sos\AppData\Local\d0430daa7990795ed945471b6f6bbd76.exe"
C:\Users\sv-sos\AppData\Local\d0430daa7990795ed945471b6f6bbd76.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.08.2015, 11:58
| #6 |
| | Ordner sind jetzt scr Dateien!Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-08-2015
durchgeführt von sv-sos (2015-08-19 12:16:36) Run:1
Gestartet von C:\Users\sv-sos\Downloads
Geladene Profile: sv-sos (Verfügbare Profile: sv-sos)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
HKU\S-1-5-21-3196472479-254760899-211853663-1001\...\Run: [d0430daa7990795ed945471b6f6bbd76] => "C:\Users\sv-sos\AppData\Local\d0430daa7990795ed945471b6f6bbd76.exe"
C:\Users\sv-sos\AppData\Local\d0430daa7990795ed945471b6f6bbd76.exe
*****************
HKU\S-1-5-21-3196472479-254760899-211853663-1001\Software\Microsoft\Windows\CurrentVersion\Run\\d0430daa7990795ed945471b6f6bbd76 => Wert erfolgreich entfernt
"C:\Users\sv-sos\AppData\Local\d0430daa7990795ed945471b6f6bbd76.exe" => Datei/Ordner nicht gefunden.
==== Ende von Fixlog 12:16:37 ====
danke Dir erstmal für Deine Zeit Mühe. ich habe Deine Anweisungen befolgt, und habe Dir den zip-Ordner zugeschickt. "bumpen" war nicht meine Absicht. Ich wollte einen von mir erstellten Beitrag löschen. Habe es aber nicht hinbekommen. Daraufhin bekam ich die Meldung, ich müsse mind. 3 Buchstaben schreiben. Deshalb "aaa".....  Vielleicht kann das helfen. Das spuckte mir Antivir aus: Name: W32/Sality.ac Entdeckt am: 31/05/2010 Art: File Infector In freier Wildbahn: Nein Gemeldete Infektionen: Niedrig Verbreitungspotenzial: Mittel bis hoch Schadenspotenzial: Mittel bis hoch Statische Datei: Nein IVDF Version: 7.10.07.204 |
|
19.08.2015, 17:18
| #7 |
| /// the machine /// TB-Ausbilder | Ordner sind jetzt scr Dateien! hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.08.2015, 13:34
| #8 |
| | Ordner sind jetzt scr Dateien!Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.08.19.09
rootkit: v2015.08.16.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
sv-sos :: SV-SOS-VAIO [administrator]
20.08.2015 00:46:59
mbar-log-2015-08-20 (00-46-59).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 396388
Time elapsed: 1 hour(s), 1 minute(s), 35 second(s)
Memory Processes Detected: 2
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com (Worm.Autorun) -> 3420 -> Delete on reboot. [9d18dd2db6d549ed46324f8fab59857b]
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com (Worm.Autorun) -> 3436 -> Delete on reboot. [f7be8c7e711a89ad06720ed012f214ec]
Memory Modules Detected: 2
C:\Windows\Thumbs .db (Backdoor.Senna) -> Delete on reboot. [ac0936d4404bc1759e0272b314f1b050]
C:\Windows\Thumbs .db (Backdoor.Senna) -> Delete on reboot. [ac0936d4404bc1759e0272b314f1b050]
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (%1) Good: ("%1" /S) -> Replace on reboot. [ffffffffffffffffffffffffffffffff]
Folders Detected: 0
(No malicious items detected)
Files Detected: 237
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com (Worm.Autorun) -> Delete on reboot. [9d18dd2db6d549ed46324f8fab59857b]
C:\Windows\Thumbs .db (Backdoor.Senna) -> Delete on reboot. [ac0936d4404bc1759e0272b314f1b050]
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com (Worm.Autorun) -> Delete on reboot. [f7be8c7e711a89ad06720ed012f214ec]
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 .scr (Worm.Autorun) -> Delete on reboot. [6550c1494d3eac8a4137a638c63e09f7]
C:\ProgramData\Adobe .scr (Worm.Autorun) -> Delete on reboot. [c7eec3478cff55e175034599d232f20e]
C:\ProgramData\ALM .scr (Worm.Autorun) -> Delete on reboot. [189df6143655fb3bcfa933ab45bf1ce4]
C:\ProgramData\Anwendungsdaten .scr (Worm.Autorun) -> Delete on reboot. [8431f31708830135651303db94706a96]
C:\ProgramData\Apple .scr (Worm.Autorun) -> Delete on reboot. [b20352b8ee9d6fc753258b5309fb04fc]
C:\ProgramData\HP .scr (Worm.Autorun) -> Delete on reboot. [d8dddc2edcafd85ec5b3706e1fe59b65]
C:\ProgramData\Intel .scr (Worm.Autorun) -> Delete on reboot. [2392b357f59606304137b42a3bc9d828]
C:\ProgramData\iolo .scr (Worm.Autorun) -> Delete on reboot. [9124df2b216a44f24e2ab12d4eb6a060]
C:\ProgramData\launcher .scr (Worm.Autorun) -> Delete on reboot. [734282883457e25489ef20be0ff5ae52]
C:\ProgramData\MAGIX .scr (Worm.Autorun) -> Delete on reboot. [0fa67991eaa158de79ff6678ce36df21]
C:\ProgramData\McAfee .scr (Worm.Autorun) -> Delete on reboot. [961fc6442d5e56e0e89011cd14f07d83]
C:\ProgramData\Roaming .scr (Worm.Autorun) -> Delete on reboot. [c1f455b5ed9e9d99ff79efef5da7837d]
C:\ProgramData\Rosetta Stone .scr (Worm.Autorun) -> Delete on reboot. [feb7ee1cd2b94fe7bfb933ab6c981de3]
C:\ProgramData\simplitec .scr (Worm.Autorun) -> Delete on reboot. [882dbb4fbad1171fd5a3518d51b306fa]
C:\ProgramData\Skype .scr (Worm.Autorun) -> Delete on reboot. [85305baf741745f186f2c21cac58b24e]
C:\ProgramData\SlySoft .scr (Worm.Autorun) -> Delete on reboot. [b4012cdedcaf2d094137b42a669eca36]
C:\ProgramData\Canneverbe Limited .scr (Worm.Autorun) -> Delete on reboot. [74415baf365592a484f4cb13fb097090]
C:\ProgramData\createpart .scr (Worm.Autorun) -> Delete on reboot. [08adcd3d4a41f541c6b24b93fb09748c]
C:\ProgramData\DAEMON Tools Lite .scr (Worm.Autorun) -> Delete on reboot. [9a1bcb3fe4a73bfba4d43ba3679d50b0]
C:\ProgramData\Desktop .scr (Worm.Autorun) -> Delete on reboot. [199c1eecfd8ed561a5d3b72746befa06]
C:\ProgramData\Documents .scr (Worm.Autorun) -> Delete on reboot. [a70ef218aae1a393077187579b69e818]
C:\ProgramData\Dokumente .scr (Worm.Autorun) -> Delete on reboot. [1f9691798b00e94da8d0a6388d77946c]
C:\ProgramData\Downloaded Installations .scr (Worm.Autorun) -> Delete on reboot. [e7ce58b272193ef80b6da23cb05402fe]
C:\ProgramData\Evernote .scr (Worm.Autorun) -> Delete on reboot. [a70eb1598902d6603444d00ede2638c8]
C:\ProgramData\explauncher .scr (Worm.Autorun) -> Delete on reboot. [645169a14f3cb08690e89c42f70d8080]
C:\ProgramData\Favoriten .scr (Worm.Autorun) -> Delete on reboot. [961f65a59eedd26401777c62bf4508f8]
C:\ProgramData\Favorites .scr (Worm.Autorun) -> Delete on reboot. [61549d6dd0bb1a1c33454e90659f25db]
C:\ProgramData\Microsoft .scr (Worm.Autorun) -> Delete on reboot. [ded79971434858de8aee538b966eda26]
C:\ProgramData\Microsoft Help .scr (Worm.Autorun) -> Delete on reboot. [278e25e57417fd39c9af2cb23ec61ee2]
C:\ProgramData\Mozilla .scr (Worm.Autorun) -> Delete on reboot. [f7be27e31576ef474b2d825c2ada3dc3]
C:\ProgramData\Nokia .scr (Worm.Autorun) -> Delete on reboot. [20958684ff8c9e987ff9914df4105aa6]
C:\ProgramData\NokiaInstallerCache .scr (Worm.Autorun) -> Delete on reboot. [50659179503beb4bb8c0e7f7e51f48b8]
C:\ProgramData\Oracle .scr (Worm.Autorun) -> Delete on reboot. [ac09af5bdbb08babf286706e3fc5fe02]
C:\ProgramData\Package Cache .scr (Worm.Autorun) -> Delete on reboot. [575e56b4b7d45dd9c3b5479707fde21e]
C:\ProgramData\PC Suite .scr (Worm.Autorun) -> Delete on reboot. [cde89f6bb7d4f6402a4e598516ee02fe]
C:\ProgramData\Real .scr (Worm.Autorun) -> Delete on reboot. [2d88a26803885dd9c9afc31b9d676898]
C:\ProgramData\regid.1986-12.com.adobe .scr (Worm.Autorun) -> Delete on reboot. [b1042cde177462d43246b529ed175ca4]
C:\ProgramData\Sony Corporation .scr (Worm.Autorun) -> Delete on reboot. [3b7adf2b5932cf677404e7f7b74dfa06]
C:\ProgramData\Start Menu .scr (Worm.Autorun) -> Delete on reboot. [20957199c6c5270fd4a44d915ca829d7]
C:\ProgramData\Startmenü .scr (Worm.Autorun) -> Delete on reboot. [7d38a8628efde74f591f409e55af9d63]
C:\ProgramData\Sun .scr (Worm.Autorun) -> Delete on reboot. [7e37d733345780b67efa36a8c044837d]
C:\ProgramData\TEMP .scr (Worm.Autorun) -> Delete on reboot. [4c69c743850685b12652ebf39470f709]
C:\ProgramData\Templates .scr (Worm.Autorun) -> Delete on reboot. [7e37bd4dcdbe4aecef890bd3bf45f907]
C:\ProgramData\TrueSuite .scr (Worm.Autorun) -> Delete on reboot. [caeb2fdb22695dd9fb7decf206fedd23]
C:\ProgramData\Vorlagen .scr (Worm.Autorun) -> Delete on reboot. [892ca565127972c463155985f410d12f]
C:\ProgramData\Apple Computer .scr (Worm.Autorun) -> Delete on reboot. [dbda808ad2b9dc5ae2968b538d771ae6]
C:\ProgramData\Application Data .scr (Worm.Autorun) -> Delete on reboot. [5e57a961404b06303c3c17c7a85c6e92]
C:\ProgramData\ArcSoft .scr (Worm.Autorun) -> Delete on reboot. [02b3a4662e5df244631526b8cb394cb4]
C:\ProgramData\ATI .scr (Worm.Autorun) -> Delete on reboot. [bbfa53b7acdfd2641563736ba06454ac]
C:\ProgramData\Audatex .scr (Worm.Autorun) -> Delete on reboot. [9a1b55b5a3e8b1851f594f8fab597789]
C:\ProgramData\MAGIX\Screenshare .scr (Worm.Autorun) -> Delete on reboot. [2a8b81893a518da9a0d88955c242847c]
C:\ProgramData\MAGIX\Common .scr (Worm.Autorun) -> Delete on reboot. [d5e028e2b9d2e5515523d30b29dbfe02]
C:\ProgramData\MAGIX\Filme_auf_DVD_7_TerraTec_Edition .scr (Worm.Autorun) -> Delete on reboot. [04b18c7ecac1c472294f2cb222e2e21e]
C:\ProgramData\MAGIX\MagixOfa Helper-Module .scr (Worm.Autorun) -> Delete on reboot. [7540f515206bb87eceaaf5e9e51fef11]
C:\ProgramData\MAGIX\Online_Druck_Service .scr (Worm.Autorun) -> Delete on reboot. [4075be4c02893df91266726cf0141de3]
C:\ProgramData\MAGIX\simplitec Power Suite .scr (Worm.Autorun) -> Delete on reboot. [fdb806041378e74fe692b6284bb9f30d]
C:\ProgramData\MAGIX\Speed3_burnR_mxcdr_MSI .scr (Worm.Autorun) -> Delete on reboot. [2c8950ba14773402b3c5617d25df32ce]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium .scr (Worm.Autorun) -> Delete on reboot. [f9bc67a30586bb7ba9cf8856966e0000]
C:\ProgramData\MAGIX\Videodeluxe21_premium .scr (Worm.Autorun) -> Delete on reboot. [d7dea36716757cba91e74698f212d030]
C:\ProgramData\MAGIX\Web Designer 7 Premium Download-Version .scr (Worm.Autorun) -> Delete on reboot. [6b4a32d87516fa3c3a3e904eba4a31cf]
C:\ProgramData\MAGIX\Web Designer MX Premium .scr (Worm.Autorun) -> Delete on reboot. [7e37d634b6d5be78e98fb22c0202c23e]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\AudioEffects .scr (Worm.Autorun) -> Delete on reboot. [1f96b159a4e7d0662751d20c80840cf4]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\Default .scr (Worm.Autorun) -> Delete on reboot. [e1d453b7365592a4cdabd707c83cf907]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\DVD .scr (Worm.Autorun) -> Delete on reboot. [af067199b9d253e3c0b87d6117ed2fd1]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\FX-Preset .scr (Worm.Autorun) -> Delete on reboot. [298c9971751652e4dc9ce8f6df25ea16]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\MovieTemplates .scr (Worm.Autorun) -> Delete on reboot. [3c792edc1a7194a2e197508ef2120bf5]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\UserData .scr (Worm.Autorun) -> Delete on reboot. [82330604206b290d4830f0eeed1721df]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\VideoEffects .scr (Worm.Autorun) -> Delete on reboot. [486d93776c1f3ff7522617c7c53fc43c]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\_Studio-Preview .scr (Worm.Autorun) -> Delete on reboot. [05b00dfd355650e6ea8e21bdc044728e]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\_TV-Anti-Cropping .scr (Worm.Autorun) -> Delete on reboot. [1a9b3fcb711a91a5d0a82cb235cf5ca4]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\MusicEditor .scr (Worm.Autorun) -> Delete on reboot. [13a245c50685f2444b2dc21c9470b848]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\NoisePrintSamples .scr (Worm.Autorun) -> Delete on reboot. [feb75dad117afa3c582001ddd2321de3]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\OverlayFX .scr (Worm.Autorun) -> Delete on reboot. [ddd8c248a3e8b87ef3856d719074837d]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\Plugins .scr (Worm.Autorun) -> Delete on reboot. [565fff0b05866ec8c4b4ab3305ff629e]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\Slideshow music .scr (Worm.Autorun) -> Delete on reboot. [b7fede2cb1dac175a3d5cb1331d3cd33]
C:\ProgramData\MAGIX\Video deluxe 2015 Premium\Titles .scr (Worm.Autorun) -> Delete on reboot. [8431bd4da6e5c0769eda8658a16319e7]
C:\Users\sv-sos\AppData\Roaming\Skype\My Skype Received Files\wondershare.data.recovery.4.2.0-MPT.exe (CrackTool.Agent) -> Delete on reboot. [763f44c6bbd050e6fe1c3dbb748c28d8]
C:\Program Files\Adobe .scr (Worm.Autorun) -> Delete on reboot. [3481db2f7a11cd69ee8a23bb11f3d12f]
C:\Program Files\ATI .scr (Worm.Autorun) -> Delete on reboot. [caeb4dbd1e6d95a1e692815dd232b848]
C:\Program Files\Bonjour .scr (Worm.Autorun) -> Delete on reboot. [526353b7f596cd6948306d7124e0dc24]
C:\Program Files\Common Files .scr (Worm.Autorun) -> Delete on reboot. [e3d284863754d95dbfb94a949b6909f7]
C:\Program Files\DIFX .scr (Worm.Autorun) -> Delete on reboot. [833203079dee37ff95e30fcf71938b75]
C:\Program Files\DVD Maker .scr (Worm.Autorun) -> Delete on reboot. [872e44c65f2c92a4e98f09d5d82cb947]
C:\Program Files\Uninstall Information .scr (Worm.Autorun) -> Delete on reboot. [0da8f317b0db4fe7a2d61fbf19eb2cd4]
C:\Program Files\Windows Defender .scr (Worm.Autorun) -> Delete on reboot. [c6ef8b7f7c0f54e2adcbbe206a9a0000]
C:\Program Files\Windows Journal .scr (Worm.Autorun) -> Delete on reboot. [605522e8276442f42f497965dc28857b]
C:\Program Files\Windows Live .scr (Worm.Autorun) -> Delete on reboot. [5f56ca40b4d7c86ee692d60816ee36ca]
C:\Program Files\Intel .scr (Worm.Autorun) -> Delete on reboot. [b30257b3aae12c0a36425886ac585da3]
C:\Program Files\Internet Explorer .scr (Worm.Autorun) -> Delete on reboot. [d9dc36d49feca69084f4924c57ad9f61]
C:\Program Files\iPod .scr (Worm.Autorun) -> Delete on reboot. [a411d931acdfb3833f39a539ed172dd3]
C:\Program Files\iTunes .scr (Worm.Autorun) -> Delete on reboot. [3e777298533857dfe2964b93f60e827e]
C:\Program Files\Java .scr (Worm.Autorun) -> Delete on reboot. [0aab43c72d5ef6400a6e5b83c63e0ef2]
C:\Program Files\MAGIX .scr (Worm.Autorun) -> Delete on reboot. [496c50baadde979fabcdc519c04459a7]
C:\Program Files\Microsoft Office .scr (Worm.Autorun) -> Delete on reboot. [2e8789817b10c57183f57f5f996b04fc]
C:\Program Files\Fingerprint Sensor .scr (Worm.Autorun) -> Delete on reboot. [00b50efc7b1074c22454bb23976d2bd5]
C:\Program Files\Firebird_2_1 .scr (Worm.Autorun) -> Delete on reboot. [07ae6c9e44470630591fa13daf558f71]
C:\Program Files\Gemeinsame Dateien .scr (Worm.Autorun) -> Delete on reboot. [d9dca3676922e74fd7a1f3ebcd37f50b]
C:\Program Files\GIMP 2 .scr (Worm.Autorun) -> Delete on reboot. [0baa5dad206b69cd1167b62814f0768a]
C:\Program Files\HP .scr (Worm.Autorun) -> Delete on reboot. [4e67d23891fafb3b55231ec0a85cf40c]
C:\Program Files\iLoad .scr (Worm.Autorun) -> Delete on reboot. [f2c3b85273188da95b1d17c76a9a8b75]
C:\Program Files\Microsoft Silverlight .scr (Worm.Autorun) -> Delete on reboot. [08adc248771435012a4e99456e96b24e]
C:\Program Files\Windows Mail .scr (Worm.Autorun) -> Delete on reboot. [dcd97a90147745f1d3a59d415fa525db]
C:\Program Files\MSBuild .scr (Worm.Autorun) -> Delete on reboot. [3184f911deaddd59364227b717ed11ef]
C:\Program Files\RawTherapee-4.0.12.113 .scr (Worm.Autorun) -> Delete on reboot. [cfe622e8810a2115a0d8af2fff052ed2]
C:\Program Files\Realtek .scr (Worm.Autorun) -> Delete on reboot. [6c4903073853f54101779747040054ac]
C:\Program Files\Recuva .scr (Worm.Autorun) -> Delete on reboot. [a11461a9e9a2d75faeca57879f65ab55]
C:\Program Files\Reference Assemblies .scr (Worm.Autorun) -> Delete on reboot. [13a23bcf2f5cb4822355934b996bac54]
C:\Program Files\Sony .scr (Worm.Autorun) -> Delete on reboot. [8e270208b1da5dd95a1e815dd82cfa06]
C:\Program Files\Synaptics .scr (Worm.Autorun) -> Delete on reboot. [e8cdef1ba5e60036f7817a64fb09ca36]
C:\Program Files\TrueSuite .scr (Worm.Autorun) -> Delete on reboot. [1c997991503b0f27f58300de808460a0]
C:\Program Files\Windows Media Player .scr (Worm.Autorun) -> Delete on reboot. [6b4a31d91e6dbd79cfa9e9f5e321d927]
C:\Program Files\Windows NT .scr (Worm.Autorun) -> Delete on reboot. [e2d369a14e3d85b10a6e796508fcc040]
C:\Program Files\Windows Photo Viewer .scr (Worm.Autorun) -> Delete on reboot. [f2c3de2cb0db40f6fb7dc11d40c41fe1]
C:\Program Files\Windows Portable Devices .scr (Worm.Autorun) -> Delete on reboot. [0aab0efc5e2db086542423bb51b30ef2]
C:\Program Files\Windows Sidebar .scr (Worm.Autorun) -> Delete on reboot. [6b4abf4b6229f93dc6b27e60de268b75]
C:\Program Files\Windows7FirewallControl .scr (Worm.Autorun) -> Delete on reboot. [783d4dbdcbc090a62751d00ed4307888]
C:\Program Files\WinRAR .scr (Worm.Autorun) -> Delete on reboot. [b9fc8d7dbbd039fd3e3a4f8f818309f7]
C:\Program Files\MAGIX\Video deluxe 2015 Premium .scr (Worm.Autorun) -> Delete on reboot. [b302907aa6e52b0ba9cfe5f944c0a55b]
C:\Program Files\Microsoft Office\Office14 .scr (Worm.Autorun) -> Delete on reboot. [5b5ac04a098266d0adcba935d232da26]
C:\Program Files\iLoad\ffmpeg .scr (Worm.Autorun) -> Delete on reboot. [4372c84272194beb5424716d10f456aa]
C:\Program Files\iLoad\plugins .scr (Worm.Autorun) -> Delete on reboot. [4c69808a9fec50e6d99f07d78c78d42c]
C:\$Recycle.Bin .scr (Worm.Autorun) -> Delete on reboot. [a0157e8ce3a8e84e3c3cbe20956ffe02]
C:\ADCDA2 .scr (Worm.Autorun) -> Delete on reboot. [60550ffba9e22e086d0be8f6e51fb749]
C:\ProgramData .scr (Worm.Autorun) -> Delete on reboot. [b6ffdc2e107b3105b4c4b8269b69d12f]
C:\Programme .scr (Worm.Autorun) -> Delete on reboot. [71449d6d9bf0a4922256e3fb768e31cf]
C:\SPLASH.000 .scr (Worm.Autorun) -> Delete on reboot. [8233c644deadf6406612c81608fcfc04]
C:\SPLASH.SYS .scr (Worm.Autorun) -> Delete on reboot. [caebda302269ac8a95e37668758fc53b]
C:\temp .scr (Worm.Autorun) -> Delete on reboot. [c9ec25e5ff8c51e5d4a4cd1124e0ba46]
C:\Thumbs .db (Backdoor.Senna) -> Delete on reboot. [862f9674107b31056f312ef745c055ab]
C:\Thumbs.com (Worm.Autorun) -> Delete on reboot. [9e1793771774bd79cfa98559ec18c63a]
C:\Update .scr (Worm.Autorun) -> Delete on reboot. [efc6ff0bcac10b2bc7b1f6e839cb7c84]
C:\Windows .scr (Worm.Autorun) -> Delete on reboot. [585d9d6d513a38fefe7a0cd215ef8779]
C:\Documents and Settings .scr (Worm.Autorun) -> Delete on reboot. [6a4b7f8b147785b1abcd01ddfb09758b]
C:\Dokumente und Einstellungen .scr (Worm.Autorun) -> Delete on reboot. [1a9b13f7f4976cca077107d7d72da55b]
C:\Download .scr (Worm.Autorun) -> Delete on reboot. [9421ec1ee1aa0d29661222bcf70d8080]
C:\FRST .scr (Worm.Autorun) -> Delete on reboot. [b00566a48308dd59f088af2ff014c53b]
C:\Infineon .scr (Worm.Autorun) -> Delete on reboot. [9d1817f3cbc040f65820a63849bba759]
C:\KingBill GmbH .scr (Worm.Autorun) -> Delete on reboot. [14a11ded27645cda4137c31b9f654db3]
C:\Log .scr (Worm.Autorun) -> Delete on reboot. [872e0efcc1caac8a4830eef040c4946c]
C:\MSOCache .scr (Worm.Autorun) -> Delete on reboot. [9124a2685b3031058bede4fa82829070]
C:\OptSmartHub .scr (Worm.Autorun) -> Delete on reboot. [2c8953b7aae1b1853642e2fcb4509070]
C:\PerfLogs .scr (Worm.Autorun) -> Delete on reboot. [7a3b71991c6fe94d93e5c8169f6539c7]
C:\Program Files (x86) .scr (Worm.Autorun) -> Delete on reboot. [694c76942b604ee8b0c84a94cd373fc1]
C:\Program Files .scr (Worm.Autorun) -> Delete on reboot. [75409f6b3d4e270f3e3adb0354b0f907]
C:\AllShare - Kopie .scr (Worm.Autorun) -> Delete on reboot. [c6ef3fcb2962ac8ae395528cd62e36ca]
C:\AllShare .scr (Worm.Autorun) -> Delete on reboot. [e6cf8981cac1f640a0d83da10103c739]
C:\Audatex .scr (Worm.Autorun) -> Delete on reboot. [63521eec78139d998fe9d30b897b3fc1]
C:\Config.Msi .scr (Worm.Autorun) -> Delete on reboot. [a60fd535fb9058def286c816867e2ed2]
C:\Documentation .scr (Worm.Autorun) -> Delete on reboot. [892cb258d6b511258cec33ab6c98d22e]
C:\adobeTemp .scr (Worm.Autorun) -> Delete on reboot. [b2038189e7a441f5db9dc5196a9a8779]
C:\Intel .scr (Worm.Autorun) -> Delete on reboot. [fdb8d7336c1f77bfbfb9a13d986ccb35]
C:\$Recycle.Bin\S-1-5-18 .scr (Worm.Autorun) -> Delete on reboot. [9223c149b8d3b6804c2cfae45da7ed13]
C:\$Recycle.Bin\S-1-5-20 .scr (Worm.Autorun) -> Delete on reboot. [575ec545a6e575c1671136a847bdfa06]
C:\$Recycle.Bin\S-1-5-21-2786137233-3513023083-2695230655-500 .scr (Worm.Autorun) -> Delete on reboot. [72430802d7b4e74f9ddbe9f5778dd32d]
C:\$Recycle.Bin\S-1-5-21-3196472479-254760899-211853663-1001 .scr (Worm.Autorun) -> Delete on reboot. [12a314f6513a3ef89bdd508ee51fdd23]
C:\$Recycle.Bin\S-1-5-21-939710820-3870864167-844904381-500 .scr (Worm.Autorun) -> Delete on reboot. [6352b45615764cead5a3a23ca65e12ee]
C:\Windows\addins .scr (Worm.Autorun) -> Delete on reboot. [01b4be4c4744dd59e593b52914f025db]
C:\Windows\AppCompat .scr (Worm.Autorun) -> Delete on reboot. [efc68e7c018a64d2d4a418c6c53fbc44]
C:\Windows\AppPatch .scr (Worm.Autorun) -> Delete on reboot. [a70e9773b8d36bcb433539a541c39b65]
C:\Windows\assembly .scr (Worm.Autorun) -> Delete on reboot. [c6efc3476c1f04328eea8d5127dd19e7]
C:\Windows\Globalization .scr (Worm.Autorun) -> Delete on reboot. [466f68a2385389ada3d523bbd92b03fd]
C:\Windows\Help .scr (Worm.Autorun) -> Delete on reboot. [83326aa02764290d7701627c63a1d42c]
C:\Windows\hu .scr (Worm.Autorun) -> Delete on reboot. [bff6b1593a5190a64533f9e5a163619f]
C:\Windows\IME .scr (Worm.Autorun) -> Delete on reboot. [7c39d6340a81b97d87f14599e420ea16]
C:\Windows\inf .scr (Worm.Autorun) -> Delete on reboot. [fcb936d47a11a2941b5d1ac44fb541bf]
C:\Windows\Panther .scr (Worm.Autorun) -> Delete on reboot. [8c2904064348ea4cccac449a18ec857b]
C:\Windows\PCHEALTH .scr (Worm.Autorun) -> Delete on reboot. [4174ca4043482a0c5820ad31877d966a]
C:\Windows\Performance .scr (Worm.Autorun) -> Delete on reboot. [565fc8426229eb4bf97f3ba34eb67f81]
C:\Windows\pl .scr (Worm.Autorun) -> Delete on reboot. [6a4b0ffbacdfe0569eda657952b246ba]
C:\Windows\PLA .scr (Worm.Autorun) -> Delete on reboot. [2293f911424980b6591f934bd52f946c]
C:\Windows\Setup .scr (Worm.Autorun) -> Delete on reboot. [546102082d5e3204047427b7e222ae52]
C:\Windows\ShellNew .scr (Worm.Autorun) -> Delete on reboot. [f5c006044348d462a0d80ed02cd8bb45]
C:\Windows\sk .scr (Worm.Autorun) -> Delete on reboot. [00b5fc0e5833b1857008706ecc38fa06]
C:\Windows\SoftwareDistribution .scr (Worm.Autorun) -> Delete on reboot. [fdb82edcd6b5082ecaaec41aed175da3]
C:\Windows\twain_32 .scr (Worm.Autorun) -> Delete on reboot. [13a2907abbd0a2943543a737ce362fd1]
C:\Windows\uk .scr (Worm.Autorun) -> Delete on reboot. [b500ed1dc9c2d066babe5a84778d4cb4]
C:\Windows\Vss .scr (Worm.Autorun) -> Delete on reboot. [2d8815f59feccd692a4ea8363ec60bf5]
C:\Windows\Web .scr (Worm.Autorun) -> Delete on reboot. [cfe619f1ec9fd85ed2a6d40a7d873dc3]
C:\Windows\XSxS .scr (Worm.Autorun) -> Delete on reboot. [249148c2cbc0f244d4a486589c6818e8]
C:\Windows\ehome .scr (Worm.Autorun) -> Delete on reboot. [2d884ac05e2d23130771746a5aaa5da3]
C:\Windows\DigitalLocker .scr (Worm.Autorun) -> Delete on reboot. [4d6850ba503b4beb6d0b3da15ca809f7]
C:\Windows\Downloaded Program Files .scr (Worm.Autorun) -> Delete on reboot. [6e4785855536a1958aee736b659f2fd1]
C:\Windows\Drivers .scr (Worm.Autorun) -> Delete on reboot. [546115f598f3ab8b4b2da53953b158a8]
C:\Windows\Media .scr (Worm.Autorun) -> Delete on reboot. [a114ec1e513af83eb9bfebf343c1fb05]
C:\Windows\Microsoft.NET .scr (Worm.Autorun) -> Delete on reboot. [ab0a7298b7d41026b1c7fbe3b351b050]
C:\Windows\ModemLogs .scr (Worm.Autorun) -> Delete on reboot. [783d35d58a01023447315b8316ee9e62]
C:\Windows\msdownld.tmp .scr (Worm.Autorun) -> Delete on reboot. [bbfa32d8f992b97df97f09d5d034ed13]
C:\Windows\AutoKMS .scr (Worm.Autorun) -> Delete on reboot. [bcf95eac424955e13e3ad10dcf35b44c]
C:\Windows\bg .scr (Worm.Autorun) -> Delete on reboot. [22930703ccbf023497e196487b89f30d]
C:\Windows\Branding .scr (Worm.Autorun) -> Delete on reboot. [4273ee1c078491a5b9bfecf249bbc43c]
C:\Windows\cs .scr (Worm.Autorun) -> Delete on reboot. [05b07595a6e546f04c2c28b6ab59a15f]
C:\Windows\Cursors .scr (Worm.Autorun) -> Delete on reboot. [25906e9cd2b996a03e3a2faf857f659b]
C:\Windows\da .scr (Worm.Autorun) -> Delete on reboot. [a60f11f9b3d82b0b58207668758fd22e]
C:\Windows\de .scr (Worm.Autorun) -> Delete on reboot. [b0057793c8c3ae88f68228b6aa5a1ae6]
C:\Windows\de-DE .scr (Worm.Autorun) -> Delete on reboot. [0fa635d58308ef475127bd214eb6718f]
C:\Windows\debug .scr (Worm.Autorun) -> Delete on reboot. [0baa67a3e7a43bfb1a5ea03ec73d13ed]
C:\Windows\el .scr (Worm.Autorun) -> Delete on reboot. [486d16f45d2e8caa07711fbf42c2f10f]
C:\Windows\en .scr (Worm.Autorun) -> Delete on reboot. [c1f456b47b1049ed7602dd01d43060a0]
C:\Windows\en-US .scr (Worm.Autorun) -> Delete on reboot. [e2d3d5356229b6805a1ec01eae566799]
C:\Windows\fi .scr (Worm.Autorun) -> Delete on reboot. [15a053b7afdcb08673059f3fc341c13f]
C:\Windows\Fonts .scr (Worm.Autorun) -> Delete on reboot. [6055d2389fec1e182d4b87572bd9e020]
C:\Windows\fr .scr (Worm.Autorun) -> Delete on reboot. [2c89709a2b60c76f85f3d806c53f51af]
C:\Windows\Installer .scr (Worm.Autorun) -> Delete on reboot. [744130dacac1de581662e3fb22e223dd]
C:\Windows\InstDrvs .scr (Worm.Autorun) -> Delete on reboot. [e3d22cde9cef8babbdbb4c9272920ff1]
C:\Windows\it .scr (Worm.Autorun) -> Delete on reboot. [4570fd0dee9db4829adece1057ad07f9]
C:\Windows\L2Schemas .scr (Worm.Autorun) -> Delete on reboot. [2a8b2ae0cac1c17599df18c6b94b21df]
C:\Windows\LiveKernelReports .scr (Worm.Autorun) -> Delete on reboot. [b7fefe0c5b30e4524b2d7c62b64e35cb]
C:\Windows\Logs .scr (Worm.Autorun) -> Delete on reboot. [f1c42cdee3a80e28c3b5fde105ff8d73]
C:\Windows\nl .scr (Worm.Autorun) -> Delete on reboot. [b6ff55b506856fc7e593f7e7a460e31d]
C:\Windows\no .scr (Worm.Autorun) -> Delete on reboot. [4f6628e28308c76f106832aca75d0df3]
C:\Windows\Offline Web Pages .scr (Worm.Autorun) -> Delete on reboot. [6d48ac5e0685b08643355e800ef6f60a]
C:\Windows\PolicyDefinitions .scr (Worm.Autorun) -> Delete on reboot. [44718684d0bb79bd6612ad314db77c84]
C:\Windows\Prefetch .scr (Worm.Autorun) -> Delete on reboot. [199c10faeaa1a78fe098538b6e96fb05]
C:\Windows\pss .scr (Worm.Autorun) -> Delete on reboot. [4372de2c57341521ceaa984662a2cb35]
C:\Windows\pt-pt .scr (Worm.Autorun) -> Delete on reboot. [a411fc0e355686b0e0986678bc480ff1]
C:\Windows\Registration .scr (Worm.Autorun) -> Delete on reboot. [c1f4d23890fb68ce83f5da0425df5aa6]
C:\Windows\Resources .scr (Worm.Autorun) -> Delete on reboot. [7d38f01a78135adc91e78f4f31d329d7]
C:\Windows\ro .scr (Worm.Autorun) -> Delete on reboot. [ebca27e37b106dc9accc28b6976dfe02]
C:\Windows\ru .scr (Worm.Autorun) -> Delete on reboot. [73420bff345771c52c4cb02e2bd9768a]
C:\Windows\SchCache .scr (Worm.Autorun) -> Delete on reboot. [2392dc2eacdf6ec803752bb34bb92dd3]
C:\Windows\schemas .scr (Worm.Autorun) -> Delete on reboot. [5461d4368605c670eb8d2db14eb6a15f]
C:\Windows\security .scr (Worm.Autorun) -> Delete on reboot. [b500f01a9af1b77fd6a224badd27e020]
C:\Windows\ServiceProfiles .scr (Worm.Autorun) -> Delete on reboot. [744125e597f4e0562b4daa341ee6e21e]
C:\Windows\Sonysys .scr (Worm.Autorun) -> Delete on reboot. [9a1b5eac6922e3535820f4ea0ff5de22]
C:\Windows\Speech .scr (Worm.Autorun) -> Delete on reboot. [318410fa2d5e1d197bfd22bc7f85f010]
C:\Windows\sv .scr (Worm.Autorun) -> Delete on reboot. [5b5a1feb1774e74f66129c42ff05f907]
C:\Windows\system .scr (Worm.Autorun) -> Delete on reboot. [efc6ac5ebdced85ed1a7ad31e32137c9]
C:\Windows\System32 .scr (Worm.Autorun) -> Delete on reboot. [7c398d7d57342f07ed8bcc1236ce3ec2]
C:\Windows\SysWOW64 .scr (Worm.Autorun) -> Delete on reboot. [2590ee1ce3a8d066f880ecf22adafd03]
C:\Windows\TAPI .scr (Worm.Autorun) -> Delete on reboot. [a3123ecca3e8063079ff07d7798b0df3]
C:\Windows\Tasks .scr (Worm.Autorun) -> Delete on reboot. [6c497f8b2b60e1556414746a897bf907]
C:\Windows\Temp .scr (Worm.Autorun) -> Delete on reboot. [8f2659b19fec57dfdb9dfee05da7e51b]
C:\Windows\tr .scr (Worm.Autorun) -> Delete on reboot. [6a4b2bdf7a1172c491e74f8fde26f010]
C:\Windows\tracing .scr (Worm.Autorun) -> Delete on reboot. [ded7be4c7417a78f23551ec0fd07916f]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.08.19.09
rootkit: v2015.08.16.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
sv-sos :: SV-SOS-VAIO [administrator]
20.08.2015 10:13:01
mbar-log-2015-08-20 (10-13-01).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 397407
Time elapsed: 42 minute(s), 41 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.08.19.09
rootkit: v2015.08.16.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
sv-sos :: SV-SOS-VAIO [administrator]
20.08.2015 11:52:23
mbar-log-2015-08-20 (11-52-23).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 397789
Time elapsed: 1 hour(s), 4 minute(s), 6 second(s)
Memory Processes Detected: 2
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com (Worm.Autorun) -> 7028 -> Delete on reboot. [c4f19377c2c99e9861170ed00afa1be5]
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com (Worm.Autorun) -> 4480 -> Delete on reboot. [b6ff38d2e8a368ce5f19b32b2ed6af51]
Memory Modules Detected: 2
C:\Windows\Thumbs .db (Backdoor.Senna) -> Delete on reboot. [278e8189f794f6405c44002537cebd43]
C:\Windows\Thumbs .db (Backdoor.Senna) -> Delete on reboot. [278e8189f794f6405c44002537cebd43]
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (%1) Good: ("%1" /S) -> Replace on reboot. [ffffffffffffffffffffffffffffffff]
Folders Detected: 0
(No malicious items detected)
Files Detected: 32
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com (Worm.Autorun) -> Delete on reboot. [c4f19377c2c99e9861170ed00afa1be5]
C:\Windows\Thumbs .db (Backdoor.Senna) -> Delete on reboot. [278e8189f794f6405c44002537cebd43]
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com (Worm.Autorun) -> Delete on reboot. [b6ff38d2e8a368ce5f19b32b2ed6af51]
C:\$Recycle.Bin .scr (Worm.Autorun) -> Delete on reboot. [2b8a44c6d9b28da9f484b12d867e9070]
C:\ADCDA2 .scr (Worm.Autorun) -> Delete on reboot. [9e172fdbfd8ee452b8c08658c53fa65a]
C:\ProgramData .scr (Worm.Autorun) -> Delete on reboot. [d9dca06a2f5c300648307c623ec6fc04]
C:\Programme .scr (Worm.Autorun) -> Delete on reboot. [9b1a3bcf840769cd591f409e8183d62a]
C:\SPLASH.000 .scr (Worm.Autorun) -> Delete on reboot. [bdf8ec1e4546b68093e5716ddf25fc04]
C:\SPLASH.SYS .scr (Worm.Autorun) -> Delete on reboot. [1f965dad0e7dea4c94e4a836ab59aa56]
C:\temp .scr (Worm.Autorun) -> Delete on reboot. [7045d832d5b6ff37b3c538a6d0342cd4]
C:\Thumbs .db (Backdoor.Senna) -> Delete on reboot. [fbbaa268a9e288ae6f3182a39273a858]
C:\Thumbs.com (Worm.Autorun) -> Delete on reboot. [961f51b90d7ec6700375f9e528dc1be5]
C:\Update .scr (Worm.Autorun) -> Delete on reboot. [2f8648c23259f343bbbdd50942c2bd43]
C:\Windows .scr (Worm.Autorun) -> Delete on reboot. [dadb3dcdeba07eb80375845af3118878]
C:\Documents and Settings .scr (Worm.Autorun) -> Delete on reboot. [02b313f7b4d7c76f4b2dcb13bd478a76]
C:\Dokumente und Einstellungen .scr (Worm.Autorun) -> Delete on reboot. [d3e28b7f8209ac8af58305d9659fcc34]
C:\Download .scr (Worm.Autorun) -> Delete on reboot. [bdf89c6e57343ef8b9bfd806e4203bc5]
C:\FRST .scr (Worm.Autorun) -> Delete on reboot. [3382c5453e4dcd69195f39a53cc86c94]
C:\Infineon .scr (Worm.Autorun) -> Delete on reboot. [417458b266250036c7b1637bba4a926e]
C:\Intel .scr (Worm.Autorun) -> Delete on reboot. [4570000a6a212e086216944a52b29f61]
C:\KingBill GmbH .scr (Worm.Autorun) -> Delete on reboot. [14a19e6ca0ebc47295e3ebf352b2e21e]
C:\Log .scr (Worm.Autorun) -> Delete on reboot. [caeb799118731026b8c0c41a06fe7b85]
C:\MSOCache .scr (Worm.Autorun) -> Delete on reboot. [0ca976940d7eec4ab3c50ed01aeaa060]
C:\OptSmartHub .scr (Worm.Autorun) -> Delete on reboot. [f2c350ba315ac4722f49736b4eb60bf5]
C:\PerfLogs .scr (Worm.Autorun) -> Delete on reboot. [2c89a268f09b231397e15a84be46936d]
C:\Program Files (x86) .scr (Worm.Autorun) -> Delete on reboot. [c2f32fdb206ba88e90e84b93b05459a7]
C:\Program Files .scr (Worm.Autorun) -> Delete on reboot. [0ca92ddd4447330397e16975ce364bb5]
C:\adobeTemp .scr (Worm.Autorun) -> Delete on reboot. [8c2935d52962a2947800fae48c7845bb]
C:\AllShare - Kopie .scr (Worm.Autorun) -> Delete on reboot. [ecc9c04a9dee82b487f1fee026deac54]
C:\AllShare .scr (Worm.Autorun) -> Delete on reboot. [991cb05a57340b2b7efa3ea019eb0ff1]
C:\Audatex .scr (Worm.Autorun) -> Delete on reboot. [7045c545c5c6e25446328b53778dbb45]
C:\Documentation .scr (Worm.Autorun) -> Delete on reboot. [d6df1eec9eed24126c0c1dc1897bd12f]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.08.19.09
rootkit: v2015.08.16.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
sv-sos :: SV-SOS-VAIO [administrator]
20.08.2015 11:53:06
mbar-log-2015-08-20 (11-53-06).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 99099
Time elapsed: 42 minute(s), 51 second(s) [aborted]
Memory Processes Detected: 2
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com (Worm.Autorun) -> 7028 -> No action taken. [595c0cfe87046acc9cdccc12a95b6799]
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com (Worm.Autorun) -> 4480 -> No action taken. [ded7f6143c4f4aec45334b93b4500af6]
Memory Modules Detected: 2
C:\Windows\Thumbs .db (Backdoor.Senna) -> No action taken. [d0e51dedfb905fd73d63ee37a95c0df3]
C:\Windows\Thumbs .db (Backdoor.Senna) -> No action taken. [d0e51dedfb905fd73d63ee37a95c0df3]
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 32
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com (Worm.Autorun) -> No action taken. [595c0cfe87046acc9cdccc12a95b6799]
C:\Windows\Thumbs .db (Backdoor.Senna) -> No action taken. [d0e51dedfb905fd73d63ee37a95c0df3]
C:\Users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com (Worm.Autorun) -> No action taken. [ded7f6143c4f4aec45334b93b4500af6]
C:\$Recycle.Bin .scr (Worm.Autorun) -> No action taken. [85304bbf8803270f5127b92502026a96]
C:\ADCDA2 .scr (Worm.Autorun) -> No action taken. [3382c64498f3ca6c5b1d9648947059a7]
C:\ProgramData .scr (Worm.Autorun) -> No action taken. [2590997129621125cfa99c42ea1a9769]
C:\Programme .scr (Worm.Autorun) -> No action taken. [e1d444c6f8939c9afb7d835b857feb15]
C:\SPLASH.000 .scr (Worm.Autorun) -> No action taken. [209558b2d5b6c96d0a6e26b8838120e0]
C:\SPLASH.SYS .scr (Worm.Autorun) -> No action taken. [4174020892f96fc79fd9e7f74bb926da]
C:\temp .scr (Worm.Autorun) -> No action taken. [268f9971cdbe5adc88f08f4ffe06be42]
C:\Thumbs .db (Backdoor.Senna) -> No action taken. [a51049c1424981b5b1efbf66e91cff01]
C:\Thumbs.com (Worm.Autorun) -> No action taken. [2d882fdb6c1f43f30177617dd82cee12]
C:\Update .scr (Worm.Autorun) -> No action taken. [4f66f3179eedde5827519b43a361e21e]
C:\Windows .scr (Worm.Autorun) -> No action taken. [85302ae093f80f2728509648fe068c74]
C:\Documents and Settings .scr (Worm.Autorun) -> No action taken. [5e57b2588b0092a4b1c7fae4af5545bb]
C:\Dokumente und Einstellungen .scr (Worm.Autorun) -> No action taken. [cce9f218ff8ce650caae746a20e4b24e]
C:\Download .scr (Worm.Autorun) -> No action taken. [11a4f317117a2511f187f0ee020216ea]
C:\FRST .scr (Worm.Autorun) -> No action taken. [e7ce26e4286346f0d7a1f4eaa85c8878]
C:\Infineon .scr (Worm.Autorun) -> No action taken. [7144c347a0ebe05680f839a537cd50b0]
C:\Intel .scr (Worm.Autorun) -> No action taken. [eacbe822ccbf142291e79e402dd73ac6]
C:\KingBill GmbH .scr (Worm.Autorun) -> No action taken. [a1148a80d0bb1c1af58300de808414ec]
C:\Log .scr (Worm.Autorun) -> No action taken. [6a4bdc2e54372a0ce98f736b11f3c13f]
C:\MSOCache .scr (Worm.Autorun) -> No action taken. [f5c03dcdd8b359dd7bfd7f5f15ef04fc]
C:\OptSmartHub .scr (Worm.Autorun) -> No action taken. [bbfa51b9791255e191e76876ad5752ae]
C:\PerfLogs .scr (Worm.Autorun) -> No action taken. [6253aa60abe07bbbdd9b8c52828214ec]
C:\Program Files (x86) .scr (Worm.Autorun) -> No action taken. [872eb555dab18fa7a8d0af2fd52fee12]
C:\Program Files .scr (Worm.Autorun) -> No action taken. [fbba7991a6e54aec6d0bf9e5966e1ce4]
C:\adobeTemp .scr (Worm.Autorun) -> No action taken. [43726aa0d2b9b08690e8a33b9d67f907]
C:\AllShare - Kopie .scr (Worm.Autorun) -> No action taken. [14a1858577143402fb7d97470afa7987]
C:\AllShare .scr (Worm.Autorun) -> No action taken. [2e8721e9dab100364e2aa9350202dc24]
C:\Audatex .scr (Worm.Autorun) -> No action taken. [03b2a9617912f541f583b22c08fcc13f]
C:\Documentation .scr (Worm.Autorun) -> No action taken. [ae07907ab1da6dc981f775695ea6857b]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
www.malwarebytes.org Database version: main: v2015.08.19.09 rootkit: v2015.08.16.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 sv-sos :: SV-SOS-VAIO [administrator] 20.08.2015 13:17:18 mbar-log-2015-08-20 (13-17-18).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 397503 Time elapsed: 54 minute(s), 17 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Hi, "Schrauber"! Habe insgesamt 5 mal mit mbar gescannt. Er hat immer nur Festplatte C gescannt. Als er die funde gelöscht hat, ist mir aufgefallen, dass die sichtbaren scr. Ordner auf der C-festplatte verschwunden sind. aber die versteckten Ordner (Datei-Ordner) sind noch da. Und mir ist aufgefallen, dass auf der C-Festplatte ca. 2Gb mehr Speicher frei sind. Die D-festplatte hat noch unverändert die scr-Ordner und die ausgeblendeten Dateiordner. beim 3.scan hatte mbar wieder was gefunden. deshalb musste ich mehrmals scannen. Ich werde jetzt TDSSKiller anwenden, nach Deiner anleitung. Ergebnis folgt. LG |
|
20.08.2015, 13:57
| #9 |
| | Ordner sind jetzt scr Dateien!Code:
ATTFilter 14:35:59.0305 0x11fc TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
14:36:05.0668 0x11fc ============================================================
14:36:05.0668 0x11fc Current date / time: 2015/08/20 14:36:05.0668
14:36:05.0668 0x11fc SystemInfo:
14:36:05.0668 0x11fc
14:36:05.0668 0x11fc OS Version: 6.1.7601 ServicePack: 1.0
14:36:05.0668 0x11fc Product type: Workstation
14:36:05.0668 0x11fc ComputerName: SV-SOS-VAIO
14:36:05.0668 0x11fc UserName: sv-sos
14:36:05.0668 0x11fc Windows directory: C:\Windows
14:36:05.0668 0x11fc System windows directory: C:\Windows
14:36:05.0668 0x11fc Running under WOW64
14:36:05.0668 0x11fc Processor architecture: Intel x64
14:36:05.0668 0x11fc Number of processors: 4
14:36:05.0668 0x11fc Page size: 0x1000
14:36:05.0668 0x11fc Boot type: Normal boot
14:36:05.0668 0x11fc ============================================================
14:36:05.0828 0x11fc KLMD registered as C:\Windows\system32\drivers\84907708.sys
14:36:06.0608 0x11fc System UUID: {8FFB5EE5-E838-79BC-9139-09F8293CB38D}
14:36:07.0755 0x11fc Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:36:07.0762 0x11fc ============================================================
14:36:07.0762 0x11fc \Device\Harddisk0\DR0:
14:36:07.0762 0x11fc MBR partitions:
14:36:07.0763 0x11fc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BD3800, BlocksNum 0x32000
14:36:07.0763 0x11fc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C05800, BlocksNum 0xD736104
14:36:07.0763 0x11fc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xF33B904, BlocksNum 0x3B51C9AB
14:36:07.0763 0x11fc ============================================================
14:36:07.0802 0x11fc C: <-> \Device\Harddisk0\DR0\Partition2
14:36:07.0922 0x11fc D: <-> \Device\Harddisk0\DR0\Partition3
14:36:07.0922 0x11fc ============================================================
14:36:07.0922 0x11fc Initialize success
14:36:07.0922 0x11fc ============================================================
14:37:30.0566 0x18c4 ============================================================
14:37:30.0566 0x18c4 Scan started
14:37:30.0566 0x18c4 Mode: Manual; SigCheck; TDLFS;
14:37:30.0566 0x18c4 ============================================================
14:37:30.0566 0x18c4 KSN ping started
14:37:33.0031 0x18c4 KSN ping finished: true
14:37:34.0347 0x18c4 ================ Scan system memory ========================
14:37:34.0347 0x18c4 System memory - ok
14:37:34.0349 0x18c4 ================ Scan services =============================
14:37:34.0593 0x18c4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:37:34.0745 0x18c4 1394ohci - ok
14:37:34.0852 0x18c4 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:37:34.0911 0x18c4 ACDaemon - ok
14:37:34.0975 0x18c4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:37:35.0019 0x18c4 ACPI - ok
14:37:35.0044 0x18c4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:37:35.0139 0x18c4 AcpiPmi - ok
14:37:35.0250 0x18c4 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:37:35.0281 0x18c4 AdobeARMservice - ok
14:37:35.0359 0x18c4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:37:35.0415 0x18c4 adp94xx - ok
14:37:35.0478 0x18c4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:37:35.0522 0x18c4 adpahci - ok
14:37:35.0557 0x18c4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:37:35.0593 0x18c4 adpu320 - ok
14:37:35.0630 0x18c4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:37:35.0788 0x18c4 AeLookupSvc - ok
14:37:35.0879 0x18c4 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
14:37:35.0970 0x18c4 AFD - ok
14:37:36.0010 0x18c4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:37:36.0034 0x18c4 agp440 - ok
14:37:36.0083 0x18c4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:37:36.0184 0x18c4 ALG - ok
14:37:36.0226 0x18c4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:37:36.0248 0x18c4 aliide - ok
14:37:36.0288 0x18c4 [ 7288DF84B363113EF5A5E182D48AFC2C, A2D39F6B519CF676ED9B338041DC6431B7EE4EB6D8901B0F1D622E67E79904E7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:37:36.0404 0x18c4 AMD External Events Utility - ok
14:37:36.0435 0x18c4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:37:36.0456 0x18c4 amdide - ok
14:37:36.0497 0x18c4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:37:36.0541 0x18c4 AmdK8 - ok
14:37:37.0130 0x18c4 [ 49C7D5F147DADFFBED4E746903C7E15A, 639E2A294CDB95A9043428451053E566317EE1E4103B2A9B244E7D55C3649E01 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:37:37.0977 0x18c4 amdkmdag - ok
14:37:38.0048 0x18c4 [ 2B76E84DC24A0AE24A26878ACB82B631, A3AA1343164D80E320CBC7B08E564E7DD62D962B76FF777D5E2C9EC1C708B3B6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:37:38.0101 0x18c4 amdkmdap - ok
14:37:38.0131 0x18c4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:37:38.0178 0x18c4 AmdPPM - ok
14:37:38.0213 0x18c4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:37:38.0238 0x18c4 amdsata - ok
14:37:38.0282 0x18c4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:37:38.0308 0x18c4 amdsbs - ok
14:37:38.0332 0x18c4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:37:38.0349 0x18c4 amdxata - ok
14:37:38.0403 0x18c4 [ 6D5225F0DD9EB4937A10BA05235FA6F1, C69E767F830C926ED4FDA13F29E2ABCC5497EF550DD186279CC598CE0E6540D8 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
14:37:38.0476 0x18c4 AMPPAL - ok
14:37:38.0489 0x18c4 [ 6D5225F0DD9EB4937A10BA05235FA6F1, C69E767F830C926ED4FDA13F29E2ABCC5497EF550DD186279CC598CE0E6540D8 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
14:37:38.0511 0x18c4 AMPPALP - ok
14:37:38.0655 0x18c4 [ 75130C273367F6AEA472BA34F1D43B45, 75333ABF1D89102E6C22BABCBDC6DB5607329D787647D72546B4DE264FAE49F3 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
14:37:38.0713 0x18c4 AMPPALR3 - ok
14:37:38.0942 0x18c4 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
14:37:39.0002 0x18c4 AntiVirMailService - ok
14:37:39.0063 0x18c4 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
14:37:39.0102 0x18c4 AntiVirSchedulerService - ok
14:37:39.0143 0x18c4 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
14:37:39.0187 0x18c4 AntiVirService - ok
14:37:39.0288 0x18c4 [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
14:37:39.0372 0x18c4 AntiVirWebService - ok
14:37:39.0453 0x18c4 [ 30682A098E12E2C85FA65518E1618195, 5764718CCCC6667BB656B2273E5516EFE5006E32EEC32CE918029586DC4A7B98 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
14:37:39.0474 0x18c4 AnyDVD - ok
14:37:39.0518 0x18c4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
14:37:39.0662 0x18c4 AppID - ok
14:37:39.0697 0x18c4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:37:39.0778 0x18c4 AppIDSvc - ok
14:37:39.0817 0x18c4 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
14:37:39.0910 0x18c4 Appinfo - ok
14:37:39.0967 0x18c4 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:37:39.0983 0x18c4 Apple Mobile Device - ok
14:37:40.0010 0x18c4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:37:40.0061 0x18c4 AppMgmt - ok
14:37:40.0097 0x18c4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
14:37:40.0119 0x18c4 arc - ok
14:37:40.0150 0x18c4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:37:40.0175 0x18c4 arcsas - ok
14:37:40.0289 0x18c4 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:37:40.0311 0x18c4 aspnet_state - ok
14:37:40.0346 0x18c4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:37:40.0436 0x18c4 AsyncMac - ok
14:37:40.0475 0x18c4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:37:40.0494 0x18c4 atapi - ok
14:37:40.0608 0x18c4 [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:37:40.0775 0x18c4 athr - ok
14:37:40.0865 0x18c4 [ 26970F26EBAB7D5D1B795A3F9013CD80, 868C1893ACF51DD5A099E91084146917E7FAA859492C2822258EFDE68B30899D ] ATSwpWDF C:\Windows\system32\DRIVERS\ATSwpWDF.sys
14:37:40.0929 0x18c4 ATSwpWDF - ok
14:37:40.0995 0x18c4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:37:41.0136 0x18c4 AudioEndpointBuilder - ok
14:37:41.0175 0x18c4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:37:41.0305 0x18c4 AudioSrv - ok
14:37:41.0397 0x18c4 [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:37:41.0424 0x18c4 avgntflt - ok
14:37:41.0450 0x18c4 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:37:41.0479 0x18c4 avipbb - ok
14:37:41.0592 0x18c4 [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
14:37:41.0624 0x18c4 Avira.ServiceHost - ok
14:37:41.0653 0x18c4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:37:41.0674 0x18c4 avkmgr - ok
14:37:41.0712 0x18c4 [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura C:\Windows\system32\DRIVERS\avmaura.sys
14:37:41.0757 0x18c4 avmaura - ok
14:37:41.0776 0x18c4 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
14:37:41.0797 0x18c4 avnetflt - ok
14:37:41.0846 0x18c4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:37:41.0941 0x18c4 AxInstSV - ok
14:37:42.0003 0x18c4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:37:42.0084 0x18c4 b06bdrv - ok
14:37:42.0133 0x18c4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:37:42.0184 0x18c4 b57nd60a - ok
14:37:42.0267 0x18c4 [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
14:37:42.0298 0x18c4 BBSvc - ok
14:37:42.0350 0x18c4 [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
14:37:42.0385 0x18c4 BBUpdate - ok
14:37:42.0423 0x18c4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:37:42.0481 0x18c4 BDESVC - ok
14:37:42.0518 0x18c4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:37:42.0614 0x18c4 Beep - ok
14:37:42.0707 0x18c4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:37:42.0851 0x18c4 BFE - ok
14:37:42.0918 0x18c4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:37:43.0081 0x18c4 BITS - ok
14:37:43.0110 0x18c4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:37:43.0149 0x18c4 blbdrive - ok
14:37:43.0313 0x18c4 [ 2E251B39ABEA79351E5633E5A7C36BE4, D0846A3BC39E1670574F48BDC9C03E5F8547D7EF81BD6FD8BE6F6C9FDB2F5409 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:37:43.0411 0x18c4 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic ( 1 )
14:37:45.0798 0x18c4 Detect skipped due to KSN trusted
14:37:45.0799 0x18c4 Bluetooth Device Monitor - ok
14:37:45.0956 0x18c4 [ 1EC546F8B6222F1F984220C1324EA945, F512906E39E1D3A52C8BABCB625B75D2D9CC35B455687F97EEF07C395636E579 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
14:37:46.0085 0x18c4 Bluetooth Media Service - detected UnsignedFile.Multi.Generic ( 1 )
14:37:48.0465 0x18c4 Detect skipped due to KSN trusted
14:37:48.0465 0x18c4 Bluetooth Media Service - ok
14:37:48.0579 0x18c4 [ ADB9C79CCBEF779D56A9AC931F9C8DF0, BBFB0EEA5464239F4A232063C656D3BB1243CC5DE5FF871C91382FBB5B15E167 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:37:48.0663 0x18c4 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic ( 1 )
14:37:51.0049 0x18c4 Detect skipped due to KSN trusted
14:37:51.0050 0x18c4 Bluetooth OBEX Service - ok
14:37:51.0148 0x18c4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:37:51.0192 0x18c4 Bonjour Service - ok
14:37:51.0225 0x18c4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:37:51.0275 0x18c4 bowser - ok
14:37:51.0294 0x18c4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:37:51.0333 0x18c4 BrFiltLo - ok
14:37:51.0365 0x18c4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:37:51.0394 0x18c4 BrFiltUp - ok
14:37:51.0438 0x18c4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:37:51.0486 0x18c4 Browser - ok
14:37:51.0517 0x18c4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:37:51.0603 0x18c4 Brserid - ok
14:37:51.0641 0x18c4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:37:51.0678 0x18c4 BrSerWdm - ok
14:37:51.0711 0x18c4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:37:51.0751 0x18c4 BrUsbMdm - ok
14:37:51.0758 0x18c4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:37:51.0792 0x18c4 BrUsbSer - ok
14:37:51.0844 0x18c4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:37:51.0897 0x18c4 BthEnum - ok
14:37:51.0937 0x18c4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:37:51.0985 0x18c4 BTHMODEM - ok
14:37:52.0035 0x18c4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:37:52.0082 0x18c4 BthPan - ok
14:37:52.0142 0x18c4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:37:52.0218 0x18c4 BTHPORT - ok
14:37:52.0258 0x18c4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:37:52.0331 0x18c4 bthserv - ok
14:37:52.0356 0x18c4 [ 68389D0AA570BD089FDF7802ABBC0B8C, B2356724A0B6EE0E8C73107119314DA3BBF20B2EC457C07C7360121B5B9D2F22 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
14:37:52.0379 0x18c4 BTHSSecurityMgr - ok
14:37:52.0416 0x18c4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:37:52.0448 0x18c4 BTHUSB - ok
14:37:52.0499 0x18c4 [ 274E47BD9C1367BDBFA9DF10C2E6C544, 196D7274AE0A461F58E8D18866DFC5C5ED35740EFEE34C348A7B9B225E4ED438 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
14:37:52.0542 0x18c4 btmaudio - ok
14:37:52.0590 0x18c4 [ 76A1340ADB32798D18394AA424D584E2, 668DDA99323BB2B683A01E8E2261274C930952B91D9EF274B49DB2E3BB2B842D ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
14:37:52.0636 0x18c4 btmaux - ok
14:37:52.0673 0x18c4 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7, E9ECEAA4F740A667C071EDEA1359491B221E5AA43A990744859CA7CC40E67F6C ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
14:37:52.0722 0x18c4 btmhsf - ok
14:37:52.0758 0x18c4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:37:52.0840 0x18c4 cdfs - ok
14:37:52.0865 0x18c4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:37:52.0897 0x18c4 cdrom - ok
14:37:52.0930 0x18c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:37:53.0019 0x18c4 CertPropSvc - ok
14:37:53.0050 0x18c4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
14:37:53.0092 0x18c4 circlass - ok
14:37:53.0129 0x18c4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
14:37:53.0169 0x18c4 CLFS - ok
14:37:53.0233 0x18c4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:37:53.0251 0x18c4 clr_optimization_v2.0.50727_32 - ok
14:37:53.0295 0x18c4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:37:53.0319 0x18c4 clr_optimization_v2.0.50727_64 - ok
14:37:53.0369 0x18c4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:37:53.0390 0x18c4 clr_optimization_v4.0.30319_32 - ok
14:37:53.0419 0x18c4 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:37:53.0451 0x18c4 clr_optimization_v4.0.30319_64 - ok
14:37:53.0482 0x18c4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:37:53.0521 0x18c4 CmBatt - ok
14:37:53.0552 0x18c4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:37:53.0568 0x18c4 cmdide - ok
14:37:53.0628 0x18c4 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
14:37:53.0680 0x18c4 CNG - ok
14:37:53.0704 0x18c4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:37:53.0727 0x18c4 Compbatt - ok
14:37:53.0754 0x18c4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:37:53.0797 0x18c4 CompositeBus - ok
14:37:53.0806 0x18c4 COMSysApp - ok
14:37:53.0839 0x18c4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:37:53.0858 0x18c4 crcdisk - ok
14:37:53.0908 0x18c4 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:37:53.0964 0x18c4 CryptSvc - ok
14:37:54.0003 0x18c4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:37:54.0088 0x18c4 CSC - ok
14:37:54.0151 0x18c4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:37:54.0234 0x18c4 CscService - ok
14:37:54.0293 0x18c4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:37:54.0407 0x18c4 DcomLaunch - ok
14:37:54.0469 0x18c4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:37:54.0578 0x18c4 defragsvc - ok
14:37:54.0614 0x18c4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:37:54.0718 0x18c4 DfsC - ok
14:37:54.0776 0x18c4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:37:54.0838 0x18c4 Dhcp - ok
14:37:54.0865 0x18c4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:37:54.0947 0x18c4 discache - ok
14:37:54.0991 0x18c4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
14:37:55.0014 0x18c4 Disk - ok
14:37:55.0033 0x18c4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:37:55.0091 0x18c4 dmvsc - ok
14:37:55.0124 0x18c4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:37:55.0178 0x18c4 Dnscache - ok
14:37:55.0218 0x18c4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:37:55.0308 0x18c4 dot3svc - ok
14:37:55.0347 0x18c4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:37:55.0430 0x18c4 DPS - ok
14:37:55.0459 0x18c4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:37:55.0500 0x18c4 drmkaud - ok
14:37:55.0552 0x18c4 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:37:55.0579 0x18c4 dtsoftbus01 - ok
14:37:55.0654 0x18c4 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:37:55.0726 0x18c4 DXGKrnl - ok
14:37:55.0765 0x18c4 [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
14:37:55.0808 0x18c4 e1yexpress - ok
14:37:55.0852 0x18c4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:37:55.0952 0x18c4 EapHost - ok
14:37:56.0160 0x18c4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:37:56.0433 0x18c4 ebdrv - ok
14:37:56.0468 0x18c4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
14:37:56.0511 0x18c4 EFS - ok
14:37:56.0597 0x18c4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:37:56.0690 0x18c4 ehRecvr - ok
14:37:56.0720 0x18c4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:37:56.0764 0x18c4 ehSched - ok
14:37:56.0817 0x18c4 [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
14:37:56.0834 0x18c4 ElbyCDIO - ok
14:37:56.0895 0x18c4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:37:56.0941 0x18c4 elxstor - ok
14:37:56.0993 0x18c4 [ F1D1966D85FA57F5F91A39C8F31FB9D8, 14E2DDB4DAA928640CB5450EF469ED95DEEC6E22F281025E843ADBA6D188F860 ] emAudio C:\Windows\system32\DRIVERS\emAudio64.sys
14:37:57.0011 0x18c4 emAudio - ok
14:37:57.0026 0x18c4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:37:57.0061 0x18c4 ErrDev - ok
14:37:57.0137 0x18c4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:37:57.0238 0x18c4 EventSystem - ok
14:37:57.0362 0x18c4 [ 88894171B312B829150CC7B25202D70A, 315AB1A4138210EE495F477FB4D3FDA212C723FBE8FBF92CD0EC3391AD3E57E8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:37:57.0456 0x18c4 EvtEng - ok
14:37:57.0503 0x18c4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:37:57.0596 0x18c4 exfat - ok
14:37:57.0654 0x18c4 Fabs - ok
14:37:57.0680 0x18c4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:37:57.0779 0x18c4 fastfat - ok
14:37:57.0882 0x18c4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:37:57.0997 0x18c4 Fax - ok
14:37:58.0044 0x18c4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
14:37:58.0086 0x18c4 fdc - ok
14:37:58.0118 0x18c4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:37:58.0199 0x18c4 fdPHost - ok
14:37:58.0208 0x18c4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:37:58.0297 0x18c4 FDResPub - ok
14:37:58.0323 0x18c4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:37:58.0347 0x18c4 FileInfo - ok
14:37:58.0368 0x18c4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:37:58.0466 0x18c4 Filetrace - ok
14:37:58.0580 0x18c4 FirebirdGuardianDefaultInstance - ok
14:37:58.0585 0x18c4 FirebirdServerDefaultInstance - ok
14:37:58.0890 0x18c4 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC, 159EAA1893D871C309A063829CB3BC51A019FBCA1E07530B5CA1A382B2CCAF61 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
14:37:59.0183 0x18c4 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
14:38:01.0575 0x18c4 Detect skipped due to KSN trusted
14:38:01.0576 0x18c4 FirebirdServerMAGIXInstance - ok
14:38:01.0667 0x18c4 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:38:01.0729 0x18c4 FLEXnet Licensing Service - ok
14:38:01.0764 0x18c4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:38:01.0793 0x18c4 flpydisk - ok
14:38:01.0856 0x18c4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:38:01.0893 0x18c4 FltMgr - ok
14:38:02.0034 0x18c4 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
14:38:02.0174 0x18c4 FontCache - ok
14:38:02.0229 0x18c4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:38:02.0248 0x18c4 FontCache3.0.0.0 - ok
14:38:02.0319 0x18c4 [ 8F46017C1442E25B2BED0377A4733EC1, 3F7BBC73DCC145A6E8BC764D37BA1986F6BE52E2BEDADA7E39EA914BC6F4103C ] FPLService C:\Program Files\TrueSuite\TrueSuite.Service.exe
14:38:02.0363 0x18c4 FPLService - ok
14:38:02.0380 0x18c4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:38:02.0409 0x18c4 FsDepends - ok
14:38:02.0434 0x18c4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:38:02.0461 0x18c4 Fs_Rec - ok
14:38:02.0510 0x18c4 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:38:02.0561 0x18c4 fvevol - ok
14:38:02.0594 0x18c4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:38:02.0624 0x18c4 gagp30kx - ok
14:38:02.0660 0x18c4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:38:02.0681 0x18c4 GEARAspiWDM - ok
14:38:02.0775 0x18c4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:38:02.0931 0x18c4 gpsvc - ok
14:38:02.0969 0x18c4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:38:03.0101 0x18c4 hcw85cir - ok
14:38:03.0156 0x18c4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:38:03.0222 0x18c4 HdAudAddService - ok
14:38:03.0262 0x18c4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:38:03.0316 0x18c4 HDAudBus - ok
14:38:03.0348 0x18c4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:38:03.0387 0x18c4 HidBatt - ok
14:38:03.0413 0x18c4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:38:03.0459 0x18c4 HidBth - ok
14:38:03.0484 0x18c4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
14:38:03.0513 0x18c4 HidIr - ok
14:38:03.0547 0x18c4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:38:03.0639 0x18c4 hidserv - ok
14:38:03.0683 0x18c4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:38:03.0709 0x18c4 HidUsb - ok
14:38:03.0739 0x18c4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:38:03.0848 0x18c4 hkmsvc - ok
14:38:03.0878 0x18c4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:38:03.0944 0x18c4 HomeGroupListener - ok
14:38:03.0990 0x18c4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:38:04.0035 0x18c4 HomeGroupProvider - ok
14:38:04.0109 0x18c4 [ C227DFCF703D02EAD4D7E44B0BA7C181, 3A4700E9D42E13051FABF868407B82A04C4A2A363AF229E420E65B62D3586196 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys
14:38:04.0129 0x18c4 hotcore3 - ok
14:38:04.0162 0x18c4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:38:04.0192 0x18c4 HpSAMD - ok
14:38:04.0262 0x18c4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:38:04.0406 0x18c4 HTTP - ok
14:38:04.0423 0x18c4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:38:04.0444 0x18c4 hwpolicy - ok
14:38:04.0480 0x18c4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:38:04.0512 0x18c4 i8042prt - ok
14:38:04.0565 0x18c4 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\drivers\iaStor.sys
14:38:04.0611 0x18c4 iaStor - ok
14:38:04.0660 0x18c4 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:38:04.0681 0x18c4 IAStorDataMgrSvc - ok
14:38:04.0756 0x18c4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:38:04.0808 0x18c4 iaStorV - ok
14:38:04.0825 0x18c4 [ FC47F5CF561BF0FD897EFD1A9604DCCF, C304737F78A772051993A68BB06F860733A8650013A46946A854E47C892C252E ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
14:38:04.0854 0x18c4 iBtFltCoex - ok
14:38:05.0035 0x18c4 [ D72BF0AE484F88399E8343E821C10D6A, E8D78E61EEC80934396F233565DB5682B2475867C98F09C3CE3F906373A5C1A2 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:38:05.0240 0x18c4 IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
14:38:07.0610 0x18c4 Detect skipped due to KSN trusted
14:38:07.0611 0x18c4 IconMan_R - ok
14:38:07.0765 0x18c4 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:38:07.0841 0x18c4 idsvc - ok
14:38:07.0874 0x18c4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:38:07.0891 0x18c4 iirsp - ok
14:38:07.0977 0x18c4 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
14:38:08.0130 0x18c4 IKEEXT - ok
14:38:08.0212 0x18c4 [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
14:38:08.0228 0x18c4 intaud_WaveExtensible - ok
14:38:08.0418 0x18c4 [ 245F0288792486CC37924908AF19A553, EAD61785116A7B15515A5B5C03E484FBF7FAE4009A996AF14980F5752F89567D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:38:08.0637 0x18c4 IntcAzAudAddService - ok
14:38:08.0695 0x18c4 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:38:08.0739 0x18c4 IntcDAud - ok
14:38:08.0775 0x18c4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:38:08.0796 0x18c4 intelide - ok
14:38:09.0782 0x18c4 [ 33FAA40B288002C89529DBD14F3AB72C, 670BA536796322122EBD93F256331899DD2E1834471B017A58F74132EE8DFDB7 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
14:38:10.0780 0x18c4 intelkmd - ok
14:38:10.0829 0x18c4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
14:38:10.0865 0x18c4 intelppm - ok
14:38:10.0899 0x18c4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:38:10.0980 0x18c4 IPBusEnum - ok
14:38:11.0072 0x18c4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:38:11.0160 0x18c4 IpFilterDriver - ok
14:38:11.0243 0x18c4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:38:11.0342 0x18c4 iphlpsvc - ok
14:38:11.0361 0x18c4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:38:11.0415 0x18c4 IPMIDRV - ok
14:38:11.0441 0x18c4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:38:11.0547 0x18c4 IPNAT - ok
14:38:11.0630 0x18c4 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:38:11.0673 0x18c4 iPod Service - ok
14:38:11.0711 0x18c4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:38:11.0761 0x18c4 IRENUM - ok
14:38:11.0796 0x18c4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:38:11.0814 0x18c4 isapnp - ok
14:38:11.0847 0x18c4 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:38:11.0883 0x18c4 iScsiPrt - ok
14:38:11.0939 0x18c4 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys
14:38:11.0958 0x18c4 iwdbus - ok
14:38:11.0983 0x18c4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:38:12.0007 0x18c4 kbdclass - ok
14:38:12.0029 0x18c4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:38:12.0065 0x18c4 kbdhid - ok
14:38:12.0073 0x18c4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
14:38:12.0096 0x18c4 KeyIso - ok
14:38:12.0159 0x18c4 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:38:12.0184 0x18c4 KSecDD - ok
14:38:12.0211 0x18c4 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:38:12.0242 0x18c4 KSecPkg - ok
14:38:12.0293 0x18c4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:38:12.0380 0x18c4 ksthunk - ok
14:38:12.0494 0x18c4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:38:12.0627 0x18c4 KtmRm - ok
14:38:12.0685 0x18c4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:38:12.0778 0x18c4 LanmanServer - ok
14:38:12.0827 0x18c4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:38:12.0939 0x18c4 LanmanWorkstation - ok
14:38:12.0990 0x18c4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:38:13.0102 0x18c4 lltdio - ok
14:38:13.0147 0x18c4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:38:13.0271 0x18c4 lltdsvc - ok
14:38:13.0340 0x18c4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:38:13.0424 0x18c4 lmhosts - ok
14:38:13.0492 0x18c4 [ F4A17DCAB576267C85663E64F3ACE5A4, 6E1231740492480DB0ACD28BF7168547EA114037E3CF2F3869C5FADF3D859BAE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:38:13.0529 0x18c4 LMS - ok
14:38:13.0574 0x18c4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:38:13.0604 0x18c4 LSI_FC - ok
14:38:13.0638 0x18c4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:38:13.0668 0x18c4 LSI_SAS - ok
14:38:13.0717 0x18c4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:38:13.0743 0x18c4 LSI_SAS2 - ok
14:38:13.0765 0x18c4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:38:13.0799 0x18c4 LSI_SCSI - ok
14:38:13.0865 0x18c4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:38:13.0962 0x18c4 luafv - ok
14:38:14.0012 0x18c4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:38:14.0066 0x18c4 Mcx2Svc - ok
14:38:14.0097 0x18c4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
14:38:14.0124 0x18c4 megasas - ok
14:38:14.0197 0x18c4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:38:14.0238 0x18c4 MegaSR - ok
14:38:14.0386 0x18c4 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
14:38:14.0408 0x18c4 MEIx64 - ok
14:38:14.0491 0x18c4 Microsoft SharePoint Workspace Audit Service - ok
14:38:14.0576 0x18c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:38:14.0664 0x18c4 MMCSS - ok
14:38:14.0715 0x18c4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:38:14.0811 0x18c4 Modem - ok
14:38:14.0857 0x18c4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:38:14.0900 0x18c4 monitor - ok
14:38:14.0939 0x18c4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:38:14.0959 0x18c4 mouclass - ok
14:38:14.0979 0x18c4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:38:15.0020 0x18c4 mouhid - ok
14:38:15.0066 0x18c4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:38:15.0098 0x18c4 mountmgr - ok
14:38:15.0176 0x18c4 [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:38:15.0204 0x18c4 MozillaMaintenance - ok
14:38:15.0259 0x18c4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:38:15.0289 0x18c4 mpio - ok
14:38:15.0320 0x18c4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:38:15.0408 0x18c4 mpsdrv - ok
14:38:15.0488 0x18c4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:38:15.0644 0x18c4 MpsSvc - ok
14:38:15.0667 0x18c4 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:38:15.0724 0x18c4 MRxDAV - ok
14:38:15.0756 0x18c4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:38:15.0817 0x18c4 mrxsmb - ok
14:38:15.0849 0x18c4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:38:15.0899 0x18c4 mrxsmb10 - ok
14:38:15.0923 0x18c4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:38:15.0958 0x18c4 mrxsmb20 - ok
14:38:16.0028 0x18c4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:38:16.0050 0x18c4 msahci - ok
14:38:16.0080 0x18c4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:38:16.0115 0x18c4 msdsm - ok
14:38:16.0138 0x18c4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:38:16.0191 0x18c4 MSDTC - ok
14:38:16.0243 0x18c4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:38:16.0373 0x18c4 Msfs - ok
14:38:16.0395 0x18c4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:38:16.0484 0x18c4 mshidkmdf - ok
14:38:16.0519 0x18c4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:38:16.0545 0x18c4 msisadrv - ok
14:38:16.0582 0x18c4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:38:16.0672 0x18c4 MSiSCSI - ok
14:38:16.0678 0x18c4 msiserver - ok
14:38:16.0716 0x18c4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:38:16.0810 0x18c4 MSKSSRV - ok
14:38:16.0816 0x18c4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:38:16.0908 0x18c4 MSPCLOCK - ok
14:38:16.0919 0x18c4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:38:17.0011 0x18c4 MSPQM - ok
14:38:17.0051 0x18c4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:38:17.0101 0x18c4 MsRPC - ok
14:38:17.0137 0x18c4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:38:17.0161 0x18c4 mssmbios - ok
14:38:17.0193 0x18c4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:38:17.0295 0x18c4 MSTEE - ok
14:38:17.0315 0x18c4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:38:17.0343 0x18c4 MTConfig - ok
14:38:17.0360 0x18c4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:38:17.0389 0x18c4 Mup - ok
14:38:17.0442 0x18c4 [ C00F9A366C3CFA2F18CA7835E15E4C95, 5471A077E92AC8ADD3E25325A4D4EE090DF2B779DD1C6DF948466905CC884B4E ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:38:17.0479 0x18c4 MyWiFiDHCPDNS - ok
14:38:17.0547 0x18c4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:38:17.0684 0x18c4 napagent - ok
14:38:17.0745 0x18c4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:38:17.0807 0x18c4 NativeWifiP - ok
14:38:17.0902 0x18c4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:38:17.0981 0x18c4 NDIS - ok
14:38:18.0021 0x18c4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:38:18.0109 0x18c4 NdisCap - ok
14:38:18.0136 0x18c4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:38:18.0218 0x18c4 NdisTapi - ok
14:38:18.0250 0x18c4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:38:18.0353 0x18c4 Ndisuio - ok
14:38:18.0410 0x18c4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:38:18.0531 0x18c4 NdisWan - ok
14:38:18.0614 0x18c4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:38:18.0687 0x18c4 NDProxy - ok
14:38:18.0722 0x18c4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:38:18.0817 0x18c4 NetBIOS - ok
14:38:18.0930 0x18c4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:38:19.0021 0x18c4 NetBT - ok
14:38:19.0036 0x18c4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
14:38:19.0064 0x18c4 Netlogon - ok
14:38:19.0125 0x18c4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:38:19.0243 0x18c4 Netman - ok
14:38:19.0327 0x18c4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:19.0356 0x18c4 NetMsmqActivator - ok
14:38:19.0368 0x18c4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:19.0391 0x18c4 NetPipeActivator - ok
14:38:19.0526 0x18c4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:38:19.0663 0x18c4 netprofm - ok
14:38:19.0694 0x18c4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:19.0723 0x18c4 NetTcpActivator - ok
14:38:19.0736 0x18c4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:19.0766 0x18c4 NetTcpPortSharing - ok
14:38:20.0832 0x18c4 [ B25FE0FA523579B6FA327311A579866E, 46A114A76283B63B1D27F6737259FC9E22B7467EF1EA210D12C7D90BCEC68FE2 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
14:38:21.0667 0x18c4 NETwNs64 - ok
14:38:21.0728 0x18c4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:38:21.0755 0x18c4 nfrd960 - ok
14:38:21.0804 0x18c4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:38:21.0873 0x18c4 NlaSvc - ok
14:38:21.0938 0x18c4 [ 5FE6F8C05F0769BBB74AFAC11453B182, ACF6026EF8D038B73484AE59FBD03559E1263CE134473D7A8C3F97CF71BC640C ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
14:38:22.0023 0x18c4 nmwcd - ok
14:38:22.0063 0x18c4 [ 73C929945C0850B8D1FE2FEA05FDF05D, 665FBA777E5EF3F28828D19F2BBCCB778C1C6105BD830C1E29A1C4739663F0D3 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
14:38:22.0125 0x18c4 nmwcdc - ok
14:38:22.0178 0x18c4 [ 697CA586209E022D15DD0C838B235D6A, 4C1A7E9A15C978DD930372CF149E4FF115BF6742EDD2743AD444323F69A1EB1E ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
14:38:22.0228 0x18c4 nmwcdnsucx64 - ok
14:38:22.0272 0x18c4 [ 292DDF13F91F2CB2482B57AACD6AEB9B, 85DFCB7DCABDDA4DCEEFDDCC0F3C9479156C68CE22CBC90545571E9FD35E78C1 ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
14:38:22.0350 0x18c4 nmwcdnsux64 - ok
14:38:22.0411 0x18c4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:38:22.0506 0x18c4 Npfs - ok
14:38:22.0602 0x18c4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:38:22.0679 0x18c4 nsi - ok
14:38:22.0715 0x18c4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:38:22.0805 0x18c4 nsiproxy - ok
14:38:23.0222 0x18c4 [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:38:23.0377 0x18c4 Ntfs - ok
14:38:23.0475 0x18c4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:38:23.0562 0x18c4 Null - ok
14:38:23.0610 0x18c4 [ B227E75AD10A142DD326B4CC8D73A6D9, CA76D73381ADAB04E86D417788D4EDAAE8343B90DCC9690ED5FFB1C0B1F09057 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
14:38:23.0670 0x18c4 nusb3hub - ok
14:38:23.0726 0x18c4 [ 55959DB860E4E484681586824D09E52C, EEA42F7DF194A84F207A8DC3BA9BF9ACDBFFFA9C611DA9289528C7F64599563F ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:38:23.0795 0x18c4 nusb3xhc - ok
14:38:25.0149 0x18c4 [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:38:26.0035 0x18c4 nvlddmkm - ok
14:38:26.0109 0x18c4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:38:26.0137 0x18c4 nvraid - ok
14:38:26.0190 0x18c4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:38:26.0224 0x18c4 nvstor - ok
14:38:26.0290 0x18c4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:38:26.0321 0x18c4 nv_agp - ok
14:38:26.0348 0x18c4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:38:26.0400 0x18c4 ohci1394 - ok
14:38:26.0481 0x18c4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:38:26.0508 0x18c4 ose - ok
14:38:27.0228 0x18c4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:38:27.0542 0x18c4 osppsvc - ok
14:38:27.0640 0x18c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:38:27.0712 0x18c4 p2pimsvc - ok
14:38:27.0770 0x18c4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:38:27.0831 0x18c4 p2psvc - ok
14:38:27.0874 0x18c4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
14:38:27.0912 0x18c4 Parport - ok
14:38:27.0939 0x18c4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:38:27.0969 0x18c4 partmgr - ok
14:38:28.0058 0x18c4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
14:38:28.0132 0x18c4 PcaSvc - ok
14:38:28.0186 0x18c4 [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
14:38:28.0228 0x18c4 pccsmcfd - ok
14:38:28.0261 0x18c4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:38:28.0295 0x18c4 pci - ok
14:38:28.0323 0x18c4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:38:28.0345 0x18c4 pciide - ok
14:38:28.0410 0x18c4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:38:28.0439 0x18c4 pcmcia - ok
14:38:28.0465 0x18c4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:38:28.0494 0x18c4 pcw - ok
14:38:28.0571 0x18c4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:38:28.0704 0x18c4 PEAUTH - ok
14:38:28.0959 0x18c4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:38:29.0147 0x18c4 PeerDistSvc - ok
14:38:29.0353 0x18c4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:38:29.0402 0x18c4 PerfHost - ok
14:38:29.0559 0x18c4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:38:29.0847 0x18c4 pla - ok
14:38:30.0040 0x18c4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:38:30.0120 0x18c4 PlugPlay - ok
14:38:30.0136 0x18c4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:38:30.0179 0x18c4 PNRPAutoReg - ok
14:38:30.0221 0x18c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:38:30.0275 0x18c4 PNRPsvc - ok
14:38:30.0354 0x18c4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:38:30.0505 0x18c4 PolicyAgent - ok
14:38:30.0590 0x18c4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:38:30.0705 0x18c4 Power - ok
14:38:30.0761 0x18c4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:38:30.0856 0x18c4 PptpMiniport - ok
14:38:30.0901 0x18c4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
14:38:30.0948 0x18c4 Processor - ok
14:38:30.0996 0x18c4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
14:38:31.0065 0x18c4 ProfSvc - ok
14:38:31.0092 0x18c4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
14:38:31.0120 0x18c4 ProtectedStorage - ok
14:38:31.0169 0x18c4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:38:31.0274 0x18c4 Psched - ok
14:38:31.0564 0x18c4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:38:31.0748 0x18c4 ql2300 - ok
14:38:31.0776 0x18c4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:38:31.0809 0x18c4 ql40xx - ok
14:38:31.0874 0x18c4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:38:31.0927 0x18c4 QWAVE - ok
14:38:32.0014 0x18c4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:38:32.0068 0x18c4 QWAVEdrv - ok
14:38:32.0082 0x18c4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:38:32.0178 0x18c4 RasAcd - ok
14:38:32.0223 0x18c4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:38:32.0305 0x18c4 RasAgileVpn - ok
14:38:32.0428 0x18c4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:38:32.0532 0x18c4 RasAuto - ok
14:38:32.0609 0x18c4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:38:32.0707 0x18c4 Rasl2tp - ok
14:38:32.0765 0x18c4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:38:32.0891 0x18c4 RasMan - ok
14:38:32.0930 0x18c4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:38:33.0037 0x18c4 RasPppoe - ok
14:38:33.0084 0x18c4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:38:33.0180 0x18c4 RasSstp - ok
14:38:33.0233 0x18c4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:38:33.0351 0x18c4 rdbss - ok
14:38:33.0400 0x18c4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:38:33.0454 0x18c4 rdpbus - ok
14:38:33.0488 0x18c4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:38:33.0574 0x18c4 RDPCDD - ok
14:38:33.0666 0x18c4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:38:33.0723 0x18c4 RDPDR - ok
14:38:33.0751 0x18c4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:38:33.0835 0x18c4 RDPENCDD - ok
14:38:33.0854 0x18c4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:38:33.0950 0x18c4 RDPREFMP - ok
14:38:34.0047 0x18c4 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:38:34.0112 0x18c4 RDPWD - ok
14:38:34.0170 0x18c4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:38:34.0208 0x18c4 rdyboost - ok
14:38:34.0400 0x18c4 [ 79B2095737F44D9573DE9850D3571C37, A6C64F5F28B0BE6952F0891F6F2E05C78FA73D3D4FB851FEE708BC63B17957E9 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:38:34.0464 0x18c4 RegSrvc - ok
14:38:34.0499 0x18c4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:38:34.0601 0x18c4 RemoteAccess - ok
14:38:34.0684 0x18c4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:38:34.0786 0x18c4 RemoteRegistry - ok
14:38:34.0846 0x18c4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:38:34.0895 0x18c4 RFCOMM - ok
14:38:34.0943 0x18c4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:38:35.0042 0x18c4 RpcEptMapper - ok
14:38:35.0084 0x18c4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:38:35.0125 0x18c4 RpcLocator - ok
14:38:35.0184 0x18c4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:38:35.0301 0x18c4 RpcSs - ok
14:38:35.0354 0x18c4 [ F8FEA7764348C59262B340916CBFEB40, 2CDD8C8821D6083A733683FA113C6D47674DDE68B6CBB2603C0BD8F1C7EF96C2 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
14:38:35.0392 0x18c4 RSPCIESTOR - ok
14:38:35.0432 0x18c4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:38:35.0512 0x18c4 rspndr - ok
14:38:35.0600 0x18c4 [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:38:35.0651 0x18c4 RTL8167 - ok
14:38:35.0680 0x18c4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:38:35.0722 0x18c4 s3cap - ok
14:38:35.0747 0x18c4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
14:38:35.0771 0x18c4 SamSs - ok
14:38:35.0873 0x18c4 [ 328100AF2EFD951EAB657384EC361B6F, 2DECBF74E13511395AA13F931F06F4D557E67654DA3314D0095C332FB758B4D9 ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
14:38:35.0893 0x18c4 SamsungAllShareV2.0 - ok
14:38:35.0927 0x18c4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:38:35.0953 0x18c4 sbp2port - ok
14:38:36.0002 0x18c4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:38:36.0102 0x18c4 SCardSvr - ok
14:38:36.0174 0x18c4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:38:36.0265 0x18c4 scfilter - ok
14:38:36.0497 0x18c4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:38:36.0690 0x18c4 Schedule - ok
14:38:36.0733 0x18c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:38:36.0827 0x18c4 SCPolicySvc - ok
14:38:36.0882 0x18c4 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:38:36.0935 0x18c4 sdbus - ok
14:38:36.0972 0x18c4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:38:37.0041 0x18c4 SDRSVC - ok
14:38:37.0522 0x18c4 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:38:37.0630 0x18c4 SDScannerService - ok
14:38:37.0892 0x18c4 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:38:38.0020 0x18c4 SDUpdateService - ok
14:38:38.0096 0x18c4 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:38:38.0123 0x18c4 SDWSCService - ok
14:38:38.0174 0x18c4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:38:38.0246 0x18c4 secdrv - ok
14:38:38.0291 0x18c4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:38:38.0353 0x18c4 seclogon - ok
14:38:38.0392 0x18c4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:38:38.0471 0x18c4 SENS - ok
14:38:38.0515 0x18c4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:38:38.0557 0x18c4 SensrSvc - ok
14:38:38.0591 0x18c4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:38:38.0624 0x18c4 Serenum - ok
14:38:38.0645 0x18c4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
14:38:38.0699 0x18c4 Serial - ok
14:38:38.0731 0x18c4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:38:38.0774 0x18c4 sermouse - ok
14:38:38.0860 0x18c4 [ C15B813F2FDB44F87F23312472C6E790, 2AA4024C312D0FFDC7DD2F46D011C8C54085216A3B5FA99FA42312C2E991E141 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
14:38:38.0920 0x18c4 ServiceLayer - ok
14:38:39.0008 0x18c4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:38:39.0093 0x18c4 SessionEnv - ok
14:38:39.0135 0x18c4 [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP C:\Windows\system32\drivers\SFEP.sys
14:38:39.0178 0x18c4 SFEP - ok
14:38:39.0195 0x18c4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:38:39.0230 0x18c4 sffdisk - ok
14:38:39.0259 0x18c4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:38:39.0311 0x18c4 sffp_mmc - ok
14:38:39.0367 0x18c4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:38:39.0408 0x18c4 sffp_sd - ok
14:38:39.0460 0x18c4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:38:39.0485 0x18c4 sfloppy - ok
14:38:39.0526 0x18c4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:38:39.0639 0x18c4 SharedAccess - ok
14:38:39.0719 0x18c4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:38:39.0825 0x18c4 ShellHWDetection - ok
14:38:39.0861 0x18c4 [ 1980FE1F5A32067DAD1D8776B63C2669, 26B53EAF89CDBBA8FFA154DBB1F1DA348F894FE1F1D0CA4060E32496464DD5D2 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
14:38:39.0875 0x18c4 SimpleSlideShowServer - ok
14:38:39.0913 0x18c4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:38:39.0934 0x18c4 SiSRaid2 - ok
14:38:40.0009 0x18c4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:38:40.0029 0x18c4 SiSRaid4 - ok
14:38:40.0111 0x18c4 [ 9CD1BB2DB803B6AC642BD643DDB773BC, E03EC2FFBE9720E291D13ABF35E027DFA1324CE0934403D1BF4A8E1B86623053 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:38:40.0134 0x18c4 SkypeUpdate - ok
14:38:40.0192 0x18c4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:38:40.0277 0x18c4 Smb - ok
14:38:40.0340 0x18c4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:38:40.0369 0x18c4 SNMPTRAP - ok
14:38:40.0378 0x18c4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:38:40.0397 0x18c4 spldr - ok
14:38:40.0460 0x18c4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:38:40.0527 0x18c4 Spooler - ok
14:38:40.0864 0x18c4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:38:41.0246 0x18c4 sppsvc - ok
14:38:41.0300 0x18c4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:38:41.0372 0x18c4 sppuinotify - ok
14:38:41.0432 0x18c4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:38:41.0509 0x18c4 srv - ok
14:38:41.0556 0x18c4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:38:41.0619 0x18c4 srv2 - ok
14:38:41.0656 0x18c4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:38:41.0687 0x18c4 srvnet - ok
14:38:41.0743 0x18c4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:38:41.0828 0x18c4 SSDPSRV - ok
14:38:41.0863 0x18c4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:38:41.0944 0x18c4 SstpSvc - ok
14:38:41.0973 0x18c4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:38:41.0996 0x18c4 stexstor - ok
14:38:42.0068 0x18c4 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:38:42.0104 0x18c4 StillCam - ok
14:38:42.0170 0x18c4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:38:42.0254 0x18c4 stisvc - ok
14:38:42.0287 0x18c4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:38:42.0311 0x18c4 storflt - ok
14:38:42.0374 0x18c4 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
14:38:42.0415 0x18c4 StorSvc - ok
14:38:42.0449 0x18c4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:38:42.0472 0x18c4 storvsc - ok
14:38:42.0515 0x18c4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:38:42.0537 0x18c4 swenum - ok
14:38:42.0742 0x18c4 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:38:42.0805 0x18c4 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
14:38:45.0192 0x18c4 Detect skipped due to KSN trusted
14:38:45.0192 0x18c4 SwitchBoard - ok
14:38:45.0266 0x18c4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:38:45.0416 0x18c4 swprv - ok
14:38:45.0571 0x18c4 [ E7001F38B797D1CE4264BCE252DFD76E, 42A9E9D41E6499963E3473E5578F7B40F131764829C66A8545FB7FC95AC9626B ] SynTP C:\Windows\system32\drivers\SynTP.sys
14:38:45.0701 0x18c4 SynTP - ok
14:38:46.0007 0x18c4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:38:46.0236 0x18c4 SysMain - ok
14:38:46.0339 0x18c4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:38:46.0404 0x18c4 TabletInputService - ok
14:38:46.0436 0x18c4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:38:46.0535 0x18c4 TapiSrv - ok
14:38:46.0638 0x18c4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:38:46.0747 0x18c4 TBS - ok
14:38:47.0063 0x18c4 [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:38:47.0220 0x18c4 Tcpip - ok
14:38:47.0381 0x18c4 [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:38:47.0561 0x18c4 TCPIP6 - ok
14:38:47.0612 0x18c4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:38:47.0639 0x18c4 tcpipreg - ok
14:38:47.0687 0x18c4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:38:47.0751 0x18c4 TDPIPE - ok
14:38:47.0786 0x18c4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:38:47.0812 0x18c4 TDTCP - ok
14:38:47.0863 0x18c4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:38:47.0955 0x18c4 tdx - ok
14:38:48.0511 0x18c4 [ 2B29FD3AF7B4FEB272CD1F6EEC8FE4BA, 2E3E775218F1A9DCD977C7D42D0AADDA83A76DCBF65FB25E0F0215ABE3D55C5B ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
14:38:48.0838 0x18c4 TeamViewer9 - ok
14:38:48.0944 0x18c4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:38:48.0968 0x18c4 TermDD - ok
14:38:49.0080 0x18c4 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
14:38:49.0239 0x18c4 TermService - ok
14:38:49.0358 0x18c4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:38:49.0397 0x18c4 Themes - ok
14:38:49.0477 0x18c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:38:49.0569 0x18c4 THREADORDER - ok
14:38:49.0614 0x18c4 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
14:38:49.0640 0x18c4 TPM - ok
14:38:49.0681 0x18c4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:38:49.0793 0x18c4 TrkWks - ok
14:38:49.0853 0x18c4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:38:49.0945 0x18c4 TrustedInstaller - ok
14:38:50.0023 0x18c4 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:38:50.0135 0x18c4 tssecsrv - ok
14:38:50.0161 0x18c4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:38:50.0222 0x18c4 TsUsbFlt - ok
14:38:50.0270 0x18c4 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:38:50.0310 0x18c4 TsUsbGD - ok
14:38:50.0338 0x18c4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:38:50.0431 0x18c4 tunnel - ok
14:38:50.0461 0x18c4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:38:50.0489 0x18c4 uagp35 - ok
14:38:50.0550 0x18c4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:38:50.0675 0x18c4 udfs - ok
14:38:50.0761 0x18c4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:38:50.0795 0x18c4 UI0Detect - ok
14:38:50.0831 0x18c4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:38:50.0857 0x18c4 uliagpkx - ok
14:38:50.0927 0x18c4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:38:50.0964 0x18c4 umbus - ok
14:38:50.0991 0x18c4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
14:38:51.0038 0x18c4 UmPass - ok
14:38:51.0068 0x18c4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:38:51.0110 0x18c4 UmRdpService - ok
14:38:51.0464 0x18c4 [ DB641944F7E4B14C13C3FEFC89843F69, C106F10E802A67D43C9F0591A4A2477F7EF7911C3313C3844A02E3C061FD3EAA ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:38:51.0655 0x18c4 UNS - ok
14:38:51.0709 0x18c4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:38:51.0830 0x18c4 upnphost - ok
14:38:51.0881 0x18c4 [ 34AFB83C7BBA370E404E52CC2290350C, 1B3F9DF6C0DA8166FE02D4B2B8E3D5A432FE84A248516D0F5DA9E42076095AB8 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
14:38:51.0953 0x18c4 upperdev - ok
14:38:52.0066 0x18c4 [ 35FEF2D9BE0276D6CAB3A47B9198ABAF, 3C0BCE624E1AE7BC18F5157F3FB5049F6DD1E29F55F368C240FF5DC18F69E1D2 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
14:38:52.0117 0x18c4 USB28xxBGA - ok
14:38:52.0168 0x18c4 [ 1378006A1CCDAC5B9E7CCB1EA677CC2D, A23BFCE40701EC71ACA4151898EA04820FF5E5275D0A34352725CFA66CB71515 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
14:38:52.0219 0x18c4 USB28xxOEM - ok
14:38:52.0277 0x18c4 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:38:52.0333 0x18c4 usbaudio - ok
14:38:52.0380 0x18c4 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:38:52.0428 0x18c4 usbccgp - ok
14:38:52.0467 0x18c4 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:38:52.0506 0x18c4 usbcir - ok
14:38:52.0540 0x18c4 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:38:52.0588 0x18c4 usbehci - ok
14:38:52.0642 0x18c4 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\drivers\usbhub.sys
14:38:52.0703 0x18c4 usbhub - ok
14:38:52.0718 0x18c4 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:38:52.0759 0x18c4 usbohci - ok
14:38:52.0786 0x18c4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:38:52.0827 0x18c4 usbprint - ok
14:38:52.0887 0x18c4 [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser C:\Windows\system32\drivers\usbser.sys
14:38:52.0915 0x18c4 usbser - ok
14:38:52.0934 0x18c4 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA, D7A3069913CF8A7F281AC2D7C1FA58FA31A05D7E35E93D7588F4B3B18B3377FD ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
14:38:52.0997 0x18c4 UsbserFilt - ok
14:38:53.0036 0x18c4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:38:53.0095 0x18c4 USBSTOR - ok
14:38:53.0116 0x18c4 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:38:53.0150 0x18c4 usbuhci - ok
14:38:53.0195 0x18c4 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:38:53.0242 0x18c4 usbvideo - ok
14:38:53.0278 0x18c4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:38:53.0383 0x18c4 UxSms - ok
14:38:53.0456 0x18c4 [ 203FD19D70549A2939E1AE3A36608151, 2B965E52571B6F409132E5D7608B794D56538314BD4E68E58F9CBA39450A94B2 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
14:38:53.0478 0x18c4 VAIO Event Service - ok
14:38:53.0603 0x18c4 [ 367578C5283B54F32B62E2F0E237046F, 866BB174CCA23A3E925D21DA91E2A0A81F1ADFF8F0BCDE322CBBB2808B4BC35E ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
14:38:53.0662 0x18c4 VAIO Power Management - ok
14:38:53.0715 0x18c4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
14:38:53.0745 0x18c4 VaultSvc - ok
14:38:53.0825 0x18c4 [ D076011ECD0D1310E879F32EBF3B4886, F2ED6F82941548CB1A5A54109936847D16C874DEAEF7A234D3170DEE0D1AAE05 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
14:38:53.0848 0x18c4 VCService - ok
14:38:53.0881 0x18c4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:38:53.0909 0x18c4 vdrvroot - ok
14:38:53.0985 0x18c4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:38:54.0125 0x18c4 vds - ok
14:38:54.0169 0x18c4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:38:54.0201 0x18c4 vga - ok
14:38:54.0255 0x18c4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:38:54.0351 0x18c4 VgaSave - ok
14:38:54.0379 0x18c4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:38:54.0414 0x18c4 vhdmp - ok
14:38:54.0447 0x18c4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:38:54.0469 0x18c4 viaide - ok
14:38:54.0535 0x18c4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:38:54.0567 0x18c4 vmbus - ok
14:38:54.0584 0x18c4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:38:54.0622 0x18c4 VMBusHID - ok
14:38:54.0647 0x18c4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:38:54.0676 0x18c4 volmgr - ok
14:38:54.0738 0x18c4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:38:54.0789 0x18c4 volmgrx - ok
14:38:54.0831 0x18c4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:38:54.0874 0x18c4 volsnap - ok
14:38:54.0923 0x18c4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:38:54.0958 0x18c4 vsmraid - ok
14:38:55.0072 0x18c4 [ 6B427EF11B77646E7E3EEFB2C4870191, 8E72C977E6692BA6BCC1FD86C6C915A1F7D7E9BDEC35C46101B61DA3E8720F66 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
14:38:55.0175 0x18c4 VSNService - ok
14:38:55.0310 0x18c4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:38:55.0544 0x18c4 VSS - ok
14:38:55.0712 0x18c4 [ FB4A1695D2D74F9C92CA5E84795CDBE1, A0AF176F3495B81B0EF2F2290BC1575CA907C44F27FDB653F780635AECA1659A ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
14:38:55.0812 0x18c4 VUAgent - ok
14:38:55.0845 0x18c4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:38:55.0894 0x18c4 vwifibus - ok
14:38:55.0930 0x18c4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:38:55.0985 0x18c4 vwififlt - ok
14:38:56.0001 0x18c4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:38:56.0051 0x18c4 vwifimp - ok
14:38:56.0094 0x18c4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:38:56.0202 0x18c4 W32Time - ok
14:38:56.0244 0x18c4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:38:56.0279 0x18c4 WacomPen - ok
14:38:56.0326 0x18c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:38:56.0415 0x18c4 WANARP - ok
14:38:56.0425 0x18c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:38:56.0510 0x18c4 Wanarpv6 - ok
14:38:56.0707 0x18c4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:38:56.0974 0x18c4 wbengine - ok
14:38:57.0044 0x18c4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:38:57.0091 0x18c4 WbioSrvc - ok
14:38:57.0137 0x18c4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:38:57.0220 0x18c4 wcncsvc - ok
14:38:57.0259 0x18c4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:38:57.0309 0x18c4 WcsPlugInService - ok
14:38:57.0340 0x18c4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
14:38:57.0362 0x18c4 Wd - ok
14:38:57.0458 0x18c4 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:38:57.0528 0x18c4 Wdf01000 - ok
14:38:57.0559 0x18c4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:38:57.0680 0x18c4 WdiServiceHost - ok
14:38:57.0703 0x18c4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:38:57.0754 0x18c4 WdiSystemHost - ok
14:38:57.0794 0x18c4 [ 63CE387483E74A0BD79EE4E5EBA1FD2E, BD5DA884D7F0C478B49D15A3902B41302434A0D290B9AF07D74C664C2C562705 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
14:38:57.0817 0x18c4 wdkmd - ok
14:38:57.0874 0x18c4 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
14:38:57.0956 0x18c4 WebClient - ok
14:38:57.0990 0x18c4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:38:58.0119 0x18c4 Wecsvc - ok
14:38:58.0138 0x18c4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:38:58.0245 0x18c4 wercplsupport - ok
14:38:58.0292 0x18c4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:38:58.0382 0x18c4 WerSvc - ok
14:38:58.0429 0x18c4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:38:58.0512 0x18c4 WfpLwf - ok
14:38:58.0530 0x18c4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:38:58.0552 0x18c4 WIMMount - ok
14:38:58.0573 0x18c4 WinDefend - ok
14:38:58.0709 0x18c4 [ 267863F04B01EE0F748B0998064B77A3, CB778113CAF62C2F0DD8385331D1BA1B948DEFD7761CFB15220AB4DAF2F84949 ] Windows7FirewallService C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
14:38:58.0776 0x18c4 Windows7FirewallService - detected UnsignedFile.Multi.Generic ( 1 )
14:39:01.0339 0x18c4 Windows7FirewallService ( UnsignedFile.Multi.Generic ) - warning
14:39:03.0763 0x18c4 WinHttpAutoProxySvc - ok
14:39:03.0861 0x18c4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:39:03.0946 0x18c4 Winmgmt - ok
14:39:04.0132 0x18c4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
14:39:04.0389 0x18c4 WinRM - ok
14:39:04.0469 0x18c4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:39:04.0508 0x18c4 WinUsb - ok
14:39:04.0585 0x18c4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:39:04.0707 0x18c4 Wlansvc - ok
14:39:04.0767 0x18c4 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:39:04.0793 0x18c4 wlcrasvc - ok
14:39:04.0993 0x18c4 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:39:05.0137 0x18c4 wlidsvc - ok
14:39:05.0224 0x18c4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:39:05.0260 0x18c4 WmiAcpi - ok
14:39:05.0305 0x18c4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:39:05.0364 0x18c4 wmiApSrv - ok
14:39:05.0389 0x18c4 WMPNetworkSvc - ok
14:39:05.0415 0x18c4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:39:05.0457 0x18c4 WPCSvc - ok
14:39:05.0476 0x18c4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:39:05.0522 0x18c4 WPDBusEnum - ok
14:39:05.0553 0x18c4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:39:05.0630 0x18c4 ws2ifsl - ok
14:39:05.0665 0x18c4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:39:05.0727 0x18c4 wscsvc - ok
14:39:05.0732 0x18c4 WSearch - ok
14:39:05.0954 0x18c4 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
14:39:06.0161 0x18c4 wuauserv - ok
14:39:06.0222 0x18c4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:39:06.0276 0x18c4 WudfPf - ok
14:39:06.0333 0x18c4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:39:06.0379 0x18c4 WUDFRd - ok
14:39:06.0401 0x18c4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:39:06.0441 0x18c4 wudfsvc - ok
14:39:06.0486 0x18c4 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:39:06.0534 0x18c4 WwanSvc - ok
14:39:06.0583 0x18c4 ================ Scan global ===============================
14:39:06.0617 0x18c4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:39:06.0670 0x18c4 [ 72CC564BBC70DE268784BCE91EB8A28F, 73C7734DB8264C0A6051553D7B5CF404EB14FB409F30CF58EB3837AD70807A6F ] C:\Windows\system32\winsrv.dll
14:39:06.0696 0x18c4 [ 72CC564BBC70DE268784BCE91EB8A28F, 73C7734DB8264C0A6051553D7B5CF404EB14FB409F30CF58EB3837AD70807A6F ] C:\Windows\system32\winsrv.dll
14:39:06.0782 0x18c4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:39:06.0829 0x18c4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:39:06.0847 0x18c4 [ Global ] - ok
14:39:06.0847 0x18c4 ================ Scan MBR ==================================
14:39:06.0863 0x18c4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:39:07.0718 0x18c4 \Device\Harddisk0\DR0 - ok
14:39:07.0719 0x18c4 ================ Scan VBR ==================================
14:39:07.0739 0x18c4 [ 6C0432FF9FBBA0BFACC1A08CEB0EF0F2 ] \Device\Harddisk0\DR0\Partition1
14:39:07.0741 0x18c4 \Device\Harddisk0\DR0\Partition1 - ok
14:39:07.0760 0x18c4 [ 35F2BD12AE81547268546952592363B9 ] \Device\Harddisk0\DR0\Partition2
14:39:07.0763 0x18c4 \Device\Harddisk0\DR0\Partition2 - ok
14:39:07.0783 0x18c4 [ 3BC624BD6943E28B3082CE46D1AEB179 ] \Device\Harddisk0\DR0\Partition3
14:39:07.0805 0x18c4 \Device\Harddisk0\DR0\Partition3 - ok
14:39:07.0806 0x18c4 ================ Scan generic autorun ======================
14:39:07.0978 0x18c4 [ 8E892585A690BA2F8F208BB2782DB726, 082BAB4F9B8E3678802C8964E22108F1CA24B1387261FA2FCB11D0A7EEFE1079 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:39:08.0127 0x18c4 RtHDVBg_Dolby - ok
14:39:08.0246 0x18c4 [ 31F52459AA89317FFB57EBAF9B4DD8BC, 05DA7048451BEF06B059A86D7FB3084942724F3359BD67A0DFADFB3FFFF6990A ] C:\Windows\system32\igfxtray.exe
14:39:08.0267 0x18c4 IgfxTray - ok
14:39:08.0330 0x18c4 [ 39AC970429FB9E56A29655FA8B959E90, 7272BD9AB1D7D84F352C6A48A4E83D34F0AE456A3404362DCCB04BC2D7D4D564 ] C:\Windows\system32\hkcmd.exe
14:39:08.0371 0x18c4 HotKeysCmds - ok
14:39:08.0413 0x18c4 [ 7CA105C4CCDFCA407859B2DF3D05A645, 36EEE251B2A221F1974A5BE3A743135EB317FF95A32A8B31DA3791573DB7D6BE ] C:\Windows\system32\igfxpers.exe
14:39:08.0455 0x18c4 Persistence - ok
14:39:08.0457 0x18c4 SynTPEnh - ok
14:39:08.0462 0x18c4 BTMTrayAgent - ok
14:39:08.0605 0x18c4 [ EFF7E47F96B4D2BF37EA6E982B39C7E1, DE816838E1EB5C0F8A7FC1C6EA3026DAC89F559315560EED4848912DFF98C473 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
14:39:08.0719 0x18c4 IntelPAN - ok
14:39:08.0803 0x18c4 [ BC66C33D434E999118A0790B734E39C5, C507AC6673314C0CAAEC8F8303E9989788C4E9607DE8A881E02DBD7A801F8F7A ] C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
14:39:08.0873 0x18c4 Windows7FirewallControl - detected UnsignedFile.Multi.Generic ( 1 )
14:39:11.0249 0x18c4 Windows7FirewallControl ( UnsignedFile.Multi.Generic ) - warning
14:39:13.0752 0x18c4 [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
14:39:13.0786 0x18c4 IAStorIcon - ok
14:39:13.0894 0x18c4 [ DC5A24DD7D9DABDABE8DEB824F1E4B18, 90106832FF3EB635B69B19E088D5EECD82353E63707B6DA2F6350FE6EEAB6F70 ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:39:13.0927 0x18c4 StartCCC - ok
14:39:13.0964 0x18c4 [ 4AD491D49890D794BFA77AAB935046C5, 9A3D575C4CF99844DAA1CD11D0F5BAD13653B12941F211A42C27A09B6E079BE8 ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
14:39:13.0987 0x18c4 ISBMgr.exe - ok
14:39:14.0190 0x18c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:39:14.0333 0x18c4 Sidebar - ok
14:39:14.0374 0x18c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:39:14.0423 0x18c4 mctadmin - ok
14:39:14.0498 0x18c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:39:14.0604 0x18c4 Sidebar - ok
14:39:14.0630 0x18c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:39:14.0666 0x18c4 mctadmin - ok
14:39:15.0012 0x18c4 [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
14:39:15.0274 0x18c4 DAEMON Tools Lite - ok
14:39:15.0354 0x18c4 [ 39AF1CDEAFA4FC9D5185FBD9F4D141C4, 4B349FAA52688FAB9663970D601979AC5B8CD6F8C2A37D87CED3ECBC12B9AB34 ] C:\Users\sv-sos\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
14:39:15.0373 0x18c4 Octoshape Streaming Services - ok
14:39:15.0374 0x18c4 Waiting for KSN requests completion. In queue: 9
14:39:16.0374 0x18c4 Waiting for KSN requests completion. In queue: 9
14:39:17.0374 0x18c4 Waiting for KSN requests completion. In queue: 9
14:39:18.0472 0x18c4 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.12.402 ), 0x40000 ( disabled : updated )
14:39:18.0478 0x18c4 Win FW state via NFP2: enabled ( trusted )
14:39:20.0849 0x18c4 ============================================================
14:39:20.0849 0x18c4 Scan finished
14:39:20.0849 0x18c4 ============================================================
14:39:20.0863 0x1ed0 Detected object count: 2
14:39:20.0863 0x1ed0 Actual detected object count: 2
14:40:48.0230 0x1ed0 Windows7FirewallService ( UnsignedFile.Multi.Generic ) - skipped by user
14:40:48.0230 0x1ed0 Windows7FirewallService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:40:48.0232 0x1ed0 Windows7FirewallControl ( UnsignedFile.Multi.Generic ) - skipped by user
14:40:48.0233 0x1ed0 Windows7FirewallControl ( UnsignedFile.Multi.Generic ) - User select action: Skip
Die D-Festplatte wurde nicht verändert. Alle eingeblendete Ordner sind scr-Ordner. Lg |
|
21.08.2015, 07:08
| #10 |
| /// the machine /// TB-Ausbilder | Ordner sind jetzt scr Dateien! Also wir können das hier gerne weiter machen, aber Formatieren und Neuaufsetzen ist schneller. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.08.2015, 10:47
| #11 |
| | Ordner sind jetzt scr Dateien!Code:
ATTFilter ComboFix 15-08-20.01 - sv-sos 21.08.2015 10:54:32.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8108.5395 [GMT 2:00]
ausgeführt von:: c:\users\sv-sos\Downloads\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Autorun.inf
c:\programdata\Roaming
c:\users\sv-sos\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\msdownld.tmp
c:\windows\SysWow64\autoexec.bat
c:\windows\wininit.ini
c:\windows\XSxS
D:\Autorun.inf
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-07-21 bis 2015-08-21 ))))))))))))))))))))))))))))))
.
.
2015-08-21 09:06 . 2015-08-21 09:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-19 22:46 . 2015-08-19 22:46 -------- d-----w- c:\programdata\Malwarebytes
2015-08-19 22:46 . 2015-08-21 08:19 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-08-19 22:46 . 2015-08-20 13:06 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-19 22:34 . 2015-08-20 13:01 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-18 17:17 . 2015-08-19 10:31 -------- d-----w- C:\FRST
2015-08-18 14:37 . 2015-08-18 14:37 -------- d-----w- C:\AllShare - Kopie
2015-08-18 10:20 . 2015-08-18 10:20 -------- d-----w- c:\users\sv-sos\AppData\Roaming\Avira
2015-08-18 10:16 . 2015-07-15 06:37 44088 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-08-18 10:16 . 2015-07-15 06:37 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2015-08-18 10:16 . 2015-07-15 06:37 141416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-08-18 10:16 . 2015-07-15 06:37 162528 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-08-18 10:16 . 2015-08-18 10:20 -------- d-----w- c:\programdata\Avira
2015-08-18 10:16 . 2015-08-18 10:20 -------- d-----w- c:\program files (x86)\Avira
2015-08-18 09:43 . 2015-08-18 09:43 -------- d-----w- c:\program files\Common Files\AV
2015-08-18 09:27 . 2015-08-21 08:44 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2015-08-18 09:27 . 2015-08-21 08:45 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-19 21:53 . 2015-05-19 21:53 426 ----a-w- c:\program files\Autoexec.bat
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"Octoshape Streaming Services"="c:\users\sv-sos\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2011-03-24 107800]
"AVMUSBFernanschluss"="c:\users\sv-sos\AppData\Local\Apps\2.0\YT6M67N0.JOA\W8148AB0.VXY\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [2013-02-20 139264]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-11 343168]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-09-20 60552]
"TrayServer"="c:\program files (x86)\MAGIX\Filme_auf_DVD_7_TerraTec_Edition\TrayServer.exe" [2008-01-17 90112]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2015-07-15 782008]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-07-02 134368]
.
c:\users\sv-sos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
AudaUpdate.lnk - c:\audatex\AudaUpdate\AUDAUPDT.EXE /firstrun [2012-6-6 3271152]
Update Loader.lnk - c:\audatex\AUDAFUSION\AUDAFUSION\AEUL.exe [2010-2-4 4026880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe;c:\program files\Sony\VAIO Update Common\VUAgent.exe [x]
R4 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\audatex\Firebird_2_1\bin\fbguard.exe;c:\audatex\Firebird_2_1\bin\fbguard.exe [x]
S2 FPLService;TrueSuiteService;c:\program files\TrueSuite\TrueSuite.Service.exe;c:\program files\TrueSuite\TrueSuite.Service.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 Windows7FirewallService;Windows7FirewallService;c:\program files\Windows7FirewallControl\Windows7FirewallService.exe;c:\program files\Windows7FirewallControl\Windows7FirewallService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\DRIVERS\ATSwpWDF.sys;c:\windows\SYSNATIVE\DRIVERS\ATSwpWDF.sys [x]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys;c:\windows\SYSNATIVE\DRIVERS\avmaura.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\audatex\Firebird_2_1\bin\fbserver.exe;c:\audatex\Firebird_2_1\bin\fbserver.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-21 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-05-11 00:40]
.
2015-08-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196472479-254760899-211853663-1001Core.job
- c:\users\sv-sos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-18 09:05]
.
2015-08-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196472479-254760899-211853663-1001UA.job
- c:\users\sv-sos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-18 09:05]
.
2015-05-19 c:\windows\Tasks\simplitec Power Suite.job
- c:\program files (x86)\simplitec\simpliclean\PowerSuite.exe [2015-05-19 12:16]
.
2015-08-21 c:\windows\Tasks\simplitec Service Provider.job
- c:\program files (x86)\simplitec\simpliclean\ServiceProvider.exe [2015-05-19 12:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-10 2278504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-28 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-28 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-28 416024]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-11-14 10358784]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2012-01-04 1935120]
"Windows7FirewallControl"="c:\program files\Windows7FirewallControl\Windows7FirewallControl.exe" [2012-04-12 1126400]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\sv-sos\AppData\Roaming\Mozilla\Firefox\Profiles\5b9i8dik.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: network.proxy.type - 2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\Antivirus\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-08-21 11:15:54 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-08-21 09:15
.
Vor Suchlauf: 4.877.586.432 Bytes frei
Nach Suchlauf: 2.605.973.504 Bytes frei
.
- - End Of File - - F6CA59609DDCE7FDDCA21D41BE8583CE
Ich danke Dir erstmal für Deine Mühe! Dann muss ich wohl doch C platt machen. Und die restlichen scr.Dateiordner auf meine D-Festplatte mühevoll manuell beseitigen. Lieben Gruß |
|
22.08.2015, 09:53
| #12 |
| /// the machine /// TB-Ausbilder | Ordner sind jetzt scr Dateien! Oder weiter bereinigen, ich wollte dich nur darauf hinweisen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Ordner sind jetzt scr Dateien! |
| betriebssystem, control, dateien, daten, doppelt, ebenfalls, eingefangen, excel, externe festplatte, firewall, formatieren, gen, neue, neuen, nicht sichtbar, nichts, ordner, platte, problem, scr, scr datei, speicher, speichern, tojaner, virus, windows, windows 7 |
WARNUNG an die MITLESER: 
Linear-Darstellung
