| |
| |||||||
Log-Analyse und Auswertung: Laptop wird langsamerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.10.2015, 18:53
| #1 |
 |  Laptop wird langsamer Guten Abend, in letzter Zeit habe ich das Gefühl, dass mein Laptop immer schneller stark ausgelastet ist. Nun würde ich gerne mal nachschauen lassen ob alles in Ordnung ist. Die Anleitung für Hilfesuchende habe ich befolgt und hier sind meine Logs. 1. Defogger hatte keine Fehlermeldung und hat mir keinen Log gebracht 2. Systemscan mit FRST FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015 durchgeführt von Andreas (Administrator) auf ANDYMEDION (06-10-2015 19:24:07) Gestartet von C:\Users\Andreas\Downloads Geladene Profile: Andreas & (Verfügbare Profile: Andreas) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\csisyncclient.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Spotify Ltd) C:\Users\Andreas\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4461\Agent.exe (Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6160\Battle.net.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\plugin-nm-server.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.) HKLM-x32\...\Run: [EsternTimesMouseExRun] => C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe [3353600 2014-01-10] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [Spotify Web Helper] => C:\Users\Andreas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-04] (Spotify Ltd) HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [Dropbox Update] => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-22] (Dropbox, Inc.) HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [Spotify] => C:\Users\Andreas\AppData\Roaming\Spotify\Spotify.exe [7660648 2015-10-04] (Spotify Ltd) HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Andreas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-04] (Spotify Ltd) HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-22] (Dropbox, Inc.) HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Andreas\AppData\Roaming\Spotify\Spotify.exe [7660648 2015-10-04] (Spotify Ltd) HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1 AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-08-25] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-08-25] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-03-19] () Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-11] ShortcutTarget: Dropbox.lnk -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyServer: [S-1-5-21-1314070972-226921483-1615157590-1002] => 198.2.202.35:80 ProxyServer: [S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => 198.2.202.35:80 Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{7120C2F7-367B-44F0-B758-11BD5785219E}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{CA35CD97-2A84-4D5C-B235-CE57A6AFB7CB}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1314070972-226921483-1615157590-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-1314070972-226921483-1615157590-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/foto/ HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/foto/ SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = SearchScopes: HKU\S-1-5-21-1314070972-226921483-1615157590-1002 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP94A1ED45-3674-419B-ACE3-98E43B8D08B4&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-1314070972-226921483-1615157590-1002 -> {1DC18151-EC01-46BD-A842-D6FCFEECF824} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-1314070972-226921483-1615157590-1002 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = SearchScopes: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP94A1ED45-3674-419B-ACE3-98E43B8D08B4&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1DC18151-EC01-46BD-A842-D6FCFEECF824} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation) BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation) BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation) BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation) BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-12-30] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default FF NewTab: about:newtab FF SearchEngineOrder.1: default-search.net FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-09] () FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-09] () FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-09] () FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1314070972-226921483-1615157590-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1314070972-226921483-1615157590-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-09-25] () FF Plugin HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-09-25] () FF user.js: detected! => C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\user.js [2015-03-18] FF Extension: Amazon-Icon - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\Extensions\amazon-icon@giga.de [2014-02-26] FF Extension: Yahoo! Toolbar - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-09-20] FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-09] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-09] FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-09] FF Extension: Kein Name - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\extensions\46bccaaa-4500-481e-8908-9384802e175a@89a8fdd1-d807-4096-8025-a41093fce600.com [nicht gefunden] Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Keine Datei CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => Keine Datei CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei CHR Profile: C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-08-07] CHR Extension: (Kaspersky Protection) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-11] CHR Extension: (Avira Browserschutz) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-05] CHR Extension: (AdBlock) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-29] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13] CHR Extension: (Amazon-Icon) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-02-26] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Andreas\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-02-26] CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-08-03] () [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation) R2 Intel(R) Bluetooth Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [160712 2013-03-11] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-07-04] (IObit) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] () S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4600264 2013-11-05] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S4 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () [Datei ist nicht signiert] S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.) S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsfw.sys [1366328 2013-04-01] (Motorola Solutions, Inc.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [76744 2013-03-11] (Intel Corporation) R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2014-12-09] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-11] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2014-12-09] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2014-12-09] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-06] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation) R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [299128 2015-08-25] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation) S3 cpuz138; \??\C:\Users\Andreas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-06 19:24 - 2015-10-06 19:24 - 00034428 _____ C:\Users\Andreas\Downloads\FRST.txt 2015-10-06 19:24 - 2015-10-06 19:24 - 00000000 ____D C:\FRST 2015-10-06 19:23 - 2015-10-06 19:23 - 02193920 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe 2015-10-06 19:23 - 2015-10-06 19:23 - 00000476 _____ C:\Users\Andreas\Downloads\defogger_disable.log 2015-10-06 19:23 - 2015-10-06 19:23 - 00000000 _____ C:\Users\Andreas\defogger_reenable 2015-10-06 19:22 - 2015-10-06 19:22 - 00050477 _____ C:\Users\Andreas\Downloads\Defogger.exe 2015-10-06 19:10 - 2015-10-06 19:11 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Andreas\Downloads\mbam-setup-2.1.8.1057 (1).exe 2015-10-06 19:07 - 2015-10-06 19:07 - 00315392 _____ (Microsoft Corporation) C:\Users\Andreas\Downloads\cmd.exe 2015-10-06 19:06 - 2015-10-06 19:06 - 00014491 _____ C:\Users\Andreas\Downloads\hijackthis.log 2015-10-06 19:03 - 2015-10-06 19:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andreas\Downloads\hijackthis.exe 2015-10-06 19:02 - 2015-10-06 19:02 - 01457952 _____ C:\Users\Andreas\Downloads\HijackThis - CHIP-Installer.exe 2015-10-06 19:01 - 2015-10-06 19:01 - 00045268 _____ C:\Users\Andreas\Documents\cc_20151006_190151.reg 2015-10-04 11:13 - 2015-10-04 11:13 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-09-27 17:11 - 2015-09-27 21:30 - 00000000 ____D C:\Users\Andreas\Downloads\Tori 2015-09-19 19:32 - 2015-09-19 19:32 - 00000202 _____ C:\Users\Andreas\Desktop\The Incredible Adventures of Van Helsing III.url 2015-09-17 17:01 - 2015-09-17 17:01 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-09-17 17:01 - 2015-09-17 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-09-12 13:47 - 2015-09-12 13:47 - 00000000 ____D C:\Program Files\Common Files\AV 2015-09-11 17:32 - 2015-09-11 17:32 - 00000000 ____D C:\WINDOWS\SysWOW64\NV 2015-09-11 17:32 - 2015-09-11 17:32 - 00000000 ____D C:\WINDOWS\system32\NV 2015-09-11 17:30 - 2015-08-25 20:46 - 42840368 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 37819184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 22525560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 18543736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 16637336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 15512888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 14936264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 14635792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 13661160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 12185152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 11089200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-09-11 17:30 - 2015-08-25 20:46 - 02940720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 02627704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 01075320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 01064752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 00986232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 00945456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 00512904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 00421544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 00408184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 00364336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 00299128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvkflt.sys 2015-09-11 17:30 - 2015-08-25 20:46 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-09-11 17:30 - 2015-08-25 20:46 - 00031352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys 2015-09-11 17:17 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2015-09-11 17:17 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2015-09-09 16:43 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-09-09 16:43 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-09-09 16:43 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-09-09 16:43 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-09-09 16:43 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-09-09 16:43 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-09-09 16:43 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-09-09 16:43 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-09-09 16:43 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-09-09 16:43 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-09-09 16:43 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-09-09 16:43 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-09-09 16:42 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-09-09 16:42 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-09-09 16:42 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-09-09 16:42 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-09-09 16:42 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-09-09 16:42 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 16:42 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-09 16:42 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-09 16:42 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-09-09 16:42 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 16:42 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 16:42 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 16:42 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-09 16:42 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 16:42 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-09-09 16:42 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-09 16:42 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-09 16:42 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-09-09 16:42 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-09-09 16:42 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-09-09 16:42 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 16:42 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-09-09 16:42 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-09-09 16:42 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-09-09 16:42 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-09-09 16:42 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-09-09 16:42 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-09-09 16:42 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-09-09 16:42 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-09 16:42 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-09-09 16:42 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-09-09 16:42 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-09-09 16:42 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-09-09 16:42 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-09-09 16:42 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-09-09 16:42 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-09-09 16:42 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-09-09 16:42 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-09-09 16:42 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2015-09-09 16:42 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2015-09-09 16:42 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2015-09-09 16:42 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2015-09-09 16:42 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe 2015-09-09 16:42 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 16:42 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe 2015-09-09 16:42 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe 2015-09-09 16:42 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll 2015-09-09 16:42 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll 2015-09-09 16:42 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 16:42 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 16:42 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-09 16:42 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 16:42 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2015-09-09 16:42 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-09-09 16:42 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 16:42 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 16:42 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-09-09 16:42 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-09 16:42 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2015-09-09 16:42 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2015-09-09 16:42 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe 2015-09-09 16:42 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-09-09 16:42 - 2015-07-10 21:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2015-09-09 16:42 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-09-09 16:42 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-09-09 16:42 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-09-09 16:42 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2015-09-09 16:42 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-06 19:23 - 2014-03-04 22:13 - 00000000 ____D C:\Users\Andreas 2015-10-06 19:23 - 2013-08-26 14:01 - 00000000 ____D C:\Users\Andreas\AppData\Local\Battle.net 2015-10-06 19:20 - 2013-08-01 11:43 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1314070972-226921483-1615157590-1002 2015-10-06 19:19 - 2013-09-28 22:36 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Skype 2015-10-06 19:15 - 2015-04-13 19:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-10-06 19:15 - 2015-04-13 19:14 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-10-06 19:15 - 2015-04-13 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-10-06 19:15 - 2015-04-13 19:14 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-10-06 19:14 - 2015-04-13 19:07 - 00000000 ____D C:\Users\Andreas\Downloads\backups 2015-10-06 19:12 - 2015-08-22 05:07 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1314070972-226921483-1615157590-1002UA.job 2015-10-06 19:02 - 2014-12-09 18:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-10-06 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-10-06 19:00 - 2013-08-05 12:50 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\TS3Client 2015-10-06 18:58 - 2013-08-01 15:45 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-06 18:37 - 2013-08-21 17:10 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-10-06 18:30 - 2013-11-04 17:30 - 00000318 _____ C:\WINDOWS\Tasks\FoxTab.job 2015-10-06 18:18 - 2013-08-26 14:01 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-10-06 18:17 - 2015-05-03 00:18 - 00000000 ____D C:\Users\Andreas\AppData\Local\Spotify 2015-10-06 17:58 - 2013-08-01 15:45 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-06 17:50 - 2015-05-03 00:16 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Spotify 2015-10-06 17:18 - 2015-04-06 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-10-06 17:18 - 2015-04-06 19:47 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-10-06 17:18 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-06 16:38 - 2014-03-07 08:59 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CDF9DA97-9CC9-405E-849B-FF30F70FDA39} 2015-10-06 16:35 - 2014-03-04 22:27 - 00000000 __RDO C:\Users\Andreas\SkyDrive 2015-10-05 20:55 - 2013-11-14 09:27 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-10-05 20:55 - 2013-11-14 09:11 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat 2015-10-05 20:55 - 2013-11-14 09:11 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat 2015-10-05 20:49 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-10-05 20:49 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-10-04 11:13 - 2013-12-04 14:33 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Dropbox 2015-10-03 05:12 - 2015-08-22 05:07 - 00001202 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1314070972-226921483-1615157590-1002Core.job 2015-09-29 19:55 - 2014-02-04 15:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless 2015-09-29 17:30 - 2014-05-27 11:45 - 00000000 ___RD C:\Users\Andreas\Dropbox 2015-09-29 17:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-29 16:58 - 2013-08-01 15:46 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-09-27 16:59 - 2014-12-30 17:07 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-09-22 17:37 - 2013-08-21 17:10 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-09-20 10:19 - 2014-04-18 12:13 - 00000000 ____D C:\Users\Andreas\Documents\NeocoreGames 2015-09-17 17:53 - 2013-08-01 15:45 - 00004112 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-17 17:53 - 2013-08-01 15:45 - 00003876 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-17 17:01 - 2013-09-28 22:35 - 00000000 ____D C:\ProgramData\Skype 2015-09-15 03:18 - 2013-08-22 17:38 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-09-15 03:18 - 2013-08-22 17:38 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-12 14:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2015-09-12 13:50 - 2013-08-01 15:45 - 00000000 ____D C:\Users\Andreas\AppData\Local\Google 2015-09-11 17:32 - 2014-03-04 22:10 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-11 17:32 - 2014-01-10 16:52 - 00000000 ____D C:\temp 2015-09-11 17:17 - 2014-03-04 22:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-09-11 17:17 - 2013-09-18 17:40 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-09-11 15:11 - 2013-08-22 16:44 - 05174736 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-10 19:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-09-10 16:22 - 2013-11-14 09:13 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-10 16:21 - 2013-08-14 14:49 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-09 20:00 - 2014-08-04 22:18 - 00000000 ____D C:\Users\Andreas\AppData\Local\fabi.me ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-11-19 20:25 - 2013-11-19 20:25 - 0000000 _____ () C:\Users\Andreas\AppData\Local\Temptable.xml 2013-05-24 10:45 - 2013-05-24 10:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-06-02 19:08 - 2014-07-04 01:52 - 0005928 _____ () C:\ProgramData\hpzinstall.log 2013-05-06 15:44 - 2014-09-30 20:26 - 0000032 _____ () C:\ProgramData\Temp.log ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-06 16:52 ==================== Ende von FRST.txt ============================ |
|
06.10.2015, 18:54
| #2 |
| | Laptop wird langsamer Hier Teil 2:
__________________Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Andreas (2015-10-06 19:24:25)
Gestartet von C:\Users\Andreas\Downloads
Windows 8.1 (X64) (2014-03-04 20:25:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1314070972-226921483-1615157590-500 - Administrator - Disabled)
Andreas (S-1-5-21-1314070972-226921483-1615157590-1002 - Administrator - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-1314070972-226921483-1615157590-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acquisition version 0.2f (HKLM-x32\...\{53E25C0C-0305-47BB-9884-F0F202297AF4}_is1) (Version: 0.2f - )
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Amazon Kindle) (Version: - Amazon)
Amazon Kindle (HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version: - Amazon)
Anker Precision Laser Gaming Mouse version 1.3 (HKLM-x32\...\{F9A7ED2C-34E1-4A96-9A25-B022C23C3361}_is1) (Version: 1.3 - ANKER Technology)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Curse Client (HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
Curse Client (HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
DARK SOULS™ II: Scholar of the First Sin (HKLM-x32\...\Steam App 335300) (Version: - FromSoftware, Inc)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Desktopicon amazon.de (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Dropbox (HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free YouTube to MP3 Converter version 3.12.61.805 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.61.805 - DVDVideoSoft Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grim Dawn (HKLM-x32\...\Steam App 219990) (Version: - Crate Entertainment)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
ICQ 8.1 (build 6337) (HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\ICQ) (Version: 8.1.6337.0 - Mail.Ru)
ICQ 8.1 (build 6337) (HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\ICQ) (Version: 8.1.6337.0 - Mail.Ru)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1303-148929CC1385}) (Version: 3.0.1303.0326 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java(TM) 6 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416031FF}) (Version: 6.0.310 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
Killing Floor Mod: Defence Alliance 2 (HKLM-x32\...\Steam App 35420) (Version: - Defence Alliance Team)
Knuddels Desktop App (HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Knuddels Desktop App ) (Version: "2014.12.13.0" - "Knuddels Desktop App")
Knuddels Desktop App (HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Knuddels Desktop App ) (Version: "2014.12.13.0" - "Knuddels Desktop App")
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.2419 - CyberLink Corp.) Hidden
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Microsoft Access database engine 2010 (German) (HKLM\...\{90140000-00D1-0407-1000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version: - Airtight Games)
MyDriveConnect 3.3.0.1812 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.0.1.29560 - Grinding Gear Games)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version: - Obsidian Entertainment)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PoESkillTree - The Awakening (HKLM-x32\...\{B5012C21-ECA4-41AF-ABD1-F549D019B7A9}_is1) (Version: 2.2.1 - PoESkillTree Team)
Procurement version 1.9.0 (HKLM-x32\...\{E91043A6-7DC5-4C8A-A6E4-9D618A0B80D4}_is1) (Version: 1.9.0 - Stickymaddness)
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.550 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Rappelz (HKLM-x32\...\{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1) (Version: Rappelz - gPotato.eu)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Risen 3 - Titan Lords (HKLM-x32\...\Steam App 249230) (Version: - Piranha Bytes)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Secrets of Grindea (HKLM-x32\...\Steam App 269770) (Version: - )
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Spotify) (Version: 1.0.15.133.gf21970bd - Spotify AB)
Spotify (HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.15.133.gf21970bd - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.34 - Bioware/EA)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Incredible Adventures of Van Helsing III (HKLM-x32\...\Steam App 359900) (Version: - NeocoreGames)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1314070972-226921483-1615157590-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
06-10-2015 17:18:01 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B1CD015-1146-466A-B77C-2562CECB9054} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {0C376BB7-B390-4029-A895-D76CC3E91FCB} - System32\Tasks\FoxTab => C:\Users\Andreas\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: {2E7659BE-534F-4636-A828-A629EA43E1CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {458A1FC4-D1D5-4BE5-8C6A-785E252B04F1} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1314070972-226921483-1615157590-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {600CD139-A4A6-4E22-9CE6-8BFBE7822BAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {60615A6A-0226-4623-9CB3-F42F8DD81763} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {680A6587-EB20-4EA4-A051-731D00CA97DF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1314070972-226921483-1615157590-1002UA => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-22] (Dropbox, Inc.)
Task: {8362E5D1-03A5-414D-876E-77E5ED75C92C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {9B473735-AF27-4869-884A-709CBF1B4312} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A1961077-6F29-40E3-9552-A52684F5CD7B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {AA9F1EDE-A1CE-4FAD-91AE-73E704CA7CD2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1314070972-226921483-1615157590-1002Core => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-22] (Dropbox, Inc.)
Task: {C2DC050E-4CD8-4A34-B521-C9DF45D09BE2} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {ED832036-293D-4BC1-8833-59ADB99F6D0A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {F3C6F483-AAF3-42BA-A750-349ADF563A3D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-09-11] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1314070972-226921483-1615157590-1002Core.job => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1314070972-226921483-1615157590-1002UA.job => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FoxTab.job => C:\Users\Andreas\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-30 17:07 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-02-18 17:46 - 2015-08-25 20:46 - 00011896 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-03-04 22:10 - 2015-08-25 16:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-25 03:22 - 2015-03-31 19:02 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe
2014-12-30 17:09 - 2014-12-30 17:13 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\AppVIsvStream64.dll
2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-08-04 00:00 - 2014-01-10 12:08 - 03353600 _____ () C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-02-18 17:46 - 2015-08-25 20:46 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-04-13 17:57 - 2015-08-27 02:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-08-04 00:00 - 2011-01-27 00:53 - 00028160 _____ () C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\uiHook.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\libcef.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\libGLESv2.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\platforms\qwindows.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\libEGL.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\imageformats\qgif.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\imageformats\qico.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\imageformats\qjpeg.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\imageformats\qmng.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\imageformats\qsvg.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\imageformats\qtiff.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\qml\QtQuick.2\qtquick2plugin.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-09-29 19:55 - 2015-09-29 19:55 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6160\qml\QtQml\Models.2\modelsplugin.dll
2015-09-29 16:58 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-29 16:58 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Andreas\SkyDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\OEM\wallpaper.jpg
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\OEM\wallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: CoordinatorServiceHost => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FLEXnet Licensing Service 64 => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: Megatech-Software-Protection => 2
MSCONFIG\Services: Qualcomm Atheros Killer Service => 2
MSCONFIG\Services: RemoteSolverDispatcher => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SolidWorks Licensing Service => 3
HKLM\...\StartupApproved\StartupFolder: => "SolidWorks 2013 Schnellstart.lnk"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\StartupApproved\StartupFolder: => "net.lnk"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\StartupApproved\Run: => "icq"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "net.lnk"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "icq"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-1314070972-226921483-1615157590-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{11F0BAC3-FD90-481E-B3CD-F9073B194476}] => (Allow) D:\Diablo III\Diablo III.exe
FirewallRules: [{B60F8583-FBC0-493E-A975-6AF9E3AB8BDF}] => (Allow) D:\Diablo III\Diablo III.exe
FirewallRules: [{7642E9F3-8F9F-467C-A572-80FB7C10CBD3}] => (Allow) D:\Winamp\winamp.exe
FirewallRules: [{F3233F99-8373-41D8-A1D9-63EE4EB22E53}] => (Allow) D:\Winamp\winamp.exe
FirewallRules: [{A01D04D6-B12A-452A-AF74-3BAB2B70F82F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{837C26D8-DC49-4AD2-B8B0-82B31EA1D751}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{7163C50A-781A-444F-9670-8F6EE197FB47}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{674D71B2-7829-421F-8B8D-DD0831BE9E89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E59CE0BC-6D5C-4A3F-BA7B-DF5AB2D1FFF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{55754933-40A1-4395-860C-B965487401E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{409D2F13-F0A3-43A6-8C00-A451C73CC005}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18E222C0-5EF3-4DCF-9C48-F4AFDC8BDB7E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A6F83B81-92B0-4B18-8EBA-266186B1ADFE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8575894A-071C-4C5F-8677-5D0544A73AF3}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{ADE5C041-FC1E-4A76-9C17-BD9D5488488E}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{E197082C-57AC-4D4E-BC86-4A61B497B841}] => (Allow) D:\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{79D596D1-9B6B-4E6C-879F-E90752E2A092}] => (Allow) D:\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{B3E6A7EB-58CC-42DD-B7B4-332E0A96F09C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0BA71955-5660-4F8D-A305-8A794970813D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2CD4F735-2516-4F8D-9108-CCCA5ABA37DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C1E23185-60C5-46A4-BEBA-45D60BDA8215}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A922EDE3-DD0B-44A4-B4D2-8E00FAA699DC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{455C7964-E0F1-4A92-B508-D36842852145}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{53B8046F-BB31-4ADF-A491-F42DA57FC3FE}] => (Allow) D:\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{D00395ED-17FA-4C6F-BB2E-697D95777937}] => (Allow) D:\Steam\SteamApps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{7BB72E45-0728-4810-AA09-700FB30DC47D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{57EDF232-500E-40A4-9EF6-6551A5142A33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5B3B29D6-C537-47EE-9BCA-EB26B9D4F069}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8490976B-AAAB-4EBF-824D-29A581A46F56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{67A86557-5C42-4EB2-B5E3-4F6775A33C71}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BDD36777-76C6-47E5-B363-9AED48542C43}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1DC35C5E-2EE6-44D8-9FA1-09216732967C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C808514C-310A-4A00-ACC4-4AE6BEF3DD08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E361A1D1-64EE-45E6-9DD5-2703C8650261}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [UDP Query User{DAC2565D-0092-4557-BDB8-C4A829ECD206}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{2511628D-1D8B-4637-B659-89105D55130F}D:\guild wars 2\gw2.exe] => (Allow) D:\guild wars 2\gw2.exe
FirewallRules: [{4ABF7E79-CE0E-4A8A-B198-25F93043AC51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4519201D-5720-48B2-9B6E-6575ABDC33CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{78811691-E6F4-472D-ABBF-6CEA0984E918}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D008EF87-EC5D-4D8F-8F40-AEBBEC817E42}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{648A28C0-6F23-4FFD-ADCD-CB7D43B37799}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{78C68B59-CEB9-4AC4-B78B-AFF132732FA7}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{41161558-EB4E-42FE-9D4E-15860A74C50D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{5F98A12B-A27C-4933-830A-DE45B2798796}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{39FF258C-FB44-4641-B5F9-245EC7B14472}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{956B120F-ABCF-4A96-A82E-E792D699D781}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{2739A44D-CCCA-4ACC-9452-0B2C75C462FB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BA19079C-3C8E-4C57-B5F4-4BE38860CACC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{80521DAE-C2D5-4632-A6F0-767D05DF06D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BCEBCBAD-920D-450A-8AC7-F46A45DDD415}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F78AB9FF-6986-464F-8D8F-9F3BD6DD4E09}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{5D240E09-CB59-4AA9-B9BA-E89433EBF988}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{0B1107EA-B8B7-4576-A676-52C99CFC90F0}] => (Allow) C:\Users\Andreas\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{3041DC31-E5AD-4973-AF0C-E8883E4DFBCE}] => (Allow) C:\Users\Andreas\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{84A7C565-BD3E-45A9-8008-1F222EFD25D0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{D7FA29A0-2AAA-4AD1-9EA1-CC5A0FFED34D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{9D16361E-48A8-447B-9320-254DE6EB728E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{58E8FCBB-3AD8-4BE0-A71E-33D6E213B9CF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{887F9EC7-56EF-4BB0-8386-ED2AE0DB8198}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{96CCBF2D-90C7-427E-8B0E-0910C79BB8D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{BAB171EC-E463-4D78-B470-23F59C270AD2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [TCP Query User{03D06041-FD10-4C9C-BC37-ED8A6371C039}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [UDP Query User{5DF24841-BAC4-4718-92D2-6D2F7C0E7AC0}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [{738058AD-32CF-438D-88ED-8A5EE706D108}] => (Allow) C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B8F7F151-7BF4-427A-B082-8C7DE0BA75A0}] => (Allow) C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C18C863E-27F4-4233-BCBE-C6F272215000}D:\steam\steamapps\common\secretsofgrindea\secrets of grindea.exe] => (Allow) D:\steam\steamapps\common\secretsofgrindea\secrets of grindea.exe
FirewallRules: [UDP Query User{65C9ED0B-02F0-4A0B-A6FB-D7EFAD1B88E3}D:\steam\steamapps\common\secretsofgrindea\secrets of grindea.exe] => (Allow) D:\steam\steamapps\common\secretsofgrindea\secrets of grindea.exe
FirewallRules: [{9D2F0D8B-00A9-4675-9F8A-E1A2ECD1ABB2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{C0B59C2A-EB84-4F76-B748-E82AEDB950EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{801EFEE8-CC4F-4728-BDC3-BC3676B114BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{E8581454-800B-419D-AF4E-8B090FE8D98A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{AB00B76A-0940-44ED-8BBB-442C39C1F1C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{6D5E66D3-A47F-4BA1-8DA4-DDCE20A783DC}] => (Allow) D:\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{636580AD-F12C-4565-BB29-6C13F8C37CF7}] => (Allow) D:\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{91A28229-897F-422E-A4C2-071BE387CA0D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C90A6702-BB06-410B-8EFC-E442B3E133C0}] => (Allow) LPort=2869
FirewallRules: [{47227BDE-D4F2-496E-BD9A-E7B8B0EE053A}] => (Allow) LPort=1900
FirewallRules: [{7E8C17A0-53B2-49E9-ADBF-686FC1BF660E}] => (Allow) D:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{FFEAEC22-9394-4D18-9BC9-3BF80E476922}] => (Allow) D:\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{FB1CC074-489E-4905-ACEB-687F44918B89}] => (Allow) D:\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{DA039583-E85E-4058-8853-6D549D518F01}] => (Allow) D:\Steam\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{9D7972CD-22D5-4C3A-BC2D-1E6B4B61B378}] => (Allow) D:\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{7D07F86F-10F5-49F2-AAD8-B3282566F164}] => (Allow) D:\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{4611FD83-1142-4FAA-85CB-3CAC03A976FE}C:\users\andreas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\andreas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DF827A73-E205-4977-BB1A-9DFFB93D1DF3}C:\users\andreas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\andreas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F4E41C6A-7F48-474B-A5E4-787080AB00C1}] => (Allow) D:\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{060E64FD-460A-4D38-AE1E-4682FBF833A3}] => (Allow) D:\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{310C8FCD-673C-4FD9-B8EC-BB4CE825BB6E}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{3C5C8520-1356-4FD1-B5B2-014A108D2B1F}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{157E7F59-BBBB-4256-ABA9-CE63D62A5734}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{804EC0E2-3133-4962-A13F-A91A47F980AD}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{69C1F81D-2841-4A75-B29F-449713767431}] => (Allow) D:\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{FF4329DF-0B39-4B9B-9325-5E08F027CA0A}] => (Allow) D:\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{CC8F1C1F-2400-4489-93BE-24E00CAC64DF}] => (Allow) D:\Steam\SteamApps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{0EA49949-C98F-4510-9CD1-11C5BB6967A8}] => (Allow) D:\Steam\SteamApps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{6587CD9D-ABFD-4C73-A599-F2DC00B126C2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{0854FEFD-6C3A-491A-A3BB-7C5EC3E50B36}] => (Allow) C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2EAECA2B-ECEA-4D2C-BD91-F49017C61160}] => (Allow) D:\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{FF2E8061-3A22-48DC-9324-BD8A0153EEAE}] => (Allow) D:\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{9DD07A3A-ECC5-4043-A14C-E66B37D206A9}] => (Allow) D:\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{E6F7C74F-066A-41BD-8E0B-1205068F81B2}] => (Allow) D:\Steam\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{A4F1EDF6-0229-47F9-BEAF-4D91D6F1CE1E}] => (Allow) D:\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{B9A6840D-8B6C-467D-866D-0E5357D49E46}] => (Allow) D:\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{F11E8C49-7A4C-4420-AAA5-E4B938906E25}] => (Allow) D:\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{5239B954-0F80-47F9-AF23-40FF653B69CA}] => (Allow) D:\Steam\SteamApps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{E3A8E1AE-C4F5-4D44-A625-1B2036AEC09A}] => (Allow) D:\Steam\SteamApps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{4219E45C-89C8-4C0E-8CFF-E6E12D26A687}] => (Allow) D:\Steam\SteamApps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{366602DB-FE75-43D4-BEBA-E1F19F646A01}] => (Allow) D:\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{A4C59F6A-68D1-427E-B09F-1486CFC86FD8}] => (Allow) D:\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{7FA2004E-4AB3-491E-8617-34B0C12B74DA}] => (Allow) D:\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{767CD905-618A-4C29-83C8-20E9185D01DA}] => (Allow) D:\Steam\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{BD2D637A-420F-4706-9CF5-D749B05F9D06}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B052C111-7525-4297-9E7D-1670B64252DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C8F13F59-AF56-421E-8A78-2158A2BB8604}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{33429867-F6AC-4528-BB4C-C53D6D6AD6A6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{69A4CA72-3D1D-4E65-9F50-3609387E87DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C2D15545-B168-4FE6-8B1F-0D37D86714A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B2C000A9-2502-4231-8645-46868D2D6FAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{666E2B52-18BD-4D6E-ADBC-194F1B08F7A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{008FEF16-6410-408C-8B93-03704ED5E7B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8CFA031F-D35E-464D-939A-354795628798}] => (Allow) D:\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{3F528D2D-561D-41AA-867A-8BDCF28DEE7C}] => (Allow) D:\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{94FA3293-5A0C-4332-8EA0-E71AE1C9AB34}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{AE7583F0-4B53-44A6-A35D-AB8D9DCC3B09}] => (Allow) D:\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{3C080F88-26C3-4198-90F9-B52DA5576863}] => (Allow) D:\Steam\SteamApps\common\Risen 3\system\Risen3.exe
FirewallRules: [{795AB2D0-183B-4A11-A575-53613E33495C}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FD3A8D6A-5690-479F-A8CB-595D01368CC4}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BEED30BC-79B3-476D-A288-53F95E1A03A5}] => (Allow) D:\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{3B35B3B0-7D5C-473E-9104-2E9062B8B10A}] => (Allow) D:\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{BB018DB0-9FB5-4151-9DAD-F85F070D198E}] => (Allow) D:\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{5AA5C2CC-0BA5-455C-9F8A-D80870619206}] => (Allow) D:\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{645B54C0-833F-4573-AF05-8743993EB5BF}] => (Allow) D:\Steam\SteamApps\common\The Incredible Adventures of Van Helsing III\VanHelsing.exe
FirewallRules: [{842EFB54-71FF-4211-9D48-3E09153B58B2}] => (Allow) D:\Steam\SteamApps\common\The Incredible Adventures of Van Helsing III\VanHelsing.exe
FirewallRules: [{C9E44FF3-ADB1-40D1-B31E-21C96C3B1C39}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter
Description: Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Virtueller Microsoft-Adapter für direktes WiFi
Description: Virtueller Microsoft-Adapter für direktes WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/06/2015 04:56:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{2c2dc2eb-44d6-4f93-a31c-d658c6cd7454}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (10/06/2015 04:56:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{28093404-c710-4e21-8095-578ed04ea020}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (10/06/2015 04:34:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 4.1.1990.344, Zeitstempel: 0x55dda97b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003b189
ID des fehlerhaften Prozesses: 0x1d24
Startzeit der fehlerhaften Anwendung: 0xNvStreamUserAgent.exe0
Pfad der fehlerhaften Anwendung: NvStreamUserAgent.exe1
Pfad des fehlerhaften Moduls: NvStreamUserAgent.exe2
Berichtskennung: NvStreamUserAgent.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamUserAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamUserAgent.exe5
Error: (10/05/2015 12:36:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 45.0.2454.101, Zeitstempel: 0x56034380
Name des fehlerhaften Moduls: chrome.dll, Version: 45.0.2454.101, Zeitstempel: 0x56033dd8
Ausnahmecode: 0x80000003
Fehleroffset: 0x0053b4c7
ID des fehlerhaften Prozesses: 0x13c0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5
Error: (10/04/2015 08:58:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 45.0.2454.101, Zeitstempel: 0x56034380
Name des fehlerhaften Moduls: chrome.dll, Version: 45.0.2454.101, Zeitstempel: 0x56033dd8
Ausnahmecode: 0x80000003
Fehleroffset: 0x00749f6c
ID des fehlerhaften Prozesses: 0x182c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5
Error: (10/04/2015 10:45:00 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (10/03/2015 05:32:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 45.0.2454.101, Zeitstempel: 0x56034380
Name des fehlerhaften Moduls: chrome.dll, Version: 45.0.2454.101, Zeitstempel: 0x56033dd8
Ausnahmecode: 0x80000003
Fehleroffset: 0x00749f6c
ID des fehlerhaften Prozesses: 0x1580
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5
Error: (09/27/2015 06:02:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{2c2dc2eb-44d6-4f93-a31c-d658c6cd7454}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (09/27/2015 06:02:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{28093404-c710-4e21-8095-578ed04ea020}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (09/27/2015 04:59:46 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: ANDYMEDION)
Description: Die Anwendung oder der Dienst "Microsoft Office Document Cache Sync Client Interface" konnte nicht heruntergefahren werden.
Systemfehler:
=============
Error: (10/05/2015 08:37:11 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (10/03/2015 06:58:01 PM) (Source: DCOM) (EventID: 10010) (User: ANDYMEDION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (10/03/2015 06:58:01 PM) (Source: DCOM) (EventID: 10010) (User: ANDYMEDION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/23/2015 05:28:38 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/22/2015 10:19:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%16389
Error: (09/19/2015 11:21:27 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/18/2015 05:17:01 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.
Error: (09/18/2015 05:16:52 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.
Error: (09/18/2015 05:14:40 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/11/2015 07:07:09 PM) (Source: DCOM) (EventID: 10010) (User: ANDYMEDION)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
CodeIntegrity:
===================================
Date: 2015-10-06 18:14:45.564
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-06 16:35:39.896
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-05 20:50:25.026
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-05 20:25:57.753
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-05 19:37:51.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-05 19:06:16.640
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-05 19:06:16.337
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-05 19:06:15.569
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-05 19:06:15.278
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-05 19:06:14.989
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 16268.12 MB
Verfügbarer physikalischer RAM: 12225.64 MB
Summe virtueller Speicher: 18700.12 MB
Verfügbarer virtueller Speicher: 13969.48 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:117.19 GB) (Free:11.75 GB) NTFS
Drive d: (Data) (Fixed) (Total:871 GB) (Free:490.12 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60.51 GB) (Free:37.37 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 0470B8E1)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 643D8A57)
Partition 1: (Not Active) - (Size=871 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Hier habe ich beim Start jedes mal die Fehlermeldung: "C:\WINDOWS\system32\config\system  er Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird."Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-10-06 19:35:06
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003e SAMSUNG_MZ7TD128HAFV-00000 rev.DXT0200Q 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\Andreas\AppData\Local\Temp\fxdiypob.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff960001c9300 15 bytes [00, 0B, F2, 01, 00, 06, 6C, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff960001c9310 8 bytes [00, D7, FB, FF, 00, D3, CD, ...]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation 00007ffaa65a3e10 7 bytes JMP 00007ffba3ec0260
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW 00007ffaa65a3e20 7 bytes JMP 00007ffba3ec0298
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW 00007ffaa66539b0 7 bytes JMP 00007ffba3ec0340
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW 00007ffaa6653ef0 7 bytes JMP 00007ffba3ec02d0
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA 00007ffaa6653fe0 7 bytes JMP 00007ffba3ec0308
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx 00007ffaa66806c0 7 bytes JMP 00007ffba3ec01f0
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW 00007ffaa6680730 7 bytes JMP 00007ffba3ec0228
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary 00007ffaa3ed21d0 5 bytes JMP 00007ffba3ec0180
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW 00007ffaa3ed29d0 7 bytes JMP 00007ffba3ec00d8
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW 00007ffaa3ed4310 5 bytes JMP 00007ffba3ec0110
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW 00007ffaa3ed8d80 5 bytes JMP 00007ffba3ec0148
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleFileNameExW 00007ffaa3f4f0b0 5 bytes JMP 00007ffba3ec01b8
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\USER32.dll!CreateWindowExW 00007ffaa5896d90 1 byte JMP 00007ffba3ec0420
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\USER32.dll!CreateWindowExW + 2 00007ffaa5896d92 8 bytes {JMP 0xfffffffffe629690}
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW 00007ffaa58a74a0 5 bytes JMP 00007ffba3ec03e8
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo 00007ffaa58a7560 9 bytes JMP 00007ffba3ec0378
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\USER32.dll!ChangeDisplaySettingsExW 00007ffaa58a7730 5 bytes JMP 00007ffba3ec0458
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA 00007ffaa58b6b10 5 bytes JMP 00007ffba3ec03b0
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList 00007ffaa5a81500 1 byte JMP 00007ffba3ec0490
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList + 2 00007ffaa5a81502 6 bytes {JMP 0xfffffffffe43ef90}
.text C:\WINDOWS\System32\dwm.exe[4216] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo 00007ffaa5a81750 8 bytes JMP 00007ffba3ec04c8
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlDecompressBuffer + 132 00007ffaa6a24b14 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlPrefixString + 316 00007ffaa6a24f3c 8 bytes [60, 6E, F8, 7F, 00, 00, 00, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!TpAllocIoCompletion + 710 00007ffaa6a25216 8 bytes [50, 6E, F8, 7F, 00, 00, 00, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlWaitForWnfMetaNotification + 479 00007ffaa6a2540f 8 bytes {JMP 0xffffffffffffffee}
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlUserThreadStart + 911 00007ffaa6a257af 8 bytes [30, 6E, F8, 7F, 00, 00, 00, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!TpAllocWork + 420 00007ffaa6a25964 8 bytes [20, 6E, F8, 7F, 00, 00, 00, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlWaitOnAddress + 657 00007ffaa6a25f01 8 bytes {JMP 0xffffffffffffff9e}
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfNotificationWaitForCompletion + 78 00007ffaa6a25f5e 8 bytes [F0, 6D, F8, 7F, 00, 00, 00, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetInformationThread 00007ffaa6aa12a0 8 bytes {JMP QWORD [RIP-0x7baf7]}
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryInformationThread 00007ffaa6aa1420 8 bytes {JMP QWORD [RIP-0x7bac2]}
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!NtMapViewOfSection 00007ffaa6aa1450 8 bytes {JMP QWORD [RIP-0x7c51a]}
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00007ffaa6aa1570 8 bytes {JMP QWORD [RIP-0x7c167]}
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueueApcThread 00007ffaa6aa1620 8 bytes {JMP QWORD [RIP-0x7c410]}
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateThreadEx 00007ffaa6aa1ce0 8 bytes {JMP QWORD [RIP-0x7bd88]}
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!NtGetContextThread 00007ffaa6aa1fe0 8 bytes {JMP QWORD [RIP-0x7c0e5]}
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\SYSTEM32\ntdll.dll!NtSetContextThread 00007ffaa6aa2860 8 bytes {JMP QWORD [RIP-0x7cbfe]}
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\system32\wow64cpu.dll!CpuSetContext + 438 00000000774313f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\system32\wow64cpu.dll!CpuGetContext + 387 0000000077431583 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\system32\wow64cpu.dll!CpuSetInstructionPointer + 49 0000000077431621 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\system32\wow64cpu.dll!CpuProcessInit + 68 0000000077431674 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\system32\wow64cpu.dll!CpuGetStackPointer + 23 00000000774316d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\system32\wow64cpu.dll!CpuNotifyAffinityChange + 9 00000000774316e9 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Andreas\Downloads\Gmer-19357.exe[6184] C:\WINDOWS\system32\wow64cpu.dll!CpuNotifyAffinityChange + 71 0000000077431727 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
---- User IAT/EAT - GMER 2.1 ----
IAT C:\WINDOWS\Explorer.EXE[3636] @ C:\WINDOWS\system32\RPCRT4.dll[ntdll.dll!NtAlpcConnectPortEx] [71b04350] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\prremote.dll
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [3452:1640] fffff9600085d2d0
---- Processes - GMER 2.1 ----
Library C:\Program Files\Common Files\Microsoft Shared\Office15\mso.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [5136] 00007ffa7fe60000
Library C:\Program Files\Common Files\Microsoft Shared\Office15\csi.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [5136] 00007ffa78760000
Library C:\Program Files\Common Files\Microsoft Shared\OFFICE15\ACEOLEDB.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [5136] 00007ffa8c380000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
 |
|
07.10.2015, 18:08
| #3 |
| /// the machine /// TB-Ausbilder    | Laptop wird langsamer hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
07.10.2015, 19:23
| #4 |
| | Laptop wird langsamer Hier ist Teil 1. mbar hat nichts gefunden. Hier ist der Log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.10.07.05
rootkit: v2015.10.06.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18036
Andreas :: ANDYMEDION [administrator]
07.10.2015 20:00:04
mbar-log-2015-10-07 (20-00-04).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 447609
Time elapsed: 15 minute(s), 8 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Hier der Log von tdsskiller: Teil 1 Code:
ATTFilter 20:17:43.0096 0x198c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:17:43.0096 0x198c UEFI system
20:17:46.0527 0x198c ============================================================
20:17:46.0527 0x198c Current date / time: 2015/10/07 20:17:46.0527
20:17:46.0527 0x198c SystemInfo:
20:17:46.0527 0x198c
20:17:46.0527 0x198c OS Version: 6.3.9600 ServicePack: 0.0
20:17:46.0527 0x198c Product type: Workstation
20:17:46.0527 0x198c ComputerName: ANDYMEDION
20:17:46.0527 0x198c UserName: Andreas
20:17:46.0527 0x198c Windows directory: C:\WINDOWS
20:17:46.0527 0x198c System windows directory: C:\WINDOWS
20:17:46.0527 0x198c Running under WOW64
20:17:46.0527 0x198c Processor architecture: Intel x64
20:17:46.0527 0x198c Number of processors: 8
20:17:46.0527 0x198c Page size: 0x1000
20:17:46.0527 0x198c Boot type: Normal boot
20:17:46.0527 0x198c ============================================================
20:17:46.0708 0x198c KLMD registered as C:\WINDOWS\system32\drivers\28355439.sys
20:17:47.0093 0x198c System UUID: {38AB6628-B59D-94C5-F0E2-120048D4B0F2}
20:17:47.0463 0x198c Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:17:47.0489 0x198c Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:17:47.0493 0x198c ============================================================
20:17:47.0493 0x198c \Device\Harddisk0\DR0:
20:17:47.0494 0x198c GPT partitions:
20:17:47.0494 0x198c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {28093404-C710-4E21-8095-578ED04EA020}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
20:17:47.0494 0x198c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {1B7803EF-DEDF-4406-BBFC-E017C55C457F}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
20:17:47.0494 0x198c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {51858F6C-BB1E-4B75-95C0-E2784014CC90}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000
20:17:47.0494 0x198c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {EAAE954F-437A-4616-8513-79A48F4C9C0E}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000
20:17:47.0494 0x198c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A43EF02E-989E-4283-AF56-6419FF036DD1}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0xEA60800
20:17:47.0494 0x198c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2C2DC2EB-44D6-4F93-A31C-D658C6CD7454}, Name: , StartLBA 0xEDCC800, BlocksNum 0xAF000
20:17:47.0494 0x198c MBR partitions:
20:17:47.0494 0x198c \Device\Harddisk1\DR1:
20:17:47.0495 0x198c MBR partitions:
20:17:47.0495 0x198c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6CE00000
20:17:47.0495 0x198c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6CE00800, BlocksNum 0x7905DB0
20:17:47.0495 0x198c ============================================================
20:17:47.0496 0x198c C: <-> \Device\Harddisk0\DR0\Partition5
20:17:47.0527 0x198c D: <-> \Device\Harddisk1\DR1\Partition1
20:17:47.0571 0x198c E: <-> \Device\Harddisk1\DR1\Partition2
20:17:47.0571 0x198c ============================================================
20:17:47.0571 0x198c Initialize success
20:17:47.0571 0x198c ============================================================
20:18:08.0173 0x228c ============================================================
20:18:08.0173 0x228c Scan started
20:18:08.0173 0x228c Mode: Manual; SigCheck; TDLFS;
20:18:08.0173 0x228c ============================================================
20:18:08.0173 0x228c KSN ping started
20:18:13.0525 0x228c KSN ping finished: true
20:18:15.0336 0x228c ================ Scan system memory ========================
20:18:15.0336 0x228c System memory - ok
20:18:15.0336 0x228c ================ Scan services =============================
|
|
07.10.2015, 19:24
| #5 |
| | Laptop wird langsamer Teil 2 Code:
ATTFilter 20:18:15.0366 0x228c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 20:18:15.0402 0x228c 1394ohci - ok 20:18:15.0409 0x228c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 20:18:15.0418 0x228c 3ware - ok 20:18:15.0433 0x228c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 20:18:15.0456 0x228c ACPI - ok 20:18:15.0461 0x228c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 20:18:15.0472 0x228c acpiex - ok 20:18:15.0475 0x228c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 20:18:15.0483 0x228c acpipagr - ok 20:18:15.0487 0x228c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 20:18:15.0496 0x228c AcpiPmi - ok 20:18:15.0499 0x228c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 20:18:15.0508 0x228c acpitime - ok 20:18:15.0526 0x228c [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:18:15.0537 0x228c AdobeFlashPlayerUpdateSvc - ok 20:18:15.0553 0x228c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 20:18:15.0576 0x228c ADP80XX - ok 20:18:15.0585 0x228c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 20:18:15.0601 0x228c AeLookupSvc - ok 20:18:15.0613 0x228c [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys 20:18:15.0634 0x228c AFD - ok 20:18:15.0639 0x228c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 20:18:15.0647 0x228c agp440 - ok 20:18:15.0652 0x228c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 20:18:15.0662 0x228c ahcache - ok 20:18:15.0669 0x228c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe 20:18:15.0680 0x228c ALG - ok 20:18:15.0684 0x228c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 20:18:15.0695 0x228c AmdK8 - ok 20:18:15.0700 0x228c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 20:18:15.0710 0x228c AmdPPM - ok 20:18:15.0714 0x228c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 20:18:15.0723 0x228c amdsata - ok 20:18:15.0730 0x228c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 20:18:15.0744 0x228c amdsbs - ok 20:18:15.0747 0x228c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 20:18:15.0755 0x228c amdxata - ok 20:18:15.0761 0x228c [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys 20:18:15.0773 0x228c AMPPAL - ok 20:18:15.0790 0x228c [ 03CA03047B1CEC93D459BAF5E5BB22B1, 7506CEBCE4A8B113467430BDB54A5434E538AAC39E4BB421E4E0B50F7C931457 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 20:18:15.0807 0x228c AMPPALR3 - ok 20:18:15.0812 0x228c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys 20:18:15.0823 0x228c AppID - ok 20:18:15.0827 0x228c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 20:18:15.0835 0x228c AppIDSvc - ok 20:18:15.0840 0x228c [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll 20:18:15.0852 0x228c Appinfo - ok 20:18:15.0857 0x228c [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 20:18:15.0864 0x228c Apple Mobile Device Service - ok 20:18:15.0876 0x228c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 20:18:15.0896 0x228c AppReadiness - ok 20:18:15.0921 0x228c [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 20:18:15.0956 0x228c AppXSvc - ok 20:18:15.0963 0x228c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 20:18:15.0973 0x228c arcsas - ok 20:18:15.0977 0x228c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 20:18:15.0985 0x228c atapi - ok 20:18:15.0991 0x228c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 20:18:16.0006 0x228c AudioEndpointBuilder - ok 20:18:16.0024 0x228c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 20:18:16.0049 0x228c Audiosrv - ok 20:18:16.0060 0x228c [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe 20:18:16.0070 0x228c AVP15.0.1 - ok 20:18:16.0096 0x228c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 20:18:16.0107 0x228c AxInstSV - ok 20:18:16.0124 0x228c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 20:18:16.0144 0x228c b06bdrv - ok 20:18:16.0151 0x228c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 20:18:16.0164 0x228c BasicDisplay - ok 20:18:16.0169 0x228c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 20:18:16.0187 0x228c BasicRender - ok 20:18:16.0192 0x228c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 20:18:16.0198 0x228c bcmfn2 - ok 20:18:16.0213 0x228c [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll 20:18:16.0231 0x228c BDESVC - ok 20:18:16.0235 0x228c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys 20:18:16.0246 0x228c Beep - ok 20:18:16.0249 0x228c [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe 20:18:16.0252 0x228c BEService - detected UnsignedFile.Multi.Generic ( 1 ) 20:18:23.0752 0x228c Detect skipped due to KSN trusted 20:18:23.0752 0x228c BEService - ok 20:18:23.0770 0x228c [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE C:\WINDOWS\System32\bfe.dll 20:18:23.0795 0x228c BFE - ok 20:18:23.0800 0x228c [ 1ADB5A87D7EEE5C25B9EA6D475CDB452, DA28307D023824FF247AEFE50921819FC18CEB8BAF1B87CF6C8CE585C4E47572 ] BfLwf C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys 20:18:23.0808 0x228c BfLwf - ok 20:18:23.0826 0x228c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll 20:18:23.0853 0x228c BITS - ok 20:18:23.0875 0x228c [ A7AC8620334CF1E5CAA28E1A17F4B06F, D2ACC95E170D3452A8943DE8EB96BA75B5C0BC047FD61CD12D4180234A8EB6D4 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 20:18:23.0900 0x228c Bluetooth Device Monitor - ok 20:18:23.0921 0x228c [ C7EBBF3A5F43FEE7D41C178019683570, A121063AF2D783102EEC38451A17A5066779D09786A380F2AC19C1EB76B41F6C ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 20:18:23.0947 0x228c Bluetooth OBEX Service - ok 20:18:23.0957 0x228c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 20:18:23.0970 0x228c Bonjour Service - ok 20:18:23.0975 0x228c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 20:18:23.0987 0x228c bowser - ok 20:18:23.0994 0x228c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 20:18:24.0009 0x228c BrokerInfrastructure - ok 20:18:24.0014 0x228c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll 20:18:24.0025 0x228c Browser - ok 20:18:24.0029 0x228c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 20:18:24.0039 0x228c BthAvrcpTg - ok 20:18:24.0043 0x228c [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 20:18:24.0054 0x228c BthEnum - ok 20:18:24.0058 0x228c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 20:18:24.0069 0x228c BthHFEnum - ok 20:18:24.0073 0x228c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 20:18:24.0081 0x228c bthhfhid - ok 20:18:24.0092 0x228c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 20:18:24.0107 0x228c BthHFSrv - ok 20:18:24.0116 0x228c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys 20:18:24.0130 0x228c BthLEEnum - ok 20:18:24.0134 0x228c [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 20:18:24.0144 0x228c BTHMODEM - ok 20:18:24.0149 0x228c [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys 20:18:24.0160 0x228c BthPan - ok 20:18:24.0186 0x228c [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys 20:18:24.0221 0x228c BTHPORT - ok 20:18:24.0226 0x228c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll 20:18:24.0237 0x228c bthserv - ok 20:18:24.0241 0x228c [ D30286FF3C7B6318C024D2BC2955C1BF, 47863D046C94A5C19F7D4E0BA393E6FE1E249C78FAB9B8705F7DD2CD87EAC16C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 20:18:24.0248 0x228c BTHSSecurityMgr - ok 20:18:24.0253 0x228c [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys 20:18:24.0262 0x228c BTHUSB - ok 20:18:24.0287 0x228c [ 64070564BDD71658FBA76E9447C27D69, F87BF105106FABB6ECB900388D56FA879F65051C56F6DF850D1F6542FD05213C ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsfw.sys 20:18:24.0316 0x228c btmhsf - ok 20:18:24.0322 0x228c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 20:18:24.0334 0x228c cdfs - ok 20:18:24.0341 0x228c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 20:18:24.0351 0x228c cdrom - ok 20:18:24.0356 0x228c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 20:18:24.0369 0x228c CertPropSvc - ok 20:18:24.0373 0x228c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 20:18:24.0382 0x228c circlass - ok 20:18:24.0392 0x228c [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 20:18:24.0407 0x228c CLFS - ok 20:18:24.0456 0x228c [ 55C892763A614BA39BA956A0323C65F3, 3A4FFB6140D8390CBA67ADEB459C71B0B6B5720D17E30E2677CC9AB603D43016 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 20:18:24.0506 0x228c ClickToRunSvc - ok 20:18:24.0523 0x228c [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 20:18:24.0532 0x228c CLVirtualDrive - ok 20:18:24.0536 0x228c [ 39F71BF21E7F8EBE9B4810BC95EE26D6, 6134013F918D41A1AA8C814217A272F2C428FA3FE97DB66501FA50A488B0C991 ] clwvd C:\WINDOWS\system32\DRIVERS\clwvd.sys 20:18:24.0544 0x228c clwvd - ok 20:18:24.0551 0x228c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 20:18:24.0562 0x228c CmBatt - ok 20:18:24.0579 0x228c [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w C:\WINDOWS\system32\DRIVERS\cm_km_w.sys 20:18:24.0592 0x228c cm_km_w - ok 20:18:24.0620 0x228c [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 20:18:24.0641 0x228c CNG - ok 20:18:24.0647 0x228c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 20:18:24.0658 0x228c CompositeBus - ok 20:18:24.0661 0x228c COMSysApp - ok 20:18:24.0667 0x228c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys 20:18:24.0680 0x228c condrv - ok 20:18:24.0705 0x228c [ 3FC4E7FA6BEC7AC2E5454BE585D7A09B, 56975748E0CB10C21F1CD9FEEE3206361221FCAA4F86A830E1BE2A9EC71DC61B ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 20:18:24.0719 0x228c cphs - ok 20:18:24.0731 0x228c cpuz138 - ok 20:18:24.0765 0x228c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 20:18:24.0783 0x228c CryptSvc - ok 20:18:24.0806 0x228c [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\WINDOWS\system32\drivers\dam.sys 20:18:24.0818 0x228c dam - ok 20:18:24.0836 0x228c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 20:18:24.0862 0x228c DcomLaunch - ok 20:18:24.0874 0x228c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll 20:18:24.0892 0x228c defragsvc - ok 20:18:24.0902 0x228c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 20:18:24.0919 0x228c DeviceAssociationService - ok 20:18:24.0924 0x228c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 20:18:24.0937 0x228c DeviceInstall - ok 20:18:24.0942 0x228c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 20:18:24.0954 0x228c Dfsc - ok 20:18:24.0963 0x228c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 20:18:24.0979 0x228c Dhcp - ok 20:18:25.0008 0x228c [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 20:18:25.0047 0x228c DiagTrack - ok 20:18:25.0054 0x228c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys 20:18:25.0064 0x228c disk - ok 20:18:25.0068 0x228c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 20:18:25.0078 0x228c dmvsc - ok 20:18:25.0085 0x228c [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 20:18:25.0099 0x228c Dnscache - ok 20:18:25.0106 0x228c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 20:18:25.0121 0x228c dot3svc - ok 20:18:25.0126 0x228c [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys 20:18:25.0134 0x228c dot4 - ok 20:18:25.0138 0x228c [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys 20:18:25.0143 0x228c Dot4Print - ok 20:18:25.0147 0x228c [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys 20:18:25.0153 0x228c dot4usb - ok 20:18:25.0158 0x228c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll 20:18:25.0170 0x228c DPS - ok 20:18:25.0174 0x228c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 20:18:25.0181 0x228c drmkaud - ok 20:18:25.0188 0x228c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 20:18:25.0200 0x228c DsmSvc - ok 20:18:25.0228 0x228c [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 20:18:25.0268 0x228c DXGKrnl - ok 20:18:25.0274 0x228c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll 20:18:25.0286 0x228c Eaphost - ok 20:18:25.0341 0x228c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 20:18:25.0418 0x228c ebdrv - ok 20:18:25.0424 0x228c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe 20:18:25.0433 0x228c EFS - ok 20:18:25.0437 0x228c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 20:18:25.0446 0x228c EhStorClass - ok 20:18:25.0451 0x228c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 20:18:25.0461 0x228c EhStorTcgDrv - ok 20:18:25.0465 0x228c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 20:18:25.0473 0x228c ErrDev - ok 20:18:25.0477 0x228c esgiguard - ok 20:18:25.0491 0x228c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll 20:18:25.0508 0x228c EventSystem - ok 20:18:25.0523 0x228c [ 55588867D59BADA2F62E58618CE32B03, F7FAF420103272151194A475D6C8EF4449AFCED787AA3DF7C461370D828E522F ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 20:18:25.0538 0x228c EvtEng - ok 20:18:25.0544 0x228c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 20:18:25.0562 0x228c exfat - ok 20:18:25.0569 0x228c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 20:18:25.0580 0x228c fastfat - ok 20:18:25.0594 0x228c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe 20:18:25.0615 0x228c Fax - ok 20:18:25.0619 0x228c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 20:18:25.0627 0x228c fdc - ok 20:18:25.0631 0x228c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 20:18:25.0640 0x228c fdPHost - ok 20:18:25.0643 0x228c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 20:18:25.0653 0x228c FDResPub - ok 20:18:25.0658 0x228c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 20:18:25.0669 0x228c fhsvc - ok 20:18:25.0674 0x228c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 20:18:25.0683 0x228c FileInfo - ok 20:18:25.0686 0x228c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 20:18:25.0699 0x228c Filetrace - ok 20:18:25.0702 0x228c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 20:18:25.0710 0x228c flpydisk - ok 20:18:25.0719 0x228c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 20:18:25.0734 0x228c FltMgr - ok 20:18:25.0759 0x228c [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache C:\WINDOWS\system32\FntCache.dll 20:18:25.0793 0x228c FontCache - ok 20:18:25.0799 0x228c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:18:25.0806 0x228c FontCache3.0.0.0 - ok 20:18:25.0810 0x228c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 20:18:25.0818 0x228c FsDepends - ok 20:18:25.0821 0x228c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 20:18:25.0829 0x228c Fs_Rec - ok 20:18:25.0841 0x228c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 20:18:25.0862 0x228c fvevol - ok 20:18:25.0867 0x228c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 20:18:25.0874 0x228c FxPPM - ok 20:18:25.0879 0x228c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 20:18:25.0887 0x228c gagp30kx - ok 20:18:25.0891 0x228c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 20:18:25.0897 0x228c GEARAspiWDM - ok 20:18:25.0900 0x228c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 20:18:25.0908 0x228c gencounter - ok 20:18:25.0929 0x228c [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 20:18:25.0952 0x228c GfExperienceService - ok 20:18:25.0960 0x228c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 20:18:25.0970 0x228c GPIOClx0101 - ok 20:18:25.0996 0x228c [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 20:18:26.0030 0x228c gpsvc - ok 20:18:26.0037 0x228c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:18:26.0045 0x228c gupdate - ok 20:18:26.0049 0x228c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:18:26.0056 0x228c gupdatem - ok 20:18:26.0060 0x228c [ 83BC656EE0821F9E5ED7AE1AE3DEDE0E, 788583DB61677856415588E3D1A2429C6C5DC360DC2CE6185DD73E774DF77C35 ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys 20:18:26.0066 0x228c Hamachi - ok 20:18:26.0071 0x228c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 20:18:26.0083 0x228c HDAudBus - ok 20:18:26.0087 0x228c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 20:18:26.0095 0x228c HidBatt - ok 20:18:26.0100 0x228c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 20:18:26.0109 0x228c HidBth - ok 20:18:26.0113 0x228c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 20:18:26.0122 0x228c hidi2c - ok 20:18:26.0125 0x228c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 20:18:26.0134 0x228c HidIr - ok 20:18:26.0137 0x228c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll 20:18:26.0147 0x228c hidserv - ok 20:18:26.0151 0x228c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 20:18:26.0162 0x228c HidUsb - ok 20:18:26.0166 0x228c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 20:18:26.0178 0x228c hkmsvc - ok 20:18:26.0186 0x228c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 20:18:26.0201 0x228c HomeGroupListener - ok 20:18:26.0211 0x228c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 20:18:26.0228 0x228c HomeGroupProvider - ok 20:18:26.0231 0x228c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 20:18:26.0240 0x228c HpSAMD - ok 20:18:26.0259 0x228c [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 20:18:26.0288 0x228c HTTP - ok 20:18:26.0292 0x228c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 20:18:26.0300 0x228c hwpolicy - ok 20:18:26.0303 0x228c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 20:18:26.0311 0x228c hyperkbd - ok 20:18:26.0314 0x228c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 20:18:26.0322 0x228c HyperVideo - ok 20:18:26.0327 0x228c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 20:18:26.0340 0x228c i8042prt - ok 20:18:26.0345 0x228c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 20:18:26.0351 0x228c iaLPSSi_GPIO - ok 20:18:26.0355 0x228c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 20:18:26.0363 0x228c iaLPSSi_I2C - ok 20:18:26.0377 0x228c [ B9E489CC1EA3284FEED33799DC70612D, 0DD714A3A37C391B38F4EEEB3F85C3C3C056F4AAB4A5EFA63835AD967BC25B51 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 20:18:26.0394 0x228c iaStorA - ok 20:18:26.0408 0x228c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 20:18:26.0426 0x228c iaStorAV - ok 20:18:26.0430 0x228c [ 3AEE4C821114AC707699A28988F27ABB, 033A25A19E2A649DA059AE3BCACB8605C00D4F10D356C5E3167B84C01B9359A9 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 20:18:26.0435 0x228c IAStorDataMgrSvc - ok 20:18:26.0445 0x228c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 20:18:26.0460 0x228c iaStorV - ok 20:18:26.0465 0x228c [ AF02AD34CB00812D08B2EB6A7A8439E5, FE2BB588EE68965F45E0E87BCBA6F474F27E447A1E829B2BFDCD4C8C07779482 ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys 20:18:26.0472 0x228c ibtusb - ok 20:18:26.0475 0x228c IEEtwCollectorService - ok 20:18:26.0554 0x228c [ 095DC17F47DA78D214949931C049D33A, 828B12F12D46DA1C85F0F872236E715CA5D9068E3F2792196D854960CC338BD0 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 20:18:26.0661 0x228c igfx - ok 20:18:26.0675 0x228c [ 6F236DFAF988C07F0A9332B0CD5E15AF, DFC0A1246FB2DD3476A795F8F9D0E9FE7B48732B6C27826D81345548EDCDC541 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 20:18:26.0687 0x228c igfxCUIService1.0.0.0 - ok 20:18:26.0707 0x228c [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT C:\WINDOWS\System32\ikeext.dll 20:18:26.0735 0x228c IKEEXT - ok 20:18:26.0741 0x228c [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys 20:18:26.0748 0x228c intaud_WaveExtensible - ok 20:18:26.0805 0x228c [ D739148367AAE1DA0C12160DE141ECED, 471E6EA03F2BD7DD1E2812B56EFB00EDDCAA87E974833B75114B8EE93DC358A5 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 20:18:26.0870 0x228c IntcAzAudAddService - ok 20:18:26.0880 0x228c [ 211E26AB3437B92916DF9263933C0D64, 050885C7B33BDD6D4C8D11CB5608E8E4349CCC21E642D7E2C5748268FBFAF68B ] Intel(R) Bluetooth Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe 20:18:26.0887 0x228c Intel(R) Bluetooth Radio Management - ok 20:18:26.0901 0x228c [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 20:18:26.0917 0x228c Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 ) 20:18:29.0334 0x228c Detect skipped due to KSN trusted 20:18:29.0334 0x228c Intel(R) Capability Licensing Service Interface - ok 20:18:29.0352 0x228c [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 20:18:29.0373 0x228c Intel(R) Capability Licensing Service TCP IP Interface - ok 20:18:29.0381 0x228c [ EE65488B7294FBCB113EAC9FD492345C, D1D6B22CD94324387171B188D295AA716900654DA1DC9F3DC18D0CD528F2BBEA ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 20:18:29.0389 0x228c Intel(R) ME Service - ok 20:18:29.0395 0x228c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 20:18:29.0403 0x228c intelide - ok 20:18:29.0411 0x228c [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 20:18:29.0421 0x228c intelpep - ok 20:18:29.0426 0x228c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 20:18:29.0436 0x228c intelppm - ok 20:18:29.0440 0x228c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 20:18:29.0455 0x228c IpFilterDriver - ok 20:18:29.0474 0x228c [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 20:18:29.0499 0x228c iphlpsvc - ok 20:18:29.0504 0x228c [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 20:18:29.0516 0x228c IPMIDRV - ok 20:18:29.0521 0x228c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 20:18:29.0532 0x228c IPNAT - ok 20:18:29.0546 0x228c [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 20:18:29.0563 0x228c iPod Service - ok 20:18:29.0566 0x228c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 20:18:29.0576 0x228c IRENUM - ok 20:18:29.0580 0x228c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 20:18:29.0588 0x228c isapnp - ok 20:18:29.0597 0x228c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 20:18:29.0611 0x228c iScsiPrt - ok 20:18:29.0615 0x228c [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 20:18:29.0621 0x228c iwdbus - ok 20:18:29.0626 0x228c [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 20:18:29.0634 0x228c jhi_service - ok 20:18:29.0638 0x228c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 20:18:29.0646 0x228c kbdclass - ok 20:18:29.0650 0x228c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 20:18:29.0659 0x228c kbdhid - ok 20:18:29.0662 0x228c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 20:18:29.0672 0x228c kdnic - ok 20:18:29.0678 0x228c [ 9169C8B55EA5060CAA6668780D2C9DE7, B72CBC1FF3E8765DEEEE7FF7EFDC043E634DD76E2FFF7FF5379EEAEF2DE81E88 ] Ke2200 C:\WINDOWS\system32\DRIVERS\e22w8x64.sys 20:18:29.0687 0x228c Ke2200 - ok 20:18:29.0690 0x228c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe 20:18:29.0699 0x228c KeyIso - ok 20:18:29.0709 0x228c [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys 20:18:29.0723 0x228c kl1 - ok 20:18:29.0727 0x228c [ 37D7CBA1797D1FA2490089DA0CFF6ADA, 52CFFD075497C480291C8B816E7D56C055CCE5DA57BCA9CD6123CA9C79757C5D ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys 20:18:29.0734 0x228c kldisk - ok 20:18:29.0737 0x228c [ F2EB9202FCCC81E0902D3C5A70037A44, 9554851BB68228500E69536B0C484B32FC92B85A76A7F1F268549212D0D5CFCA ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys 20:18:29.0746 0x228c klelam - ok 20:18:29.0752 0x228c [ 17BCA7231808182F89154B53CA006F20, 7E836029E47B97ABC363A66F0E0986C0E13094BC59A300B7207225A9830298FE ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys 20:18:29.0760 0x228c klflt - ok 20:18:29.0767 0x228c [ D65DBBAD177325E3EE2B7BC8FE5EB1D0, 7DC61EA88AE26C64BCE0EC5F0EDD4585C23BAC170D86800BA246C1F9BAD33618 ] klhk C:\WINDOWS\system32\DRIVERS\klhk.sys 20:18:29.0778 0x228c klhk - ok 20:18:29.0794 0x228c [ 5753267AE3DEE1D6B9187EC6B8C55799, 5B8C53F11D6E1C794E9F8DBD1E945C575C5EA8FF94373D4D0078F22527A32040 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys 20:18:29.0814 0x228c KLIF - ok 20:18:29.0818 0x228c [ 753BFA638ACE05983D4C64988CC13926, FE0D2604AE845D9AC35C793E1E0523BFF7FCA396183D7FED005E4CDF29381252 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys 20:18:29.0824 0x228c KLIM6 - ok 20:18:29.0827 0x228c [ 37ADA02E498051A4D533F21096789597, 569D0D29C509695C5136D5039AACAF3CAD70FA92AB3F7FE92B6F58C0C691F3F6 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys 20:18:29.0833 0x228c klkbdflt - ok 20:18:29.0836 0x228c klkbdflt2 - ok 20:18:29.0840 0x228c [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys 20:18:29.0846 0x228c klmouflt - ok 20:18:29.0849 0x228c [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys 20:18:29.0854 0x228c klpd - ok 20:18:29.0858 0x228c [ 04E01889D895C1321EE28BE80F7C1B0F, 85A1A3F96291E77AF8DD49DD1DF6AC550CA5BD4A585D7C0A0DBB5C11F87F0218 ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys 20:18:29.0865 0x228c klwfp - ok 20:18:29.0869 0x228c [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys 20:18:29.0876 0x228c Klwtp - ok 20:18:29.0881 0x228c [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys 20:18:29.0890 0x228c kneps - ok 20:18:29.0895 0x228c [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 20:18:29.0904 0x228c KSecDD - ok 20:18:29.0909 0x228c [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 20:18:29.0921 0x228c KSecPkg - ok 20:18:29.0924 0x228c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 20:18:29.0932 0x228c ksthunk - ok 20:18:29.0942 0x228c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 20:18:29.0958 0x228c KtmRm - ok 20:18:29.0966 0x228c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 20:18:29.0981 0x228c LanmanServer - ok 20:18:29.0990 0x228c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 20:18:30.0005 0x228c LanmanWorkstation - ok 20:18:30.0017 0x228c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 20:18:30.0035 0x228c lfsvc - ok 20:18:30.0074 0x228c [ 9221BD3515C49AED30FA88152BFD7168, CD23280C8A1AE00EEEBFC74D403EDE0BF6CB03DDDC3CB971338A7C9FB76CD7F3 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe 20:18:30.0118 0x228c LiveUpdateSvc - ok 20:18:30.0124 0x228c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 20:18:30.0134 0x228c lltdio - ok 20:18:30.0141 0x228c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 20:18:30.0156 0x228c lltdsvc - ok 20:18:30.0159 0x228c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 20:18:30.0169 0x228c lmhosts - ok 20:18:30.0177 0x228c [ 3EA307C51069BC72DD74A4964F2A30A9, EB8F9C936AE43B7E31CB6C46F76FB918509D529E897C0E82B865A2854458996A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 20:18:30.0189 0x228c LMS - ok 20:18:30.0196 0x228c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 20:18:30.0206 0x228c LSI_SAS - ok 20:18:30.0211 0x228c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 20:18:30.0220 0x228c LSI_SAS2 - ok 20:18:30.0223 0x228c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 20:18:30.0232 0x228c LSI_SAS3 - ok 20:18:30.0236 0x228c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 20:18:30.0245 0x228c LSI_SSS - ok 20:18:30.0260 0x228c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll 20:18:30.0283 0x228c LSM - ok 20:18:30.0289 0x228c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 20:18:30.0300 0x228c luafv - ok 20:18:30.0303 0x228c [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 20:18:30.0309 0x228c MBAMProtector - ok 20:18:30.0331 0x228c [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 20:18:30.0357 0x228c MBAMService - ok 20:18:30.0361 0x228c [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys 20:18:30.0368 0x228c MBAMWebAccessControl - ok 20:18:30.0372 0x228c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys 20:18:30.0380 0x228c megasas - ok 20:18:30.0393 0x228c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 20:18:30.0412 0x228c megasr - ok 20:18:30.0416 0x228c [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys 20:18:30.0423 0x228c MEIx64 - ok 20:18:30.0427 0x228c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll 20:18:30.0438 0x228c MMCSS - ok 20:18:30.0442 0x228c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys 20:18:30.0452 0x228c Modem - ok 20:18:30.0455 0x228c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 20:18:30.0464 0x228c monitor - ok 20:18:30.0469 0x228c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 20:18:30.0477 0x228c mouclass - ok 20:18:30.0481 0x228c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 20:18:30.0490 0x228c mouhid - ok 20:18:30.0494 0x228c [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 20:18:30.0503 0x228c mountmgr - ok 20:18:30.0507 0x228c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 20:18:30.0517 0x228c mpsdrv - ok 20:18:30.0533 0x228c [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 20:18:30.0558 0x228c MpsSvc - ok 20:18:30.0564 0x228c [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 20:18:30.0575 0x228c MRxDAV - ok 20:18:30.0584 0x228c [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 20:18:30.0601 0x228c mrxsmb - ok 20:18:30.0608 0x228c [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 20:18:30.0622 0x228c mrxsmb10 - ok 20:18:30.0628 0x228c [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 20:18:30.0639 0x228c mrxsmb20 - ok 20:18:30.0644 0x228c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 20:18:30.0654 0x228c MsBridge - ok 20:18:30.0659 0x228c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe 20:18:30.0670 0x228c MSDTC - ok 20:18:30.0675 0x228c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 20:18:30.0684 0x228c Msfs - ok 20:18:30.0688 0x228c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 20:18:30.0696 0x228c msgpiowin32 - ok 20:18:30.0699 0x228c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 20:18:30.0708 0x228c mshidkmdf - ok 20:18:30.0711 0x228c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 20:18:30.0719 0x228c mshidumdf - ok 20:18:30.0723 0x228c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 20:18:30.0730 0x228c msisadrv - ok 20:18:30.0736 0x228c [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 20:18:30.0747 0x228c MSiSCSI - ok 20:18:30.0749 0x228c msiserver - ok 20:18:30.0752 0x228c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 20:18:30.0760 0x228c MSKSSRV - ok 20:18:30.0764 0x228c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 20:18:30.0775 0x228c MsLldp - ok 20:18:30.0778 0x228c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 20:18:30.0786 0x228c MSPCLOCK - ok 20:18:30.0789 0x228c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 20:18:30.0797 0x228c MSPQM - ok 20:18:30.0806 0x228c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 20:18:30.0820 0x228c MsRPC - ok 20:18:30.0825 0x228c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 20:18:30.0832 0x228c mssmbios - ok 20:18:30.0835 0x228c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 20:18:30.0843 0x228c MSTEE - ok 20:18:30.0847 0x228c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 20:18:30.0855 0x228c MTConfig - ok 20:18:30.0858 0x228c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys 20:18:30.0867 0x228c Mup - ok 20:18:30.0871 0x228c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 20:18:30.0879 0x228c mvumis - ok 20:18:30.0886 0x228c [ FCDCFEDAF3C1D61DE11FA0DE9453699C, 4E79F1040E62B0DEE00F3035DBFE5241A459FE4C1A46337FF13A25FF8C5A64A5 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 20:18:30.0896 0x228c MyWiFiDHCPDNS - ok 20:18:30.0906 0x228c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll 20:18:30.0924 0x228c napagent - ok 20:18:30.0934 0x228c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 20:18:30.0952 0x228c NativeWifiP - ok 20:18:30.0958 0x228c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 20:18:30.0970 0x228c NcaSvc - ok 20:18:30.0976 0x228c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll 20:18:30.0988 0x228c NcbService - ok 20:18:30.0992 0x228c [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 20:18:31.0004 0x228c NcdAutoSetup - ok 20:18:31.0025 0x228c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 20:18:31.0056 0x228c NDIS - ok 20:18:31.0060 0x228c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 20:18:31.0069 0x228c NdisCap - ok 20:18:31.0073 0x228c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 20:18:31.0084 0x228c NdisImPlatform - ok 20:18:31.0088 0x228c [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 20:18:31.0097 0x228c NdisTapi - ok 20:18:31.0100 0x228c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 20:18:31.0111 0x228c Ndisuio - ok 20:18:31.0114 0x228c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 20:18:31.0123 0x228c NdisVirtualBus - ok 20:18:31.0130 0x228c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 20:18:31.0143 0x228c NdisWan - ok 20:18:31.0149 0x228c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 20:18:31.0161 0x228c NdisWanLegacy - ok 20:18:31.0165 0x228c [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1, 913AEC8A5F735C2EFDCB417E4077AB5A15457C601E6E88A1F4FA52C91E6E0BBF ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 20:18:31.0173 0x228c NDProxy - ok 20:18:31.0178 0x228c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 20:18:31.0189 0x228c Ndu - ok 20:18:31.0193 0x228c [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll 20:18:31.0197 0x228c Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 20:18:33.0612 0x228c Detect skipped due to KSN trusted 20:18:33.0612 0x228c Net Driver HPZ12 - ok 20:18:33.0617 0x228c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 20:18:33.0626 0x228c NetBIOS - ok 20:18:33.0633 0x228c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 20:18:33.0647 0x228c NetBT - ok 20:18:33.0651 0x228c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe 20:18:33.0659 0x228c Netlogon - ok 20:18:33.0667 0x228c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll 20:18:33.0680 0x228c Netman - ok 20:18:33.0692 0x228c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 20:18:33.0710 0x228c netprofm - ok 20:18:33.0718 0x228c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:18:33.0728 0x228c NetTcpPortSharing - ok 20:18:33.0732 0x228c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys 20:18:33.0742 0x228c netvsc - ok 20:18:33.0801 0x228c [ C1A5058712781556E820CA1CE7CB1244, 5EB9934D6A02B19F42C73924066E54F35B98D07F8FA5B1F6AA74DDBAD5C3986D ] NETwNe64 C:\WINDOWS\system32\DRIVERS\NETwew02.sys 20:18:33.0871 0x228c NETwNe64 - ok 20:18:33.0884 0x228c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 20:18:33.0901 0x228c NlaSvc - ok 20:18:33.0905 0x228c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 20:18:33.0914 0x228c Npfs - ok 20:18:33.0917 0x228c npggsvc - ok 20:18:33.0921 0x228c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 20:18:33.0930 0x228c npsvctrig - ok 20:18:33.0934 0x228c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll 20:18:33.0944 0x228c nsi - ok 20:18:33.0948 0x228c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 20:18:33.0957 0x228c nsiproxy - ok 20:18:33.0993 0x228c [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 20:18:34.0038 0x228c Ntfs - ok 20:18:34.0043 0x228c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys 20:18:34.0051 0x228c Null - ok 20:18:34.0057 0x228c [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys 20:18:34.0068 0x228c NVHDA - ok 20:18:34.0075 0x228c [ A9972A0AA99694D7B576D9928E9CC497, B3CF5A360EF3F2E5C887A87E19D456777A553A3B12111EB65835539480DFA514 ] nvkflt C:\WINDOWS\system32\DRIVERS\nvkflt.sys 20:18:34.0086 0x228c nvkflt - ok 20:18:34.0256 0x228c [ 36BAB895547EA82892292F05FA02142E, 224D165CE3ECB0EF35C18D09507AB43ADC4A7AD12E507F31230012943C83BEDB ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 20:18:34.0459 0x228c nvlddmkm - ok 20:18:34.0502 0x228c [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 20:18:34.0536 0x228c NvNetworkService - ok 20:18:34.0540 0x228c [ 2464570B44EAC56308669A04FBA1CD81, 7968566DB59825D968D43AE3F9AEA6ADD54A4BBF93E00DDFDF2EA9F965A91F1A ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys 20:18:34.0546 0x228c nvpciflt - ok 20:18:34.0551 0x228c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 20:18:34.0562 0x228c nvraid - ok 20:18:34.0567 0x228c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 20:18:34.0577 0x228c nvstor - ok 20:18:34.0580 0x228c [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 20:18:34.0586 0x228c NvStreamKms - ok 20:18:34.0673 0x228c [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 20:18:34.0765 0x228c NvStreamSvc - ok 20:18:34.0801 0x228c [ 6B245B7F96F901891636814B5A7A9088, BC6DF13929AEBA2CF5DC8449FF9D5F73497DF8E9760AFA93B56543D86BE940C3 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe 20:18:34.0842 0x228c nvsvc - ok 20:18:34.0871 0x228c [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys 20:18:34.0879 0x228c nvvad_WaveExtensible - ok 20:18:34.0884 0x228c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 20:18:34.0894 0x228c nv_agp - ok 20:18:34.0900 0x228c [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:18:34.0910 0x228c ose64 - ok 20:18:34.0920 0x228c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 20:18:34.0937 0x228c p2pimsvc - ok 20:18:34.0948 0x228c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll 20:18:34.0966 0x228c p2psvc - ok 20:18:34.0971 0x228c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys 20:18:34.0981 0x228c Parport - ok 20:18:34.0986 0x228c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 20:18:34.0995 0x228c partmgr - ok 20:18:35.0006 0x228c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 20:18:35.0023 0x228c PcaSvc - ok 20:18:35.0033 0x228c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys 20:18:35.0047 0x228c pci - ok 20:18:35.0050 0x228c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 20:18:35.0058 0x228c pciide - ok 20:18:35.0064 0x228c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 20:18:35.0073 0x228c pcmcia - ok 20:18:35.0077 0x228c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 20:18:35.0085 0x228c pcw - ok 20:18:35.0090 0x228c [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 20:18:35.0099 0x228c pdc - ok 20:18:35.0112 0x228c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 20:18:35.0133 0x228c PEAUTH - ok 20:18:35.0147 0x228c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 20:18:35.0159 0x228c PerfHost - ok 20:18:35.0190 0x228c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll 20:18:35.0227 0x228c pla - ok 20:18:35.0233 0x228c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 20:18:35.0244 0x228c PlugPlay - ok 20:18:35.0249 0x228c [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll 20:18:35.0253 0x228c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 20:18:35.0894 0x1970 Object required for P2P: [ 55C892763A614BA39BA956A0323C65F3 ] ClickToRunSvc 20:18:38.0385 0x1970 Object send P2P result: true 20:18:39.0820 0x0704 Object required for P2P: [ 6B245B7F96F901891636814B5A7A9088 ] nvsvc 20:18:42.0270 0x0704 Object send P2P result: true 20:18:45.0296 0x228c Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 20:18:47.0683 0x228c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 20:18:47.0693 0x228c PNRPAutoReg - ok 20:18:47.0707 0x228c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 20:18:47.0722 0x228c PNRPsvc - ok 20:18:47.0738 0x228c [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 20:18:47.0768 0x228c PolicyAgent - ok 20:18:47.0774 0x228c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll 20:18:47.0795 0x228c Power - ok 20:18:47.0855 0x228c [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 20:18:47.0915 0x228c PrintNotify - ok 20:18:47.0922 0x228c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys 20:18:47.0932 0x228c Processor - ok 20:18:47.0939 0x228c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll 20:18:47.0954 0x228c ProfSvc - ok 20:18:47.0959 0x228c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 20:18:47.0971 0x228c Psched - ok 20:18:47.0981 0x228c [ FDBF0FD0319CF998C84AD45F8E003D34, 07D520729A3FB863C2759FB7E403FFD557B41B04896B2CD6126436E6139128B9 ] Qualcomm Atheros Killer Service C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe 20:18:47.0993 0x228c Qualcomm Atheros Killer Service - detected UnsignedFile.Multi.Generic ( 1 ) 20:18:50.0363 0x228c Qualcomm Atheros Killer Service ( UnsignedFile.Multi.Generic ) - warning 20:18:52.0739 0x228c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll 20:18:52.0755 0x228c QWAVE - ok 20:18:52.0759 0x228c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 20:18:52.0768 0x228c QWAVEdrv - ok 20:18:52.0772 0x228c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 20:18:52.0780 0x228c RasAcd - ok 20:18:52.0784 0x228c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll 20:18:52.0795 0x228c RasAuto - ok 20:18:52.0807 0x228c [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll 20:18:52.0827 0x228c RasMan - ok 20:18:52.0832 0x228c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 20:18:52.0842 0x228c RasPppoe - ok 20:18:52.0853 0x228c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 20:18:52.0869 0x228c rdbss - ok 20:18:52.0874 0x228c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 20:18:52.0883 0x228c rdpbus - ok 20:18:52.0889 0x228c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 20:18:52.0901 0x228c RDPDR - ok 20:18:52.0907 0x228c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 20:18:52.0914 0x228c RdpVideoMiniport - ok 20:18:52.0922 0x228c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 20:18:52.0934 0x228c rdyboost - ok 20:18:52.0952 0x228c [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 20:18:52.0976 0x228c ReFS - ok 20:18:52.0983 0x228c [ 5B1F724CBCA8E08DC9D4C158C9BC1C1C, D5B170CF4B5420213130E151AFBBD9B84C5F7E710F5F67066E07095DEC1BD4B9 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 20:18:52.0990 0x228c RegSrvc - ok 20:18:52.0996 0x228c [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 20:18:53.0008 0x228c RemoteAccess - ok 20:18:53.0014 0x228c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 20:18:53.0027 0x228c RemoteRegistry - ok 20:18:53.0033 0x228c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 20:18:53.0044 0x228c RFCOMM - ok 20:18:53.0053 0x228c [ 0B169FE016039571ECC6DB70073F8979, B80663433919C3DE83A02E376E5B3020856C6E9E98B5773D316FD9C1C02C1417 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe 20:18:53.0065 0x228c RichVideo64 - ok 20:18:53.0070 0x228c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 20:18:53.0080 0x228c RpcEptMapper - ok 20:18:53.0083 0x228c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe 20:18:53.0093 0x228c RpcLocator - ok 20:18:53.0108 0x228c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll 20:18:53.0129 0x228c RpcSs - ok 20:18:53.0134 0x228c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 20:18:53.0145 0x228c rspndr - ok 20:18:53.0155 0x228c [ A336CE9CED25DAD273CC66556A511E0B, BC5FCD9C15F10A5775AA0E5BCEFA556A9D0B57267FA5518E1B3369BE066DD88C ] RTSPER C:\WINDOWS\system32\DRIVERS\RtsPer.sys 20:18:53.0168 0x228c RTSPER - ok 20:18:53.0171 0x228c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 20:18:53.0178 0x228c s3cap - ok 20:18:53.0182 0x228c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe 20:18:53.0190 0x228c SamSs - ok 20:18:53.0195 0x228c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 20:18:53.0205 0x228c sbp2port - ok 20:18:53.0211 0x228c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 20:18:53.0224 0x228c SCardSvr - ok 20:18:53.0229 0x228c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 20:18:53.0241 0x228c ScDeviceEnum - ok 20:18:53.0244 0x228c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 20:18:53.0253 0x228c scfilter - ok 20:18:53.0275 0x228c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll 20:18:53.0307 0x228c Schedule - ok 20:18:53.0313 0x228c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 20:18:53.0323 0x228c SCPolicySvc - ok 20:18:53.0331 0x228c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 20:18:53.0344 0x228c sdbus - ok 20:18:53.0349 0x228c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 20:18:53.0358 0x228c sdstor - ok 20:18:53.0361 0x228c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 20:18:53.0370 0x228c secdrv - ok 20:18:53.0373 0x228c [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll 20:18:53.0383 0x228c seclogon - ok 20:18:53.0387 0x228c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll 20:18:53.0398 0x228c SENS - ok 20:18:53.0405 0x228c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 20:18:53.0419 0x228c SensrSvc - ok 20:18:53.0423 0x228c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 20:18:53.0432 0x228c SerCx - ok 20:18:53.0437 0x228c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 20:18:53.0447 0x228c SerCx2 - ok 20:18:53.0450 0x228c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 20:18:53.0459 0x228c Serenum - ok 20:18:53.0463 0x228c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys 20:18:53.0473 0x228c Serial - ok 20:18:53.0477 0x228c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 20:18:53.0485 0x228c sermouse - ok 20:18:53.0496 0x228c [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll 20:18:53.0512 0x228c SessionEnv - ok 20:18:53.0516 0x228c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 20:18:53.0524 0x228c sfloppy - ok 20:18:53.0534 0x228c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 20:18:53.0551 0x228c SharedAccess - ok 20:18:53.0565 0x228c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 20:18:53.0587 0x228c ShellHWDetection - ok 20:18:53.0591 0x228c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 20:18:53.0599 0x228c SiSRaid2 - ok 20:18:53.0603 0x228c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 20:18:53.0612 0x228c SiSRaid4 - ok 20:18:53.0620 0x228c [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 20:18:53.0634 0x228c SkypeUpdate - ok 20:18:53.0637 0x228c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll 20:18:53.0646 0x228c smphost - ok 20:18:53.0651 0x228c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 20:18:53.0660 0x228c SNMPTRAP - ok 20:18:53.0672 0x228c [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 20:18:53.0689 0x228c spaceport - ok 20:18:53.0694 0x228c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 20:18:53.0703 0x228c SpbCx - ok 20:18:53.0719 0x228c [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\WINDOWS\System32\spoolsv.exe 20:18:53.0743 0x228c Spooler - ok 20:18:53.0844 0x228c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe 20:18:53.0986 0x228c sppsvc - ok 20:18:54.0003 0x228c [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 20:18:54.0020 0x228c srv - ok 20:18:54.0033 0x228c [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 20:18:54.0054 0x228c srv2 - ok 20:18:54.0062 0x228c [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 20:18:54.0075 0x228c srvnet - ok 20:18:54.0082 0x228c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 20:18:54.0095 0x228c SSDPSRV - ok 20:18:54.0101 0x228c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 20:18:54.0112 0x228c SstpSvc - ok 20:18:54.0128 0x228c [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 20:18:54.0145 0x228c Steam Client Service - ok 20:18:54.0150 0x228c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 20:18:54.0157 0x228c stexstor - ok 20:18:54.0171 0x228c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll 20:18:54.0194 0x228c stisvc - ok 20:18:54.0200 0x228c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 20:18:54.0209 0x228c storahci - ok 20:18:54.0212 0x228c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 20:18:54.0220 0x228c storflt - ok 20:18:54.0223 0x228c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 20:18:54.0232 0x228c stornvme - ok 20:18:54.0234 0x228c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll 20:18:54.0245 0x228c StorSvc - ok 20:18:54.0248 0x228c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 20:18:54.0257 0x228c storvsc - ok 20:18:54.0260 0x228c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll 20:18:54.0270 0x228c svsvc - ok 20:18:54.0273 0x228c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys 20:18:54.0281 0x228c swenum - ok 20:18:54.0295 0x228c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll 20:18:54.0318 0x228c swprv - ok 20:18:54.0340 0x228c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll 20:18:54.0372 0x228c SysMain - ok 20:18:54.0380 0x228c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 20:18:54.0395 0x228c SystemEventsBroker - ok 20:18:54.0401 0x228c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 20:18:54.0413 0x228c TabletInputService - ok 20:18:54.0421 0x228c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 20:18:54.0437 0x228c TapiSrv - ok 20:18:54.0476 0x228c [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 20:18:54.0534 0x228c Tcpip - ok 20:18:54.0578 0x228c [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 20:18:54.0631 0x228c TCPIP6 - ok 20:18:54.0640 0x228c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 20:18:54.0652 0x228c tcpipreg - ok 20:18:54.0659 0x228c [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 20:18:54.0672 0x228c tdx - ok 20:18:54.0677 0x228c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 20:18:54.0688 0x228c terminpt - ok 20:18:54.0712 0x228c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll 20:18:54.0737 0x228c TermService - ok 20:18:54.0742 0x228c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll 20:18:54.0753 0x228c Themes - ok 20:18:54.0756 0x228c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll 20:18:54.0765 0x228c THREADORDER - ok 20:18:54.0772 0x228c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 20:18:54.0787 0x228c TimeBroker - ok 20:18:54.0793 0x228c [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys 20:18:54.0804 0x228c TPM - ok 20:18:54.0809 0x228c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll 20:18:54.0820 0x228c TrkWks - ok 20:18:54.0824 0x228c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 20:18:54.0835 0x228c TrustedInstaller - ok 20:18:54.0839 0x228c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 20:18:54.0850 0x228c TsUsbFlt - ok 20:18:54.0853 0x228c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 20:18:54.0863 0x228c TsUsbGD - ok 20:18:54.0869 0x228c [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 20:18:54.0881 0x228c tunnel - ok 20:18:54.0885 0x228c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 20:18:54.0893 0x228c uagp35 - ok 20:18:54.0898 0x228c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 20:18:54.0907 0x228c UASPStor - ok 20:18:54.0914 0x228c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 20:18:54.0925 0x228c UCX01000 - ok 20:18:54.0933 0x228c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 20:18:54.0947 0x228c udfs - ok 20:18:54.0950 0x228c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 20:18:54.0958 0x228c UEFI - ok 20:18:54.0964 0x228c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 20:18:54.0975 0x228c UI0Detect - ok 20:18:54.0978 0x228c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 20:18:54.0987 0x228c uliagpkx - ok 20:18:54.0990 0x228c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 20:18:54.0999 0x228c umbus - ok 20:18:55.0002 0x228c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 20:18:55.0011 0x228c UmPass - ok 20:18:55.0018 0x228c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 20:18:55.0034 0x228c UmRdpService - ok 20:18:55.0044 0x228c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll 20:18:55.0062 0x228c upnphost - ok 20:18:55.0066 0x228c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys 20:18:55.0075 0x228c USBAAPL64 - ok 20:18:55.0081 0x228c [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 20:18:55.0092 0x228c usbaudio - ok 20:18:55.0098 0x228c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 20:18:55.0109 0x228c usbccgp - ok 20:18:55.0114 0x228c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 20:18:55.0124 0x228c usbcir - ok 20:18:55.0129 0x228c [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 20:18:55.0139 0x228c usbehci - ok 20:18:55.0150 0x228c [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 20:18:55.0168 0x228c usbhub - ok 20:18:55.0182 0x228c [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 20:18:55.0202 0x228c USBHUB3 - ok 20:18:55.0206 0x228c [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 20:18:55.0218 0x228c usbohci - ok 20:18:55.0221 0x228c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 20:18:55.0231 0x228c usbprint - ok 20:18:55.0238 0x228c [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 20:18:55.0249 0x228c USBSTOR - ok 20:18:55.0253 0x228c [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 20:18:55.0262 0x228c usbuhci - ok 20:18:55.0269 0x228c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 20:18:55.0283 0x228c usbvideo - ok 20:18:55.0292 0x228c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 20:18:55.0308 0x228c USBXHCI - ok 20:18:55.0311 0x228c [ 3CAAB947B1F247A570DE15983BEDEBCF, 81480D999F67A1755D5C21CE046FB439F0FBD743F73D23C19BC8C4DEB78A4F91 ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys 20:18:55.0321 0x228c usb_rndisx - ok 20:18:55.0324 0x228c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe 20:18:55.0332 0x228c VaultSvc - ok 20:18:55.0336 0x228c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 20:18:55.0343 0x228c vdrvroot - ok 20:18:55.0367 0x228c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe 20:18:55.0399 0x228c vds - ok 20:18:55.0406 0x228c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 20:18:55.0417 0x228c VerifierExt - ok 20:18:55.0432 0x228c [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 20:18:55.0454 0x228c vhdmp - ok 20:18:55.0457 0x228c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 20:18:55.0465 0x228c viaide - ok 20:18:55.0469 0x228c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 20:18:55.0478 0x228c vmbus - ok 20:18:55.0482 0x228c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 20:18:55.0491 0x228c VMBusHID - ok 20:18:55.0502 0x228c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 20:18:55.0521 0x228c vmicguestinterface - ok 20:18:55.0532 0x228c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 20:18:55.0548 0x228c vmicheartbeat - ok 20:18:55.0559 0x228c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 20:18:55.0575 0x228c vmickvpexchange - ok 20:18:55.0586 0x228c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 20:18:55.0602 0x228c vmicrdv - ok 20:18:55.0613 0x228c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 20:18:55.0629 0x228c vmicshutdown - ok 20:18:55.0639 0x228c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 20:18:55.0655 0x228c vmictimesync - ok 20:18:55.0666 0x228c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 20:18:55.0682 0x228c vmicvss - ok 20:18:55.0686 0x228c [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 20:18:55.0696 0x228c volmgr - ok 20:18:55.0704 0x228c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 20:18:55.0719 0x228c volmgrx - ok 20:18:55.0729 0x228c [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 20:18:55.0746 0x228c volsnap - ok 20:18:55.0749 0x228c [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 20:18:55.0759 0x228c vpci - ok 20:18:55.0764 0x228c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 20:18:55.0775 0x228c vsmraid - ok 20:18:55.0801 0x228c [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\WINDOWS\system32\vssvc.exe 20:18:55.0837 0x228c VSS - ok 20:18:55.0847 0x228c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 20:18:55.0860 0x228c VSTXRAID - ok 20:18:55.0864 0x228c [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 20:18:55.0873 0x228c vwifibus - ok 20:18:55.0877 0x228c [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys 20:18:55.0888 0x228c vwififlt - ok 20:18:55.0892 0x228c [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys 20:18:55.0900 0x228c vwifimp - ok 20:18:55.0909 0x228c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll 20:18:55.0927 0x228c W32Time - ok 20:18:55.0931 0x228c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 20:18:55.0939 0x228c WacomPen - ok 20:18:55.0966 0x228c [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe 20:18:56.0004 0x228c wbengine - ok 20:18:56.0015 0x228c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 20:18:56.0033 0x228c WbioSrvc - ok 20:18:56.0042 0x228c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 20:18:56.0058 0x228c Wcmsvc - ok 20:18:56.0069 0x228c [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 20:18:56.0086 0x228c wcncsvc - ok 20:18:56.0089 0x228c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 20:18:56.0100 0x228c WcsPlugInService - ok 20:18:56.0104 0x228c [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 20:18:56.0112 0x228c WdBoot - ok 20:18:56.0128 0x228c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 20:18:56.0150 0x228c Wdf01000 - ok 20:18:56.0158 0x228c [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 20:18:56.0171 0x228c WdFilter - ok 20:18:56.0175 0x228c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 20:18:56.0188 0x228c WdiServiceHost - ok 20:18:56.0191 0x228c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 20:18:56.0202 0x228c WdiSystemHost - ok 20:18:56.0216 0x228c [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 20:18:56.0225 0x228c WdNisDrv - ok 20:18:56.0227 0x228c WdNisSvc - ok 20:18:56.0234 0x228c [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll 20:18:56.0248 0x228c WebClient - ok 20:18:56.0254 0x228c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 20:18:56.0267 0x228c Wecsvc - ok 20:18:56.0270 0x228c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 20:18:56.0280 0x228c WEPHOSTSVC - ok 20:18:56.0284 0x228c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 20:18:56.0298 0x228c wercplsupport - ok 20:18:56.0302 0x228c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll 20:18:56.0314 0x228c WerSvc - ok 20:18:56.0319 0x228c [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 20:18:56.0329 0x228c WFPLWFS - ok 20:18:56.0334 0x228c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 20:18:56.0344 0x228c WiaRpc - ok 20:18:56.0347 0x228c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 20:18:56.0355 0x228c WIMMount - ok 20:18:56.0358 0x228c WinDefend - ok 20:18:56.0376 0x228c [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 20:18:56.0400 0x228c WinHttpAutoProxySvc - ok 20:18:56.0408 0x228c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 20:18:56.0421 0x228c Winmgmt - ok 20:18:56.0465 0x228c [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 20:18:56.0521 0x228c WinRM - ok 20:18:56.0530 0x228c [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys 20:18:56.0539 0x228c WinUsb - ok 20:18:56.0567 0x228c [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 20:18:56.0604 0x228c WlanSvc - ok 20:18:56.0634 0x228c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 20:18:56.0672 0x228c wlidsvc - ok 20:18:56.0676 0x228c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 20:18:56.0684 0x228c WmiAcpi - ok 20:18:56.0693 0x228c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 20:18:56.0704 0x228c wmiApSrv - ok 20:18:56.0706 0x228c WMPNetworkSvc - ok 20:18:56.0712 0x228c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys 20:18:56.0722 0x228c Wof - ok 20:18:56.0753 0x228c [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 20:18:56.0793 0x228c workfolderssvc - ok 20:18:56.0798 0x228c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 20:18:56.0806 0x228c wpcfltr - ok 20:18:56.0809 0x228c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 20:18:56.0819 0x228c WPCSvc - ok 20:18:56.0823 0x228c [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 20:18:56.0836 0x228c WPDBusEnum - ok 20:18:56.0839 0x228c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 20:18:56.0847 0x228c WpdUpFltr - ok 20:18:56.0851 0x228c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 20:18:56.0860 0x228c ws2ifsl - ok 20:18:56.0866 0x228c [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll 20:18:56.0878 0x228c wscsvc - ok 20:18:56.0882 0x228c WSearch - ok 20:18:56.0937 0x228c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll 20:18:57.0019 0x228c WSService - ok 20:18:57.0081 0x228c [ 3F726FF7B1ACC7D5E89940EA5BFF0E61, DF84486870C677B30985005A909CFDF8446BD566F601A295FF29F258E1D1AFF4 ] wuauserv C:\WINDOWS\system32\wuaueng.dll 20:18:57.0154 0x228c wuauserv - ok 20:18:57.0164 0x228c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 20:18:57.0175 0x228c WudfPf - ok 20:18:57.0181 0x228c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 20:18:57.0192 0x228c WUDFRd - ok 20:18:57.0198 0x228c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys 20:18:57.0208 0x228c WUDFSensorLP - ok 20:18:57.0213 0x228c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 20:18:57.0224 0x228c wudfsvc - ok 20:18:57.0230 0x228c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys 20:18:57.0240 0x228c WUDFWpdFs - ok 20:18:57.0246 0x228c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys 20:18:57.0256 0x228c WUDFWpdMtp - ok 20:18:57.0267 0x228c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 20:18:57.0286 0x228c WwanSvc - ok 20:18:57.0289 0x228c [ AAAF81690C24E2F1EE59F1B2AED5B632, 446AE85300FCB1CDEBFF2BDD69F6B322922F40EB688EF152F853B3AB6F4D4A6A ] xb1usb C:\WINDOWS\System32\drivers\xb1usb.sys 20:18:57.0301 0x228c xb1usb - ok 20:18:57.0363 0x228c [ C4C5C3198C3261BEC89E6C3631047BAF, 78E5604B4B2A184B328C0669781DF11A35AFC04E7375CAB4DB9A48D74929137D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 20:18:57.0425 0x228c ZeroConfigService - ok 20:18:57.0434 0x228c ================ Scan global =============================== 20:18:57.0437 0x228c [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll 20:18:57.0444 0x228c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll 20:18:57.0451 0x228c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll 20:18:57.0462 0x228c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe 20:18:57.0468 0x228c [ Global ] - ok 20:18:57.0469 0x228c ================ Scan MBR ================================== 20:18:57.0471 0x228c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 20:18:57.0503 0x228c \Device\Harddisk0\DR0 - ok 20:18:57.0542 0x228c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 20:18:57.0601 0x228c \Device\Harddisk1\DR1 - ok 20:18:57.0601 0x228c ================ Scan VBR ================================== 20:18:57.0603 0x228c [ 1E3488915A0AC1A3542CFD89B314308E ] \Device\Harddisk0\DR0\Partition1 20:18:57.0604 0x228c \Device\Harddisk0\DR0\Partition1 - ok 20:18:57.0605 0x228c [ C910B9052D20708ACDD7A0F3095361CC ] \Device\Harddisk0\DR0\Partition2 20:18:57.0607 0x228c \Device\Harddisk0\DR0\Partition2 - ok 20:18:57.0609 0x228c [ 9D327BA77F9A4BB193707A464C3EE21D ] \Device\Harddisk0\DR0\Partition3 20:18:57.0609 0x228c \Device\Harddisk0\DR0\Partition3 - ok 20:18:57.0611 0x228c [ 00DAE422CE24C43B2739CB502E3484E2 ] \Device\Harddisk0\DR0\Partition4 20:18:57.0612 0x228c \Device\Harddisk0\DR0\Partition4 - ok 20:18:57.0614 0x228c [ 2B69DD9543789C6D88AD641CAC72AE9C ] \Device\Harddisk0\DR0\Partition5 20:18:57.0615 0x228c \Device\Harddisk0\DR0\Partition5 - ok 20:18:57.0617 0x228c [ 5538502F17CDA7EF944C0A1181E543EA ] \Device\Harddisk0\DR0\Partition6 20:18:57.0618 0x228c \Device\Harddisk0\DR0\Partition6 - ok 20:18:57.0619 0x228c [ 449B96159777CF4FC7F68BD173BF683C ] \Device\Harddisk1\DR1\Partition1 20:18:57.0663 0x228c \Device\Harddisk1\DR1\Partition1 - ok 20:18:57.0665 0x228c [ 8F1004CE7FA0B42720BADFEE854D47DB ] \Device\Harddisk1\DR1\Partition2 20:18:57.0697 0x228c \Device\Harddisk1\DR1\Partition2 - ok 20:18:57.0697 0x228c ================ Scan generic autorun ====================== 20:18:57.0906 0x228c [ E05849E5D0E51EB52080E7D2987B9D3B, E68E43CF0FFD69C193C5B692A019CE13D3FB58197E5827720B3ACDDE0812AAFA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 20:18:58.0112 0x228c RtHDVCpl - ok 20:18:58.0147 0x228c [ F66CE44D86EA704B31BED2BF2BEDDF75, EC0B3AB0B2011B718299BFF743A28117A3436E9431B6F31CF34416D68AAF1B56 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 20:18:58.0172 0x228c RtHDVBg_Dolby - ok 20:18:58.0176 0x228c [ 4503FA7E89950178CAD1B635B501640D, E607913AE096DB1E07B9FE1003DF9F9E294FC512F6CD3DEE8D0FB9851491BA37 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 20:18:58.0179 0x228c IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 ) 20:19:00.0592 0x228c Detect skipped due to KSN trusted 20:19:00.0592 0x228c IAStorIcon - ok 20:19:00.0636 0x228c [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 20:19:00.0681 0x228c NvBackend - ok 20:19:00.0687 0x228c [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\WINDOWS\system32\rundll32.exe 20:19:00.0700 0x228c ShadowPlay - ok 20:19:00.0704 0x228c [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe 20:19:00.0712 0x228c iTunesHelper - ok 20:19:00.0765 0x228c [ 1A4A2AAA69A347E39DB82B7D35B01BDC, A82C8F6C8177A685CCDB8E97E73F66BD499E6AE4BD70AEAC234076C5A041686A ] C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe 20:19:00.0827 0x228c EsternTimesMouseExRun - detected UnsignedFile.Multi.Generic ( 1 ) 20:19:03.0224 0x228c EsternTimesMouseExRun ( UnsignedFile.Multi.Generic ) - warning 20:19:05.0608 0x228c [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 20:19:05.0622 0x228c SunJavaUpdateSched - ok 20:19:05.0805 0x228c [ 2E570D03FA146EB4B1A40164B3873C7D, 7D3BE64F366B5D84CAD0B90A46B6D7746DA9A2BA6141FBC61792F8E34735C85D ] C:\Program Files\CCleaner\CCleaner64.exe 20:19:05.0942 0x228c CCleaner Monitoring - ok 20:19:06.0010 0x228c [ 781DCED079ABD884DF8CA22B6FA30F05, 392C39D4E26AAE801786EE9A2671FDFFF18991A27046853B13ACA90E4B2D3998 ] C:\Users\Andreas\AppData\Roaming\Spotify\SpotifyWebHelper.exe 20:19:06.0053 0x228c Spotify Web Helper - ok 20:19:06.0066 0x228c [ 33BFEC2B102B196B62ABB9947C7D7E23, 6EAF3462712629401CDBECF63B0848D1762A023FCA156F9FA146B0FEE75C83D0 ] C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe 20:19:06.0073 0x228c Dropbox Update - ok 20:19:06.0189 0x228c [ 831EE34C9AE23FE421E642DBA8E46C2A, 18710FB7B41AB3E89582451542527EEFC326AF615EB909EFEBE353AD478B0FF6 ] C:\Users\Andreas\AppData\Roaming\Spotify\Spotify.exe 20:19:06.0325 0x228c Spotify - ok 20:19:06.0330 0x228c Waiting for KSN requests completion. In queue: 5 20:19:07.0332 0x228c Waiting for KSN requests completion. In queue: 5 20:19:08.0332 0x228c Waiting for KSN requests completion. In queue: 5 20:19:08.0703 0x0f2c Object required for P2P: [ 781DCED079ABD884DF8CA22B6FA30F05 ] C:\Users\Andreas\AppData\Roaming\Spotify\SpotifyWebHelper.exe 20:19:09.0333 0x228c Waiting for KSN requests completion. In queue: 3 20:19:10.0334 0x228c Waiting for KSN requests completion. In queue: 3 20:19:11.0161 0x0f2c Object send P2P result: true 20:19:11.0161 0x0f2c Object required for P2P: [ 831EE34C9AE23FE421E642DBA8E46C2A ] C:\Users\Andreas\AppData\Roaming\Spotify\Spotify.exe 20:19:11.0335 0x228c Waiting for KSN requests completion. In queue: 1 20:19:12.0335 0x228c Waiting for KSN requests completion. In queue: 1 20:19:13.0335 0x228c Waiting for KSN requests completion. In queue: 1 20:19:14.0336 0x228c Waiting for KSN requests completion. In queue: 1 20:19:14.0582 0x0f2c Object send P2P result: true 20:19:15.0346 0x228c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60110 ( disabled : outofdate ) 20:19:15.0347 0x228c AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated ) 20:19:15.0348 0x228c FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled ) 20:19:26.0714 0x228c ============================================================ 20:19:26.0714 0x228c Scan finished 20:19:26.0714 0x228c ============================================================ 20:19:26.0721 0x2078 Detected object count: 3 20:19:26.0721 0x2078 Actual detected object count: 3 20:20:28.0914 0x2078 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 20:20:28.0914 0x2078 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:20:28.0914 0x2078 Qualcomm Atheros Killer Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:20:28.0914 0x2078 Qualcomm Atheros Killer Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:20:28.0915 0x2078 EsternTimesMouseExRun ( UnsignedFile.Multi.Generic ) - skipped by user 20:20:28.0915 0x2078 EsternTimesMouseExRun ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
08.10.2015, 19:10
| #6 |
| /// the machine /// TB-Ausbilder | Laptop wird langsamer Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Laptop wird langsamer |
|
08.10.2015, 21:52
| #7 |
| | Laptop wird langsamer Hier der Malwarebytes log: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 08.10.2015 Suchlaufzeit: 21:10 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.10.08.04 Rootkit-Datenbank: v2015.10.06.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Andreas Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 447190 Abgelaufene Zeit: 8 Min., 22 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.012 - Bericht erstellt am 08/10/2015 um 21:27:06
# Aktualisiert am 08/10/2015 von Xplode
# Datenbank : 2015-10-07.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Andreas - ANDYMEDION
# Gestartet von : C:\Users\Andreas\Downloads\adwcleaner_5.012.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\WPM
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Local\PackageAware
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\FoxTab
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\Settings Manager
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\Windows Net Data
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\RPEng
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
[-] Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dchmpbaclbiioedakpcldenooikekokm
[-] Datei Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\user.js
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : FoxTab
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
[-] Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
[-] Schlüssel Gelöscht : HKCU\Software\eSupport.com
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Linkey
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Yahoo\Companion
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\eSupport.com
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Linkey
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Yahoo\Companion
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-1314070972-226921483-1615157590-1002\Software\AppDataLow\Software\Yahoo\Companion
***** [ Internetbrowser ] *****
[-] [C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "default-search.net");
[-] [C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : mkcedibhemacmilmkpndpkoidlnmgngg
[-] [C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : npdicihegicnhaangkdmcgbjceoemeoo
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4849 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 8.1 x64
Ran by Andreas on 08.10.2015 at 21:30:53,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\WINDOWS\SysWOW64\REN9E06.tmp
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\Andreas\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Andreas\AppData\Roaming\productdata
Successfully deleted: [Folder] C:\WINDOWS\SysWOW64\ai_recyclebin
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Andreas\AppData\Roaming\mozilla\firefox\profiles\lnw8lfgl.default\extensions\staged
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
[C:\Users\Andreas\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Andreas\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Andreas\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Andreas\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
npdicihegicnhaangkdmcgbjceoemeoo
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.10.2015 at 21:33:08,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:08-10-2015
durchgeführt von Andreas (Administrator) auf ANDYMEDION (08-10-2015 22:49:44)
Gestartet von C:\Users\Andreas\Downloads
Geladene Profile: Andreas (Verfügbare Profile: Andreas)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\wmi64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3738344 2015-10-08] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [EsternTimesMouseExRun] => C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe [3353600 2014-01-10] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [Spotify Web Helper] => C:\Users\Andreas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-04] (Spotify Ltd)
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [Dropbox Update] => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-22] (Dropbox, Inc.)
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [Spotify] => C:\Users\Andreas\AppData\Roaming\Spotify\Spotify.exe [7660648 2015-10-04] (Spotify Ltd)
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Policies\Explorer: [DisallowRun] 1
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155976 2015-10-03] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-03-19] ()
Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7120C2F7-367B-44F0-B758-11BD5785219E}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{CA35CD97-2A84-4D5C-B235-CE57A6AFB7CB}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/foto/
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL =
SearchScopes: HKU\S-1-5-21-1314070972-226921483-1615157590-1002 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP94A1ED45-3674-419B-ACE3-98E43B8D08B4&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1314070972-226921483-1615157590-1002 -> {1DC18151-EC01-46BD-A842-D6FCFEECF824} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-12-30] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-09] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-09] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-09] ()
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1314070972-226921483-1615157590-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1314070972-226921483-1615157590-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-09-25] ()
FF Extension: Amazon-Icon - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\Extensions\amazon-icon@giga.de [2014-02-26]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-09]
FF Extension: Kein Name - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\extensions\46bccaaa-4500-481e-8908-9384802e175a@89a8fdd1-d807-4096-8025-a41093fce600.com [nicht gefunden]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-08-07]
CHR Extension: (Kaspersky Protection) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-11]
CHR Extension: (Avira Browserschutz) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-05]
CHR Extension: (AdBlock) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-08-03] () [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-10-08] (ELAN Microelectronics Corp.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)
S2 Intel(R) Bluetooth Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [160712 2013-03-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-07-04] (IObit)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4600264 2013-11-05] (INCA Internet Co., Ltd.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S4 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () [Datei ist nicht signiert]
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsfw.sys [1366328 2013-04-01] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [76744 2013-03-11] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2014-12-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2014-12-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2014-12-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [299128 2015-10-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\Andreas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-08 22:49 - 2015-10-08 22:49 - 00000000 ____D C:\Users\Andreas\Downloads\FRST-OlderVersion
2015-10-08 21:33 - 2015-10-08 22:48 - 00001710 _____ C:\Users\Andreas\Desktop\JRT.txt
2015-10-08 21:30 - 2015-10-05 23:23 - 01801288 _____ (Malwarebytes) C:\Users\Andreas\Desktop\JRT.exe
2015-10-08 21:29 - 2015-10-08 21:29 - 01798976 _____ (Malwarebytes) C:\Users\Andreas\Downloads\JRT.exe
2015-10-08 21:28 - 2015-10-08 21:28 - 00004960 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1].txt
2015-10-08 21:23 - 2015-10-08 21:27 - 00000000 ____D C:\AdwCleaner
2015-10-08 21:22 - 2015-10-08 21:22 - 01682432 _____ C:\Users\Andreas\Downloads\adwcleaner_5.012.exe
2015-10-08 21:22 - 2015-10-08 21:22 - 00001198 _____ C:\Users\Andreas\Desktop\mbam.txt
2015-10-08 17:37 - 2015-10-08 17:37 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETD_01011.Wdf
2015-10-08 17:37 - 2015-10-08 17:37 - 00000000 ____D C:\WINDOWS\LastGood
2015-10-08 17:37 - 2015-10-08 17:37 - 00000000 ____D C:\Program Files\Elantech
2015-10-08 08:08 - 2015-10-08 08:08 - 01804704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-10-08 08:07 - 2015-10-08 08:07 - 00061160 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller15005.dll
2015-10-08 08:06 - 2015-10-08 08:06 - 00464472 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-10-07 21:23 - 2015-10-07 21:23 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-10-07 21:23 - 2015-10-07 21:23 - 00000000 ____D C:\WINDOWS\system32\NV
2015-10-07 19:47 - 2015-10-07 19:48 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Andreas\Desktop\tdsskiller.exe
2015-10-07 19:41 - 2015-10-07 20:15 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-07 19:39 - 2015-10-07 20:15 - 00000000 ____D C:\Users\Andreas\Desktop\mbar
2015-10-07 19:39 - 2015-10-07 19:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Andreas\Downloads\mbar-1.09.3.1001.exe
2015-10-07 17:39 - 2015-10-07 17:39 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-10-07 17:38 - 2015-10-08 21:28 - 00000756 _____ C:\WINDOWS\setupact.log
2015-10-07 17:38 - 2015-10-07 17:38 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-07 17:38 - 2015-10-03 07:06 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 17395512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 15716648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 15002304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-07 17:38 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00299128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvkflt.sys
2015-10-07 17:38 - 2015-10-03 07:06 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00031352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-10-06 19:47 - 2015-10-08 22:40 - 00252057 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-06 19:35 - 2015-10-06 19:35 - 00014632 _____ C:\Users\Andreas\Desktop\Gmer.log
2015-10-06 19:25 - 2015-10-06 19:25 - 00380416 _____ C:\Users\Andreas\Downloads\Gmer-19357.exe
2015-10-06 19:25 - 2015-10-06 19:25 - 00055685 _____ C:\Users\Andreas\Desktop\FRST.txt
2015-10-06 19:24 - 2015-10-08 22:49 - 00028176 _____ C:\Users\Andreas\Downloads\FRST.txt
2015-10-06 19:24 - 2015-10-08 22:49 - 00000000 ____D C:\FRST
2015-10-06 19:24 - 2015-10-06 19:24 - 00067577 _____ C:\Users\Andreas\Downloads\Addition.txt
2015-10-06 19:24 - 2015-10-06 19:24 - 00067577 _____ C:\Users\Andreas\Desktop\Addition.txt
2015-10-06 19:23 - 2015-10-08 22:49 - 02194944 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2015-10-06 19:23 - 2015-10-06 19:36 - 00000476 _____ C:\Users\Andreas\Downloads\defogger_disable.log
2015-10-06 19:23 - 2015-10-06 19:23 - 00000000 _____ C:\Users\Andreas\defogger_reenable
2015-10-06 19:22 - 2015-10-06 19:22 - 00050477 _____ C:\Users\Andreas\Downloads\Defogger.exe
2015-10-06 19:10 - 2015-10-06 19:11 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Andreas\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-10-06 19:06 - 2015-10-06 19:06 - 00014491 _____ C:\Users\Andreas\Downloads\hijackthis.log
2015-10-06 19:03 - 2015-10-06 19:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andreas\Downloads\hijackthis.exe
2015-10-06 19:02 - 2015-10-06 19:02 - 01457952 _____ C:\Users\Andreas\Downloads\HijackThis - CHIP-Installer.exe
2015-10-06 19:01 - 2015-10-06 19:01 - 00045268 _____ C:\Users\Andreas\Documents\cc_20151006_190151.reg
2015-10-04 11:13 - 2015-10-04 11:13 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-27 17:11 - 2015-09-27 21:30 - 00000000 ____D C:\Users\Andreas\Downloads\Tori
2015-09-19 19:32 - 2015-09-19 19:32 - 00000202 _____ C:\Users\Andreas\Desktop\The Incredible Adventures of Van Helsing III.url
2015-09-17 17:01 - 2015-09-17 17:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-17 17:01 - 2015-09-17 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-12 13:47 - 2015-09-12 13:47 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-11 17:30 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll
2015-09-11 17:30 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll
2015-09-11 17:17 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-09-11 17:17 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-09-09 16:43 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-09 16:43 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-09 16:43 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-09 16:43 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-09 16:43 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-09 16:43 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-09 16:43 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-09 16:43 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-09 16:43 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 16:43 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-09 16:43 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-09 16:43 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-09 16:42 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 16:42 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 16:42 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 16:42 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 16:42 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-09 16:42 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 16:42 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 16:42 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 16:42 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 16:42 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 16:42 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 16:42 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 16:42 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 16:42 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 16:42 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-09 16:42 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 16:42 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 16:42 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-09 16:42 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 16:42 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-09 16:42 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 16:42 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-09 16:42 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 16:42 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 16:42 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-09 16:42 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-09 16:42 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-09 16:42 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-09 16:42 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 16:42 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-09 16:42 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-09 16:42 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-09 16:42 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-09 16:42 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-09 16:42 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 16:42 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-09 16:42 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-09 16:42 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-09 16:42 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-09 16:42 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-09 16:42 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-09 16:42 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-09 16:42 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-09 16:42 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 16:42 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-09 16:42 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-09 16:42 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-09 16:42 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-09 16:42 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 16:42 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 16:42 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 16:42 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 16:42 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-09 16:42 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-09 16:42 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 16:42 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 16:42 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 16:42 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 16:42 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-09 16:42 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-09 16:42 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-09 16:42 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-09 16:42 - 2015-07-10 21:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-09-09 16:42 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-09 16:42 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-09 16:42 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-09 16:42 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-09 16:42 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-08 22:49 - 2014-03-04 22:27 - 00000000 __RDO C:\Users\Andreas\SkyDrive
2015-10-08 22:37 - 2013-08-21 17:10 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-08 22:12 - 2015-08-22 05:07 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1314070972-226921483-1615157590-1002UA.job
2015-10-08 22:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-08 21:58 - 2013-08-01 15:45 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-08 21:33 - 2013-11-14 09:27 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-08 21:33 - 2013-11-14 09:11 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-08 21:33 - 2013-11-14 09:11 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-08 21:29 - 2014-12-09 18:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-08 21:28 - 2015-05-03 00:18 - 00000000 ____D C:\Users\Andreas\AppData\Local\Spotify
2015-10-08 21:28 - 2015-05-03 00:16 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Spotify
2015-10-08 21:28 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-08 21:28 - 2013-08-01 15:45 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-08 21:27 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-08 21:23 - 2013-09-28 22:36 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Skype
2015-10-08 21:10 - 2015-04-13 19:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-08 17:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-08 16:53 - 2014-03-07 08:59 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CDF9DA97-9CC9-405E-849B-FF30F70FDA39}
2015-10-07 22:39 - 2013-08-26 14:01 - 00000000 ____D C:\Users\Andreas\AppData\Local\Battle.net
2015-10-07 21:47 - 2013-08-26 14:01 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-07 21:27 - 2013-08-05 12:50 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\TS3Client
2015-10-07 21:23 - 2014-03-04 22:10 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-07 19:59 - 2015-04-13 19:14 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-07 17:40 - 2014-01-10 16:52 - 00000000 ____D C:\temp
2015-10-06 21:19 - 2015-04-06 19:47 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-10-06 20:26 - 2013-08-01 11:43 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1314070972-226921483-1615157590-1002
2015-10-06 19:23 - 2014-03-04 22:13 - 00000000 ____D C:\Users\Andreas
2015-10-06 19:15 - 2015-04-13 19:14 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-06 19:15 - 2015-04-13 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-06 19:15 - 2015-04-13 19:14 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-10-06 19:14 - 2015-04-13 19:07 - 00000000 ____D C:\Users\Andreas\Downloads\backups
2015-10-06 17:18 - 2015-04-06 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-10-06 17:18 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-04 11:13 - 2013-12-04 14:33 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Dropbox
2015-10-03 07:06 - 2015-06-30 21:02 - 03154104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 12769408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 03573832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 00467912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 00388024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 00033507 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 05:12 - 2015-08-22 05:07 - 00001202 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1314070972-226921483-1615157590-1002Core.job
2015-10-03 04:49 - 2014-03-04 22:10 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 02982520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 04:49 - 2014-03-04 22:10 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-01 11:33 - 2014-03-04 22:10 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-29 19:55 - 2014-02-04 15:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-09-29 17:30 - 2014-05-27 11:45 - 00000000 ___RD C:\Users\Andreas\Dropbox
2015-09-29 16:58 - 2013-08-01 15:46 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-27 16:59 - 2014-12-30 17:07 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-22 17:37 - 2013-08-21 17:10 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-20 10:19 - 2014-04-18 12:13 - 00000000 ____D C:\Users\Andreas\Documents\NeocoreGames
2015-09-17 17:53 - 2013-08-01 15:45 - 00004112 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 17:53 - 2013-08-01 15:45 - 00003876 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-17 17:01 - 2013-09-28 22:35 - 00000000 ____D C:\ProgramData\Skype
2015-09-15 03:18 - 2013-08-22 17:38 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2013-08-22 17:38 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-12 14:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-12 13:50 - 2013-08-01 15:45 - 00000000 ____D C:\Users\Andreas\AppData\Local\Google
2015-09-11 17:17 - 2014-03-04 22:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-11 17:17 - 2013-09-18 17:40 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-09-11 15:11 - 2013-08-22 16:44 - 05174736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-10 19:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-10 16:22 - 2013-11-14 09:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 16:21 - 2013-08-14 14:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 20:00 - 2014-08-04 22:18 - 00000000 ____D C:\Users\Andreas\AppData\Local\fabi.me
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-11-19 20:25 - 2013-11-19 20:25 - 0000000 _____ () C:\Users\Andreas\AppData\Local\Temptable.xml
2013-05-24 10:45 - 2013-05-24 10:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-02 19:08 - 2014-07-04 01:52 - 0005928 _____ () C:\ProgramData\hpzinstall.log
2013-05-06 15:44 - 2014-09-30 20:26 - 0000032 _____ () C:\ProgramData\Temp.log
Einige Dateien in TEMP:
====================
C:\Users\Andreas\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-08 21:38
==================== Ende von FRST.txt ============================
|
|
09.10.2015, 23:44
| #8 |
| /// the machine /// TB-Ausbilder | Laptop wird langsamerESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.10.2015, 08:32
| #9 |
| | Laptop wird langsamer hier der ESET Log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=916e04f3921bb44285ba721a69a24d10
# end=init
# utc_time=2015-10-10 04:15:21
# local_time=2015-10-10 06:15:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 26168
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=916e04f3921bb44285ba721a69a24d10
# end=updated
# utc_time=2015-10-10 04:18:51
# local_time=2015-10-10 06:18:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=916e04f3921bb44285ba721a69a24d10
# engine=26168
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-10 06:40:50
# local_time=2015-10-10 08:40:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1299 16777213 100 100 126768 72030880 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 66 85 5046317 8248820 0 0
# scanned=576649
# found=6
# cleaned=0
# scan_time=8518
sh=2F016F395DA134CB240A375BD4AFE67BC4F4AACE ft=1 fh=d29baf39a786373a vn="Win32/Adware.Synatix Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Andreas\AppData\Roaming\Windows Net Data\net.exe.vir"
sh=2F016F395DA134CB240A375BD4AFE67BC4F4AACE ft=1 fh=d29baf39a786373a vn="Win32/Adware.Synatix Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Andreas\AppData\Roaming\Windows Net Data\uninstaller.exe.vir"
sh=4C95EDDAF6FACC9F5FC4618DC95CB73F0254AE56 ft=1 fh=f15edc8198d6af97 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\HijackThis - CHIP-Installer.exe"
sh=0D507C190AF509FFDC48A7CFFB0BAEB97503795C ft=1 fh=688dcdcc562887f5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\iFaith - CHIP-Installer.exe"
sh=D1BE9592930E315D7D7B9AD4D83AFD77623BF795 ft=1 fh=bbaf4c2acaf9fb0d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Pictures\Projektarbeit neu\FastStone Capture - CHIP-Installer.exe"
sh=5B92C56394B3237903BB437561BB89997D7D7FA9 ft=1 fh=79c158fc765bbf05 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Pictures\SolidWorks2013_SP4.0_64bit\Neuer Ordner (3)\VLC media player 64 Bit - CHIP-Installer.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 60
Adobe Flash Player 19.0.0.185
Google Chrome (45.0.2454.101)
Google Chrome (45.0.2454.99)
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 15.0.1 avp.exe
Kaspersky Lab Kaspersky Internet Security 15.0.1 avpui.exe
Kaspersky Lab Kaspersky Internet Security 15.0.1 plugin-nm-server.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
und FRST zum Schluss Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:08-10-2015
durchgeführt von Andreas (Administrator) auf ANDYMEDION (10-10-2015 09:15:08)
Gestartet von C:\Users\Andreas\Downloads
Geladene Profile: Andreas (Verfügbare Profile: Andreas)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\csisyncclient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Spotify Ltd) C:\Users\Andreas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\plugin-nm-server.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3738344 2015-10-08] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [EsternTimesMouseExRun] => C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe [3353600 2014-01-10] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [Spotify Web Helper] => C:\Users\Andreas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-10-04] (Spotify Ltd)
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [Dropbox Update] => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-22] (Dropbox, Inc.)
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Run: [Spotify] => C:\Users\Andreas\AppData\Roaming\Spotify\Spotify.exe [7660648 2015-10-04] (Spotify Ltd)
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\...\Policies\Explorer: [DisallowRun] 1
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155976 2015-10-03] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-03-19] ()
Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7120C2F7-367B-44F0-B758-11BD5785219E}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{CA35CD97-2A84-4D5C-B235-CE57A6AFB7CB}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-1314070972-226921483-1615157590-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/foto/
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL =
SearchScopes: HKU\S-1-5-21-1314070972-226921483-1615157590-1002 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP94A1ED45-3674-419B-ACE3-98E43B8D08B4&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1314070972-226921483-1615157590-1002 -> {1DC18151-EC01-46BD-A842-D6FCFEECF824} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-12-09] (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-12-30] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-09] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-09] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-09] ()
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1314070972-226921483-1615157590-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1314070972-226921483-1615157590-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-09-25] ()
FF Extension: Amazon-Icon - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\Extensions\amazon-icon@giga.de [2014-02-26]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-09]
FF Extension: Kein Name - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\lnw8lfgl.default\extensions\46bccaaa-4500-481e-8908-9384802e175a@89a8fdd1-d807-4096-8025-a41093fce600.com [nicht gefunden]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-08-07]
CHR Extension: (Kaspersky Protection) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-11]
CHR Extension: (Avira Browserschutz) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-05]
CHR Extension: (AdBlock) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-08-03] () [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-10-08] (ELAN Microelectronics Corp.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)
S2 Intel(R) Bluetooth Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [160712 2013-03-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-07-04] (IObit)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4600264 2013-11-05] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S4 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () [Datei ist nicht signiert]
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsfw.sys [1366328 2013-04-01] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [76744 2013-03-11] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2014-12-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2014-12-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2014-12-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3667424 2013-10-14] (Intel Corporation)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [299128 2015-10-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\Andreas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-10 09:13 - 2015-10-10 09:13 - 00852720 _____ C:\Users\Andreas\Downloads\SecurityCheck.exe
2015-10-10 06:14 - 2015-10-10 06:15 - 02870984 _____ (ESET) C:\Users\Andreas\Downloads\esetsmartinstaller_deu.exe
2015-10-09 00:27 - 2015-10-10 08:48 - 00217463 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-08 23:39 - 2015-10-08 23:40 - 26142274 _____ ( ) C:\Users\Andreas\Downloads\acquisition_setup_0.3b.exe
2015-10-08 23:39 - 2015-10-08 23:39 - 00000000 ____D C:\Users\Andreas\AppData\Local\CrashRpt
2015-10-08 23:07 - 2015-10-08 23:07 - 00004988 _____ C:\Users\Andreas\Documents\cc_20151008_230701.reg
2015-10-08 22:49 - 2015-10-08 22:49 - 00000000 ____D C:\Users\Andreas\Downloads\FRST-OlderVersion
2015-10-08 21:33 - 2015-10-08 22:48 - 00001710 _____ C:\Users\Andreas\Desktop\JRT.txt
2015-10-08 21:30 - 2015-10-05 23:23 - 01801288 _____ (Malwarebytes) C:\Users\Andreas\Desktop\JRT.exe
2015-10-08 21:29 - 2015-10-08 21:29 - 01798976 _____ (Malwarebytes) C:\Users\Andreas\Downloads\JRT.exe
2015-10-08 21:28 - 2015-10-08 21:28 - 00004960 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1].txt
2015-10-08 21:23 - 2015-10-08 21:27 - 00000000 ____D C:\AdwCleaner
2015-10-08 21:22 - 2015-10-08 21:22 - 01682432 _____ C:\Users\Andreas\Downloads\adwcleaner_5.012.exe
2015-10-08 21:22 - 2015-10-08 21:22 - 00001198 _____ C:\Users\Andreas\Desktop\mbam.txt
2015-10-08 17:37 - 2015-10-08 17:37 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETD_01011.Wdf
2015-10-08 17:37 - 2015-10-08 17:37 - 00000000 ____D C:\WINDOWS\LastGood
2015-10-08 17:37 - 2015-10-08 17:37 - 00000000 ____D C:\Program Files\Elantech
2015-10-08 08:08 - 2015-10-08 08:08 - 01804704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-10-08 08:07 - 2015-10-08 08:07 - 00061160 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller15005.dll
2015-10-08 08:06 - 2015-10-08 08:06 - 00464472 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-10-07 21:23 - 2015-10-07 21:23 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-10-07 21:23 - 2015-10-07 21:23 - 00000000 ____D C:\WINDOWS\system32\NV
2015-10-07 19:47 - 2015-10-07 19:48 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Andreas\Desktop\tdsskiller.exe
2015-10-07 19:41 - 2015-10-07 20:15 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-07 19:39 - 2015-10-07 20:15 - 00000000 ____D C:\Users\Andreas\Desktop\mbar
2015-10-07 19:39 - 2015-10-07 19:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Andreas\Downloads\mbar-1.09.3.1001.exe
2015-10-07 17:39 - 2015-10-07 17:39 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-10-07 17:38 - 2015-10-03 07:06 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 17395512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 15716648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 15002304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-07 17:38 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00299128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvkflt.sys
2015-10-07 17:38 - 2015-10-03 07:06 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-07 17:38 - 2015-10-03 07:06 - 00031352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-10-06 19:35 - 2015-10-06 19:35 - 00014632 _____ C:\Users\Andreas\Desktop\Gmer.log
2015-10-06 19:25 - 2015-10-06 19:25 - 00380416 _____ C:\Users\Andreas\Downloads\Gmer-19357.exe
2015-10-06 19:25 - 2015-10-06 19:25 - 00055685 _____ C:\Users\Andreas\Desktop\FRST.txt
2015-10-06 19:24 - 2015-10-10 09:15 - 00028559 _____ C:\Users\Andreas\Downloads\FRST.txt
2015-10-06 19:24 - 2015-10-10 09:15 - 00000000 ____D C:\FRST
2015-10-06 19:24 - 2015-10-06 19:24 - 00067577 _____ C:\Users\Andreas\Downloads\Addition.txt
2015-10-06 19:24 - 2015-10-06 19:24 - 00067577 _____ C:\Users\Andreas\Desktop\Addition.txt
2015-10-06 19:23 - 2015-10-08 22:49 - 02194944 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2015-10-06 19:23 - 2015-10-06 19:36 - 00000476 _____ C:\Users\Andreas\Downloads\defogger_disable.log
2015-10-06 19:23 - 2015-10-06 19:23 - 00000000 _____ C:\Users\Andreas\defogger_reenable
2015-10-06 19:22 - 2015-10-06 19:22 - 00050477 _____ C:\Users\Andreas\Downloads\Defogger.exe
2015-10-06 19:10 - 2015-10-06 19:11 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Andreas\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-10-06 19:06 - 2015-10-06 19:06 - 00014491 _____ C:\Users\Andreas\Downloads\hijackthis.log
2015-10-06 19:03 - 2015-10-06 19:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andreas\Downloads\hijackthis.exe
2015-10-06 19:02 - 2015-10-06 19:02 - 01457952 _____ C:\Users\Andreas\Downloads\HijackThis - CHIP-Installer.exe
2015-10-06 19:01 - 2015-10-06 19:01 - 00045268 _____ C:\Users\Andreas\Documents\cc_20151006_190151.reg
2015-10-04 11:13 - 2015-10-04 11:13 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-27 17:11 - 2015-09-27 21:30 - 00000000 ____D C:\Users\Andreas\Downloads\Tori
2015-09-19 19:32 - 2015-09-19 19:32 - 00000202 _____ C:\Users\Andreas\Desktop\The Incredible Adventures of Van Helsing III.url
2015-09-17 17:01 - 2015-09-17 17:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-17 17:01 - 2015-09-17 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-12 13:47 - 2015-09-12 13:47 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-11 17:30 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll
2015-09-11 17:30 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll
2015-09-11 17:17 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-09-11 17:17 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-10 09:12 - 2015-08-22 05:07 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1314070972-226921483-1615157590-1002UA.job
2015-10-10 09:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-10 08:58 - 2013-08-01 15:45 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-10 08:37 - 2013-08-21 17:10 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-10 08:04 - 2014-12-09 18:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-10 07:22 - 2014-05-27 11:45 - 00000000 ___RD C:\Users\Andreas\Dropbox
2015-10-10 06:57 - 2014-03-07 08:59 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CDF9DA97-9CC9-405E-849B-FF30F70FDA39}
2015-10-10 06:53 - 2013-12-04 14:33 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Dropbox
2015-10-10 06:14 - 2013-09-28 22:36 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Skype
2015-10-10 05:12 - 2015-08-22 05:07 - 00001202 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1314070972-226921483-1615157590-1002Core.job
2015-10-09 23:18 - 2015-05-03 00:18 - 00000000 ____D C:\Users\Andreas\AppData\Local\Spotify
2015-10-09 22:54 - 2015-05-03 00:16 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Spotify
2015-10-09 22:49 - 2014-03-04 22:27 - 00000000 __RDO C:\Users\Andreas\SkyDrive
2015-10-09 22:49 - 2013-08-01 15:45 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-09 19:03 - 2015-07-28 19:28 - 00000000 ____D C:\Users\Andreas\AppData\Local\acquisition
2015-10-09 18:58 - 2013-08-26 14:01 - 00000000 ____D C:\Users\Andreas\AppData\Local\Battle.net
2015-10-09 17:47 - 2013-08-26 14:01 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-09 00:02 - 2013-08-01 11:43 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1314070972-226921483-1615157590-1002
2015-10-08 23:40 - 2015-07-28 19:28 - 00001059 _____ C:\Users\Public\Desktop\Acquisition.lnk
2015-10-08 23:40 - 2015-07-28 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acquisition
2015-10-08 23:40 - 2015-07-28 19:28 - 00000000 ____D C:\Program Files (x86)\Acquisition
2015-10-08 23:07 - 2013-08-05 12:50 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\TS3Client
2015-10-08 21:33 - 2013-11-14 09:27 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-08 21:33 - 2013-11-14 09:11 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-08 21:33 - 2013-11-14 09:11 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-08 21:28 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-08 21:27 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-08 21:10 - 2015-04-13 19:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-08 17:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-07 21:23 - 2014-03-04 22:10 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-07 19:59 - 2015-04-13 19:14 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-07 17:40 - 2014-01-10 16:52 - 00000000 ____D C:\temp
2015-10-06 21:19 - 2015-04-06 19:47 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-10-06 19:23 - 2014-03-04 22:13 - 00000000 ____D C:\Users\Andreas
2015-10-06 19:15 - 2015-04-13 19:14 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-06 19:15 - 2015-04-13 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-06 19:15 - 2015-04-13 19:14 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-10-06 19:14 - 2015-04-13 19:07 - 00000000 ____D C:\Users\Andreas\Downloads\backups
2015-10-06 17:18 - 2015-04-06 19:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-10-06 17:18 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-03 07:06 - 2015-06-30 21:02 - 03154104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 12769408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 03573832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 00467912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 00388024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-03 07:06 - 2014-02-18 17:46 - 00033507 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 04:49 - 2014-03-04 22:10 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 02982520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 04:49 - 2014-03-04 22:10 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-10-03 04:49 - 2014-03-04 22:10 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-10-01 11:33 - 2014-03-04 22:10 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-29 19:55 - 2014-02-04 15:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-09-29 16:58 - 2013-08-01 15:46 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-27 16:59 - 2014-12-30 17:07 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-22 17:37 - 2013-08-21 17:10 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-20 10:19 - 2014-04-18 12:13 - 00000000 ____D C:\Users\Andreas\Documents\NeocoreGames
2015-09-17 17:53 - 2013-08-01 15:45 - 00004112 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 17:53 - 2013-08-01 15:45 - 00003876 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-17 17:01 - 2013-09-28 22:35 - 00000000 ____D C:\ProgramData\Skype
2015-09-15 03:18 - 2013-08-22 17:38 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2013-08-22 17:38 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-12 14:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-12 13:50 - 2013-08-01 15:45 - 00000000 ____D C:\Users\Andreas\AppData\Local\Google
2015-09-11 17:17 - 2014-03-04 22:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-11 17:17 - 2013-09-18 17:40 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-09-11 15:11 - 2013-08-22 16:44 - 05174736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-10 19:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-10 16:22 - 2013-11-14 09:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 16:21 - 2013-08-14 14:49 - 00000000 ____D C:\WINDOWS\system32\MRT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-11-19 20:25 - 2013-11-19 20:25 - 0000000 _____ () C:\Users\Andreas\AppData\Local\Temptable.xml
2013-05-24 10:45 - 2013-05-24 10:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-02 19:08 - 2014-07-04 01:52 - 0005928 _____ () C:\ProgramData\hpzinstall.log
2013-05-06 15:44 - 2014-09-30 20:26 - 0000032 _____ () C:\ProgramData\Temp.log
Einige Dateien in TEMP:
====================
C:\Users\Andreas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5j17zu.dll
C:\Users\Andreas\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-08 21:38
==================== Ende von FRST.txt ============================
|
|
11.10.2015, 07:17
| #10 |
| /// the machine /// TB-Ausbilder | Laptop wird langsamer Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Andreas\Downloads\HijackThis - CHIP-Installer.exe
C:\Users\Andreas\Downloads\iFaith - CHIP-Installer.exe
C:\Users\Andreas\Pictures\Projektarbeit neu\FastStone Capture - CHIP-Installer.exe
C:\Users\Andreas\Pictures\SolidWorks2013_SP4.0_64bit\Neuer Ordner (3)\VLC media player 64 Bit - CHIP-Installer.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.10.2015, 17:51
| #11 |
| | Laptop wird langsamer Hier ist mein Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-10-2015
durchgeführt von Andreas (2015-10-13 18:48:27) Run:1
Gestartet von C:\Users\Andreas\Desktop
Geladene Profile: Andreas (Verfügbare Profile: Andreas)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Andreas\Downloads\HijackThis - CHIP-Installer.exe
C:\Users\Andreas\Downloads\iFaith - CHIP-Installer.exe
C:\Users\Andreas\Pictures\Projektarbeit neu\FastStone Capture - CHIP-Installer.exe
C:\Users\Andreas\Pictures\SolidWorks2013_SP4.0_64bit\Neuer Ordner (3)\VLC media player 64 Bit - CHIP-Installer.exe
Emptytemp:
*****************
"C:\Users\Andreas\Downloads\HijackThis - CHIP-Installer.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Andreas\Downloads\iFaith - CHIP-Installer.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Andreas\Pictures\Projektarbeit neu\FastStone Capture - CHIP-Installer.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Andreas\Pictures\SolidWorks2013_SP4.0_64bit\Neuer Ordner (3)\VLC media player 64 Bit - CHIP-Installer.exe" => Datei/Ordner nicht gefunden.
EmptyTemp: => 584.4 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 18:48:35 ====
|
|
14.10.2015, 19:09
| #12 |
| /// the machine /// TB-Ausbilder | Laptop wird langsamer Weniger wild, sind nur Downloads
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Laptop wird langsamer |
| .dll, ausgelastet, avira, bonjour, defender, desktop, dnsapi.dll, explorer, fehlermeldung, flash player, google, hijack, kaspersky, mozilla, npdicihegicnhaangkdmcgbjceoemeoo, prozesse, realtek, registry, rundll, security, services.exe, software, svchost.exe, temp, usb, windows, windowsapps, winlogon.exe |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
