| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) ProzessWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.10.2015, 12:09
| #1 |
 |  100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Hallo Helfer, Wertes Kompetenzteam, diese Board ist meine letzte Hoffnung dieses Problem zu lösen. Wenn ich meinen PC (Win7 SP1, 4GB Ram) im normal Modus starte, läuft alles ganz normal. Nach ca. 1 min., steigt der oben genannte Prozess auf einen hohen CPU-Wert und der Wert des Arbeitsspeichers geht bis zum Anschlag hoch. Öffnen von Dateien oder schließen ist fast nicht mehr möglich. Wenn ich den Prozess über den Taskmanager --> Ressourcenmonitor beende, sinken die Werte wieder. Der Task steht auch nur im Ressourcenmonitor, im Task Manager unter Prozesse steht keine svchost.exe. Nach dem beenden dieses Tasks verändert sich der visuelle Stil in Windows. Keine Effekte oder optische Aero Ansichten mehr (Basisdesign Windows klassisch). Diese Änderung vollzieht sich allerdings Schritt für Schritt. Als erstes ändert sich meist die Taskleiste, Explorer Fenster sind nach dem Öffnen eine Zeit lang nur noch weiß, und viele optische Fehler mit Farben. Ich muss meist im Task Manager die explorer.exe beenden und wieder neu starten damit ich wieder was sehe. Ich kann dann auch meist unter Systemsteuerungselemente-Anpassung kein Design mehr ändern (siehe Anhang bzw. im Anhang oben rechts, Grafikfehler). Der o.g. Task startet nach einiger Zeit manchmal wieder und manchmal auch nicht. Hinzuzufügen ist auch noch, dass wenn der PC keine Internetanbindung hat (W-LAN aus), taucht dieses Problem nicht auf. Für Eure Hilfe wäre ich sehr dankbar.  Hallo, für alle potenzielle Helfer, hier schon mal ein paar Logs. Ich möchte noch hinzufügen das dass o.g. Problem mittlerweile auch OFFLINE auftritt.  Weiterhin stelle ich die Frage ob der ein oder andere Check mittels Programm, sei es First, gmer, combofix etc. was nützt, wenn ich den störenden Prozess immer beendet habe? Ich muss ihn ja auch beenden da sonst der PC so gut wie nicht mehr reagiert und die tests nicht durchführbar wären.Für Hilfe jeglicher Art bin ich sehr sehr Dankbar.  |
|
28.10.2015, 17:10
| #2 |
| | Weitere Vorbereitung! Hallo Helfer,
__________________hier jetzt noch die Logs von Malwarebytes Anti-Rootkit als Anhang und TDSSKiller.exe. Der Killer hatte einen Threat gefunden, ich habe diesen geskipt und wie gewünscht erst einmal hier gepostet. Code:
ATTFilter 17:00:21.0300 0x0cd4 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:00:24.0997 0x0cd4 ============================================================
17:00:24.0997 0x0cd4 Current date / time: 2015/10/28 17:00:24.0997
17:00:24.0997 0x0cd4 SystemInfo:
17:00:24.0997 0x0cd4
17:00:24.0997 0x0cd4 OS Version: 6.1.7601 ServicePack: 1.0
17:00:24.0997 0x0cd4 Product type: Workstation
17:00:24.0997 0x0cd4 ComputerName: UMMEL
17:00:25.0029 0x0cd4 UserName: Ummel
17:00:25.0029 0x0cd4 Windows directory: C:\Windows
17:00:25.0029 0x0cd4 System windows directory: C:\Windows
17:00:25.0029 0x0cd4 Running under WOW64
17:00:25.0029 0x0cd4 Processor architecture: Intel x64
17:00:25.0029 0x0cd4 Number of processors: 2
17:00:25.0029 0x0cd4 Page size: 0x1000
17:00:25.0029 0x0cd4 Boot type: Normal boot
17:00:25.0029 0x0cd4 ============================================================
17:00:28.0679 0x0cd4 KLMD registered as C:\Windows\system32\drivers\95746722.sys
17:00:29.0178 0x0cd4 System UUID: {45568C1C-268F-BD27-2609-D5E43697F443}
17:00:29.0849 0x0cd4 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:00:29.0849 0x0cd4 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:00:29.0865 0x0cd4 ============================================================
17:00:29.0865 0x0cd4 \Device\Harddisk1\DR1:
17:00:29.0880 0x0cd4 MBR partitions:
17:00:29.0880 0x0cd4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x24055FC1
17:00:29.0880 0x0cd4 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x24056000, BlocksNum 0x13D7000
17:00:29.0880 0x0cd4 \Device\Harddisk0\DR0:
17:00:29.0880 0x0cd4 MBR partitions:
17:00:29.0880 0x0cd4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
17:00:29.0880 0x0cd4 ============================================================
17:00:29.0989 0x0cd4 C: <-> \Device\Harddisk1\DR1\Partition1
17:00:30.0364 0x0cd4 D: <-> \Device\Harddisk0\DR0\Partition1
17:00:30.0520 0x0cd4 E: <-> \Device\Harddisk1\DR1\Partition2
17:00:30.0520 0x0cd4 ============================================================
17:00:30.0520 0x0cd4 Initialize success
17:00:30.0520 0x0cd4 ============================================================
17:01:07.0838 0x1078 ============================================================
17:01:07.0838 0x1078 Scan started
17:01:07.0838 0x1078 Mode: Manual;
17:01:07.0838 0x1078 ============================================================
17:01:07.0838 0x1078 KSN ping started
17:01:21.0657 0x1078 KSN ping finished: true
17:01:23.0486 0x1078 ================ Scan system memory ========================
17:01:23.0486 0x1078 Scan was interrupted by user!
17:01:23.0585 0x1078 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x40000 ( disabled : updated )
17:01:23.0658 0x1078 Win FW state via NFP2: enabled ( trusted )
17:01:26.0384 0x1078 ============================================================
17:01:26.0384 0x1078 Scan finished
17:01:26.0384 0x1078 ============================================================
17:01:26.0406 0x00c8 Detected object count: 0
17:01:26.0406 0x00c8 Actual detected object count: 0
17:01:55.0128 0x027c ============================================================
17:01:55.0128 0x027c Scan started
17:01:55.0128 0x027c Mode: Manual; SigCheck; TDLFS;
17:01:55.0128 0x027c ============================================================
17:01:55.0128 0x027c KSN ping started
17:01:57.0786 0x027c KSN ping finished: true
17:01:58.0483 0x027c ================ Scan system memory ========================
17:01:58.0483 0x027c System memory - ok
17:01:58.0483 0x027c ================ Scan services =============================
17:01:58.0671 0x027c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:01:58.0809 0x027c 1394ohci - ok
17:01:58.0839 0x027c [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:01:58.0858 0x027c Accelerometer - ok
17:01:58.0893 0x027c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:01:58.0913 0x027c ACPI - ok
17:01:58.0948 0x027c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:01:59.0070 0x027c AcpiPmi - ok
17:01:59.0156 0x027c [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:01:59.0191 0x027c AdobeARMservice - ok
17:01:59.0345 0x027c [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:01:59.0378 0x027c AdobeFlashPlayerUpdateSvc - ok
17:01:59.0441 0x027c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:01:59.0475 0x027c adp94xx - ok
17:01:59.0518 0x027c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:01:59.0550 0x027c adpahci - ok
17:01:59.0565 0x027c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:01:59.0581 0x027c adpu320 - ok
17:01:59.0619 0x027c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:01:59.0831 0x027c AeLookupSvc - ok
17:01:59.0917 0x027c [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
17:01:59.0996 0x027c AESTFilters - ok
17:02:00.0063 0x027c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
17:02:00.0202 0x027c AFD - ok
17:02:00.0267 0x027c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:02:00.0303 0x027c agp440 - ok
17:02:00.0365 0x027c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:02:00.0446 0x027c ALG - ok
17:02:00.0492 0x027c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:02:00.0509 0x027c aliide - ok
17:02:00.0537 0x027c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:02:00.0548 0x027c amdide - ok
17:02:00.0577 0x027c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:02:00.0607 0x027c AmdK8 - ok
17:02:00.0622 0x027c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:02:00.0641 0x027c AmdPPM - ok
17:02:00.0671 0x027c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:02:00.0685 0x027c amdsata - ok
17:02:00.0709 0x027c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:02:00.0726 0x027c amdsbs - ok
17:02:00.0746 0x027c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:02:00.0757 0x027c amdxata - ok
17:02:00.0790 0x027c [ 33C22B7A49AF876A3A59F677FD0144C0, E2EEF0C22E2D6172824C5AE279BC1E6594B63ABEA48432FC8DBD83DBF2C4F58C ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
17:02:00.0806 0x027c AMPPAL - ok
17:02:00.0824 0x027c [ 33C22B7A49AF876A3A59F677FD0144C0, E2EEF0C22E2D6172824C5AE279BC1E6594B63ABEA48432FC8DBD83DBF2C4F58C ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
17:02:00.0836 0x027c AMPPALP - ok
17:02:00.0940 0x027c [ 11297151D9A06F4DF8CBCF5EAFC90018, 66C4C46B71602D02921FE742AE706A9DA5136C18EADAAD9117DF43CB141A2510 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
17:02:00.0982 0x027c AMPPALR3 - ok
17:02:01.0150 0x027c [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:02:01.0180 0x027c AntiVirMailService - ok
17:02:01.0275 0x027c [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:02:01.0302 0x027c AntiVirSchedulerService - ok
17:02:01.0399 0x027c [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:02:01.0438 0x027c AntiVirService - ok
17:02:01.0546 0x027c [ B667AB46FA82FC246F9069D81BB1065C, CC3ADE01E745B6A4F425E41C5C380BF0D06121B3823BDF0A8DF2973DA59F86EA ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
17:02:01.0582 0x027c AntiVirWebService - ok
17:02:01.0650 0x027c [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
17:02:01.0737 0x027c AppHostSvc - ok
17:02:01.0786 0x027c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
17:02:01.0870 0x027c AppID - ok
17:02:01.0892 0x027c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:02:01.0915 0x027c AppIDSvc - ok
17:02:01.0953 0x027c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
17:02:02.0017 0x027c Appinfo - ok
17:02:02.0085 0x027c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:02:02.0125 0x027c arc - ok
17:02:02.0152 0x027c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:02:02.0166 0x027c arcsas - ok
17:02:02.0257 0x027c [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:02:02.0290 0x027c aspnet_state - ok
17:02:02.0316 0x027c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:02:02.0360 0x027c AsyncMac - ok
17:02:02.0380 0x027c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:02:02.0391 0x027c atapi - ok
17:02:02.0425 0x027c [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
17:02:02.0457 0x027c atksgt - ok
17:02:02.0528 0x027c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:02:02.0586 0x027c AudioEndpointBuilder - ok
17:02:02.0608 0x027c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:02:02.0633 0x027c AudioSrv - ok
17:02:02.0724 0x027c [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:02:02.0747 0x027c avgntflt - ok
17:02:02.0812 0x027c [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:02:02.0855 0x027c avipbb - ok
17:02:02.0950 0x027c [ 76648BCBEB840B391E85DAD2DC04FFC9, F30FC3CB49DE1B79E8EFA78ED4679E870ADD17B3101219A1EC2D18DDE7712F66 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:02:02.0993 0x027c Avira.ServiceHost - ok
17:02:03.0035 0x027c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:02:03.0047 0x027c avkmgr - ok
17:02:03.0111 0x027c [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:02:03.0124 0x027c avnetflt - ok
17:02:03.0184 0x027c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:02:03.0270 0x027c AxInstSV - ok
17:02:03.0333 0x027c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:02:03.0374 0x027c b06bdrv - ok
17:02:03.0423 0x027c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:02:03.0460 0x027c b57nd60a - ok
17:02:03.0489 0x027c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:02:03.0544 0x027c BDESVC - ok
17:02:03.0569 0x027c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:02:03.0613 0x027c Beep - ok
17:02:03.0669 0x027c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:02:03.0739 0x027c BFE - ok
17:02:03.0782 0x027c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
17:02:04.0029 0x027c BITS - ok
17:02:04.0068 0x027c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:02:04.0112 0x027c blbdrive - ok
17:02:04.0148 0x027c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:02:04.0189 0x027c bowser - ok
17:02:04.0205 0x027c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:02:04.0340 0x027c BrFiltLo - ok
17:02:04.0364 0x027c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:02:04.0398 0x027c BrFiltUp - ok
17:02:04.0444 0x027c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:02:04.0495 0x027c BridgeMP - ok
17:02:04.0534 0x027c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:02:04.0615 0x027c Browser - ok
17:02:04.0656 0x027c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:02:04.0721 0x027c Brserid - ok
17:02:04.0738 0x027c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:02:04.0760 0x027c BrSerWdm - ok
17:02:04.0780 0x027c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:02:04.0810 0x027c BrUsbMdm - ok
17:02:04.0821 0x027c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:02:04.0841 0x027c BrUsbSer - ok
17:02:04.0891 0x027c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:02:04.0981 0x027c BthEnum - ok
17:02:04.0994 0x027c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:02:05.0024 0x027c BTHMODEM - ok
17:02:05.0051 0x027c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:02:05.0076 0x027c BthPan - ok
17:02:05.0131 0x027c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:02:05.0178 0x027c BTHPORT - ok
17:02:05.0212 0x027c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:02:05.0245 0x027c bthserv - ok
17:02:05.0293 0x027c [ D30286FF3C7B6318C024D2BC2955C1BF, 47863D046C94A5C19F7D4E0BA393E6FE1E249C78FAB9B8705F7DD2CD87EAC16C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
17:02:05.0327 0x027c BTHSSecurityMgr - ok
17:02:05.0355 0x027c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:02:05.0394 0x027c BTHUSB - ok
17:02:05.0442 0x027c [ 3AFF6DC496B8A8D12C867E3FC7C86FAC, 72541F7F9AF6278B8F19F2DBCCADC4FF47171866E04FB5A1010D9AFDF69F7D11 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
17:02:05.0484 0x027c btwampfl - ok
17:02:05.0534 0x027c [ 336BBA0909B3636AB7D06A71D7B1C0DC, 3BC7593272101C340681A9909F9215580F8942DA54E9B251E3AC35B8D39D9B89 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:02:05.0569 0x027c btwaudio - ok
17:02:05.0620 0x027c [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
17:02:05.0654 0x027c btwavdt - ok
17:02:05.0774 0x027c [ 26A80D7ACA49E03A403806418B5FED46, 52539FC9F5796002FD66393C759393717E3E242392B2E9039AD12B6D973B78BD ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:02:05.0835 0x027c btwdins - ok
17:02:05.0852 0x027c [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
17:02:05.0862 0x027c btwl2cap - ok
17:02:05.0878 0x027c [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:02:05.0887 0x027c btwrchid - ok
17:02:05.0920 0x027c catchme - ok
17:02:05.0970 0x027c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:02:06.0050 0x027c cdfs - ok
17:02:06.0107 0x027c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:02:06.0153 0x027c cdrom - ok
17:02:06.0192 0x027c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:02:06.0252 0x027c CertPropSvc - ok
17:02:06.0277 0x027c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:02:06.0306 0x027c circlass - ok
17:02:06.0341 0x027c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:02:06.0362 0x027c CLFS - ok
17:02:06.0417 0x027c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:02:06.0438 0x027c clr_optimization_v2.0.50727_32 - ok
17:02:06.0458 0x027c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:02:06.0476 0x027c clr_optimization_v2.0.50727_64 - ok
17:02:06.0554 0x027c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:02:06.0582 0x027c clr_optimization_v4.0.30319_32 - ok
17:02:06.0599 0x027c [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:02:06.0614 0x027c clr_optimization_v4.0.30319_64 - ok
17:02:06.0645 0x027c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:02:06.0663 0x027c CmBatt - ok
17:02:06.0697 0x027c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:02:06.0727 0x027c cmdide - ok
17:02:06.0782 0x027c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
17:02:06.0822 0x027c CNG - ok
17:02:06.0906 0x027c [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
17:02:06.0925 0x027c Com4QLBEx - ok
17:02:06.0944 0x027c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:02:06.0955 0x027c Compbatt - ok
17:02:06.0977 0x027c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:02:07.0028 0x027c CompositeBus - ok
17:02:07.0038 0x027c COMSysApp - ok
17:02:07.0059 0x027c cpudrv64 - ok
17:02:07.0126 0x027c cpuz130 - ok
17:02:07.0166 0x027c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:02:07.0188 0x027c crcdisk - ok
17:02:07.0248 0x027c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:02:07.0329 0x027c CryptSvc - ok
17:02:07.0391 0x027c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:02:07.0454 0x027c DcomLaunch - ok
17:02:07.0481 0x027c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:02:07.0536 0x027c defragsvc - ok
17:02:07.0560 0x027c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:02:07.0604 0x027c DfsC - ok
17:02:07.0648 0x027c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:02:07.0744 0x027c Dhcp - ok
17:02:07.0768 0x027c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:02:07.0820 0x027c discache - ok
17:02:07.0858 0x027c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:02:07.0871 0x027c Disk - ok
17:02:07.0904 0x027c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:02:07.0954 0x027c Dnscache - ok
17:02:07.0987 0x027c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:02:08.0029 0x027c dot3svc - ok
17:02:08.0060 0x027c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:02:08.0109 0x027c DPS - ok
17:02:08.0145 0x027c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:02:08.0236 0x027c drmkaud - ok
17:02:08.0276 0x027c [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:02:08.0313 0x027c dtsoftbus01 - ok
17:02:08.0381 0x027c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:02:08.0458 0x027c DXGKrnl - ok
17:02:08.0495 0x027c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:02:08.0561 0x027c EapHost - ok
17:02:08.0663 0x027c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:02:08.0780 0x027c ebdrv - ok
17:02:08.0821 0x027c [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS C:\Windows\System32\lsass.exe
17:02:08.0846 0x027c EFS - ok
17:02:08.0920 0x027c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:02:09.0002 0x027c ehRecvr - ok
17:02:09.0026 0x027c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:02:09.0066 0x027c ehSched - ok
17:02:09.0120 0x027c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:02:09.0153 0x027c elxstor - ok
17:02:09.0195 0x027c [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
17:02:09.0234 0x027c enecir - ok
17:02:09.0264 0x027c [ 12C061D9F9621BE916D58191872EC281, 5285C5AF9ECDAF9CBB7A5D0FC97D882EC06778CF5688E86890A617E2670C413B ] ENTECH64 C:\Windows\system32\DRIVERS\ENTECH64.sys
17:02:09.0295 0x027c ENTECH64 - ok
17:02:09.0335 0x027c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:02:09.0373 0x027c ErrDev - ok
17:02:09.0426 0x027c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:02:09.0476 0x027c EventSystem - ok
17:02:09.0558 0x027c [ F5EFBAB8138E704B20750E8A3AA02B2B, 97C796931D77E79BD28FD3AF24892FAE0043492501469FA954ED90FE372797A0 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:02:09.0607 0x027c EvtEng - ok
17:02:09.0650 0x027c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:02:09.0698 0x027c exfat - ok
17:02:09.0735 0x027c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:02:09.0786 0x027c fastfat - ok
17:02:09.0843 0x027c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:02:09.0930 0x027c Fax - ok
17:02:09.0947 0x027c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:02:09.0970 0x027c fdc - ok
17:02:09.0996 0x027c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:02:10.0036 0x027c fdPHost - ok
17:02:10.0046 0x027c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:02:10.0092 0x027c FDResPub - ok
17:02:10.0112 0x027c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:02:10.0124 0x027c FileInfo - ok
17:02:10.0137 0x027c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:02:10.0169 0x027c Filetrace - ok
17:02:10.0183 0x027c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:02:10.0204 0x027c flpydisk - ok
17:02:10.0243 0x027c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:02:10.0262 0x027c FltMgr - ok
17:02:10.0363 0x027c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
17:02:10.0495 0x027c FontCache - ok
17:02:10.0541 0x027c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:02:10.0569 0x027c FontCache3.0.0.0 - ok
17:02:10.0599 0x027c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:02:10.0617 0x027c FsDepends - ok
17:02:10.0654 0x027c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:02:10.0686 0x027c Fs_Rec - ok
17:02:10.0729 0x027c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:02:10.0749 0x027c fvevol - ok
17:02:10.0775 0x027c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:02:10.0787 0x027c gagp30kx - ok
17:02:10.0928 0x027c [ 0C52567F023D0F05F4EFC26F607D415B, 168D2AAB2F9CF8DE4A894DE3B2A5C67F1DAD758DBEC95FCFF4D752645BB37C38 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:02:10.0962 0x027c GfExperienceService - ok
17:02:11.0019 0x027c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:02:11.0093 0x027c gpsvc - ok
17:02:11.0140 0x027c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate1c9daeda7142f40 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:02:11.0152 0x027c gupdate1c9daeda7142f40 - ok
17:02:11.0162 0x027c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:02:11.0174 0x027c gupdatem - ok
17:02:11.0224 0x027c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:02:11.0294 0x027c hcw85cir - ok
17:02:11.0332 0x027c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:02:11.0363 0x027c HDAudBus - ok
17:02:11.0374 0x027c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:02:11.0398 0x027c HidBatt - ok
17:02:11.0418 0x027c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:02:11.0454 0x027c HidBth - ok
17:02:11.0477 0x027c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:02:11.0503 0x027c HidIr - ok
17:02:11.0522 0x027c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
17:02:11.0563 0x027c hidserv - ok
17:02:11.0603 0x027c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:02:11.0634 0x027c HidUsb - ok
17:02:11.0663 0x027c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:02:11.0713 0x027c hkmsvc - ok
17:02:11.0762 0x027c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:02:11.0834 0x027c HomeGroupListener - ok
17:02:11.0867 0x027c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:02:11.0893 0x027c HomeGroupProvider - ok
17:02:11.0927 0x027c [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:02:11.0939 0x027c hpdskflt - ok
17:02:11.0974 0x027c [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:02:12.0010 0x027c HpqKbFiltr - ok
17:02:12.0071 0x027c [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:02:12.0083 0x027c hpqwmiex - ok
17:02:12.0122 0x027c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:02:12.0137 0x027c HpSAMD - ok
17:02:12.0154 0x027c [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\Windows\system32\Hpservice.exe
17:02:12.0165 0x027c hpsrv - ok
17:02:12.0191 0x027c [ 894A75A3D6BFD97D73BF60D3022B567A, EDC993F3E4F8E4D7A4AC8A0CEF00C8F321E9FE1266E2C4D206B02759E7CC44EA ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:02:12.0233 0x027c HTCAND64 - ok
17:02:12.0279 0x027c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:02:12.0384 0x027c HTTP - ok
17:02:12.0416 0x027c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:02:12.0427 0x027c hwpolicy - ok
17:02:12.0457 0x027c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:02:12.0471 0x027c i8042prt - ok
17:02:12.0518 0x027c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:02:12.0551 0x027c iaStorV - ok
17:02:12.0610 0x027c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:02:12.0639 0x027c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:02:15.0490 0x027c Detect skipped due to KSN trusted
17:02:15.0490 0x027c IDriverT - ok
17:02:15.0613 0x027c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:02:15.0672 0x027c idsvc - ok
17:02:15.0709 0x027c IEEtwCollectorService - ok
17:02:15.0737 0x027c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:02:15.0749 0x027c iirsp - ok
17:02:15.0826 0x027c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:02:15.0895 0x027c IKEEXT - ok
17:02:15.0934 0x027c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:02:15.0965 0x027c intelide - ok
17:02:15.0988 0x027c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:02:16.0012 0x027c intelppm - ok
17:02:16.0044 0x027c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:02:16.0095 0x027c IPBusEnum - ok
17:02:16.0121 0x027c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:02:16.0170 0x027c IpFilterDriver - ok
17:02:16.0258 0x027c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:02:16.0389 0x027c iphlpsvc - ok
17:02:16.0419 0x027c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:02:16.0457 0x027c IPMIDRV - ok
17:02:16.0491 0x027c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:02:16.0541 0x027c IPNAT - ok
17:02:16.0562 0x027c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:02:16.0629 0x027c IRENUM - ok
17:02:16.0657 0x027c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:02:16.0669 0x027c isapnp - ok
17:02:16.0710 0x027c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:02:16.0743 0x027c iScsiPrt - ok
17:02:16.0774 0x027c [ 7DABE2B788FF1EB32E38838EC189361E, F891810BFEEA5A94558EA3D22AEE42E3C4D761BB7F7A8C53100F6FF7C65C74AD ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
17:02:16.0791 0x027c JMCR - ok
17:02:16.0822 0x027c [ 1542F0B31DD7193EF8C0606C018E19AF, FD68909AD7A8C0D8C640C9505982CB66F454AE61BC4EACDA3D0190CFCC42A10A ] johci C:\Windows\system32\DRIVERS\johci.sys
17:02:16.0832 0x027c johci - ok
17:02:16.0864 0x027c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:02:16.0875 0x027c kbdclass - ok
17:02:16.0892 0x027c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:02:16.0917 0x027c kbdhid - ok
17:02:16.0937 0x027c [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso C:\Windows\system32\lsass.exe
17:02:16.0950 0x027c KeyIso - ok
17:02:16.0976 0x027c [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:02:16.0990 0x027c KSecDD - ok
17:02:17.0009 0x027c [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:02:17.0025 0x027c KSecPkg - ok
17:02:17.0043 0x027c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:02:17.0087 0x027c ksthunk - ok
17:02:17.0127 0x027c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:02:17.0180 0x027c KtmRm - ok
17:02:17.0221 0x027c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:02:17.0268 0x027c LanmanServer - ok
17:02:17.0304 0x027c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:02:17.0347 0x027c LanmanWorkstation - ok
17:02:17.0384 0x027c [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
17:02:17.0395 0x027c lirsgt - ok
17:02:17.0432 0x027c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:02:17.0484 0x027c lltdio - ok
17:02:17.0523 0x027c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:02:17.0529 0x0a30 Object required for P2P: [ 76648BCBEB840B391E85DAD2DC04FFC9 ] Avira.ServiceHost
17:02:17.0565 0x027c lltdsvc - ok
17:02:17.0596 0x027c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:02:17.0637 0x027c lmhosts - ok
17:02:17.0674 0x027c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:02:17.0708 0x027c LSI_FC - ok
17:02:17.0718 0x027c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:02:17.0733 0x027c LSI_SAS - ok
17:02:17.0750 0x027c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:02:17.0763 0x027c LSI_SAS2 - ok
17:02:17.0780 0x027c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:02:17.0794 0x027c LSI_SCSI - ok
17:02:17.0814 0x027c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:02:17.0859 0x027c luafv - ok
17:02:17.0905 0x027c [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:02:17.0915 0x027c MBAMProtector - ok
17:02:18.0060 0x027c [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
17:02:18.0149 0x027c MBAMScheduler - ok
17:02:18.0249 0x027c [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
17:02:18.0357 0x027c MBAMService - ok
17:02:18.0389 0x027c [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
17:02:18.0400 0x027c MBAMWebAccessControl - ok
17:02:18.0426 0x027c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:02:18.0440 0x027c Mcx2Svc - ok
17:02:18.0457 0x027c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:02:18.0469 0x027c megasas - ok
17:02:18.0499 0x027c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:02:18.0530 0x027c MegaSR - ok
17:02:18.0606 0x027c Microsoft SharePoint Workspace Audit Service - ok
17:02:18.0639 0x027c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:02:18.0704 0x027c MMCSS - ok
17:02:18.0726 0x027c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:02:18.0775 0x027c Modem - ok
17:02:18.0798 0x027c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:02:18.0822 0x027c monitor - ok
17:02:18.0853 0x027c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:02:18.0865 0x027c mouclass - ok
17:02:18.0896 0x027c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:02:18.0916 0x027c mouhid - ok
17:02:18.0948 0x027c [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:02:18.0961 0x027c mountmgr - ok
17:02:19.0060 0x027c [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:02:19.0090 0x027c MozillaMaintenance - ok
17:02:19.0130 0x027c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:02:19.0145 0x027c mpio - ok
17:02:19.0166 0x027c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:02:19.0217 0x027c mpsdrv - ok
17:02:19.0269 0x027c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:02:19.0353 0x027c MpsSvc - ok
17:02:19.0386 0x027c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:02:19.0433 0x027c MRxDAV - ok
17:02:19.0454 0x027c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:02:19.0512 0x027c mrxsmb - ok
17:02:19.0531 0x027c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:02:19.0563 0x027c mrxsmb10 - ok
17:02:19.0570 0x027c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:02:19.0591 0x027c mrxsmb20 - ok
17:02:19.0607 0x027c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:02:19.0621 0x027c msahci - ok
17:02:19.0637 0x027c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:02:19.0654 0x027c msdsm - ok
17:02:19.0674 0x027c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:02:19.0694 0x027c MSDTC - ok
17:02:19.0715 0x027c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:02:19.0759 0x027c Msfs - ok
17:02:19.0775 0x027c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:02:19.0827 0x027c mshidkmdf - ok
17:02:19.0837 0x027c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:02:19.0850 0x027c msisadrv - ok
17:02:19.0875 0x027c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:02:19.0930 0x027c MSiSCSI - ok
17:02:19.0938 0x027c msiserver - ok
17:02:19.0962 0x027c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:02:20.0020 0x027c MSKSSRV - ok
17:02:20.0052 0x027c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:02:20.0110 0x027c MSPCLOCK - ok
17:02:20.0128 0x027c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:02:20.0174 0x027c MSPQM - ok
17:02:20.0214 0x027c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:02:20.0238 0x027c MsRPC - ok
17:02:20.0264 0x027c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:02:20.0267 0x0a30 Object send P2P result: true
17:02:20.0279 0x027c mssmbios - ok
17:02:20.0292 0x027c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:02:20.0334 0x027c MSTEE - ok
17:02:20.0352 0x027c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:02:20.0375 0x027c MTConfig - ok
17:02:20.0392 0x027c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:02:20.0406 0x027c Mup - ok
17:02:20.0452 0x027c [ DAA670F1BD6656A0D9A04ABABBCB1B4F, 2ADF1808C2252EFA7055311E7AE66E377A49E7087F3B8D2DBC54DEE168634B19 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:02:20.0470 0x027c MyWiFiDHCPDNS - ok
17:02:20.0510 0x027c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:02:20.0578 0x027c napagent - ok
17:02:20.0617 0x027c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:02:20.0654 0x027c NativeWifiP - ok
17:02:20.0782 0x027c [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:02:20.0806 0x027c NAUpdate - ok
17:02:20.0907 0x027c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:02:20.0939 0x027c NDIS - ok
17:02:20.0960 0x027c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:02:21.0005 0x027c NdisCap - ok
17:02:21.0030 0x027c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:02:21.0068 0x027c NdisTapi - ok
17:02:21.0101 0x027c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:02:21.0144 0x027c Ndisuio - ok
17:02:21.0163 0x027c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:02:21.0197 0x027c NdisWan - ok
17:02:21.0221 0x027c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:02:21.0252 0x027c NDProxy - ok
17:02:21.0257 0x027c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:02:21.0289 0x027c NetBIOS - ok
17:02:21.0315 0x027c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:02:21.0351 0x027c NetBT - ok
17:02:21.0373 0x027c [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon C:\Windows\system32\lsass.exe
17:02:21.0397 0x027c Netlogon - ok
17:02:21.0449 0x027c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:02:21.0499 0x027c Netman - ok
17:02:21.0533 0x027c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:21.0546 0x027c NetMsmqActivator - ok
17:02:21.0555 0x027c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:21.0569 0x027c NetPipeActivator - ok
17:02:21.0602 0x027c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:02:21.0652 0x027c netprofm - ok
17:02:21.0659 0x027c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:21.0673 0x027c NetTcpActivator - ok
17:02:21.0680 0x027c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:21.0694 0x027c NetTcpPortSharing - ok
17:02:21.0908 0x027c [ 263796D4F50DF61C0C7CA86F746B5767, 36CA0A4F6198237B6BA98737EF83A404F95EB27A12C7A5A239480D5E6ABB23FA ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
17:02:22.0223 0x027c NETw5v64 - ok
17:02:22.0549 0x027c [ 1D974430131627AD97BD28E5746C2EC1, 0F4F5CDE462DA5BCEE6DE144BE33DBD2CA79AE8E9C1915ADAD731E62BC289D2E ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
17:02:22.0883 0x027c NETwNs64 - ok
17:02:23.0192 0x027c [ B72C97693A13E7C5806F05ADFDB2388D, 22012028FF4573D533AE9026D8D80C9FF6C4F6746A5D01346604368C36801846 ] NETwNv64 C:\Windows\system32\DRIVERS\NETwNv64.sys
17:02:23.0518 0x027c NETwNv64 - ok
17:02:23.0565 0x027c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:02:23.0577 0x027c nfrd960 - ok
17:02:23.0614 0x027c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:02:23.0702 0x027c NlaSvc - ok
17:02:23.0714 0x027c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:02:23.0747 0x027c Npfs - ok
17:02:23.0771 0x027c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:02:23.0804 0x027c nsi - ok
17:02:23.0820 0x027c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:02:23.0858 0x027c nsiproxy - ok
17:02:23.0934 0x027c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:02:24.0008 0x027c Ntfs - ok
17:02:24.0028 0x027c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:02:24.0068 0x027c Null - ok
17:02:24.0120 0x027c [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:02:24.0134 0x027c NVHDA - ok
17:02:24.0816 0x027c [ F7C5C7A86A42011045B999FF2A720159, 8593CB701BF61C421253F6BE50DA2A169665CA4282FC77BCE42D33C8E48441C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:02:25.0107 0x027c nvlddmkm - ok
17:02:25.0308 0x027c [ DDF6920EBE96B0304279834F2EE2193E, F631974EE3659EC01863C2502FD26A45A237A59B9B005E5B1F9F78357CCBB974 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:02:25.0352 0x027c NvNetworkService - ok
17:02:25.0392 0x027c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:02:25.0426 0x027c nvraid - ok
17:02:25.0453 0x027c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:02:25.0476 0x027c nvstor - ok
17:02:25.0508 0x027c [ 0C4A0D577A6EF1B9D353851668779944, 70E866AD50809CC80F167796C516190918A542F7767A8841948E656F36877AFE ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:02:25.0539 0x027c NvStreamKms - ok
17:02:26.0163 0x027c [ BC00A5B3A9F759F7B1DD0A5868C4492F, 23058E56016B836339AACDB0D42E074FB4EF560C27831F6228A455D70585D1EE ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
17:02:26.0709 0x027c NvStreamSvc - ok
17:02:26.0865 0x027c [ 8EE5AA5E63D70E3A073A98E3E6CEFE5B, 68BBBEF6FBF2288DF18C66E00D2FBD74C4DDE9FAF909B1947D00DF60EE3D57E9 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:02:26.0897 0x027c nvsvc - ok
17:02:26.0912 0x027c [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:02:26.0928 0x027c nvvad_WaveExtensible - ok
17:02:26.0975 0x027c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:02:27.0006 0x027c nv_agp - ok
17:02:27.0053 0x027c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:02:27.0068 0x027c ohci1394 - ok
17:02:27.0131 0x027c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:02:27.0162 0x027c ose - ok
17:02:27.0458 0x027c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:02:27.0645 0x027c osppsvc - ok
17:02:27.0739 0x027c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:02:27.0864 0x027c p2pimsvc - ok
17:02:27.0926 0x027c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:02:27.0973 0x027c p2psvc - ok
17:02:28.0020 0x027c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:02:28.0051 0x027c Parport - ok
17:02:28.0067 0x027c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:02:28.0098 0x027c partmgr - ok
17:02:28.0129 0x027c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:02:28.0191 0x027c PcaSvc - ok
17:02:28.0207 0x027c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:02:28.0238 0x027c pci - ok
17:02:28.0254 0x027c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:02:28.0269 0x027c pciide - ok
17:02:28.0285 0x027c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:02:28.0301 0x027c pcmcia - ok
17:02:28.0301 0x027c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:02:28.0316 0x027c pcw - ok
17:02:28.0347 0x027c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:02:28.0410 0x027c PEAUTH - ok
17:02:28.0503 0x027c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:02:28.0535 0x027c PerfHost - ok
17:02:28.0644 0x027c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:02:28.0737 0x027c pla - ok
17:02:28.0784 0x027c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:02:28.0847 0x027c PlugPlay - ok
17:02:28.0893 0x027c PnkBstrA - ok
17:02:28.0893 0x027c PnkBstrB - ok
17:02:28.0925 0x027c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:02:28.0956 0x027c PNRPAutoReg - ok
17:02:28.0987 0x027c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:02:29.0003 0x027c PNRPsvc - ok
17:02:29.0049 0x027c [ 138EDF5FF39DC01F31F812365EA607E6, CC793A18250FF3B82D2BBAFA1364F17DE5D1D1282DCA3F675E5ED5D663744415 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
17:02:29.0096 0x027c Point64 - ok
17:02:29.0159 0x027c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:02:29.0283 0x027c PolicyAgent - ok
17:02:29.0315 0x027c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:02:29.0361 0x027c Power - ok
17:02:29.0408 0x027c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:02:29.0455 0x027c PptpMiniport - ok
17:02:29.0486 0x027c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:02:29.0517 0x027c Processor - ok
17:02:29.0549 0x027c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
17:02:29.0580 0x027c ProfSvc - ok
17:02:29.0580 0x027c [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:02:29.0595 0x027c ProtectedStorage - ok
17:02:29.0611 0x027c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:02:29.0658 0x027c Psched - ok
17:02:29.0673 0x027c [ 86154F3A156FA2A5429C2940C69F426F, 3D4F404E792CC016BD504A820D221E6A548C699DC33B5D484EF6BCD9962AE2A1 ] PsSdk41 C:\Windows\system32\Drivers\pssdk41.sys
17:02:29.0689 0x027c PsSdk41 - ok
17:02:29.0720 0x027c [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:02:29.0736 0x027c PxHlpa64 - ok
17:02:29.0814 0x027c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:02:29.0876 0x027c ql2300 - ok
17:02:29.0892 0x027c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:02:29.0907 0x027c ql40xx - ok
17:02:30.0001 0x027c [ 2D757E14216E643E7885EBC0CFB0B906, 2184BEB2D3A9F24AEDDF672AF2DE9677650262B6A25BB82FC5D403856DB56847 ] QPCapSvc C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
17:02:30.0048 0x027c QPCapSvc - ok
17:02:30.0079 0x027c [ EA8B29EAD23DA9DA2F5DF1DA7C82E308, 14075D40D285A4EAD93CEB7DEA8AEFA023C5B9A3C5CD0F45BCE70948D84F88B0 ] QPSched C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
17:02:30.0095 0x027c QPSched - ok
17:02:30.0141 0x027c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:02:30.0204 0x027c QWAVE - ok
17:02:30.0219 0x027c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:02:30.0251 0x027c QWAVEdrv - ok
17:02:30.0282 0x027c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:02:30.0329 0x027c RasAcd - ok
17:02:30.0375 0x027c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:02:30.0407 0x027c RasAgileVpn - ok
17:02:30.0422 0x027c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:02:30.0469 0x027c RasAuto - ok
17:02:30.0500 0x027c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:02:30.0547 0x027c Rasl2tp - ok
17:02:30.0578 0x027c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:02:30.0625 0x027c RasMan - ok
17:02:30.0641 0x027c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:02:30.0687 0x027c RasPppoe - ok
17:02:30.0703 0x027c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:02:30.0750 0x027c RasSstp - ok
17:02:30.0765 0x027c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:02:30.0812 0x027c rdbss - ok
17:02:30.0843 0x027c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:02:30.0890 0x027c rdpbus - ok
17:02:30.0906 0x027c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:02:30.0968 0x027c RDPCDD - ok
17:02:30.0968 0x027c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:02:30.0999 0x027c RDPENCDD - ok
17:02:31.0015 0x027c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:02:31.0062 0x027c RDPREFMP - ok
17:02:31.0171 0x027c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:02:31.0296 0x027c RdpVideoMiniport - ok
17:02:31.0327 0x027c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:02:31.0358 0x027c RDPWD - ok
17:02:31.0389 0x027c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:02:31.0405 0x027c rdyboost - ok
17:02:31.0452 0x027c [ 431723F23D0E065BEF502389E8FFDC10, 9BDFD395E33C07ED065405D14E786590E2435476A51B304D43AE6F35FE20F613 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
17:02:31.0467 0x027c Recovery Service for Windows - ok
17:02:31.0499 0x027c [ 13B4E80B13CE7E4E29D2244F72B48DE2, 86E971109A2C256131D4E5DF763D7A515FCB6E7DFEDE5F506E207E6A666EB16B ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:02:31.0545 0x027c RegSrvc - ok
17:02:31.0577 0x027c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:02:31.0623 0x027c RemoteAccess - ok
17:02:31.0655 0x027c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:02:31.0717 0x027c RemoteRegistry - ok
17:02:31.0764 0x027c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:02:31.0811 0x027c RFCOMM - ok
17:02:31.0826 0x027c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:02:31.0857 0x027c RpcEptMapper - ok
17:02:31.0889 0x027c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:02:31.0920 0x027c RpcLocator - ok
17:02:31.0967 0x027c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:02:32.0013 0x027c RpcSs - ok
17:02:32.0045 0x027c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:02:32.0091 0x027c rspndr - ok
17:02:32.0169 0x027c [ 130DD683DCC902F47A4AC35201D07E2F, A1E7082D93C170CF5855007B26F96E8F8183B15126D34A9DB16CBF190BD8EF53 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:02:32.0216 0x027c RTL8167 - ok
17:02:32.0279 0x027c [ A6284C8C29CCCCAD9109C4DA5CD916BD, 612A5E8CF0F591F217EF29EB34C08C9A6A295C26DD49D2F7D2BE0DD504A8F0F4 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
17:02:32.0310 0x027c RTL8169 - ok
17:02:32.0325 0x027c [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs C:\Windows\system32\lsass.exe
17:02:32.0357 0x027c SamSs - ok
17:02:32.0388 0x027c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:02:32.0403 0x027c sbp2port - ok
17:02:32.0481 0x027c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:02:32.0559 0x027c SCardSvr - ok
17:02:32.0591 0x027c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:02:32.0637 0x027c scfilter - ok
17:02:32.0715 0x027c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:02:32.0778 0x027c Schedule - ok
17:02:32.0809 0x027c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:02:32.0856 0x027c SCPolicySvc - ok
17:02:32.0887 0x027c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:02:32.0934 0x027c SDRSVC - ok
17:02:32.0965 0x027c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:02:33.0012 0x027c secdrv - ok
17:02:33.0027 0x027c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:02:33.0059 0x027c seclogon - ok
17:02:33.0090 0x027c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
17:02:33.0137 0x027c SENS - ok
17:02:33.0152 0x027c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:02:33.0183 0x027c SensrSvc - ok
17:02:33.0199 0x027c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:02:33.0215 0x027c Serenum - ok
17:02:33.0230 0x027c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:02:33.0246 0x027c Serial - ok
17:02:33.0293 0x027c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:02:33.0324 0x027c sermouse - ok
17:02:33.0386 0x027c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:02:33.0433 0x027c SessionEnv - ok
17:02:33.0464 0x027c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:02:33.0495 0x027c sffdisk - ok
17:02:33.0495 0x027c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:02:33.0527 0x027c sffp_mmc - ok
17:02:33.0527 0x027c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:02:33.0542 0x027c sffp_sd - ok
17:02:33.0558 0x027c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:02:33.0589 0x027c sfloppy - ok
17:02:33.0651 0x027c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:02:33.0745 0x027c SharedAccess - ok
17:02:33.0807 0x027c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:02:33.0870 0x027c ShellHWDetection - ok
17:02:33.0901 0x027c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:02:33.0917 0x027c SiSRaid2 - ok
17:02:33.0932 0x027c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:02:33.0948 0x027c SiSRaid4 - ok
17:02:33.0979 0x027c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:02:34.0026 0x027c Smb - ok
17:02:34.0073 0x027c [ 410F4660C8472873818A288EBBE1FC8A, C72F6B9E334F87CFC3C27443CC01D8251EC8878099AF57B9B4A06A855392D342 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
17:02:34.0073 0x027c SmbDrvI - ok
17:02:34.0104 0x027c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:02:34.0119 0x027c SNMPTRAP - ok
17:02:34.0151 0x027c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:02:34.0166 0x027c spldr - ok
17:02:34.0197 0x027c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
17:02:34.0260 0x027c Spooler - ok
17:02:34.0431 0x027c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:02:34.0650 0x027c sppsvc - ok
17:02:34.0697 0x027c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:02:34.0743 0x027c sppuinotify - ok
17:02:34.0759 0x027c sptd - ok
17:02:34.0790 0x027c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:02:34.0853 0x027c srv - ok
17:02:34.0868 0x027c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:02:34.0899 0x027c srv2 - ok
17:02:34.0899 0x027c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:02:34.0915 0x027c srvnet - ok
17:02:34.0946 0x027c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:02:34.0993 0x027c SSDPSRV - ok
17:02:35.0009 0x027c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:02:35.0055 0x027c SstpSvc - ok
17:02:35.0149 0x027c [ 9B22538CD385E0F1F2F2470B16ACAB39, 84A7E2A558BCE80616CE8C345F78735ED4FDEDA58F5CFC45777DED3D3039060D ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:02:35.0180 0x027c STacSV - detected UnsignedFile.Multi.Generic ( 1 )
17:02:45.0273 0x027c STacSV ( UnsignedFile.Multi.Generic ) - warning
17:02:45.0273 0x027c Force sending object to P2P due to detect: STacSV
17:02:49.0236 0x0dec Object required for P2P: [ F7C5C7A86A42011045B999FF2A720159 ] nvlddmkm
17:02:49.0376 0x027c Object send P2P result: true
17:02:52.0091 0x0dec Object send P2P result: true
17:02:52.0231 0x027c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:02:52.0247 0x027c stexstor - ok
17:02:52.0309 0x027c [ 6374AB1C9E23F2BA68A25F1619A79E03, B931489B79AAA1964227B35F0B525D44106B3B17217EEE578117F916485A058C ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:02:52.0387 0x027c STHDA - ok
17:02:52.0449 0x027c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:02:52.0512 0x027c stisvc - ok
17:02:52.0543 0x027c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
17:02:52.0543 0x027c swenum - ok
17:02:52.0605 0x027c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:02:52.0652 0x027c swprv - ok
17:02:52.0699 0x027c [ 0F34FE968C91D02CE30D76C257F2BDA0, 4BD7BD9B94C14D14214910EF83D5F7B62081D02F9EE80E2FC6103D385482A605 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:02:52.0730 0x027c SynTP - ok
17:02:52.0824 0x027c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:02:52.0949 0x027c SysMain - ok
17:02:52.0980 0x027c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:02:52.0995 0x027c TabletInputService - ok
17:02:53.0042 0x027c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:02:53.0089 0x027c TapiSrv - ok
17:02:53.0136 0x027c [ 380AA9606D56E3C7D05FBF3655EC64EA, 220A22F9A9BF8B146A632C37153E57FE718144D83B91502CBC6EA64E36862D00 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
17:02:53.0167 0x027c tbhsd - ok
17:02:53.0198 0x027c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:02:53.0292 0x027c TBS - ok
17:02:53.0401 0x027c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:02:53.0448 0x027c Tcpip - ok
17:02:53.0541 0x027c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:02:53.0588 0x027c TCPIP6 - ok
17:02:53.0635 0x027c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:02:53.0666 0x027c tcpipreg - ok
17:02:53.0697 0x027c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:02:53.0760 0x027c TDPIPE - ok
17:02:53.0791 0x027c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:02:53.0807 0x027c TDTCP - ok
17:02:53.0822 0x027c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:02:53.0869 0x027c tdx - ok
17:02:53.0885 0x027c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
17:02:53.0900 0x027c TermDD - ok
17:02:53.0931 0x027c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
17:02:53.0978 0x027c TermService - ok
17:02:53.0994 0x027c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:02:54.0025 0x027c Themes - ok
17:02:54.0041 0x027c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:02:54.0072 0x027c THREADORDER - ok
17:02:54.0087 0x027c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:02:54.0134 0x027c TrkWks - ok
17:02:54.0150 0x027c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:02:54.0197 0x027c TrustedInstaller - ok
17:02:54.0243 0x027c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:02:54.0290 0x027c tssecsrv - ok
17:02:54.0321 0x027c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:02:54.0384 0x027c TsUsbFlt - ok
17:02:54.0555 0x027c [ CDAD7034AF9562835F29FB50A5F54832, CEBEAAF387A6B6A7CE20839E29988F47A7CD381BEDD8B127ECD5E0548BCC68FA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
17:02:54.0618 0x027c TuneUp.UtilitiesSvc - ok
17:02:54.0665 0x027c [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
17:02:54.0665 0x027c TuneUpUtilitiesDrv - ok
17:02:54.0696 0x027c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:02:54.0743 0x027c tunnel - ok
17:02:54.0758 0x027c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:02:54.0774 0x027c uagp35 - ok
17:02:54.0805 0x027c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:02:54.0836 0x027c udfs - ok
17:02:54.0867 0x027c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:02:54.0883 0x027c UI0Detect - ok
17:02:54.0914 0x027c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:02:54.0930 0x027c uliagpkx - ok
17:02:54.0961 0x027c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:02:54.0977 0x027c umbus - ok
17:02:54.0992 0x027c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:02:55.0023 0x027c UmPass - ok
17:02:55.0039 0x027c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:02:55.0086 0x027c upnphost - ok
17:02:55.0164 0x027c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:02:55.0226 0x027c usbaudio - ok
17:02:55.0273 0x027c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:02:55.0320 0x027c usbccgp - ok
17:02:55.0335 0x027c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:02:55.0382 0x027c usbcir - ok
17:02:55.0398 0x027c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:02:55.0429 0x027c usbehci - ok
17:02:55.0476 0x027c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:02:55.0523 0x027c usbhub - ok
17:02:55.0554 0x027c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:02:55.0554 0x027c usbohci - ok
17:02:55.0585 0x027c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:02:55.0601 0x027c usbprint - ok
17:02:55.0632 0x027c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:02:55.0694 0x027c USBSTOR - ok
17:02:55.0694 0x027c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:02:55.0710 0x027c usbuhci - ok
17:02:55.0741 0x027c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:02:55.0757 0x027c usbvideo - ok
17:02:55.0788 0x027c [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
17:02:55.0866 0x027c usb_rndisx - ok
17:02:55.0881 0x027c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:02:55.0928 0x027c UxSms - ok
17:02:55.0959 0x027c [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc C:\Windows\system32\lsass.exe
17:02:55.0975 0x027c VaultSvc - ok
17:02:56.0022 0x027c [ ED492636EE26EC43DAA4BAA7EF0DA7AD, 1F5D37F13EE4528B6B5339A304808904E2ADB9A3BC80DB3F8F0A193213797A5A ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
17:02:56.0069 0x027c VBoxDrv - ok
17:02:56.0100 0x027c [ 58E2365E7FD880624F648C63C5D22009, 9E00C2EF3488B7477AFF75FA62F2B66FD54166C19DCA594216B23EB046335FF0 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:02:56.0115 0x027c VBoxNetAdp - ok
17:02:56.0115 0x027c VBoxNetFlt - ok
17:02:56.0131 0x027c [ D8D7C61E90AF8A9D2CF24801113F0C56, DEFB53C4921E07111EC262D250356D40905F39473C32A5DC713BAE846E319565 ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
17:02:56.0147 0x027c VBoxUSB - ok
17:02:56.0178 0x027c [ 99906A079A6C24D4B8B0DBED02B7869B, 2AB7DCD157AA3A7FB76E66B5FE52491218B0BC8251942799FC2A0BEE024F60E0 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
17:02:56.0193 0x027c VBoxUSBMon - ok
17:02:56.0240 0x027c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:02:56.0256 0x027c vdrvroot - ok
17:02:56.0349 0x027c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:02:56.0459 0x027c vds - ok
17:02:56.0490 0x027c [ 330BC29200E4D31809DA27042347E6DB, FF951281F6A5EE48DC5BCEB303002147E950DFBF5F5C1EFC66A359F12BC9A4E6 ] VD_FileDisk C:\Windows\system32\drivers\VD_FileDisk.sys
17:02:56.0521 0x027c VD_FileDisk - detected UnsignedFile.Multi.Generic ( 1 )
17:02:59.0267 0x027c Detect skipped due to KSN trusted
17:02:59.0282 0x027c VD_FileDisk - ok
17:02:59.0360 0x027c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:02:59.0391 0x027c vga - ok
17:02:59.0407 0x027c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:02:59.0469 0x027c VgaSave - ok
17:02:59.0516 0x027c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:02:59.0532 0x027c vhdmp - ok
17:02:59.0563 0x027c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:02:59.0563 0x027c viaide - ok
17:02:59.0579 0x027c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:02:59.0594 0x027c volmgr - ok
17:02:59.0610 0x027c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:02:59.0641 0x027c volmgrx - ok
17:02:59.0657 0x027c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:02:59.0672 0x027c volsnap - ok
17:02:59.0703 0x027c [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
17:02:59.0766 0x027c vpcbus - ok
17:02:59.0797 0x027c [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
17:02:59.0828 0x027c vpcusb - ok
17:02:59.0875 0x027c [ C5B651E52540E6F46DA66574C74B4898, 4292E1D574FB0AF1D61F17F88D82A1A77738A3F7ECECB49FF20997FEC99078B2 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
17:02:59.0906 0x027c vpcvmm - ok
17:02:59.0937 0x027c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:02:59.0953 0x027c vsmraid - ok
17:03:00.0062 0x027c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:03:00.0171 0x027c VSS - ok
17:03:00.0187 0x027c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:03:00.0203 0x027c vwifibus - ok
17:03:00.0218 0x027c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:03:00.0249 0x027c VWiFiFlt - ok
17:03:00.0296 0x027c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:03:00.0312 0x027c vwifimp - ok
17:03:00.0359 0x027c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:03:00.0421 0x027c W32Time - ok
17:03:00.0499 0x027c [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
17:03:00.0546 0x027c W3SVC - ok
17:03:00.0561 0x027c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:03:00.0577 0x027c WacomPen - ok
17:03:00.0624 0x027c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:03:00.0671 0x027c WANARP - ok
17:03:00.0671 0x027c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:03:00.0702 0x027c Wanarpv6 - ok
17:03:00.0717 0x027c [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
17:03:00.0749 0x027c WAS - ok
17:03:00.0858 0x027c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:03:00.0920 0x027c WatAdminSvc - ok
17:03:01.0029 0x027c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:03:01.0139 0x027c wbengine - ok
17:03:01.0185 0x027c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:03:01.0217 0x027c WbioSrvc - ok
17:03:01.0263 0x027c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:03:01.0326 0x027c wcncsvc - ok
17:03:01.0341 0x027c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:03:01.0373 0x027c WcsPlugInService - ok
17:03:01.0388 0x027c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:03:01.0404 0x027c Wd - ok
17:03:01.0435 0x027c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:03:01.0497 0x027c Wdf01000 - ok
17:03:01.0513 0x027c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:03:01.0544 0x027c WdiServiceHost - ok
17:03:01.0544 0x027c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:03:01.0560 0x027c WdiSystemHost - ok
17:03:01.0591 0x027c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
17:03:01.0653 0x027c WebClient - ok
17:03:01.0700 0x027c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:03:01.0747 0x027c Wecsvc - ok
17:03:01.0763 0x027c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:03:01.0809 0x027c wercplsupport - ok
17:03:01.0825 0x027c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:03:01.0872 0x027c WerSvc - ok
17:03:01.0887 0x027c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:03:01.0919 0x027c WfpLwf - ok
17:03:01.0934 0x027c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:03:01.0934 0x027c WIMMount - ok
17:03:01.0965 0x027c WinDefend - ok
17:03:01.0965 0x027c WinHttpAutoProxySvc - ok
17:03:02.0043 0x027c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:03:02.0121 0x027c Winmgmt - ok
17:03:02.0231 0x027c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
17:03:02.0340 0x027c WinRM - ok
17:03:02.0387 0x027c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:03:02.0402 0x027c WinUsb - ok
17:03:02.0449 0x027c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:03:02.0511 0x027c Wlansvc - ok
17:03:02.0699 0x027c [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:03:02.0761 0x027c wlidsvc - ok
17:03:02.0792 0x027c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:03:02.0839 0x027c WmiAcpi - ok
17:03:02.0886 0x027c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:03:02.0933 0x027c wmiApSrv - ok
17:03:02.0948 0x027c WMPNetworkSvc - ok
17:03:02.0979 0x027c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:03:03.0073 0x027c WPCSvc - ok
17:03:03.0104 0x027c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:03:03.0182 0x027c WPDBusEnum - ok
17:03:03.0213 0x027c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:03:03.0260 0x027c ws2ifsl - ok
17:03:03.0291 0x027c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
17:03:03.0338 0x027c wscsvc - ok
17:03:03.0338 0x027c WSearch - ok
17:03:03.0479 0x027c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
17:03:03.0619 0x027c wuauserv - ok
17:03:03.0666 0x027c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:03:03.0713 0x027c WudfPf - ok
17:03:03.0744 0x027c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:03:03.0775 0x027c WUDFRd - ok
17:03:03.0791 0x027c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:03:03.0806 0x027c wudfsvc - ok
17:03:03.0869 0x027c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:03:03.0915 0x027c WwanSvc - ok
17:03:04.0071 0x027c [ B2B1F979B38120371A07E35C3688C3A0, 8B7880F5812250334925AB50DA0790AE0B52F7317B8577298074992B76B39981 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
17:03:04.0212 0x027c ZeroConfigService - ok
17:03:04.0274 0x027c [ 1CACFEF9E5DD866C5B79A135EE729E18, D46DBD2FA4B21F1EE9452EBBCBA143AB5BF83E2C9C8ACF25CEDBEFE02B4EA97D ] {22D78859-9CE9-4B77-BF18-AC83E81A9263} C:\Program Files (x86)\HP\QuickPlay\000.fcl
17:03:04.0290 0x027c {22D78859-9CE9-4B77-BF18-AC83E81A9263} - ok
17:03:04.0305 0x027c ================ Scan global ===============================
17:03:04.0337 0x027c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:03:04.0368 0x027c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:03:04.0399 0x027c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:03:04.0430 0x027c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:03:04.0461 0x027c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:03:04.0477 0x027c [ Global ] - ok
17:03:04.0477 0x027c ================ Scan MBR ==================================
17:03:04.0477 0x027c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:03:05.0195 0x027c \Device\Harddisk1\DR1 - ok
17:03:05.0210 0x027c [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:03:05.0616 0x027c \Device\Harddisk0\DR0 - ok
17:03:05.0631 0x027c ================ Scan VBR ==================================
17:03:05.0631 0x027c [ 9F31471AB36665D2D28B61F91C846EC1 ] \Device\Harddisk1\DR1\Partition1
17:03:05.0631 0x027c \Device\Harddisk1\DR1\Partition1 - ok
17:03:05.0631 0x027c [ D3954E7FC465DDDD193C7A31F4C5D609 ] \Device\Harddisk1\DR1\Partition2
17:03:05.0663 0x027c \Device\Harddisk1\DR1\Partition2 - ok
17:03:05.0663 0x027c [ 9C7E8C4817BEAAA6F51D896347088C8A ] \Device\Harddisk0\DR0\Partition1
17:03:05.0709 0x027c \Device\Harddisk0\DR0\Partition1 - ok
17:03:05.0709 0x027c ================ Scan generic autorun ======================
17:03:05.0834 0x027c [ 769E15F7D2010DF1DAD8FE85AFC140E6, 1FC726739C43FA4E4DA479A2E42664AC64EB53CDC5A584E888ACD2DD183A64EA ] C:\Program Files\IDT\WDM\sttray64.exe
17:03:05.0897 0x027c SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
17:03:08.0642 0x027c Detect skipped due to KSN trusted
17:03:08.0642 0x027c SysTrayApp - ok
17:03:08.0767 0x027c [ 8F89E6CB82E6DB45BC993D423CD0FDBD, 254DD6E7EBCD1BAEE8DB5AD34451B66241DCCE6496D440400DA092C9C867F165 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
17:03:08.0798 0x027c QlbCtrl.exe - ok
17:03:08.0861 0x027c [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:03:08.0892 0x027c avgnt - ok
17:03:08.0954 0x027c [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
17:03:08.0985 0x027c BCSSync - ok
17:03:08.0985 0x027c Waiting for KSN requests completion. In queue: 57
17:03:09.0999 0x027c Waiting for KSN requests completion. In queue: 3
17:03:11.0013 0x027c Waiting for KSN requests completion. In queue: 3
17:03:12.0027 0x027c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x40000 ( disabled : updated )
17:03:12.0043 0x027c Win FW state via NFP2: enabled ( trusted )
17:03:14.0820 0x027c ============================================================
17:03:14.0820 0x027c Scan finished
17:03:14.0820 0x027c ============================================================
17:03:14.0835 0x08ec Detected object count: 1
17:03:14.0835 0x08ec Actual detected object count: 1
17:03:40.0638 0x08ec STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
17:03:40.0638 0x08ec STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
29.10.2015, 14:01
| #3 |
| /// TB-Ausbilder   | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Der "Fund" von TDSS-Killer ist nichts. FRST.txt und Addition.txt in Code-Tags posten: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! |
|
29.10.2015, 15:48
| #4 |
| | Sorry für das 2te Thema! Hallo Matthias, ich freue mich sehr das Du mir hilfst. Hier nun die FRST.txt und Addition.txt in Code-Tags. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
durchgeführt von Ummel (Administrator) auf UMMEL (28-10-2015 15:55:21)
Gestartet von C:\Users\Ummel\Desktop
Geladene Profile: Ummel (Verfügbare Profile: Ummel & Freibad)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Windows\SMINST\BLService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-04-17] (IDT, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-10-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 10.54.253.1
Tcpip\..\Interfaces\{3C063186-F389-4998-92BA-3D9097D353FE}: [DhcpNameServer] 10.54.253.1
Tcpip\..\Interfaces\{52E3276B-E039-4F10-98EF-DD02316B91E8}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-4217548029-3015118994-2939823196-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4217548029-3015118994-2939823196-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4217548029-3015118994-2939823196-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> {67155C91-2696-4DBB-BC56-0EDA1AA38304} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4217548029-3015118994-2939823196-1000 -> {664712F7-49F1-4787-9FD5-08C6E1FC788C} URL = hxxp://www.ant.com/search?s=browser&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-07-28] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-07-28] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default
FF DefaultSearchEngine: ICQ Search
FF Homepage: hxxp://google.de
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.http", "192.168.1.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.http_port", 8080);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.no_proxies_on", "localhost, 127.0.0.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.share_proxy_settings", true);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.socks", "192.168.1.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.socks_port", 8080);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.ssl", "192.168.1.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.ssl_port", 8080);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.type", 1);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.http", "127.0.0.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.http_port", 8888);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.no_proxies_on", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.share_proxy_settings", false);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.socks", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.socks_port", 0);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.ssl", "127.0.0.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.ssl_port", 8888);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.type", 1);
FF NetworkProxy: "backup.ftp", "93.104.235.122"
FF NetworkProxy: "backup.ftp_port", 443
FF NetworkProxy: "backup.gopher", "192.168.1.1"
FF NetworkProxy: "backup.gopher_port", 8080
FF NetworkProxy: "backup.socks", "93.104.235.122"
FF NetworkProxy: "backup.socks_port", 443
FF NetworkProxy: "backup.ssl", "93.104.235.122"
FF NetworkProxy: "backup.ssl_port", 443
FF NetworkProxy: "gopher", "192.168.1.1"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-13] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-05-06] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-07-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-07-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-03-10] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-05-06] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-03-10] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BrowserPlugin\npBrowserPlugin.dll [2012-10-24] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4217548029-3015118994-2939823196-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\searchplugins\englische-ergebnisse.xml [2012-02-24]
FF SearchPlugin: C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\searchplugins\gmx-suche.xml [2012-02-24]
FF SearchPlugin: C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\searchplugins\lastminute.xml [2012-02-24]
FF SearchPlugin: C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\searchplugins\webde-suche.xml [2012-02-24]
FF Extension: Avira Browser Safety - C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\Extensions\abs@avira.com [2015-10-28] [ist nicht signiert]
FF Extension: EPUBReader - C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-09-02]
FF Extension: Proxy-Listen.de - Proxyswitcher - C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\Extensions\admin@proxy-listen.de.xpi [2015-09-02]
FF Extension: Antmark extensions - C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\Extensions\antmark@ant.com.xpi [2015-09-02]
FF Extension: Sothink Flash Downloader for Firefox - C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\Extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi [2013-04-14] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-16]
FF Extension: DownThemAll! - C:\Users\Ummel\AppData\Roaming\Mozilla\Firefox\Profiles\s2i0x2a3.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-09-02]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-10-28] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-10-28] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-10-28] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-03-09] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2012-03-09] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2012-03-09] [ist nicht signiert]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-10-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 gupdate1c9daeda7142f40; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-12-03] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2013-07-09] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [215104 2013-07-09] ()
S4 QPCapSvc; C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292216 2009-01-12] ()
S4 QPSched; C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe [116080 2009-01-12] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-04-26] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-17] (IDT, Inc.) [Datei ist nicht signiert]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-07-11] (Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386160 2012-12-03] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-07-25] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-10] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-07-25] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PsSdk41; C:\Windows\system32\Drivers\pssdk41.sys [51776 2009-06-25] (microOLAP Technologies LTD)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-06] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-03-10] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117080 2012-06-05] (Oracle Corporation)
S1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [23552 2009-10-25] (Flint Incorporation)
R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263}; C:\Program Files (x86)\HP\QuickPlay\000.fcl [146928 2009-01-12] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S3 cpuz130; \??\C:\Users\Ummel\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-28 15:55 - 2015-10-28 15:56 - 00024579 ____C C:\Users\Ummel\Desktop\FRST.txt
2015-10-28 15:55 - 2015-10-28 15:55 - 00000000 ____D C:\FRST
2015-10-28 15:52 - 2015-10-28 15:52 - 02197504 _____ (Farbar) C:\Users\Ummel\Desktop\FRST64.exe
2015-10-28 15:48 - 2015-10-28 15:48 - 00025286 _____ C:\Users\Ummel\Desktop\ComboFix.txt
2015-10-28 15:39 - 2015-10-28 15:39 - 00000558 ____C C:\Windows\PFRO.log
2015-10-28 15:23 - 2015-10-28 15:23 - 00000705 ____C C:\Users\Ummel\Desktop\JRT.txt
2015-10-28 15:17 - 2015-10-28 15:17 - 00010115 ____C C:\Users\Ummel\Desktop\gmer.log
2015-10-28 14:57 - 2015-10-28 14:58 - 00000594 ____C C:\Users\Ummel\Desktop\defogger_disable.log
2015-10-28 14:57 - 2015-10-28 14:57 - 00018486 ____C C:\Users\Ummel\Desktop\dds.txt
2015-10-28 14:57 - 2015-10-28 14:57 - 00012604 ____C C:\Users\Ummel\Desktop\attach.txt
2015-10-28 14:47 - 2015-10-28 14:47 - 02383832 ____C C:\Windows\system32\FNTCACHE.DAT
2015-10-28 14:43 - 2015-10-28 15:19 - 00000000 ____D C:\AdwCleaner
2015-10-28 14:43 - 2015-10-28 14:44 - 00005180 _____ C:\Users\Ummel\Desktop\AdwCleaner[C5].txt
2015-10-28 14:43 - 2015-10-28 14:43 - 01694208 _____ C:\Users\Ummel\Desktop\adwcleaner_5.015.exe
2015-10-28 14:20 - 2015-10-28 15:54 - 00113926 ____C C:\Windows\setupact.log
2015-10-28 14:20 - 2015-10-28 14:20 - 00000000 ____C C:\Windows\setuperr.log
2015-10-28 13:44 - 2015-10-28 13:45 - 00000324 ____C C:\Windows\SysWOW64\InstallUtil.InstallLog
2015-10-28 12:25 - 2015-10-28 12:26 - 00000000 ___DC C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-28 15:54 - 2012-03-09 14:47 - 01887760 ____C C:\Windows\WindowsUpdate.log
2015-10-28 15:54 - 2009-11-02 17:19 - 00001106 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-28 15:54 - 2009-07-14 06:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2015-10-28 15:53 - 2009-07-14 18:58 - 00785470 ____C C:\Windows\system32\perfh007.dat
2015-10-28 15:53 - 2009-07-14 18:58 - 00180312 ____C C:\Windows\system32\perfc007.dat
2015-10-28 15:53 - 2009-07-14 06:13 - 01832528 ____C C:\Windows\system32\PerfStringBackup.INI
2015-10-28 15:53 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-28 15:49 - 2012-03-09 13:11 - 00018752 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-28 15:49 - 2012-03-09 13:11 - 00018752 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-28 15:48 - 2015-09-02 19:35 - 00000000 ____D C:\Qoobox
2015-10-28 15:43 - 2006-11-02 13:34 - 00000215 _____ C:\Windows\system.ini
2015-10-28 15:39 - 2014-06-28 11:21 - 00065536 ____C C:\Windows\system32\Ikeext.etl
2015-10-28 15:36 - 2013-02-21 11:23 - 00007670 _____ C:\Users\Ummel\AppData\Local\resmon.resmoncfg
2015-10-28 15:20 - 2015-09-02 19:25 - 05637361 ____R (Swearware) C:\Users\Ummel\Desktop\ComboFix.exe
2015-10-28 15:06 - 2015-03-13 13:35 - 00000000 ___DC C:\Users\Ummel\Desktop\Anti
2015-10-28 14:21 - 2009-01-09 21:51 - 00000000 ___DC C:\ProgramData\TuneUp Software
2015-10-28 14:05 - 2012-05-04 05:55 - 00000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-28 13:56 - 2013-01-19 14:34 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER RTL - Clubs
2015-10-28 13:56 - 2009-05-18 20:17 - 00000000 ___DC C:\Users\Ummel\Desktop\Games
2015-10-28 13:53 - 2014-09-23 14:30 - 00000000 ____D C:\Users\Ummel\AppData\Local\Adobe
2015-10-28 13:53 - 2009-01-13 17:43 - 00000000 ___DC C:\Program Files (x86)\Adobe
2015-10-28 13:52 - 2011-01-10 23:48 - 00000000 ___DC C:\Program Files (x86)\DVDVideoSoft
2015-10-28 13:52 - 2009-07-14 04:20 - 00000000 ___DC C:\Windows\Help
2015-10-28 13:50 - 2011-06-23 00:13 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-10-28 13:48 - 2008-07-31 07:48 - 00000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2015-10-28 13:46 - 2012-03-16 16:57 - 00000000 ___DC C:\Users\Ummel\AppData\Roaming\WB Games
2015-10-28 13:46 - 2012-02-08 22:09 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2015-10-28 13:46 - 2009-07-14 06:32 - 00000000 __RDC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 13:45 - 2008-07-31 07:48 - 00000000 ___DC C:\Program Files (x86)\Hewlett-Packard
2015-10-28 13:44 - 2008-07-31 09:30 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-10-28 13:44 - 2006-11-02 16:15 - 00000000 ___DC C:\Windows\WindowsMobile
2015-10-28 13:42 - 2010-09-14 17:51 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-10-28 13:42 - 2010-09-14 17:51 - 00000000 ___DC C:\Program Files (x86)\QuickTime
2015-10-28 13:42 - 2009-05-22 15:57 - 00000000 ___DC C:\Program Files (x86)\Google
2015-10-28 13:36 - 2010-01-06 11:29 - 00000000 ___DC C:\ProgramData\Codemasters
2015-10-28 13:26 - 2008-07-31 09:12 - 00000000 ___DC C:\ProgramData\Adobe
2015-10-28 13:25 - 2011-06-20 23:01 - 00000000 ___DC C:\Program Files (x86)\AIDA64 Business Edition
2015-10-28 13:23 - 2014-03-17 18:19 - 00000000 ___DC C:\Program Files (x86)\TuneUp Utilities 2014
2015-10-28 12:25 - 2010-03-14 17:22 - 00000000 ___DC C:\Windows\SysWOW64\Adobe
2015-10-28 11:48 - 2012-10-21 12:10 - 00002471 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-28 11:12 - 2015-02-15 21:03 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-28 11:08 - 2013-08-08 11:10 - 00163544 ____C (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-10-28 11:08 - 2013-08-08 11:10 - 00074952 ____C (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-10-17 21:14 - 2013-06-24 17:33 - 00000000 ___DC C:\Users\Ummel\AppData\Roaming\vlc
2015-10-17 08:51 - 2013-04-11 20:00 - 00000000 ___DC C:\ProgramData\Package Cache
2015-10-16 16:44 - 2009-11-02 17:19 - 00001110 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-16 16:25 - 2009-11-02 17:19 - 00004106 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-16 16:25 - 2009-11-02 17:19 - 00003854 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-08 14:26 - 2009-05-26 23:07 - 00000000 ___DC C:\Users\Ummel\AppData\Roaming\dvdcss
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2009-02-27 13:02 - 2010-05-03 23:40 - 0000136 ____C () C:\Users\Ummel\AppData\Roaming\default.rss
2009-01-12 00:40 - 2009-01-12 00:40 - 0017043 ____C () C:\Users\Ummel\AppData\Roaming\UserTile.png
2009-03-30 12:47 - 2014-02-13 18:45 - 0000190 ____C () C:\Users\Ummel\AppData\Roaming\wklnhst.dat
2012-03-09 15:11 - 2012-03-09 15:11 - 0000000 _____ () C:\Users\Ummel\AppData\Local\AtStart.txt
2012-04-24 16:41 - 2013-02-01 13:30 - 0010240 _____ () C:\Users\Ummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-09 15:11 - 2012-03-09 15:11 - 0000000 _____ () C:\Users\Ummel\AppData\Local\DSwitch.txt
2012-03-09 15:11 - 2012-03-09 15:11 - 0000000 _____ () C:\Users\Ummel\AppData\Local\QSwitch.txt
2013-02-21 11:23 - 2015-10-28 15:36 - 0007670 _____ () C:\Users\Ummel\AppData\Local\resmon.resmoncfg
2013-01-24 21:34 - 2013-01-24 21:34 - 0004927 ____C () C:\ProgramData\bqeojehc.wbx
2012-07-07 09:24 - 2013-07-17 03:01 - 0000715 ____C () C:\ProgramData\HPWALog.txt
2012-03-11 16:43 - 2013-01-21 21:54 - 0009392 __SHC () C:\ProgramData\KGyGaAvL.sys
Einige Dateien in TEMP:
====================
C:\Users\Ummel\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2012-03-09 18:38
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
durchgeführt von Ummel (2015-10-28 15:57:04)
Gestartet von C:\Users\Ummel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-03-09 14:08:36)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4217548029-3015118994-2939823196-500 - Administrator - Disabled)
Freibad (S-1-5-21-4217548029-3015118994-2939823196-1008 - Limited - Enabled) => C:\Users\Freibad
Gast (S-1-5-21-4217548029-3015118994-2939823196-501 - Limited - Enabled)
Ummel (S-1-5-21-4217548029-3015118994-2939823196-1000 - Administrator - Enabled) => C:\Users\Ummel
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
.NET Utilities (HKLM\...\{500D7F84-5368-4133-88F3-A33216F218E4}) (Version: 128.0.0 - Manufacturer)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Alex Gordon (HKLM-x32\...\Alex Gordon) (Version: - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0F01}) (Version: 12.15.1.464 - APN, LLC)
Ballance (HKLM-x32\...\{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}) (Version: - )
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
Burnout(TM) Paradise The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.0.0.0 - Electronic Arts)
Cars - Abenteuer in Radiator Springs (HKLM-x32\...\Cars - Abenteuer in Radiator Springs) (Version: 1.0.0.0 - AWE Games)
Cars 2 (HKLM-x32\...\{FF10D622-7BFE-48C6-8DF6-40D8CB1D3C1B}) (Version: 1.00.0000 - Disney Interactive Studios)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
ClearProg 1.6.1 Beta 4 (HKLM-x32\...\ClearProg) (Version: 1.6.1 Beta 4 - Sven Hoffman)
Crazy Machines II (HKLM-x32\...\{112B0ED9-57F8-4883-8E6A-5BEAABDABBC1}) (Version: 1.00 - FAKT Software GmbH)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.0913 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Die Sims™ 2 (HKLM-x32\...\{2C82E097-694E-44ea-A947-2750679469CF}) (Version: - Electronic Arts)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die*Sims™*3 Erstelle einen Sim (HKLM-x32\...\{89173B88-384A-459B-B687-9C0BBC934EF4}) (Version: 1.0.25 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.11 - DivX, LLC)
Doom 3 BFG Edition (HKLM-x32\...\Doom 3 BFG Edition_is1) (Version: - )
Druckerdeinstallation für EPSON XP-215 217 Series (HKLM\...\EPSON XP-215 217 Series) (Version: - SEIKO EPSON Corporation)
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
Es war einmal... der Mensch (HKLM-x32\...\{B8A08B17-A74F-4910-9760-D48D53A89A72}) (Version: 1.00.0000 - Mindscape)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
FlatOut (HKLM-x32\...\{A57D86AF-DE8E-4B26-972E-A1A28FFF7742}) (Version: 1.00.0000 - Empire Interactive)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.12.1 - Hewlett-Packard)
HP QuickPlay 3.7 (HKLM-x32\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.6310 - Hewlett-Packard)
HP QuickTouch 1.00 D2 (HKLM\...\{1AD2F8FE-A357-4728-BDF8-B92D794CE793}) (Version: 1.0.9 - Hewlett-Packard)
HP User Guides 0103 (HKLM-x32\...\{B8169E45-8E23-430B-91D1-EC64540C8ED0}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
I Am Alive (x32 Version: 1.00.0 - Ubisoft) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6469.0 - IDT)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{2b83a547-7e0f-4dca-8990-97ff818fa3d8}) (Version: 15.6.0 - Intel Corporation)
Janosch Vorschule (HKLM-x32\...\{09E4C6A0-AB81-4ADA-9163-DD7B724E0BB6}) (Version: 1.00.0000 - Terzio Verlag)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
LEGO® Batman™ 2: DC Super Heroes (HKLM-x32\...\{4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® Der Herr der Ringe™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® Harry Potter™: Die Jahre 5-7 (HKLM-x32\...\{5C5A944F-096E-4ADD-B8E8-887F18BA6228}) (Version: 1.0.0.0 - WB Games)
LEGO® Pirates of the Caribbean Das Videospiel (HKLM-x32\...\{64958DA4-79D3-43FD-AF06-720DAD044F9E}) (Version: 1.0.0.0 - Disney Interactive Studios)
LG USB Modem Drivers (HKLM-x32\...\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}) (Version: 4.9.4 - LG Electronics)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Math Add-in for Word 2007 (HKLM-x32\...\{47D0C5E6-9FBA-49DB-8F88-BFAA5BA38646}) (Version: 3.5.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Nero 12 (HKLM-x32\...\{A2FB4DB1-DCAE-45DF-8755-00DC047ACF80}) (Version: 12.0.03400 - Nero AG)
Nero BurningROM 12 (HKLM-x32\...\{C0CA68BF-2963-4139-8207-1E83038F86F8}) (Version: 12.0.00800 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{EE430B59-A026-4C96-8906-E4C05B7FCC37}) (Version: 12.5.01500 - Nero AG)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 4.1.18 (HKLM\...\{4EE61784-10C6-4B7C-A0B2-5BED17B05741}) (Version: 4.1.18 - Oracle Corporation)
Oxin's Style! 3D Sexvilla 2.058.002 (HKLM-x32\...\{10B75CF6-5A54-4D7B-9169-70AD17181DE1}_is1) (Version: 2.058.002 - Oxin´s Style!)
Pack 500 track (HKLM-x32\...\Pack 500 track) (Version: 1.0 - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.3.2 - Frank Heindörfer, Philip Chinery)
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4518 - CyberLink Corp.)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version: - )
Prerequisite installer (x32 Version: 12.0.0005 - Nero AG) Hidden
ProtectSmart Hard Drive Protection (HKLM\...\{191C1158-D287-4074-B749-D4CDD321E062}) (Version: 3.10.1.7 - Hewlett-Packard)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SFirm32 (HKLM-x32\...\{EEAA6CFA-76F7-4B5A-A2A8-4AAA389BE8DE}) (Version: 2.221.35.11 - BIVG Hannover)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
The Amazing Spider-Man (HKLM-x32\...\The Amazing Spider-Man_is1) (Version: - )
The Room (HKLM-x32\...\The Room_is1) (Version: - Fireproof Games)
Tiger Woods PGA TOUR 2005 (HKLM-x32\...\{2FDD9D12-46C9-4156-A4A0-55297B9498CA}) (Version: - )
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Tony Hawk's Pro Skater 4 (HKLM-x32\...\{E1D46FA9-2DA5-47E6-8240-AFCF9116B199}) (Version: 1.00.0000 - Aspyr Media)
Tony Hawks Pro Skater HD (HKLM-x32\...\Tony Hawks Pro Skater HD_is1) (Version: - )
Total Commander Ultima Prime 5.3.0.0 (HKLM-x32\...\TC UP) (Version: 5.3.0.0 - ULTIMA PRIME)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.2160.11 - TuneUp Software) Hidden
Unreal Tournament 3 (LG) (HKU\S-1-5-21-4217548029-3015118994-2939823196-1000\...\InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}) (Version: 1.00.0000 - Epic Games)
Unreal Tournament 3 (LG) (x32 Version: 1.00.0000 - Epic Games) Hidden
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.56 - Nullsoft, Inc)
Windows Installer 4.5 SDK (HKLM-x32\...\{0CA21011-069B-B16A-A5CA-9ABE49DAC05C}) (Version: 4.5.6001.0 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Wolfenstein(TM) 1.1 Patch (x32 Version: - ) Hidden
Xilisoft PowerPoint to Video Converter Pro (HKLM-x32\...\Xilisoft PowerPoint to Video Converter Pro) (Version: 1.0.2.1118 - Xilisoft)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
01-09-2015 20:10:18 Windows Update
01-09-2015 20:47:19 Windows Update
02-09-2015 19:27:21 JRT Pre-Junkware Removal
03-09-2015 14:46:22 JRT Pre-Junkware Removal
28-10-2015 11:31:24 Windows Update
28-10-2015 13:35:18 Entfernt DiRT2
28-10-2015 13:37:02 Removed Crysis® 2
28-10-2015 13:38:25 Removed Quake 4(TM)
28-10-2015 15:20:00 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 13:34 - 2015-10-28 15:36 - 00000027 ___AC C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BE9D495-D3BB-486A-9E50-05D4AC657134} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {11C77597-58D0-411B-ABA1-7BBC71E5E0E7} - System32\Tasks\RealCreateProcessScheduledTask255514S-1-5-21-4217548029-3015118994-2939823196-1000 => c:\program files (x86)\real\realplayer\realplay.exe
Task: {17C3A0D5-36A8-4250-8ED9-D5A7F4DB6ABF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {17E57A9C-2E1F-4CB2-B2C3-9FC076E748DD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {2A21B78C-FE66-4E83-8248-FC818E312CC9} - System32\Tasks\EPSON XP-215 217 Series Update {ADBECB34-09FA-4BF6-B7F4-DA5C23F3F55D} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {36B5A29F-615E-4F40-9F60-BE04A2DE40CE} - System32\Tasks\{F224E892-5DEE-4ACD-A0C9-163721482933} => pcalua.exe -a C:\Windows\unvise32.exe -c d:\spiele\uninstal5.log
Task: {3C825A4F-D847-4274-81B0-5717C7667577} - System32\Tasks\{D3BDFE11-E389-4FFE-ACC8-E7EBE813434F} => G:\SETUP.EXE
Task: {3D856E26-6591-4490-87A3-54C3AE096F51} - System32\Tasks\EPSON XP-215 217 Series Invitation {ADBECB34-09FA-4BF6-B7F4-DA5C23F3F55D} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {487E2912-EBBA-4B88-9B08-122C7DC0DF64} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {513E012A-4E27-4DA8-9E4E-FA4D471ECA3C} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21] ()
Task: {54576264-4794-4DBA-B539-30D27E2A3774} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {5EF4F307-53D3-4163-9E47-B00335D01D63} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {638BEDAD-144E-4722-B665-722579EB7503} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
Task: {657F4010-AAAD-452F-86A9-2F8932075051} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-08] (Microsoft)
Task: {680086F8-3ABA-4C74-8DA2-9A3BBA608480} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16] (Oracle Corporation)
Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {7DD2E15E-456D-4F0F-9C60-67B05F9126A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {854317E7-333D-4FD7-89D9-E8015AE12384} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {98A5BE3E-F9F6-40D2-9399-27A074B13D96} - System32\Tasks\Real Networks Scheduler => C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
Task: {A12FEBDB-D371-4F27-A67A-214519B3DB3C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4217548029-3015118994-2939823196-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {A4A188C3-29D4-43C8-9649-FF3365E15700} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => c:\program files (x86)\common files\installshield\updateservice\issch.exe [2004-08-09] (InstallShield Software Corporation)
Task: {B7F18734-F426-430F-AD8C-2169EF3BC0B9} - System32\Tasks\{06FBFFCA-8EE8-4452-9456-53D4235AD3DA} => G:\SETUP.EXE
Task: {CCA6C917-32D8-4538-A837-AC5A9184A632} - System32\Tasks\{186253B9-2FE8-4F42-B15A-B143C3B2A2A4} => G:\SETUP.EXE
Task: {CFB0F06B-CF66-454E-AE9C-EAF064C2E948} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {D4EC6C6F-C1CD-43C7-B2AB-7022EC04D487} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {E185EF50-BD24-47A9-8DB6-C73A89DB8BEB} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => c:\Program Files (x86)\Common Files\installshield\updateservice\ISUSPM.exe [2004-08-09] (InstallShield Software Corporation)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {EA9DC201-967B-41F0-95CB-F294E12AA3F1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-13] (Adobe Systems Incorporated)
Task: {F7B17EDA-0943-4897-BD9A-1884E9306C03} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F9B234F9-8B9F-403F-B5A2-4EAB2A599943} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {ADBECB34-09FA-4BF6-B7F4-DA5C23F3F55D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {ADBECB34-09FA-4BF6-B7F4-DA5C23F3F55D}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{ADBECB34-09FA-4BF6-B7F4-DA5C23F3F55D} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2006-12-04 00:26 - 2006-12-04 00:26 - 00022016 ____C () C:\Windows\System32\sugs1l6.dll
2013-04-11 19:36 - 2015-08-18 01:07 - 00115376 ____C () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-09 19:44 - 2013-07-09 19:44 - 00075064 ____C () C:\Windows\SysWOW64\PnkBstrA.exe
2013-07-09 19:44 - 2013-07-09 20:12 - 00215104 ____C () C:\Windows\SysWOW64\PnkBstrB.exe
2008-07-31 09:30 - 2008-04-26 00:15 - 00361808 _____ () C:\Windows\SMINST\BLService.exe
2013-12-18 10:01 - 2013-12-18 10:01 - 00742200 ____C () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 ____C () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-01-09 21:50 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2008-07-31 09:30 - 2007-11-15 00:46 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:364682BC
AlternateDataStreams: C:\ProgramData\Temp:C64BF02A
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4217548029-3015118994-2939823196-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate1c9daeda7142f40 => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: NAUpdate => 2
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{3D18208D-125D-4A30-A27D-762F0ABCA4DF}D:\spiele\cod 4\iw3mp.exe] => (Allow) D:\spiele\cod 4\iw3mp.exe
FirewallRules: [TCP Query User{19A7FB6D-E2C6-4710-BF8B-C4720BCFB361}D:\spiele\cod 4\iw3mp.exe] => (Allow) D:\spiele\cod 4\iw3mp.exe
FirewallRules: [UDP Query User{FB75D095-70A3-4DF8-8F35-437492000E6F}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{4D1BF302-9A21-47C4-A441-6CCF0C001D38}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{AA2E5A13-29C8-403D-B391-40214FA31AA1}D:\spiele\tony hawks pro skater 4\game\skate4.exe] => (Block) D:\spiele\tony hawks pro skater 4\game\skate4.exe
FirewallRules: [TCP Query User{DC040C6A-9CD8-48BB-9813-1CA17A1ED65E}D:\spiele\tony hawks pro skater 4\game\skate4.exe] => (Block) D:\spiele\tony hawks pro skater 4\game\skate4.exe
FirewallRules: [UDP Query User{795C40B1-3DAF-4E7B-9042-3DEEEA239EA4}D:\spiele\tmunitedforever\tmforever.exe] => (Allow) D:\spiele\tmunitedforever\tmforever.exe
FirewallRules: [TCP Query User{B31E1B59-C54D-4298-B692-33CCCA2596C1}D:\spiele\tmunitedforever\tmforever.exe] => (Allow) D:\spiele\tmunitedforever\tmforever.exe
FirewallRules: [UDP Query User{AA5E767C-95DA-491A-8316-23E753C41232}D:\spiele\call of duty black ops\blackops.exe] => (Allow) D:\spiele\call of duty black ops\blackops.exe
FirewallRules: [TCP Query User{1A61AB2A-9BFE-4627-BC9A-EA8B727A85B8}D:\spiele\call of duty black ops\blackops.exe] => (Allow) D:\spiele\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{02F15114-21F3-4DDE-B42F-283CA34C1C51}D:\spiele\unreal tournament 3\binaries\ut3.exe] => (Allow) D:\spiele\unreal tournament 3\binaries\ut3.exe
FirewallRules: [TCP Query User{A7DD3C32-0474-4570-B95D-5559771DECF2}D:\spiele\unreal tournament 3\binaries\ut3.exe] => (Allow) D:\spiele\unreal tournament 3\binaries\ut3.exe
FirewallRules: [UDP Query User{ED25CE0A-EC7B-458E-8BB7-738FF61DD8AB}D:\spiele\need for speed hot pursuit\nfs11.exe] => (Block) D:\spiele\need for speed hot pursuit\nfs11.exe
FirewallRules: [TCP Query User{F903F532-C6EE-4FB8-9285-65245225B516}D:\spiele\need for speed hot pursuit\nfs11.exe] => (Block) D:\spiele\need for speed hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{E3FEEAA4-4562-4856-969B-92B4E191EE3D}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{48E60D0D-B092-430B-94CC-A590C6B5B4A8}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{AAE2427E-26F0-4E3E-BE0C-DC646A080992}D:\spiele\dead island\deadislandgame.exe] => (Allow) D:\spiele\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{CF9F7945-E8B3-4EA0-B2D3-EA367D1921E6}D:\spiele\dead island\deadislandgame.exe] => (Allow) D:\spiele\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{3FA8CDA4-56D9-41D0-B784-6CD01CF08221}D:\spiele\unreal tournament 1\system\unrealtournament.exe] => (Allow) D:\spiele\unreal tournament 1\system\unrealtournament.exe
FirewallRules: [UDP Query User{3B2C7BD0-17C2-4EE1-B5F4-644646ABC123}D:\spiele\unreal tournament 1\system\unrealtournament.exe] => (Allow) D:\spiele\unreal tournament 1\system\unrealtournament.exe
FirewallRules: [TCP Query User{E460495C-BB26-4CC9-A0D3-D2DE25E96A58}D:\spiele\portal 2\portal2.exe] => (Allow) D:\spiele\portal 2\portal2.exe
FirewallRules: [UDP Query User{74087749-33D2-4E34-996B-C761217596C0}D:\spiele\portal 2\portal2.exe] => (Allow) D:\spiele\portal 2\portal2.exe
FirewallRules: [TCP Query User{4D8C7B70-BC33-4B71-AA5A-3C925DE8E849}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{4DA9AF8A-B198-47F8-B787-10B82D804276}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{6633C6A5-2495-41CD-A4CD-797FEF3D90D7}D:\spiele\tmunitedforever\tmforever.exe] => (Block) D:\spiele\tmunitedforever\tmforever.exe
FirewallRules: [UDP Query User{EB30DB0E-B973-444E-B1C7-A78C7D8872DB}D:\spiele\tmunitedforever\tmforever.exe] => (Block) D:\spiele\tmunitedforever\tmforever.exe
FirewallRules: [TCP Query User{4B2249E6-CB3E-4015-A0EF-65F889380581}D:\spiele\need for speed hot pursuit\nfs11.exe] => (Allow) D:\spiele\need for speed hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{2C315E99-B540-4B2D-AEBD-238E23DA74AA}D:\spiele\need for speed hot pursuit\nfs11.exe] => (Allow) D:\spiele\need for speed hot pursuit\nfs11.exe
FirewallRules: [TCP Query User{2CEBA2CA-E780-4901-9BDC-7C763BAC2675}D:\spiele\dead island\deadislandgame.exe] => (Block) D:\spiele\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{2E0A1A3D-82EE-48AC-BF13-80B2A3F0A32F}D:\spiele\dead island\deadislandgame.exe] => (Block) D:\spiele\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{BAA088CB-42C4-4E14-B1FD-C7AF41F37FFA}D:\spiele\tischtennis 3d\tennis.exe] => (Block) D:\spiele\tischtennis 3d\tennis.exe
FirewallRules: [UDP Query User{FFDB5E45-8B96-4027-9CD7-E83B856BA838}D:\spiele\tischtennis 3d\tennis.exe] => (Block) D:\spiele\tischtennis 3d\tennis.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{9719C822-C1B2-458A-B991-C5758DF5F361}D:\spiele\tony hawks pro skater 4\game\skate4.exe] => (Allow) D:\spiele\tony hawks pro skater 4\game\skate4.exe
FirewallRules: [UDP Query User{EF84E521-DA0C-4351-9479-ED53EC4442F9}D:\spiele\tony hawks pro skater 4\game\skate4.exe] => (Allow) D:\spiele\tony hawks pro skater 4\game\skate4.exe
FirewallRules: [TCP Query User{46521E2B-E377-4AD9-8E18-EBB90B03575F}D:\spiele\doom 3 bfg edition\doom3bfg.exe] => (Allow) D:\spiele\doom 3 bfg edition\doom3bfg.exe
FirewallRules: [UDP Query User{38DE5AF9-EE84-4262-8599-76BA9AFE772F}D:\spiele\doom 3 bfg edition\doom3bfg.exe] => (Allow) D:\spiele\doom 3 bfg edition\doom3bfg.exe
FirewallRules: [{B3D6C557-FB25-41CF-94A1-E146BAAB3AED}] => (Block) D:\Spiele\LEGO The Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{FCF94787-F97A-4EAF-8FE3-8F68172D7769}] => (Block) D:\Spiele\LEGO The Lord of the Rings\LEGOLOTR.exe
FirewallRules: [TCP Query User{072CB015-100A-4C8E-BB8F-B176C986E3CE}D:\spiele\flatout2\flatout2.exe] => (Allow) D:\spiele\flatout2\flatout2.exe
FirewallRules: [UDP Query User{DB0D15B2-7AC6-4257-9F12-F99B4840AFF8}D:\spiele\flatout2\flatout2.exe] => (Allow) D:\spiele\flatout2\flatout2.exe
FirewallRules: [TCP Query User{D4A769EE-E922-4151-8DD6-F0576499ABF7}D:\spiele\call of duty black ops\blackops.exe] => (Allow) D:\spiele\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{BC7D8570-3314-4675-8917-C69C1F9B062C}D:\spiele\call of duty black ops\blackops.exe] => (Allow) D:\spiele\call of duty black ops\blackops.exe
FirewallRules: [{23AEAF1A-194E-4E31-B879-1CEEF2703C5D}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{0C2F912F-993E-45AD-8FEE-CE5A48D1B437}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{6792C9E9-0E38-41BB-8CDC-A6CAAB01DB49}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{BA568499-6185-4C6C-A595-D4F8A33E3069}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{BC1BD7DD-EB94-4960-8267-93D22893ABC4}D:\spiele\portal 2\portal2.exe] => (Block) D:\spiele\portal 2\portal2.exe
FirewallRules: [UDP Query User{71C161F4-D037-479B-90F6-FFA9A5DE3835}D:\spiele\portal 2\portal2.exe] => (Block) D:\spiele\portal 2\portal2.exe
FirewallRules: [{1A36797E-B082-4EDF-AF21-F5C2794E23FD}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{FE7CA2D7-B2E3-4933-8CB6-69232173B490}D:\spiele\tischtennis 3d\tennis.exe] => (Block) D:\spiele\tischtennis 3d\tennis.exe
FirewallRules: [UDP Query User{76CC84AD-2E3B-46B3-A6AD-7E8B1B610A63}D:\spiele\tischtennis 3d\tennis.exe] => (Block) D:\spiele\tischtennis 3d\tennis.exe
FirewallRules: [TCP Query User{C7861C93-F332-4F5C-8A91-F37614DDE994}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D4236EE2-2BFF-4EBB-8937-78E462D0C70B}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{8A2D47CF-1E7E-4DA2-9DF9-96380B47C6F7}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{30BC4185-1942-472B-8B86-4428F11B9FDD}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{8C3B3077-67C2-4C1C-9EB3-A6C1D97E1B23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AF85372C-32D9-40BB-8C14-77C42F577589}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{76B8CBB5-DF3D-447F-8783-A0ADBC092197}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{82766A60-6E3A-42D0-A694-BEB517424BA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{94A9F9EE-70BC-41FB-94F2-43DCDA99BF58}D:\quake3\quake3.exe] => (Allow) D:\quake3\quake3.exe
FirewallRules: [UDP Query User{C7E91F61-5F42-4385-BB3E-7E8BC20A1C3F}D:\quake3\quake3.exe] => (Allow) D:\quake3\quake3.exe
FirewallRules: [{A744CE61-8E37-44F6-941B-FDB835C41C23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3A086BD9-9823-4BBA-9B01-036C662E3FB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{597BA2AB-7C9A-4C25-8873-1AA4E605F97A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4AF9299-7BD6-4A1B-8703-08AEB8DC4D04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C6E0BECA-9FCA-4CC0-952D-BB1B79E9F3D0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{92D90ED2-3666-4AB8-B6E9-330E60BF9640}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{83AE3A01-B063-4C50-ABEB-0F402B048CEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4BE0C716-3CDF-4BB6-85D4-1EEC283E7513}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CA7C3F2F-4827-4A81-9241-BBEBD927EADD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A9E15F91-85EB-49B4-A15F-41632F8A06F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{590850E1-FA7D-409D-B4DE-63E079BBBDF9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B4E82D42-76D1-4D27-9DB0-0EF5DD2935F2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{762555E8-A5BA-4832-A601-71512F7F6085}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{378FCCCC-AAD7-42E8-8E06-A4D2FDC26A92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D992F25F-5AFF-4E62-AB1D-7EBF76BD219A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B50533E9-07C2-45ED-90C9-02C0AEB3002B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{6AC410B4-7C14-4AC6-A5F7-6D0651D8A280}D:\quake3\quake3.exe] => (Allow) D:\quake3\quake3.exe
FirewallRules: [UDP Query User{C7D1308E-EB53-47C1-8823-DC766D7A1FF8}D:\quake3\quake3.exe] => (Allow) D:\quake3\quake3.exe
FirewallRules: [{2048F8CF-41BD-4D41-8B92-DDB4C31BFA73}] => (Allow) LPort=139
FirewallRules: [{D408D1BB-83FF-4805-BA6D-66FCE9F22067}] => (Allow) LPort=445
FirewallRules: [{03CEC418-A069-46CB-B9E9-44EE3C345798}] => (Allow) LPort=137
FirewallRules: [{6F0748CF-9EA6-46B0-8C69-DE8D0A8EE6F6}] => (Allow) LPort=138
FirewallRules: [TCP Query User{983D9489-80A1-40E3-8C63-0EC348BB6575}D:\spiele\unreal tournament 1\system\unrealtournament.exe] => (Allow) D:\spiele\unreal tournament 1\system\unrealtournament.exe
FirewallRules: [UDP Query User{5082F88D-59FF-48EC-9BB1-F06B37429D5B}D:\spiele\unreal tournament 1\system\unrealtournament.exe] => (Allow) D:\spiele\unreal tournament 1\system\unrealtournament.exe
FirewallRules: [{A1A0FD8D-AC45-4514-B8AC-10AAC10A20AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9E907425-A39B-4D56-9F70-B67D41E836F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/28/2015 03:57:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 03:53:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 03:40:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 03:22:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 02:54:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 02:48:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 02:42:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/28/2015 02:39:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 02:38:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/28/2015 02:21:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (10/28/2015 03:55:44 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (10/28/2015 03:53:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (10/28/2015 03:53:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/28/2015 03:53:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/28/2015 03:53:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/28/2015 03:53:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sekundäre Anmeldung" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/28/2015 03:53:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Aufgabenplanung" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/28/2015 03:53:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/28/2015 03:53:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerprofildienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/28/2015 03:53:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Multimediaklassenplaner" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-10-28 15:39:13.242
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vd_filedisk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-28 15:39:13.164
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vd_filedisk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-28 15:35:52.392
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-28 15:35:52.314
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-28 15:35:52.236
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-28 15:35:52.158
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-28 14:47:05.764
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vd_filedisk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-28 14:47:05.670
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vd_filedisk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-28 14:05:27.764
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vd_filedisk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-10-28 14:05:27.670
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\vd_filedisk.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 4062.96 MB
Verfügbarer physikalischer RAM: 2818.36 MB
Summe virtueller Speicher: 8124.1 MB
Verfügbarer virtueller Speicher: 6526.52 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:288.17 GB) (Free:61.24 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:298.09 GB) (Free:109.32 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:9.92 GB) (Free:1.73 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 497FDC18)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 07D207D1)
Partition 1: (Active) - (Size=288.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Ich habe jetzt über den Ressourcenmonitor + Process Manager von TuneUp2014 heraus gefunden das der Dienst, der mir in meinem ersten Thema 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Probleme bereitet folgendes zur Ursache hat. Der o.g. Dienst, wenn er startet verwendet immer die Datei unter C:\Windows\System32\wuaueng.dll der sogenannte Windows Update Agent. Da mein System in letzter Zeit nicht aktive war und es jetzt logischerweiße immer ein Windows Updaten machen will, viel mir ebenfalls auf das gerade auch bei Updateversuchen immer dieser o.g. Dienst startet. Ist jetzt die wuaueng.dll versäucht? Geändert von SebastianB. (29.10.2015 um 16:02 Uhr) |
|
30.10.2015, 22:03
| #5 |
| /// TB-Ausbilder | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Servus, Downloade Dir bitte  Malwarebytes Anti-Malware
|
|
30.10.2015, 23:12
| #6 |
| | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) ProzessCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.10.2015 Suchlaufzeit: 22:12 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.10.29.02 Rootkit-Datenbank: v2015.10.28.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Ummel Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 439736 Abgelaufene Zeit: 22 Min., 11 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) http://www.trojaner-board.de/170200-...lastung-2.html ich habe auch schon folgendes versucht: 1.https://support.microsoft.com/de-de/kb/949104 bei 1. habe ich versucht den Agent neu zu installieren. Hat geklappt nur beim aktiveiren von Windows Update, gings wieder los. 2. hxxp://answers.microsoft.com/de-de/windows/forum/windows_7-update/windows-update-fehlercode-80080005/aae527a5-4184-4a67-9fa5-108c4214bb0e DIESEN LINK BITTE VORN DIE "XX" mit "TT" ersetzen. Das Forum macht hier immer xx daraus, warum auch immer.  bei 2. gehts es auch um die wuaueng.dll und weil dieser Fehler bei meinem Windows Update auch da steht (80080005). Die Antwort von Mario habe ich bereits auch versucht, leider ohne Erfolg. ich habe jetzt das komplette Windows Update DEAKTIVIERT und auch den Dienst in der Verwaltung Windows Update DEAKTIVIERT. Seitdem kam dieses Problem nicht mehr, nur ist das ja keine Dauerlösung, ich muss bzw.sollte ja Windows Updates regelmäßig machen. |
|
30.10.2015, 23:54
| #7 | |
| /// TB-Ausbilder | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Servus, Malware ist auf jeden Fall nicht dein Problem.  Zitat:
Versuch mal noch folgendes bitte:
|
|
02.11.2015, 22:43
| #8 |
| | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Hallo, ich habe alles wie beschrieben durchgeführt. Es wurden auch einige Probleme im Windows behoben bzw. das System läuft auch jetzt wieder schneller, nur leider ist das svchost Problem immer noch nicht weg. Lässt sich an Hand der logs vom Windows Repair Tool ablesen ob es das Windows Update behoben hat? Nach der Reparatur schaltete ich das Windows Update wieder ein und schon ging es wieder los. Es waren so viele logs, da habe ich sie als *.rar hochgeladen vielleicht kannst du damit etwas anfangen! Gruß Sebastian |
|
03.11.2015, 09:30
| #9 |
| /// TB-Ausbilder | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Servus, kann mit den Logdateien jetzt nicht viel anfangen, wir versuchen ein Tool von Xplode: Schließe alle offenen Programme. Downloade dir WinUpdateFix auf den Desktop. Starte das Tool, es öffnet sich ein Fenster. Wähle unter Selection erst Tous und dann Executer aus. Bestätige auftretende Meldungen mit Ok. Dein Rechner wird neu gestartet. Öffne nach dem Neustart WinUpdateFix nochmal und vergewissere dich, dass unter Services überall Demarre und Automatique steht. Sollte dies nicht so sein, so drücke die entsprechenden Buttons. Überprüfe nun, ob Windows Update wieder normal funktioniert. |
|
06.11.2015, 11:49
| #10 |
| /// TB-Ausbilder | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
07.11.2015, 00:24
| #11 |
| /// TB-Ausbilder | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Servus, Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. |
|
07.11.2015, 18:39
| #12 |
| | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Hier die txt |
|
07.11.2015, 23:09
| #13 |
| /// TB-Ausbilder | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Servus, ich frag mal intern im Team nach. |
|
08.11.2015, 13:15
| #14 |
| /// TB-Ausbilder | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Servus, versuch mal folgendes bitte: 1) Windows Updates deaktivieren 2) Lösche alle Ordner und Dateien, die sich in diesem Downloadordner hier befinden: C:\Windows\SoftwareDistribution\Download\ 3) Windows Updates aktivieren Ist das hilfreich? |
|
10.11.2015, 09:58
| #15 |
| | 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess Servus, werde ich morgen Vormittag sofort ausprobieren, sobald ich von der Arbeit rein bin. Vielen Dank noch einmal für Dein Engagement bei meinem Problem. Rückmeldung erfolgt dann morgen. Servus, erledigt bzw. der von dir o.g. Ordner war bei mir OMG..... leer!  |
|
| Themen zu 100% Speicherbelastung+100% CPU Auslastung durch svchost.exe (netsvcs) Prozess |
| 100%, auslastung, beenden, cpu, cpu auslastung, dateien, explorer, explorer absturt neustart, explorer.exe, fehler, hohe, monitor, neu, nicht mehr, problem, prozess, prozesse, ram, ram auslastung, ressourcenmonitor, schließen, starten, startet, svchost.exe, svchost.exe (netsvcs), taskleiste, taskmanager, w-lan, win7, ändern |
von tweaking.com 
Linear-Darstellung
