![]() |
|
Plagegeister aller Art und deren Bekämpfung: svchost.exe 4 GB grossWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() |
|
![]() | #1 |
![]() ![]() | ![]() svchost.exe 4 GB gross Hallo, ich habe wieder mal ein komisches Problem. Seit einer Woche bekomme ich zwischendurch die Meldung, das mein Arbeitsspeicher erschöpft ist und ich ein Programm beenden soll. Einmal ist er Firefox, dann wieder Thunderbird oder was anderes, was gerade auch läuft. Öffne ich den Process Explorer sehe ich 15 mal svchost.exe offen. Die letzte hat über 4 GB vom Speicher belegt. Da hilft nur ein Neustart, dann ist wieder einige Zeit Ruhe. Ich hab schon den 4 GB Eintrag gekillt und dann war auch Ruhe. Selbst wenn ich die vorgeschlagene Anwendung beende, wird die Datei nicht kleiner. Malwarebytes hat nix gefunden und Eset hat auch nix gefunden. Wer kann mir helfen? Gruß Helmut |
![]() | #2 |
/// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() svchost.exe 4 GB gross![]() Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: ![]() Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Mal schauen, ob wirklich Malware dafür verantwortlich ist... Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte ![]()
Bitte poste mit deiner nächsten Antwort
|
![]() | #3 |
![]() ![]() | ![]() svchost.exe 4 GB gross Hallo Matthias,
__________________anbei die Log Files: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-11-2015 durchgeführt von Helmut (2015-11-25 10:17:29) Gestartet von C:\Users\Helmut\Desktop Windows 7 Professional Service Pack 1 (X64) (2010-11-19 09:43:14) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-675147457-2045932314-1395331145-500 - Administrator - Enabled) => C:\Users\Administrator Gast (S-1-5-21-675147457-2045932314-1395331145-501 - Limited - Disabled) Helmut (S-1-5-21-675147457-2045932314-1395331145-1000 - Administrator - Enabled) => C:\Users\Helmut ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.19 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0919-000001000000}) (Version: 9.19.00.0 - Igor Pavlov) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden ArcSoft Codec (HKLM-x32\...\{08EE3698-AAB9-4BAD-BDF4-0BE0A9157222}) (Version: - ArcSoft) Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG) Attack Surface Analyzer (HKLM\...\{2710505A-D198-4906-8767-F869909D9FA6}) (Version: 5.3.0.0 - Microsoft Corporation) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2009021678.48.56.38284082 - Audible, Inc.) Auerswald COMlist 2.5.2 (HKLM-x32\...\{F7B74F3E-8B6C-4826-802E-B907BAAE4E4B}) (Version: 2.5.2 - Auerswald GmbH & Co.KG) Auerswald COMset 2.7.2 (HKLM-x32\...\{B1D2A138-D53E-4D3F-B547-EA2277007746}) (Version: 2.7.2 - Auerswald GmbH & Co.KG) Auerswald COMtools 2.3.2 (HKLM-x32\...\{CEDE5E8A-37C3-40C7-8F9C-7D0E70DA0C9E}) (Version: 2.3.2 - Auerswald GmbH & Co.KG) Auerswald Mult-Core Patch (HKLM-x32\...\{16F8DE17-DC0B-4D03-AF06-90AE05B3D34E}) (Version: 1.0.0 - Auerswald GmbH & Co KG) Auerswald SoftLCR 3.4.2 (HKLM-x32\...\{CD7DCE24-598D-49BF-A7AE-A019F9804A84}) (Version: 3.4.2 - Auerswald GmbH & Co.KG) AutoGreen B10.0629.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoGreen B10.0629.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden avast! Browser Cleanup (HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\avast! Browser Cleanup) (Version: 10.2.2218.80 - AVAST Software) AVM FRITZ! (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) AVM ISDN TAPI Services for CAPI (HKLM\...\AVM ISDN TAPI Services) (Version: - ) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.12.896 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{A7FC82AC-986D-48D5-8AAE-A75C1D829E0A}) (Version: 0.7.12.896 - BlueStack Systems, Inc.) bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation) DDBAC (HKLM-x32\...\{3CCF9C9E-1D71-41AB-BFF2-A118DA748CDC}) (Version: 5.3.41.0 - DataDesign) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) DeltaCopy (HKLM-x32\...\{D6E5F58F-C879-4EC1-90F7-BA31BABF10C9}) (Version: 1.40.0000 - Synametrics Technologies) DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison) DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek) DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version: - ) DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 5.5.2.0 - CM&V) DVBViewer Recording Service (HKLM-x32\...\DVBViewer Recording Service_is1) (Version: 1.9.3.0 - CM&V) DVR Configuration Tool (HKLM-x32\...\{FCEE0D0C-FF8D-4552-A6C5-67ECE0F82EF9}) (Version: 1.0.11 - Pearl Agency GmbH) Easy Drive Data Recovery (HKLM-x32\...\Easy Drive Data Recovery) (Version: 3.0 - MunSoft) Easy Tune 6 B12.1121.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden ECOTEL Service Gear (HKLM-x32\...\{423BE907-4643-476B-8C0E-44D9893A2A54}) (Version: 4.7.250 - VIERLING Communications GmbH) Elevated Installer (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version: - SEIKO EPSON Corporation) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Finanzmanager 2016 (x32 Version: 23.36.00.0179 - Haufe-Lexware GmbH & Co.KG) Hidden Finanzmanager Import Export Server 2016 (x32 Version: 23.33.00.0106 - Haufe-Lexware GmbH & Co.KG) Hidden Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.6.716 - DVDVideoSoft Ltd.) Garmin Express (HKLM-x32\...\{50755d67-ae60-4e47-b3d6-ce44d01b5a95}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden GEAR driver installer for x86 and x64 (HKLM-x32\...\{D2A0B573-BDC0-4F5B-9202-A8D9B7781664}) (Version: 4.015.1 - GEAR Software) Genymotion version 2.3.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.3.0 - Genymobile) GetDataBack for FAT (HKLM-x32\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 4.25.000 - Runtime Software) GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.25.000 - Runtime Software) Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.59.0 - GIGABYTE Technologies, Inc.) Glary Undelete 1.8.0.468 (HKLM-x32\...\Glary Undelete_is1) (Version: - Glarysoft.com) Google Chrome (HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Gpg4win (2.2.4) (HKLM-x32\...\GPG4Win) (Version: 2.2.4 - The Gpg4win Project) Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.28252 - Hauppauge Computer Works) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC) HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation) HTC Sync (HKLM-x32\...\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}) (Version: 3.2.20 - HTC Corporation) Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) jAnrufmonitor 5.0 (HKLM-x32\...\jam50) (Version: - Thilo Brandt) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) JRE 1.6.1 (HKLM-x32\...\{B256C380-AC47-4681-8342-7F42E4F0F434}) (Version: 1.6.1 - Auerswald GmbH & Co.KG) KL Tools (HKLM-x32\...\{A76AFCBF-CDB6-4060-96DD-383CFB76BAAC}) (Version: 1.3.8 - KeeLog) klickTel Telefon- und Branchenbuch Herbst 2013 (HKLM-x32\...\{5EAFCD1F-3FD2-4F01-B80C-10C602A3E529}) (Version: 1.00.0000 - telegate MEDIA AG) Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - ) Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version: - ) LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - ) Lexware Abschreibungsrechner (HKLM-x32\...\{204294E8-371C-4DFB-8162-EF5BB4FEBFE1}) (Version: 11.00.04.0001 - Haufe-Lexware GmbH & Co.KG) Lexware Elster (HKLM-x32\...\{1C227C2E-2295-4820-87B1-4B13E98E6C66}) (Version: 13.15.00.0074 - Haufe-Lexware GmbH & Co.KG) Lexware Finanzmanager Deluxe 2016 (HKLM-x32\...\{95ccff15-6bb0-4f99-b7b6-8cd650cd9df8}) (Version: 23.33.0.114 - Haufe-Lexware GmbH & Co.KG) Lexware Info Service (x32 Version: 5.00.00.0044 - Haufe-Lexware GmbH & Co.KG) Hidden Lexware Installations Dienst (x32 Version: 4.01.00.0009 - Haufe-Lexware GmbH & Co.KG) Hidden Lexware online banking (HKLM-x32\...\{BDED7C2D-BAC0-40CA-90AA-E3D23FDAC87D}) (Version: 22.02.00.0040 - Haufe-Lexware GmbH & Co.KG) Lexware Quicken Deluxe 2015 (HKLM-x32\...\{3c6b2da5-a27e-447a-a86e-5a60dd2b7eba}) (Version: 22.31.0.118 - Haufe-Lexware GmbH & Co.KG) LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics) LG PC Suite IV (HKLM-x32\...\LG PC Suite IV) (Version: 4.3.80.20121017 - LG Electronics) LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics) Logitech SetPoint 6.65 (HKLM\...\SP6) (Version: 6.65.62 - Logitech) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.) LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla) MR_Beleg (HKLM-x32\...\ST6UNST #1) (Version: - ) MR-Online (HKLM-x32\...\{353AAD49-A6C3-44B8-BAE0-4B18087E83CD}) (Version: 1.0.0 - Standardfirmenname) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) MxControlCenter (x64) Version 2.5.3 (HKLM\...\{4D780F7A-A825-45B7-8876-C1E3BD01F9D2}_is1) (Version: 2.5.3 - MOBOTIX AG) MyFreeCodec (HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\MyFreeCodec) (Version: - ) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger) Nmap 6.40 (HKLM-x32\...\Nmap) (Version: - ) Nokia Connectivity Cable Driver (HKLM-x32\...\{AF88496B-4BBA-4922-97E9-2582D3A28358}) (Version: 7.1.48.0 - Nokia) Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.2.100.0 - Nokia) Nokia Suite (x32 Version: 3.2.100.0 - Nokia) Hidden Norton 360 (HKLM-x32\...\N360) (Version: 22.5.4.24 - Symantec Corporation) Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.) Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation) NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation) NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) Oracle VM VirtualBox 4.3.22 (HKLM\...\{F053F74A-A631-4CFA-A271-6D0747599BC9}) (Version: 4.3.22 - Oracle Corporation) Palm Desktop (HKLM-x32\...\{E89D78B8-28F7-412F-8B26-C684739CBBDC}) (Version: 4.1.0410 - Palm, Inc.) PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.) PC Connectivity Solution (HKLM-x32\...\{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}) (Version: 11.5.13.0 - Nokia) PDF24 Creator 7.0.5 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Personal Backup 5.5 (HKLM\...\Personal Backup 5 (64-bit)_is1) (Version: 5.5 - J. Rathlev) Personal Backup 5.7.3.0 (HKLM\...\Personal Backup 5_is1) (Version: 5.7.3.0 - Dr. J. Rathlev) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Quicken 2015 (x32 Version: 22.39.00.0149 - Haufe-Lexware GmbH & Co.KG) Hidden Quicken DELUXE 2014 (HKLM-x32\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.37.00.0185 - Haufe-Lexware GmbH & Co.KG) Quicken HOME & BUSINESS 2012 (HKLM-x32\...\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}) (Version: 19.36.00.0165 - Haufe-Lexware GmbH & Co.KG) Quicken HOME & BUSINESS Jubiläumsversion (HKLM-x32\...\{A907A713-DA24-4352-8786-96C7A6944646}) (Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG) Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.44 - Piriform) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) RufIdent 31 (HKLM-x32\...\RufIdent 31_is1) (Version: - ) Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) Scansoft PDF Professional (x32 Version: - ) Hidden SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association) Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia) Serienfax für FRITZ!fax (HKLM-x32\...\Serienfax) (Version: - ) Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden ShortCut Autotype Application (HKLM-x32\...\ShortCut_is1) (Version: 3.6 - Andreas Viebke) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Smart Switch (x32 Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Hidden Software Updater (HKLM-x32\...\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}) (Version: 4.1.7 - SEIKO EPSON CORPORATION) <==== ACHTUNG SpRecord (HKLM-x32\...\SpRecord) (Version: - Sarapul Systems Ltd.) SpRecord (x32 Version: 3.97.2 - Sarapul Systems Ltd.) Hidden StarMoney (x32 Version: 5.0.1.83 - StarFinanz) Hidden StarMoney 10 (HKLM-x32\...\{702FDCD6-B6B9-4F5F-B4A3-0BD595956E71}) (Version: 10 - Star Finanz GmbH) StreamTransport version: 1.1.1.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - ) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1144 - SUPERAntiSpyware.com) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - ) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) UltraVNC 1.0.6.4 (HKLM-x32\...\Ultravnc2_is1) (Version: 1.0.6.4 - 1.0.6.4) Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - ) upCam Cyclone web view Version 6.11.1.1 (HKLM-x32\...\{846BAE33-6E34-45F1-91E4-5C7067675AAD}_is1) (Version: 6.11.1.1 - upCam) upCam Such-Tool 1.0 (HKLM-x32\...\upCam Such-Tool) (Version: 1.0 - upCam) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.0e - IDRIX) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia) Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WOL2 (HKLM-x32\...\{1F951BBA-C582-4D59-9E07-8630E6245854}) (Version: 2.0 - Marko Oette (www.oette.info)) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-675147457-2045932314-1395331145-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Helmut\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-675147457-2045932314-1395331145-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Helmut\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-675147457-2045932314-1395331145-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Helmut\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-675147457-2045932314-1395331145-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Helmut\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-675147457-2045932314-1395331145-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Helmut\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) ==================== Wiederherstellungspunkte ========================= ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2014-09-14 13:26 - 00450770 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Da befinden sich 15460 zusätzliche Einträge. ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0793975C-8AB7-4812-B6CE-5FFFBA225696} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {0BBD5CE5-1FDC-4441-BFE4-820A36C261F7} - System32\Tasks\avast! BCU UpdateS-1-5-21-675147457-2045932314-1395331145-1000 => C:\Users\Helmut\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software) Task: {11B82834-89F6-46D6-A03D-F16366D5D957} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {174BE313-2DFC-45D9-B88F-AC239EF0E675} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe Task: {22182603-6274-44A6-A7F5-6733385FF1AA} - System32\Tasks\{2A92FD34-A67A-4721-8865-9F2AA7E2ACE9} => pcalua.exe -a F:\70469.901_V4.7.25.0_08_11_20_ECOTEL_VoIP_CD\Setup.Exe -d F:\70469.901_V4.7.25.0_08_11_20_ECOTEL_VoIP_CD Task: {3D5F918E-D840-4475-BE94-57459D7769CA} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {51A5EFDF-669B-49D5-83B4-3DC6A68CF091} - System32\Tasks\NetBak-Helmut-PC-Helmut-Job1 => C:\Program Files\QNAP\NetBak\NetBak.exe Task: {57597ECA-ACE1-4941-92A9-DC1BB3604AE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {58574028-4C25-46C4-B2CF-84672F646506} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated) Task: {5EAAE80A-30CC-4322-85A3-36E7E24FE945} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-675147457-2045932314-1395331145-1000UA => C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {71A27B88-088D-4AC7-AFC0-CEF93DB92B9B} - System32\Tasks\{A13E1529-D988-41FB-86AD-9C25898BF5A3} => pcalua.exe -a C:\Auerswald\Internet-Install\jre\Version161_13\setup.exe -d C:\Auerswald\Internet-Install\jre\Version161_13 Task: {8C563486-F441-4C71-9553-B98676373750} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation) Task: {8D5C8AE1-E2AD-42F5-90D9-2BD686429C2B} - System32\Tasks\avastBCLS-1-5-21-675147457-2045932314-1395331145-1000 => C:\Users\Helmut\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2015-11-09] (AVAST Software) Task: {93EC7939-63C8-4FC2-BA9E-EDFD67BC25FC} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation) Task: {9AC95BAB-0604-4F81-B032-42D183512E7D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {AE290AE9-DD77-409D-BD4D-204458A6BEE9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {B032A9A5-FD86-4525-A22E-EC1C8912A072} - System32\Tasks\{0A8AEEB7-5D5D-4D41-9878-B91CC66FD6FD} => pcalua.exe -a C:\Windows\RaidTool\IDEDrvSetup.exe -d C:\Windows\SysWOW64 -c "PCI\VEN_197B&DEV_2363&SUBSYS_B0001458&REV_02\4&39589462&0&01E0;" Task: {B8651750-E64B-4D69-BE30-158B082E9D26} - System32\Tasks\Personal Backup W7Dneu => C:\Program Files\Personal Backup 5\Persbackup.exe [2015-10-02] (Dr. J. Rathlev, D-24222 Schwentinental) Task: {BA5450B8-16F5-4719-A11C-9DF15B16B9D8} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] () Task: {DE602939-090C-47CC-8380-A7F5C3CAB55A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-675147457-2045932314-1395331145-1000Core => C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {EA379DA0-F32A-458B-897F-EEC57B62DA50} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\WSCStub.exe [2015-09-24] (Symantec Corporation) Task: {FB58B619-D00C-49A0-B4BB-61E4E5AE8D1B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {FE7F5E96-AB31-4CFC-8FFA-D454A217EF09} - System32\Tasks\ComList => C:\Program Files (x86)\Auerswald\COMlist 2.5.2\comlist.exe [2003-07-29] () (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-675147457-2045932314-1395331145-1000Core.job => C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-675147457-2045932314-1395331145-1000UA.job => C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\NetBak-Helmut-PC-Helmut-Job1.job => C:\Program Files\QNAP\NetBak\NetBak.exe Task: C:\Windows\Tasks\Personal Backup W7Dneu.job => C:\Program Files\Personal Backup 5\Persbackup.exeID:\Eigene Dateien\Documents\PersBackup\W7Dneu.buj ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2012-11-15 21:01 - 2015-02-04 03:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-11-21 15:44 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll 2010-11-21 15:44 - 2006-02-22 10:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll 2012-01-23 20:03 - 2011-10-24 14:26 - 00101888 _____ () C:\Windows\system32\AvmSnd.dll 2008-10-13 17:44 - 2008-10-13 17:44 - 00332288 _____ () C:\DeltaCopy\rsync.exe 2015-03-17 15:21 - 2015-03-17 15:21 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe 2010-11-19 11:00 - 2010-09-07 10:46 - 00072280 _____ () C:\Windows\SysWOW64\XSrvSetup.exe 2011-09-15 12:06 - 2011-09-15 12:06 - 00088576 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2010-10-15 20:20 - 2010-10-15 20:20 - 04423168 _____ () C:\Program Files (x86)\SpRecord3\SpRecord.exe 2008-11-09 18:36 - 2008-11-09 18:36 - 01000960 _____ () C:\DeltaCopy\cygiconv-2.dll 2002-06-08 23:50 - 2002-06-08 23:50 - 00022528 _____ () C:\DeltaCopy\cygpopt-0.dll 2015-03-17 15:07 - 2015-03-17 15:07 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll 2015-03-17 15:01 - 2015-03-17 15:01 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll 2015-03-17 14:54 - 2015-03-17 14:54 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll 2015-03-17 15:07 - 2015-03-17 15:07 - 00070656 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll 2015-03-17 15:10 - 2015-03-17 15:10 - 00744448 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll 2010-11-23 15:59 - 2013-04-12 17:23 - 00612664 _____ () C:\Program Files (x86)\DVBViewer\sqlite3.dll 2015-09-22 15:54 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\PATCHW32.dll 2015-04-01 15:13 - 2015-03-28 04:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2010-11-20 00:16 - 1999-07-12 11:58 - 00100864 _____ () C:\ISDNMoni\MONINOTE.dll 2010-11-20 00:16 - 2000-07-09 21:48 - 00163840 _____ () C:\ISDNMoni\isdnm32d.dll 2011-09-22 21:20 - 2011-09-22 21:20 - 11233136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll 2013-09-12 12:52 - 2013-09-12 12:52 - 00050176 _____ () C:\jAnrufmonitor\pimcapi.dll 2010-05-07 18:35 - 2010-05-07 18:35 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2010-05-07 18:35 - 2010-05-07 18:35 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2010-05-07 18:36 - 2010-05-07 18:36 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2010-05-07 18:37 - 2010-05-07 18:37 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2010-05-07 18:37 - 2010-05-07 18:37 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2014-09-11 13:09 - 2014-09-11 13:09 - 00176168 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll 2014-09-11 13:09 - 2014-09-11 13:09 - 00043048 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll 2013-12-13 20:51 - 2015-07-13 11:41 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll 2013-12-13 20:51 - 2015-07-13 11:41 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll 2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Da befinden sich 7865 mehr Seiten. IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\123simsen.com -> www.123simsen.com Da befinden sich 7865 mehr Seiten. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-675147457-2045932314-1395331145-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Helmut\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoStart IR.lnk => C:\Windows\pss\AutoStart IR.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinTV Recording Status..lnk => C:\Windows\pss\WinTV Recording Status..lnk.CommonStartup MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\tray.exe" MSCONFIG\startupreg: Google Update => "C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe MSCONFIG\startupreg: RufiUpd.exe => C:\Program Files (x86)\RufIdent Herbst 2013\RufiUpd.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{9DB7B424-9432-434F-8E6E-6A69EAFC494A}C:\isdnmoni\isdnmo32.exe] => (Allow) C:\isdnmoni\isdnmo32.exe FirewallRules: [UDP Query User{C11030B3-E39C-41DF-ADF0-5EB2F117FEBF}C:\isdnmoni\isdnmo32.exe] => (Allow) C:\isdnmoni\isdnmo32.exe FirewallRules: [TCP Query User{151186B4-0DB5-4715-9281-49CD5AA3D0A4}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe FirewallRules: [UDP Query User{BB38B6D8-71CB-41DB-A9F1-DC0F0F5AF16E}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe FirewallRules: [TCP Query User{C7114EBD-42AA-45F7-8126-25C02C4E39F8}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe FirewallRules: [UDP Query User{E3BA29CB-7D6F-4DBE-9ECA-F27B5970AC7E}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe FirewallRules: [TCP Query User{411440D9-D9D6-47C8-9158-9AF493E83C18}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe FirewallRules: [UDP Query User{C95F064E-E84B-4AF3-B746-A5CADEC49CD3}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe FirewallRules: [{F3C1C6C2-FA8E-4617-A24A-481B3F8EE059}] => (Allow) LPort=5900 FirewallRules: [{612BE3A9-BCE7-42D1-988F-D46C6FD921C4}] => (Allow) LPort=5800 FirewallRules: [{58B4D76C-A93E-461D-89A6-0BFB2BF750B1}] => (Allow) C:\Program Files (x86)\UltraVNC\vncviewer.exe FirewallRules: [{6008EEBB-6EED-48A1-A631-9FED14D5D514}] => (Allow) C:\Program Files (x86)\UltraVNC\vncviewer.exe FirewallRules: [TCP Query User{76E8EEB3-2681-4771-8C7E-9D983B7F05BE}C:\isdnmoni\isdnmo32.exe] => (Allow) C:\isdnmoni\isdnmo32.exe FirewallRules: [UDP Query User{AD3CA104-6E38-42FF-B4CD-B3FEAA5D8A00}C:\isdnmoni\isdnmo32.exe] => (Allow) C:\isdnmoni\isdnmo32.exe FirewallRules: [TCP Query User{939E335E-5A91-424E-BAA5-3E60B2065285}C:\program files (x86)\dvbviewer\dvbviewer.exe] => (Allow) C:\program files (x86)\dvbviewer\dvbviewer.exe FirewallRules: [UDP Query User{58F0705C-059C-4160-802C-326B5F9433BF}C:\program files (x86)\dvbviewer\dvbviewer.exe] => (Allow) C:\program files (x86)\dvbviewer\dvbviewer.exe FirewallRules: [TCP Query User{258BB20D-DB95-43CB-A04E-1C11EC31CDE5}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{C73CDCC1-90F6-43DD-A1DF-5F00664BA040}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [{4EA9F990-BC16-4197-A7B8-AE7072FD7C37}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{2346F26B-7445-4656-BC3A-23571D8D1D1C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{9BFFC123-8401-4FA4-8AC8-625E082A84D7}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe FirewallRules: [{032D54B4-28A1-4D67-9BEE-55A2E4AC1BE6}] => (Allow) C:\Program Files (x86)\DVBViewer\DVBVservice.exe FirewallRules: [{4A182F06-F091-49E6-9F4C-C2202B14361A}] => (Allow) C:\Program Files (x86)\DVBViewer\DVBVservice.exe FirewallRules: [{EB57D3A1-60F3-48F3-9999-FAB1703ED1AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{D0D85447-516D-4F9F-BCA4-ED2BB01B256C}] => (Allow) G:\FSetup.exe FirewallRules: [{3D19D2B7-8576-4785-90AD-CCAFE4C0ABD1}] => (Allow) G:\FSetup.exe FirewallRules: [{84F5EC11-F0A1-4C7E-B859-F96E63512ADB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{5425E157-E5CA-489F-A1A2-889C018C08B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{4D41A65C-C5BC-4C12-BAEE-93BC345738FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{58A33661-BF12-48B7-81F4-ABD5C1F0E3A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F83E619D-BC77-4493-8022-FDA78DA5AC8B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{BC0D95EA-E9D5-4AD4-A114-F0D97DE19F99}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E6887CEC-B735-46FF-9AC1-C2A4D5722B8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{C0BE6075-76CD-4044-802C-84105321957B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{CE505B6F-A185-4B0F-AAE9-232174E48615}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{44F22FCD-0BB5-465F-8D79-073428054FF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{2EA99B18-DFA5-4E88-977C-7D913E7F08A7}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe FirewallRules: [UDP Query User{1912AF54-D971-45E1-BAD1-E0C332C631CB}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe FirewallRules: [{DEC7E2B8-6C27-4BB7-8449-04AC5698F1A5}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe FirewallRules: [{0BCB7529-B95E-4CC2-B0B1-8D3FEF24CB85}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe FirewallRules: [{1322F140-0402-4FA8-9AFD-CD4E77F8D4D8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe FirewallRules: [{A5475F78-BFBB-4267-9517-8F509181173F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe FirewallRules: [{28865D6A-5B55-4F7F-93B1-35A24B107013}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe FirewallRules: [{48B10EE9-CABB-4998-BE03-E89B812C779B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{48DD008C-3796-4793-B4A5-2A0E98BCEF06}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{C6CFAE5A-93EF-46B3-A8E2-EA2713B931F1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{8C70B444-0B60-4018-AE1D-5C976BF76470}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe FirewallRules: [{6A6F563A-0E52-43CF-9AF9-67161A8C88D5}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe FirewallRules: [{8F1A8950-8C50-4AAC-A1A7-254C912BA212}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{AB430B15-675B-4DEA-877D-CF7BD2486D14}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [TCP Query User{C67F1432-A77A-4AFC-AC49-A14F232B05A5}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{39D2A92F-F570-4695-8A1F-9EF64902F7EE}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe FirewallRules: [{F38C9858-34FC-4841-B636-68C36E21A73C}] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe FirewallRules: [{B5B57EC9-7EC6-46E6-A320-DBD082A30D36}] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe FirewallRules: [{D27BE6D0-F328-4FF4-AE42-174F140B438D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AAA04E03-C543-473B-BF5D-514A71E6ECC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{723E6AA7-46B3-45E3-B7B0-BB4A5818C610}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe FirewallRules: [{934EC0DD-C447-4132-B908-FC748D8EA6C0}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe FirewallRules: [TCP Query User{FB56497B-EDCA-4208-B869-CB0AC391884F}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{47938170-C4B8-4CBC-8A68-7AE4087E5A25}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{FADE5779-2FCA-4E1E-9FBA-CEA02C539979}] => (Allow) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{545F4EE3-D993-4B86-8748-674B0EC2E9B8}] => (Allow) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{17D0F876-3462-4008-AC5F-6B563D5BCA89}] => (Allow) C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe FirewallRules: [{6BC0A7F6-5FEA-48EF-8616-E64F9941B6A6}] => (Allow) C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe FirewallRules: [{64913466-124C-4D88-8179-2F3A51B952CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{69D5083C-F190-41B2-B122-94FB1B3A5350}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F1433A93-8D38-4110-8636-7AC0CE90A314}] => (Allow) C:\Users\Helmut\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/25/2015 10:14:16 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/25/2015 10:14:16 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/25/2015 03:45:31 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/25/2015 03:45:31 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/22/2015 02:03:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.2.19.0, Zeitstempel: 0x55e84649 Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.2.19.0, Zeitstempel: 0x55e84649 Ausnahmecode: 0x40000015 Fehleroffset: 0x000ad2a6 ID des fehlerhaften Prozesses: 0x1b20c Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0 Pfad der fehlerhaften Anwendung: mbamservice.exe1 Pfad des fehlerhaften Moduls: mbamservice.exe2 Berichtskennung: mbamservice.exe3 Error: (11/20/2015 00:54:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.2.19.0, Zeitstempel: 0x55e84649 Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.2.19.0, Zeitstempel: 0x55e84649 Ausnahmecode: 0x40000015 Fehleroffset: 0x000ad2a6 ID des fehlerhaften Prozesses: 0x19bc Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0 Pfad der fehlerhaften Anwendung: mbamservice.exe1 Pfad des fehlerhaften Moduls: mbamservice.exe2 Berichtskennung: mbamservice.exe3 Error: (11/20/2015 00:44:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.125.0, Zeitstempel: 0x5612a56b Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e Ausnahmecode: 0x40000015 Fehleroffset: 0x0008d6fd ID des fehlerhaften Prozesses: 0x3bed4 Startzeit der fehlerhaften Anwendung: 0xmbam.exe0 Pfad der fehlerhaften Anwendung: mbam.exe1 Pfad des fehlerhaften Moduls: mbam.exe2 Berichtskennung: mbam.exe3 Error: (11/20/2015 00:52:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 42.0.0.5780, Zeitstempel: 0x5632ba5c Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x3c78f8c8 ID des fehlerhaften Prozesses: 0xed2c Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (11/19/2015 09:19:33 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/19/2015 09:19:26 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Systemfehler: ============= Error: (11/25/2015 10:16:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "BlueStacks Log Rotator Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/25/2015 10:16:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "BlueStacks Android Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/25/2015 08:17:38 AM) (Source: TermDD) (EventID: 50) (User: ) Description: Die RDP-Protokollkomponente X.224 hat einen Fehler im Protokollablauf festgestellt und die Clientverbindung getrennt. Error: (11/25/2015 07:15:53 AM) (Source: TermDD) (EventID: 50) (User: ) Description: Die RDP-Protokollkomponente X.224 hat einen Fehler im Protokollablauf festgestellt und die Clientverbindung getrennt. Error: (11/25/2015 04:29:04 AM) (Source: TermDD) (EventID: 50) (User: ) Description: Die RDP-Protokollkomponente X.224 hat einen Fehler im Protokollablauf festgestellt und die Clientverbindung getrennt. Error: (11/25/2015 03:58:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (11/25/2015 03:58:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (11/25/2015 03:50:04 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Netzwerkspeicher-Schnittstellendienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (11/25/2015 03:49:04 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Dienst für Schriftartencache" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (11/25/2015 03:48:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert. CodeIntegrity: =================================== Date: 2015-10-07 13:30:05.460 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 13:30:05.427 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\LameACM.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 13:24:04.384 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 13:24:04.352 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\LameACM.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 13:00:17.688 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 13:00:17.655 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\LameACM.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 12:48:04.188 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 12:48:04.148 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\LameACM.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-04-30 13:50:21.311 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-04-30 13:50:21.273 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\LameACM.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz Prozentuale Nutzung des RAM: 45% Installierter physikalischer RAM: 8151.48 MB Verfügbarer physikalischer RAM: 4432.02 MB Summe virtueller Speicher: 15594.46 MB Verfügbarer virtueller Speicher: 11620.64 MB ==================== Laufwerke ================================ Drive c: (SSD) (Fixed) (Total:111.69 GB) (Free:3.88 GB) NTFS Drive d: (HGST_1) (Fixed) (Total:1655.27 GB) (Free:844.98 GB) NTFS Drive e: (HGST_2) (Fixed) (Total:207.74 GB) (Free:1.61 GB) NTFS Drive f: (upCam) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS Drive x: () (Network) (Total:2749.2 GB) (Free:496.07 GB) ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 98D5A4CB) Partition 1: (Not Active) - (Size=1655.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=207.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: B52EE734) Partition 1: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
![]() | #4 |
![]() ![]() | ![]() svchost.exe 4 GB grossCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-11-2015 durchgeführt von Helmut (2015-11-25 10:17:29) Gestartet von C:\Users\Helmut\Desktop Windows 7 Professional Service Pack 1 (X64) (2010-11-19 09:43:14) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-675147457-2045932314-1395331145-500 - Administrator - Enabled) => C:\Users\Administrator Gast (S-1-5-21-675147457-2045932314-1395331145-501 - Limited - Disabled) Helmut (S-1-5-21-675147457-2045932314-1395331145-1000 - Administrator - Enabled) => C:\Users\Helmut ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.19 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0919-000001000000}) (Version: 9.19.00.0 - Igor Pavlov) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden ArcSoft Codec (HKLM-x32\...\{08EE3698-AAB9-4BAD-BDF4-0BE0A9157222}) (Version: - ArcSoft) Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG) Attack Surface Analyzer (HKLM\...\{2710505A-D198-4906-8767-F869909D9FA6}) (Version: 5.3.0.0 - Microsoft Corporation) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2009021678.48.56.38284082 - Audible, Inc.) Auerswald COMlist 2.5.2 (HKLM-x32\...\{F7B74F3E-8B6C-4826-802E-B907BAAE4E4B}) (Version: 2.5.2 - Auerswald GmbH & Co.KG) Auerswald COMset 2.7.2 (HKLM-x32\...\{B1D2A138-D53E-4D3F-B547-EA2277007746}) (Version: 2.7.2 - Auerswald GmbH & Co.KG) Auerswald COMtools 2.3.2 (HKLM-x32\...\{CEDE5E8A-37C3-40C7-8F9C-7D0E70DA0C9E}) (Version: 2.3.2 - Auerswald GmbH & Co.KG) Auerswald Mult-Core Patch (HKLM-x32\...\{16F8DE17-DC0B-4D03-AF06-90AE05B3D34E}) (Version: 1.0.0 - Auerswald GmbH & Co KG) Auerswald SoftLCR 3.4.2 (HKLM-x32\...\{CD7DCE24-598D-49BF-A7AE-A019F9804A84}) (Version: 3.4.2 - Auerswald GmbH & Co.KG) AutoGreen B10.0629.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoGreen B10.0629.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden avast! Browser Cleanup (HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\avast! Browser Cleanup) (Version: 10.2.2218.80 - AVAST Software) AVM FRITZ! (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) AVM ISDN TAPI Services for CAPI (HKLM\...\AVM ISDN TAPI Services) (Version: - ) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.12.896 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{A7FC82AC-986D-48D5-8AAE-A75C1D829E0A}) (Version: 0.7.12.896 - BlueStack Systems, Inc.) bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation) DDBAC (HKLM-x32\...\{3CCF9C9E-1D71-41AB-BFF2-A118DA748CDC}) (Version: 5.3.41.0 - DataDesign) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) DeltaCopy (HKLM-x32\...\{D6E5F58F-C879-4EC1-90F7-BA31BABF10C9}) (Version: 1.40.0000 - Synametrics Technologies) DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison) DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek) DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version: - ) DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 5.5.2.0 - CM&V) DVBViewer Recording Service (HKLM-x32\...\DVBViewer Recording Service_is1) (Version: 1.9.3.0 - CM&V) DVR Configuration Tool (HKLM-x32\...\{FCEE0D0C-FF8D-4552-A6C5-67ECE0F82EF9}) (Version: 1.0.11 - Pearl Agency GmbH) Easy Drive Data Recovery (HKLM-x32\...\Easy Drive Data Recovery) (Version: 3.0 - MunSoft) Easy Tune 6 B12.1121.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden ECOTEL Service Gear (HKLM-x32\...\{423BE907-4643-476B-8C0E-44D9893A2A54}) (Version: 4.7.250 - VIERLING Communications GmbH) Elevated Installer (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version: - SEIKO EPSON Corporation) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Finanzmanager 2016 (x32 Version: 23.36.00.0179 - Haufe-Lexware GmbH & Co.KG) Hidden Finanzmanager Import Export Server 2016 (x32 Version: 23.33.00.0106 - Haufe-Lexware GmbH & Co.KG) Hidden Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.6.716 - DVDVideoSoft Ltd.) Garmin Express (HKLM-x32\...\{50755d67-ae60-4e47-b3d6-ce44d01b5a95}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden GEAR driver installer for x86 and x64 (HKLM-x32\...\{D2A0B573-BDC0-4F5B-9202-A8D9B7781664}) (Version: 4.015.1 - GEAR Software) Genymotion version 2.3.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.3.0 - Genymobile) GetDataBack for FAT (HKLM-x32\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 4.25.000 - Runtime Software) GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.25.000 - Runtime Software) Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.59.0 - GIGABYTE Technologies, Inc.) Glary Undelete 1.8.0.468 (HKLM-x32\...\Glary Undelete_is1) (Version: - Glarysoft.com) Google Chrome (HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Gpg4win (2.2.4) (HKLM-x32\...\GPG4Win) (Version: 2.2.4 - The Gpg4win Project) Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.28252 - Hauppauge Computer Works) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC) HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation) HTC Sync (HKLM-x32\...\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}) (Version: 3.2.20 - HTC Corporation) Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) jAnrufmonitor 5.0 (HKLM-x32\...\jam50) (Version: - Thilo Brandt) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) JRE 1.6.1 (HKLM-x32\...\{B256C380-AC47-4681-8342-7F42E4F0F434}) (Version: 1.6.1 - Auerswald GmbH & Co.KG) KL Tools (HKLM-x32\...\{A76AFCBF-CDB6-4060-96DD-383CFB76BAAC}) (Version: 1.3.8 - KeeLog) klickTel Telefon- und Branchenbuch Herbst 2013 (HKLM-x32\...\{5EAFCD1F-3FD2-4F01-B80C-10C602A3E529}) (Version: 1.00.0000 - telegate MEDIA AG) Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - ) Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version: - ) LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - ) Lexware Abschreibungsrechner (HKLM-x32\...\{204294E8-371C-4DFB-8162-EF5BB4FEBFE1}) (Version: 11.00.04.0001 - Haufe-Lexware GmbH & Co.KG) Lexware Elster (HKLM-x32\...\{1C227C2E-2295-4820-87B1-4B13E98E6C66}) (Version: 13.15.00.0074 - Haufe-Lexware GmbH & Co.KG) Lexware Finanzmanager Deluxe 2016 (HKLM-x32\...\{95ccff15-6bb0-4f99-b7b6-8cd650cd9df8}) (Version: 23.33.0.114 - Haufe-Lexware GmbH & Co.KG) Lexware Info Service (x32 Version: 5.00.00.0044 - Haufe-Lexware GmbH & Co.KG) Hidden Lexware Installations Dienst (x32 Version: 4.01.00.0009 - Haufe-Lexware GmbH & Co.KG) Hidden Lexware online banking (HKLM-x32\...\{BDED7C2D-BAC0-40CA-90AA-E3D23FDAC87D}) (Version: 22.02.00.0040 - Haufe-Lexware GmbH & Co.KG) Lexware Quicken Deluxe 2015 (HKLM-x32\...\{3c6b2da5-a27e-447a-a86e-5a60dd2b7eba}) (Version: 22.31.0.118 - Haufe-Lexware GmbH & Co.KG) LG Bluetooth Drivers (HKLM-x32\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics) LG PC Suite IV (HKLM-x32\...\LG PC Suite IV) (Version: 4.3.80.20121017 - LG Electronics) LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics) Logitech SetPoint 6.65 (HKLM\...\SP6) (Version: 6.65.62 - Logitech) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.) LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla) MR_Beleg (HKLM-x32\...\ST6UNST #1) (Version: - ) MR-Online (HKLM-x32\...\{353AAD49-A6C3-44B8-BAE0-4B18087E83CD}) (Version: 1.0.0 - Standardfirmenname) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) MxControlCenter (x64) Version 2.5.3 (HKLM\...\{4D780F7A-A825-45B7-8876-C1E3BD01F9D2}_is1) (Version: 2.5.3 - MOBOTIX AG) MyFreeCodec (HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\MyFreeCodec) (Version: - ) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger) Nmap 6.40 (HKLM-x32\...\Nmap) (Version: - ) Nokia Connectivity Cable Driver (HKLM-x32\...\{AF88496B-4BBA-4922-97E9-2582D3A28358}) (Version: 7.1.48.0 - Nokia) Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.2.100.0 - Nokia) Nokia Suite (x32 Version: 3.2.100.0 - Nokia) Hidden Norton 360 (HKLM-x32\...\N360) (Version: 22.5.4.24 - Symantec Corporation) Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.) Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation) NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation) NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) Oracle VM VirtualBox 4.3.22 (HKLM\...\{F053F74A-A631-4CFA-A271-6D0747599BC9}) (Version: 4.3.22 - Oracle Corporation) Palm Desktop (HKLM-x32\...\{E89D78B8-28F7-412F-8B26-C684739CBBDC}) (Version: 4.1.0410 - Palm, Inc.) PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.) PC Connectivity Solution (HKLM-x32\...\{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}) (Version: 11.5.13.0 - Nokia) PDF24 Creator 7.0.5 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Personal Backup 5.5 (HKLM\...\Personal Backup 5 (64-bit)_is1) (Version: 5.5 - J. Rathlev) Personal Backup 5.7.3.0 (HKLM\...\Personal Backup 5_is1) (Version: 5.7.3.0 - Dr. J. Rathlev) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Quicken 2015 (x32 Version: 22.39.00.0149 - Haufe-Lexware GmbH & Co.KG) Hidden Quicken DELUXE 2014 (HKLM-x32\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.37.00.0185 - Haufe-Lexware GmbH & Co.KG) Quicken HOME & BUSINESS 2012 (HKLM-x32\...\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}) (Version: 19.36.00.0165 - Haufe-Lexware GmbH & Co.KG) Quicken HOME & BUSINESS Jubiläumsversion (HKLM-x32\...\{A907A713-DA24-4352-8786-96C7A6944646}) (Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG) Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.44 - Piriform) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) RufIdent 31 (HKLM-x32\...\RufIdent 31_is1) (Version: - ) Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) Scansoft PDF Professional (x32 Version: - ) Hidden SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association) Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia) Serienfax für FRITZ!fax (HKLM-x32\...\Serienfax) (Version: - ) Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden ShortCut Autotype Application (HKLM-x32\...\ShortCut_is1) (Version: 3.6 - Andreas Viebke) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Smart Switch (x32 Version: 4.0.15104.7 - Samsung Electronics Co., Ltd.) Hidden Software Updater (HKLM-x32\...\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}) (Version: 4.1.7 - SEIKO EPSON CORPORATION) <==== ACHTUNG SpRecord (HKLM-x32\...\SpRecord) (Version: - Sarapul Systems Ltd.) SpRecord (x32 Version: 3.97.2 - Sarapul Systems Ltd.) Hidden StarMoney (x32 Version: 5.0.1.83 - StarFinanz) Hidden StarMoney 10 (HKLM-x32\...\{702FDCD6-B6B9-4F5F-B4A3-0BD595956E71}) (Version: 10 - Star Finanz GmbH) StreamTransport version: 1.1.1.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - ) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1144 - SUPERAntiSpyware.com) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - ) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) UltraVNC 1.0.6.4 (HKLM-x32\...\Ultravnc2_is1) (Version: 1.0.6.4 - 1.0.6.4) Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - ) upCam Cyclone web view Version 6.11.1.1 (HKLM-x32\...\{846BAE33-6E34-45F1-91E4-5C7067675AAD}_is1) (Version: 6.11.1.1 - upCam) upCam Such-Tool 1.0 (HKLM-x32\...\upCam Such-Tool) (Version: 1.0 - upCam) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.0e - IDRIX) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia) Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WOL2 (HKLM-x32\...\{1F951BBA-C582-4D59-9E07-8630E6245854}) (Version: 2.0 - Marko Oette (www.oette.info)) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-675147457-2045932314-1395331145-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Helmut\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-675147457-2045932314-1395331145-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Helmut\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-675147457-2045932314-1395331145-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Helmut\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-675147457-2045932314-1395331145-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Helmut\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-675147457-2045932314-1395331145-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Helmut\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) ==================== Wiederherstellungspunkte ========================= ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2014-09-14 13:26 - 00450770 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Da befinden sich 15460 zusätzliche Einträge. ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0793975C-8AB7-4812-B6CE-5FFFBA225696} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {0BBD5CE5-1FDC-4441-BFE4-820A36C261F7} - System32\Tasks\avast! BCU UpdateS-1-5-21-675147457-2045932314-1395331145-1000 => C:\Users\Helmut\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software) Task: {11B82834-89F6-46D6-A03D-F16366D5D957} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {174BE313-2DFC-45D9-B88F-AC239EF0E675} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe Task: {22182603-6274-44A6-A7F5-6733385FF1AA} - System32\Tasks\{2A92FD34-A67A-4721-8865-9F2AA7E2ACE9} => pcalua.exe -a F:\70469.901_V4.7.25.0_08_11_20_ECOTEL_VoIP_CD\Setup.Exe -d F:\70469.901_V4.7.25.0_08_11_20_ECOTEL_VoIP_CD Task: {3D5F918E-D840-4475-BE94-57459D7769CA} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {51A5EFDF-669B-49D5-83B4-3DC6A68CF091} - System32\Tasks\NetBak-Helmut-PC-Helmut-Job1 => C:\Program Files\QNAP\NetBak\NetBak.exe Task: {57597ECA-ACE1-4941-92A9-DC1BB3604AE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {58574028-4C25-46C4-B2CF-84672F646506} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated) Task: {5EAAE80A-30CC-4322-85A3-36E7E24FE945} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-675147457-2045932314-1395331145-1000UA => C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {71A27B88-088D-4AC7-AFC0-CEF93DB92B9B} - System32\Tasks\{A13E1529-D988-41FB-86AD-9C25898BF5A3} => pcalua.exe -a C:\Auerswald\Internet-Install\jre\Version161_13\setup.exe -d C:\Auerswald\Internet-Install\jre\Version161_13 Task: {8C563486-F441-4C71-9553-B98676373750} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation) Task: {8D5C8AE1-E2AD-42F5-90D9-2BD686429C2B} - System32\Tasks\avastBCLS-1-5-21-675147457-2045932314-1395331145-1000 => C:\Users\Helmut\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2015-11-09] (AVAST Software) Task: {93EC7939-63C8-4FC2-BA9E-EDFD67BC25FC} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation) Task: {9AC95BAB-0604-4F81-B032-42D183512E7D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {AE290AE9-DD77-409D-BD4D-204458A6BEE9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {B032A9A5-FD86-4525-A22E-EC1C8912A072} - System32\Tasks\{0A8AEEB7-5D5D-4D41-9878-B91CC66FD6FD} => pcalua.exe -a C:\Windows\RaidTool\IDEDrvSetup.exe -d C:\Windows\SysWOW64 -c "PCI\VEN_197B&DEV_2363&SUBSYS_B0001458&REV_02\4&39589462&0&01E0;" Task: {B8651750-E64B-4D69-BE30-158B082E9D26} - System32\Tasks\Personal Backup W7Dneu => C:\Program Files\Personal Backup 5\Persbackup.exe [2015-10-02] (Dr. J. Rathlev, D-24222 Schwentinental) Task: {BA5450B8-16F5-4719-A11C-9DF15B16B9D8} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] () Task: {DE602939-090C-47CC-8380-A7F5C3CAB55A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-675147457-2045932314-1395331145-1000Core => C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {EA379DA0-F32A-458B-897F-EEC57B62DA50} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\WSCStub.exe [2015-09-24] (Symantec Corporation) Task: {FB58B619-D00C-49A0-B4BB-61E4E5AE8D1B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {FE7F5E96-AB31-4CFC-8FFA-D454A217EF09} - System32\Tasks\ComList => C:\Program Files (x86)\Auerswald\COMlist 2.5.2\comlist.exe [2003-07-29] () (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-675147457-2045932314-1395331145-1000Core.job => C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-675147457-2045932314-1395331145-1000UA.job => C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\NetBak-Helmut-PC-Helmut-Job1.job => C:\Program Files\QNAP\NetBak\NetBak.exe Task: C:\Windows\Tasks\Personal Backup W7Dneu.job => C:\Program Files\Personal Backup 5\Persbackup.exeID:\Eigene Dateien\Documents\PersBackup\W7Dneu.buj ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2012-11-15 21:01 - 2015-02-04 03:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-11-21 15:44 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll 2010-11-21 15:44 - 2006-02-22 10:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll 2012-01-23 20:03 - 2011-10-24 14:26 - 00101888 _____ () C:\Windows\system32\AvmSnd.dll 2008-10-13 17:44 - 2008-10-13 17:44 - 00332288 _____ () C:\DeltaCopy\rsync.exe 2015-03-17 15:21 - 2015-03-17 15:21 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe 2010-11-19 11:00 - 2010-09-07 10:46 - 00072280 _____ () C:\Windows\SysWOW64\XSrvSetup.exe 2011-09-15 12:06 - 2011-09-15 12:06 - 00088576 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2010-10-15 20:20 - 2010-10-15 20:20 - 04423168 _____ () C:\Program Files (x86)\SpRecord3\SpRecord.exe 2008-11-09 18:36 - 2008-11-09 18:36 - 01000960 _____ () C:\DeltaCopy\cygiconv-2.dll 2002-06-08 23:50 - 2002-06-08 23:50 - 00022528 _____ () C:\DeltaCopy\cygpopt-0.dll 2015-03-17 15:07 - 2015-03-17 15:07 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll 2015-03-17 15:01 - 2015-03-17 15:01 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll 2015-03-17 14:54 - 2015-03-17 14:54 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll 2015-03-17 15:07 - 2015-03-17 15:07 - 00070656 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll 2015-03-17 15:10 - 2015-03-17 15:10 - 00744448 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll 2010-11-23 15:59 - 2013-04-12 17:23 - 00612664 _____ () C:\Program Files (x86)\DVBViewer\sqlite3.dll 2015-09-22 15:54 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\PATCHW32.dll 2015-04-01 15:13 - 2015-03-28 04:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2010-11-20 00:16 - 1999-07-12 11:58 - 00100864 _____ () C:\ISDNMoni\MONINOTE.dll 2010-11-20 00:16 - 2000-07-09 21:48 - 00163840 _____ () C:\ISDNMoni\isdnm32d.dll 2011-09-22 21:20 - 2011-09-22 21:20 - 11233136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll 2013-09-12 12:52 - 2013-09-12 12:52 - 00050176 _____ () C:\jAnrufmonitor\pimcapi.dll 2010-05-07 18:35 - 2010-05-07 18:35 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2010-05-07 18:35 - 2010-05-07 18:35 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2010-05-07 18:36 - 2010-05-07 18:36 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2010-05-07 18:37 - 2010-05-07 18:37 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2010-05-07 18:37 - 2010-05-07 18:37 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2014-09-11 13:09 - 2014-09-11 13:09 - 00176168 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll 2014-09-11 13:09 - 2014-09-11 13:09 - 00043048 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll 2013-12-13 20:51 - 2015-07-13 11:41 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll 2013-12-13 20:51 - 2015-07-13 11:41 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll 2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Da befinden sich 7865 mehr Seiten. IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-675147457-2045932314-1395331145-1000\...\123simsen.com -> www.123simsen.com Da befinden sich 7865 mehr Seiten. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-675147457-2045932314-1395331145-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Helmut\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoStart IR.lnk => C:\Windows\pss\AutoStart IR.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinTV Recording Status..lnk => C:\Windows\pss\WinTV Recording Status..lnk.CommonStartup MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\tray.exe" MSCONFIG\startupreg: Google Update => "C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe MSCONFIG\startupreg: RufiUpd.exe => C:\Program Files (x86)\RufIdent Herbst 2013\RufiUpd.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{9DB7B424-9432-434F-8E6E-6A69EAFC494A}C:\isdnmoni\isdnmo32.exe] => (Allow) C:\isdnmoni\isdnmo32.exe FirewallRules: [UDP Query User{C11030B3-E39C-41DF-ADF0-5EB2F117FEBF}C:\isdnmoni\isdnmo32.exe] => (Allow) C:\isdnmoni\isdnmo32.exe FirewallRules: [TCP Query User{151186B4-0DB5-4715-9281-49CD5AA3D0A4}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe FirewallRules: [UDP Query User{BB38B6D8-71CB-41DB-A9F1-DC0F0F5AF16E}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe FirewallRules: [TCP Query User{C7114EBD-42AA-45F7-8126-25C02C4E39F8}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe FirewallRules: [UDP Query User{E3BA29CB-7D6F-4DBE-9ECA-F27B5970AC7E}C:\program files (x86)\gigabyte\@bios\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\updexe.exe FirewallRules: [TCP Query User{411440D9-D9D6-47C8-9158-9AF493E83C18}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe FirewallRules: [UDP Query User{C95F064E-E84B-4AF3-B746-A5CADEC49CD3}C:\program files (x86)\gigabyte\@bios\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gbtupd.exe FirewallRules: [{F3C1C6C2-FA8E-4617-A24A-481B3F8EE059}] => (Allow) LPort=5900 FirewallRules: [{612BE3A9-BCE7-42D1-988F-D46C6FD921C4}] => (Allow) LPort=5800 FirewallRules: [{58B4D76C-A93E-461D-89A6-0BFB2BF750B1}] => (Allow) C:\Program Files (x86)\UltraVNC\vncviewer.exe FirewallRules: [{6008EEBB-6EED-48A1-A631-9FED14D5D514}] => (Allow) C:\Program Files (x86)\UltraVNC\vncviewer.exe FirewallRules: [TCP Query User{76E8EEB3-2681-4771-8C7E-9D983B7F05BE}C:\isdnmoni\isdnmo32.exe] => (Allow) C:\isdnmoni\isdnmo32.exe FirewallRules: [UDP Query User{AD3CA104-6E38-42FF-B4CD-B3FEAA5D8A00}C:\isdnmoni\isdnmo32.exe] => (Allow) C:\isdnmoni\isdnmo32.exe FirewallRules: [TCP Query User{939E335E-5A91-424E-BAA5-3E60B2065285}C:\program files (x86)\dvbviewer\dvbviewer.exe] => (Allow) C:\program files (x86)\dvbviewer\dvbviewer.exe FirewallRules: [UDP Query User{58F0705C-059C-4160-802C-326B5F9433BF}C:\program files (x86)\dvbviewer\dvbviewer.exe] => (Allow) C:\program files (x86)\dvbviewer\dvbviewer.exe FirewallRules: [TCP Query User{258BB20D-DB95-43CB-A04E-1C11EC31CDE5}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{C73CDCC1-90F6-43DD-A1DF-5F00664BA040}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [{4EA9F990-BC16-4197-A7B8-AE7072FD7C37}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{2346F26B-7445-4656-BC3A-23571D8D1D1C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{9BFFC123-8401-4FA4-8AC8-625E082A84D7}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe FirewallRules: [{032D54B4-28A1-4D67-9BEE-55A2E4AC1BE6}] => (Allow) C:\Program Files (x86)\DVBViewer\DVBVservice.exe FirewallRules: [{4A182F06-F091-49E6-9F4C-C2202B14361A}] => (Allow) C:\Program Files (x86)\DVBViewer\DVBVservice.exe FirewallRules: [{EB57D3A1-60F3-48F3-9999-FAB1703ED1AD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{D0D85447-516D-4F9F-BCA4-ED2BB01B256C}] => (Allow) G:\FSetup.exe FirewallRules: [{3D19D2B7-8576-4785-90AD-CCAFE4C0ABD1}] => (Allow) G:\FSetup.exe FirewallRules: [{84F5EC11-F0A1-4C7E-B859-F96E63512ADB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{5425E157-E5CA-489F-A1A2-889C018C08B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{4D41A65C-C5BC-4C12-BAEE-93BC345738FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{58A33661-BF12-48B7-81F4-ABD5C1F0E3A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F83E619D-BC77-4493-8022-FDA78DA5AC8B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{BC0D95EA-E9D5-4AD4-A114-F0D97DE19F99}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E6887CEC-B735-46FF-9AC1-C2A4D5722B8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{C0BE6075-76CD-4044-802C-84105321957B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{CE505B6F-A185-4B0F-AAE9-232174E48615}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{44F22FCD-0BB5-465F-8D79-073428054FF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{2EA99B18-DFA5-4E88-977C-7D913E7F08A7}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe FirewallRules: [UDP Query User{1912AF54-D971-45E1-BAD1-E0C332C631CB}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe FirewallRules: [{DEC7E2B8-6C27-4BB7-8449-04AC5698F1A5}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe FirewallRules: [{0BCB7529-B95E-4CC2-B0B1-8D3FEF24CB85}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe FirewallRules: [{1322F140-0402-4FA8-9AFD-CD4E77F8D4D8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe FirewallRules: [{A5475F78-BFBB-4267-9517-8F509181173F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe FirewallRules: [{28865D6A-5B55-4F7F-93B1-35A24B107013}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe FirewallRules: [{48B10EE9-CABB-4998-BE03-E89B812C779B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{48DD008C-3796-4793-B4A5-2A0E98BCEF06}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{C6CFAE5A-93EF-46B3-A8E2-EA2713B931F1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{8C70B444-0B60-4018-AE1D-5C976BF76470}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe FirewallRules: [{6A6F563A-0E52-43CF-9AF9-67161A8C88D5}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe FirewallRules: [{8F1A8950-8C50-4AAC-A1A7-254C912BA212}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{AB430B15-675B-4DEA-877D-CF7BD2486D14}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [TCP Query User{C67F1432-A77A-4AFC-AC49-A14F232B05A5}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{39D2A92F-F570-4695-8A1F-9EF64902F7EE}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe FirewallRules: [{F38C9858-34FC-4841-B636-68C36E21A73C}] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe FirewallRules: [{B5B57EC9-7EC6-46E6-A320-DBD082A30D36}] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe FirewallRules: [{D27BE6D0-F328-4FF4-AE42-174F140B438D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AAA04E03-C543-473B-BF5D-514A71E6ECC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{723E6AA7-46B3-45E3-B7B0-BB4A5818C610}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe FirewallRules: [{934EC0DD-C447-4132-B908-FC748D8EA6C0}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe FirewallRules: [TCP Query User{FB56497B-EDCA-4208-B869-CB0AC391884F}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{47938170-C4B8-4CBC-8A68-7AE4087E5A25}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{FADE5779-2FCA-4E1E-9FBA-CEA02C539979}] => (Allow) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{545F4EE3-D993-4B86-8748-674B0EC2E9B8}] => (Allow) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{17D0F876-3462-4008-AC5F-6B563D5BCA89}] => (Allow) C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe FirewallRules: [{6BC0A7F6-5FEA-48EF-8616-E64F9941B6A6}] => (Allow) C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe FirewallRules: [{64913466-124C-4D88-8179-2F3A51B952CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{69D5083C-F190-41B2-B122-94FB1B3A5350}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F1433A93-8D38-4110-8636-7AC0CE90A314}] => (Allow) C:\Users\Helmut\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/25/2015 10:14:16 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/25/2015 10:14:16 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/25/2015 03:45:31 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/25/2015 03:45:31 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/22/2015 02:03:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.2.19.0, Zeitstempel: 0x55e84649 Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.2.19.0, Zeitstempel: 0x55e84649 Ausnahmecode: 0x40000015 Fehleroffset: 0x000ad2a6 ID des fehlerhaften Prozesses: 0x1b20c Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0 Pfad der fehlerhaften Anwendung: mbamservice.exe1 Pfad des fehlerhaften Moduls: mbamservice.exe2 Berichtskennung: mbamservice.exe3 Error: (11/20/2015 00:54:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.2.19.0, Zeitstempel: 0x55e84649 Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.2.19.0, Zeitstempel: 0x55e84649 Ausnahmecode: 0x40000015 Fehleroffset: 0x000ad2a6 ID des fehlerhaften Prozesses: 0x19bc Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0 Pfad der fehlerhaften Anwendung: mbamservice.exe1 Pfad des fehlerhaften Moduls: mbamservice.exe2 Berichtskennung: mbamservice.exe3 Error: (11/20/2015 00:44:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.125.0, Zeitstempel: 0x5612a56b Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e Ausnahmecode: 0x40000015 Fehleroffset: 0x0008d6fd ID des fehlerhaften Prozesses: 0x3bed4 Startzeit der fehlerhaften Anwendung: 0xmbam.exe0 Pfad der fehlerhaften Anwendung: mbam.exe1 Pfad des fehlerhaften Moduls: mbam.exe2 Berichtskennung: mbam.exe3 Error: (11/20/2015 00:52:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 42.0.0.5780, Zeitstempel: 0x5632ba5c Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x3c78f8c8 ID des fehlerhaften Prozesses: 0xed2c Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (11/19/2015 09:19:33 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/19/2015 09:19:26 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Systemfehler: ============= Error: (11/25/2015 10:16:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "BlueStacks Log Rotator Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/25/2015 10:16:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "BlueStacks Android Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/25/2015 08:17:38 AM) (Source: TermDD) (EventID: 50) (User: ) Description: Die RDP-Protokollkomponente X.224 hat einen Fehler im Protokollablauf festgestellt und die Clientverbindung getrennt. Error: (11/25/2015 07:15:53 AM) (Source: TermDD) (EventID: 50) (User: ) Description: Die RDP-Protokollkomponente X.224 hat einen Fehler im Protokollablauf festgestellt und die Clientverbindung getrennt. Error: (11/25/2015 04:29:04 AM) (Source: TermDD) (EventID: 50) (User: ) Description: Die RDP-Protokollkomponente X.224 hat einen Fehler im Protokollablauf festgestellt und die Clientverbindung getrennt. Error: (11/25/2015 03:58:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (11/25/2015 03:58:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (11/25/2015 03:50:04 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Netzwerkspeicher-Schnittstellendienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (11/25/2015 03:49:04 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Dienst für Schriftartencache" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (11/25/2015 03:48:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert. CodeIntegrity: =================================== Date: 2015-10-07 13:30:05.460 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 13:30:05.427 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\LameACM.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 13:24:04.384 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 13:24:04.352 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\LameACM.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 13:00:17.688 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 13:00:17.655 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\LameACM.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 12:48:04.188 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-07 12:48:04.148 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\LameACM.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-04-30 13:50:21.311 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-04-30 13:50:21.273 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\LameACM.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz Prozentuale Nutzung des RAM: 45% Installierter physikalischer RAM: 8151.48 MB Verfügbarer physikalischer RAM: 4432.02 MB Summe virtueller Speicher: 15594.46 MB Verfügbarer virtueller Speicher: 11620.64 MB ==================== Laufwerke ================================ Drive c: (SSD) (Fixed) (Total:111.69 GB) (Free:3.88 GB) NTFS Drive d: (HGST_1) (Fixed) (Total:1655.27 GB) (Free:844.98 GB) NTFS Drive e: (HGST_2) (Fixed) (Total:207.74 GB) (Free:1.61 GB) NTFS Drive f: (upCam) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS Drive x: () (Network) (Total:2749.2 GB) (Free:496.07 GB) ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 98D5A4CB) Partition 1: (Not Active) - (Size=1655.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=207.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: B52EE734) Partition 1: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
![]() | #5 |
![]() ![]() | ![]() svchost.exe 4 GB grossCode:
ATTFilter 10:19:16.0624 0x028c TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23 10:19:24.0140 0x028c ============================================================ 10:19:24.0140 0x028c Current date / time: 2015/11/25 10:19:24.0140 10:19:24.0140 0x028c SystemInfo: 10:19:24.0140 0x028c 10:19:24.0140 0x028c OS Version: 6.1.7601 ServicePack: 1.0 10:19:24.0140 0x028c Product type: Workstation 10:19:24.0140 0x028c ComputerName: HELMUT-PC 10:19:24.0140 0x028c UserName: Helmut 10:19:24.0140 0x028c Windows directory: C:\Windows 10:19:24.0140 0x028c System windows directory: C:\Windows 10:19:24.0140 0x028c Running under WOW64 10:19:24.0140 0x028c Processor architecture: Intel x64 10:19:24.0140 0x028c Number of processors: 8 10:19:24.0140 0x028c Page size: 0x1000 10:19:24.0140 0x028c Boot type: Normal boot 10:19:24.0140 0x028c ============================================================ 10:19:25.0256 0x028c KLMD registered as C:\Windows\system32\drivers\74868639.sys 10:19:27.0469 0x028c System UUID: {72E003B5-1350-E952-BF11-D22F037AC3B2} 10:19:32.0317 0x028c Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048 10:19:32.0317 0x028c Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:19:32.0323 0x028c ============================================================ 10:19:32.0323 0x028c \Device\Harddisk0\DR0: 10:19:32.0323 0x028c MBR partitions: 10:19:32.0323 0x028c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xCEE8C000 10:19:32.0323 0x028c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCEE8C800, BlocksNum 0x19F7B000 10:19:32.0323 0x028c \Device\Harddisk1\DR1: 10:19:32.0323 0x028c MBR partitions: 10:19:32.0323 0x028c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF62000 10:19:32.0323 0x028c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 10:19:32.0323 0x028c ============================================================ 10:19:32.0325 0x028c C: <-> \Device\Harddisk1\DR1\Partition1 10:19:32.0338 0x028c D: <-> \Device\Harddisk0\DR0\Partition1 10:19:32.0362 0x028c E: <-> \Device\Harddisk0\DR0\Partition2 10:19:32.0362 0x028c ============================================================ 10:19:32.0362 0x028c Initialize success 10:19:32.0362 0x028c ============================================================ 10:20:35.0925 0x0790 ============================================================ 10:20:35.0925 0x0790 Scan started 10:20:35.0925 0x0790 Mode: Manual; SigCheck; TDLFS; 10:20:35.0925 0x0790 ============================================================ 10:20:35.0925 0x0790 KSN ping started 10:20:38.0616 0x0790 KSN ping finished: true 10:20:38.0952 0x0790 ================ Scan system memory ======================== 10:20:38.0952 0x0790 System memory - ok 10:20:38.0952 0x0790 ================ Scan services ============================= 10:20:38.0960 0x0790 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 10:20:39.0028 0x0790 !SASCORE - ok 10:20:39.0064 0x0790 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 10:20:39.0083 0x0790 1394ohci - ok 10:20:39.0093 0x0790 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 10:20:39.0110 0x0790 ACPI - ok 10:20:39.0113 0x0790 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 10:20:39.0129 0x0790 AcpiPmi - ok 10:20:39.0157 0x0790 [ F6783C115BA943407CA6A604C7013ABE, 0110BDD0F3BE312596E99F63EF55D27469B63189E09D747A5B51208B17126728 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe 10:20:39.0186 0x0790 AcrSch2Svc - ok 10:20:39.0192 0x0790 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 10:20:39.0204 0x0790 AdobeARMservice - ok 10:20:39.0226 0x0790 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 10:20:39.0240 0x0790 AdobeFlashPlayerUpdateSvc - ok 10:20:39.0253 0x0790 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 10:20:39.0272 0x0790 adp94xx - ok 10:20:39.0282 0x0790 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 10:20:39.0299 0x0790 adpahci - ok 10:20:39.0305 0x0790 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 10:20:39.0319 0x0790 adpu320 - ok 10:20:39.0324 0x0790 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 10:20:39.0338 0x0790 AeLookupSvc - ok 10:20:39.0347 0x0790 [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys 10:20:39.0376 0x0790 afcdp - ok 10:20:39.0444 0x0790 [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe 10:20:39.0513 0x0790 afcdpsrv - ok 10:20:39.0528 0x0790 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys 10:20:39.0550 0x0790 AFD - ok 10:20:39.0554 0x0790 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 10:20:39.0565 0x0790 agp440 - ok 10:20:39.0570 0x0790 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 10:20:39.0584 0x0790 ALG - ok 10:20:39.0587 0x0790 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 10:20:39.0597 0x0790 aliide - ok 10:20:39.0600 0x0790 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 10:20:39.0611 0x0790 amdide - ok 10:20:39.0614 0x0790 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 10:20:39.0628 0x0790 AmdK8 - ok 10:20:39.0631 0x0790 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 10:20:39.0645 0x0790 AmdPPM - ok 10:20:39.0649 0x0790 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 10:20:39.0662 0x0790 amdsata - ok 10:20:39.0669 0x0790 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 10:20:39.0683 0x0790 amdsbs - ok 10:20:39.0686 0x0790 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 10:20:39.0697 0x0790 amdxata - ok 10:20:39.0700 0x0790 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys 10:20:39.0713 0x0790 AppID - ok 10:20:39.0717 0x0790 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll 10:20:39.0729 0x0790 AppIDSvc - ok 10:20:39.0733 0x0790 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll 10:20:39.0746 0x0790 Appinfo - ok 10:20:39.0753 0x0790 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 10:20:39.0769 0x0790 AppMgmt - ok 10:20:39.0773 0x0790 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys 10:20:39.0785 0x0790 arc - ok 10:20:39.0790 0x0790 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 10:20:39.0802 0x0790 arcsas - ok 10:20:39.0813 0x0790 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 10:20:39.0827 0x0790 aspnet_state - ok 10:20:39.0829 0x0790 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 10:20:39.0857 0x0790 AsyncMac - ok 10:20:39.0860 0x0790 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 10:20:39.0872 0x0790 atapi - ok 10:20:39.0892 0x0790 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 10:20:39.0918 0x0790 AudioEndpointBuilder - ok 10:20:39.0938 0x0790 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 10:20:39.0964 0x0790 AudioSrv - ok 10:20:39.0969 0x0790 [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN C:\Windows\system32\DRIVERS\AVMCOWAN.sys 10:20:39.0987 0x0790 AVMCOWAN - ok 10:20:39.0991 0x0790 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 10:20:40.0009 0x0790 AxInstSV - ok 10:20:40.0021 0x0790 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 10:20:40.0042 0x0790 b06bdrv - ok 10:20:40.0050 0x0790 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 10:20:40.0068 0x0790 b57nd60a - ok 10:20:40.0074 0x0790 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 10:20:40.0088 0x0790 BDESVC - ok 10:20:40.0091 0x0790 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 10:20:40.0118 0x0790 Beep - ok 10:20:40.0135 0x0790 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 10:20:40.0161 0x0790 BFE - ok 10:20:40.0199 0x0790 [ 9CF4428D09C73B6F633AF9E58B835689, 173D1A8A3E1B1CA6D0E4773B048B8B6549A8124E87942992BDE30211BEFFBE20 ] BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20151113.001\BHDrvx64.sys 10:20:40.0241 0x0790 BHDrvx64 - ok 10:20:40.0263 0x0790 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 10:20:40.0309 0x0790 BITS - ok 10:20:40.0313 0x0790 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 10:20:40.0326 0x0790 blbdrive - ok 10:20:40.0336 0x0790 [ C7D6DC684E722D041FCD84ACC4FAACB1, 348821B1001AFE77592D7AD1CF4FF53B39964BF1E994DF411EC604F8A17251EE ] Bonjour Service C:\Program Files (x86)\Mobotix\Services\mDNSResponder.exe 10:20:40.0347 0x0790 Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 ) 10:20:43.0033 0x0790 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning 10:20:45.0763 0x0790 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 10:20:45.0778 0x0790 bowser - ok 10:20:45.0781 0x0790 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 10:20:45.0796 0x0790 BrFiltLo - ok 10:20:45.0798 0x0790 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 10:20:45.0813 0x0790 BrFiltUp - ok 10:20:45.0818 0x0790 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 10:20:45.0834 0x0790 Browser - ok 10:20:45.0843 0x0790 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 10:20:45.0863 0x0790 Brserid - ok 10:20:45.0866 0x0790 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 10:20:45.0882 0x0790 BrSerWdm - ok 10:20:45.0885 0x0790 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 10:20:45.0900 0x0790 BrUsbMdm - ok 10:20:45.0902 0x0790 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 10:20:45.0915 0x0790 BrUsbSer - ok 10:20:45.0927 0x0790 [ 424BC9745D52CD5501214C01379378CA, 820B7557B88804F31FEFBC9213CA6CCAC59A6CEEFF875A135143007826A0515B ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe 10:20:45.0944 0x0790 BstHdAndroidSvc - ok 10:20:45.0948 0x0790 [ BFBE9220934B215AA46CDCBB6B6A1F73, D8C23C3B7198BFEA7AF6F1D662517C1F44D0DBE7764DB46985CF4EBA83577545 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys 10:20:45.0958 0x0790 BstHdDrv - ok 10:20:45.0969 0x0790 [ 339F2B3DB5AD322DD507F26CA26D586E, 5CD313278842CC492D360C20DA3510E77E20C6F9EC26A1D86CF896D276486001 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe 10:20:45.0985 0x0790 BstHdLogRotatorSvc - ok 10:20:45.0989 0x0790 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 10:20:46.0005 0x0790 BTHMODEM - ok 10:20:46.0010 0x0790 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 10:20:46.0038 0x0790 bthserv - ok 10:20:46.0045 0x0790 [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1605040.018\ccSetx64.sys 10:20:46.0059 0x0790 ccSet_N360 - ok 10:20:46.0063 0x0790 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 10:20:46.0091 0x0790 cdfs - ok 10:20:46.0097 0x0790 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 10:20:46.0112 0x0790 cdrom - ok 10:20:46.0116 0x0790 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 10:20:46.0144 0x0790 CertPropSvc - ok 10:20:46.0147 0x0790 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 10:20:46.0162 0x0790 circlass - ok 10:20:46.0172 0x0790 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 10:20:46.0190 0x0790 CLFS - ok 10:20:46.0196 0x0790 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:20:46.0208 0x0790 clr_optimization_v2.0.50727_32 - ok 10:20:46.0214 0x0790 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 10:20:46.0227 0x0790 clr_optimization_v2.0.50727_64 - ok 10:20:46.0235 0x0790 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 10:20:46.0249 0x0790 clr_optimization_v4.0.30319_32 - ok 10:20:46.0254 0x0790 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 10:20:46.0268 0x0790 clr_optimization_v4.0.30319_64 - ok 10:20:46.0271 0x0790 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 10:20:46.0283 0x0790 CmBatt - ok 10:20:46.0286 0x0790 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 10:20:46.0297 0x0790 cmdide - ok 10:20:46.0309 0x0790 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys 10:20:46.0333 0x0790 CNG - ok 10:20:46.0336 0x0790 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 10:20:46.0347 0x0790 Compbatt - ok 10:20:46.0351 0x0790 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 10:20:46.0365 0x0790 CompositeBus - ok 10:20:46.0367 0x0790 COMSysApp - ok 10:20:46.0371 0x0790 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 10:20:46.0382 0x0790 crcdisk - ok 10:20:46.0389 0x0790 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll 10:20:46.0404 0x0790 CryptSvc - ok 10:20:46.0418 0x0790 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 10:20:46.0439 0x0790 CSC - ok 10:20:46.0456 0x0790 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 10:20:46.0481 0x0790 CscService - ok 10:20:46.0496 0x0790 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 10:20:46.0532 0x0790 DcomLaunch - ok 10:20:46.0541 0x0790 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 10:20:46.0573 0x0790 defragsvc - ok 10:20:46.0592 0x0790 [ E194E4AB98713922AD7D89F5424842E2, 3D7C8D74DCAE08B647F3BC4DF7F4667A2526C82CC0448D1DA5470ECCE5C5C933 ] DeltaCopyService C:\DeltaCopy\DCServce.exe 10:20:46.0609 0x0790 DeltaCopyService - detected UnsignedFile.Multi.Generic ( 1 ) 10:20:49.0243 0x0790 Detect skipped due to KSN trusted 10:20:49.0243 0x0790 DeltaCopyService - ok 10:20:49.0247 0x0790 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 10:20:49.0275 0x0790 DfsC - ok 10:20:49.0277 0x0790 dgderdrv - ok 10:20:49.0283 0x0790 [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 10:20:49.0295 0x0790 dg_ssudbus - ok 10:20:49.0304 0x0790 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 10:20:49.0322 0x0790 Dhcp - ok 10:20:49.0355 0x0790 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll 10:20:49.0392 0x0790 DiagTrack - ok 10:20:49.0402 0x0790 [ FAECEE424C28211DF229805B093B0274, F208CCC083A2716A8DFA7576717B0B65969966EC391FE9A54C5764E91B49E9C9 ] DirMngr C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe 10:20:49.0410 0x0790 DirMngr - detected UnsignedFile.Multi.Generic ( 1 ) 10:20:52.0055 0x0790 Detect skipped due to KSN trusted 10:20:52.0055 0x0790 DirMngr - ok 10:20:52.0059 0x0790 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 10:20:52.0087 0x0790 discache - ok 10:20:52.0091 0x0790 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys 10:20:52.0103 0x0790 Disk - ok 10:20:52.0109 0x0790 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 10:20:52.0124 0x0790 Dnscache - ok 10:20:52.0132 0x0790 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 10:20:52.0163 0x0790 dot3svc - ok 10:20:52.0170 0x0790 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 10:20:52.0199 0x0790 DPS - ok 10:20:52.0201 0x0790 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 10:20:52.0214 0x0790 drmkaud - ok 10:20:52.0216 0x0790 [ D52EEB224DF107AAD9059597F0EB95CC, 40BE0E795CE981AB287FE93C509ED7FB11519B9A5173C7AC67D1EFB3E766859D ] DslMNLwf C:\Windows\system32\DRIVERS\dslmnlwf.sys 10:20:52.0226 0x0790 DslMNLwf - ok 10:20:52.0245 0x0790 [ 0BD3A330E57A8AD37451BAB8DE434267, 54F32E3E14648153200F9C6CEB15C0026B907FF452F1396FEBE812EC06932C2F ] DVBVRecorder C:\Program Files (x86)\DVBViewer\DVBVservice.exe 10:20:52.0263 0x0790 DVBVRecorder - detected UnsignedFile.Multi.Generic ( 1 ) 10:20:54.0929 0x0790 DVBVRecorder ( UnsignedFile.Multi.Generic ) - warning 10:20:54.0929 0x0790 Force sending object to P2P due to detect: DVBVRecorder 10:20:57.0726 0x0790 Object send P2P result: true 10:21:00.0416 0x0790 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 10:21:00.0445 0x0790 DXGKrnl - ok 10:21:00.0451 0x0790 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 10:21:00.0481 0x0790 EapHost - ok 10:21:00.0614 0x0790 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 10:21:00.0689 0x0790 ebdrv - ok 10:21:00.0705 0x0790 [ DB817375F4D6D3F2556DE7777775D885, 6DC5CC936E26CBB468ACDD008F6F8B30F8D9D1EC631BCDDF7E692814C9A54D7D ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 10:21:00.0725 0x0790 eeCtrl - ok 10:21:00.0729 0x0790 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe 10:21:00.0741 0x0790 EFS - ok 10:21:00.0745 0x0790 [ A8F6C4FC2EE29946B4DB09889907DF54, 25974CEF1DF8410A9417C6D7BE4C56369998864DC44AA863FBAA8107D1E0BC44 ] ElRawDisk C:\Windows\system32\drivers\ffs64.sys 10:21:00.0752 0x0790 ElRawDisk - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:03.0426 0x0790 ElRawDisk ( UnsignedFile.Multi.Generic ) - warning 10:21:06.0108 0x0790 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 10:21:06.0129 0x0790 elxstor - ok 10:21:06.0135 0x0790 [ A47F76D4AAFD6193AAC5E049C560213D, 2B6E4EB31394C4D8D2444A197FFCC3C702BC17B0F7BDF0D6FF87DF5C14016FC1 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 10:21:06.0149 0x0790 EraserUtilRebootDrv - ok 10:21:06.0152 0x0790 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 10:21:06.0164 0x0790 ErrDev - ok 10:21:06.0168 0x0790 [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv C:\Windows\etdrv.sys 10:21:06.0177 0x0790 etdrv - ok 10:21:06.0189 0x0790 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 10:21:06.0223 0x0790 EventSystem - ok 10:21:06.0230 0x0790 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 10:21:06.0260 0x0790 exfat - ok 10:21:06.0267 0x0790 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 10:21:06.0297 0x0790 fastfat - ok 10:21:06.0315 0x0790 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 10:21:06.0340 0x0790 Fax - ok 10:21:06.0343 0x0790 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys 10:21:06.0356 0x0790 fdc - ok 10:21:06.0359 0x0790 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 10:21:06.0386 0x0790 fdPHost - ok 10:21:06.0389 0x0790 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 10:21:06.0416 0x0790 FDResPub - ok 10:21:06.0420 0x0790 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 10:21:06.0433 0x0790 FileInfo - ok 10:21:06.0436 0x0790 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 10:21:06.0465 0x0790 Filetrace - ok 10:21:06.0468 0x0790 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 10:21:06.0481 0x0790 flpydisk - ok 10:21:06.0490 0x0790 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 10:21:06.0507 0x0790 FltMgr - ok 10:21:06.0534 0x0790 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll 10:21:06.0570 0x0790 FontCache - ok 10:21:06.0574 0x0790 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 10:21:06.0586 0x0790 FontCache3.0.0.0 - ok 10:21:06.0608 0x0790 [ CE7593C10A04D08F9B043890216F5728, 21E4AD5643BCDCB811E49C74F682672032A603078EDD80DE6E37249C9A005407 ] FPCIBASE C:\Windows\system32\DRIVERS\fpcibase.sys 10:21:06.0638 0x0790 FPCIBASE - ok 10:21:06.0643 0x0790 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 10:21:06.0654 0x0790 FsDepends - ok 10:21:06.0657 0x0790 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 10:21:06.0669 0x0790 Fs_Rec - ok 10:21:06.0674 0x0790 [ 13799CB7521A39724FFDEA2E5D9C8305, 14FDF6273CEAD3E4E391F538D0FF4E3E258FC34B1B1074C73B72961E640377E0 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys 10:21:06.0685 0x0790 FTDIBUS - ok 10:21:06.0692 0x0790 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 10:21:06.0708 0x0790 fvevol - ok 10:21:06.0712 0x0790 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 10:21:06.0724 0x0790 gagp30kx - ok 10:21:06.0742 0x0790 [ 805DAC448BEBDA900BF5520AB27D9616, C0A2935C75EC4B3D860E68ABAE6756D6D4B31BA9AFD742FF9C0B6ED11BEFD163 ] Garmin Device Interaction Service C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe 10:21:06.0765 0x0790 Garmin Device Interaction Service - ok 10:21:06.0768 0x0790 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys 10:21:06.0777 0x0790 gdrv - ok 10:21:06.0780 0x0790 [ AF4DEE5531395DEE72B35B36C9671FD0, 73427DEDB185BCF927C3C5B091B95ADE84A33EC198643C71E673FE3967E291EE ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 10:21:06.0790 0x0790 GEARAspiWDM - ok 10:21:06.0818 0x0790 [ EBF714703106C1D5BC3E7B4C389A5828, D09472BCF71B58CF8F463131AD778F4D2E189047EE6B9AF088BCDE7B25398682 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 10:21:06.0849 0x0790 GfExperienceService - ok 10:21:06.0869 0x0790 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 10:21:06.0910 0x0790 gpsvc - ok 10:21:06.0917 0x0790 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 10:21:06.0929 0x0790 gupdate - ok 10:21:06.0935 0x0790 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 10:21:06.0945 0x0790 gupdatem - ok 10:21:06.0949 0x0790 [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys 10:21:06.0959 0x0790 GVTDrv64 - ok 10:21:06.0974 0x0790 [ 247BED840038AA24224987862B4E9E8A, CC626E10EADBD131013E88872ECA4109F0373C67D8EF207F6E465703D2C42EA1 ] HauppaugeTVServer C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE 10:21:06.0988 0x0790 HauppaugeTVServer - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:09.0638 0x0790 Detect skipped due to KSN trusted 10:21:09.0638 0x0790 HauppaugeTVServer - ok 10:21:09.0680 0x0790 [ FE0782F11D7CA7E9A51DE79A5B68BBA5, 93DE16019D895A6C9E0CDC4C8365112CB586679794EB4D4D1AD283F4C24DEBCC ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys 10:21:09.0726 0x0790 HCW85BDA - ok 10:21:09.0731 0x0790 [ AE0672A892BDFACCFFBC88EF9D4AA9EA, F80459CF3E82C976B1355B26FCDB9A5EC6AA637CF6AA20ABFAF6EB4B7BD6C38A ] hcw85cir C:\Windows\system32\drivers\hcw85cir3.sys 10:21:09.0742 0x0790 hcw85cir - ok 10:21:09.0753 0x0790 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 10:21:09.0774 0x0790 HdAudAddService - ok 10:21:09.0779 0x0790 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 10:21:09.0795 0x0790 HDAudBus - ok 10:21:09.0799 0x0790 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 10:21:09.0809 0x0790 HECIx64 - ok 10:21:09.0812 0x0790 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 10:21:09.0825 0x0790 HidBatt - ok 10:21:09.0830 0x0790 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 10:21:09.0845 0x0790 HidBth - ok 10:21:09.0849 0x0790 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 10:21:09.0864 0x0790 HidIr - ok 10:21:09.0867 0x0790 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 10:21:09.0895 0x0790 hidserv - ok 10:21:09.0898 0x0790 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 10:21:09.0910 0x0790 HidUsb - ok 10:21:09.0915 0x0790 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 10:21:09.0943 0x0790 hkmsvc - ok 10:21:09.0950 0x0790 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 10:21:09.0967 0x0790 HomeGroupListener - ok 10:21:09.0973 0x0790 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 10:21:09.0990 0x0790 HomeGroupProvider - ok 10:21:09.0994 0x0790 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 10:21:10.0006 0x0790 HpSAMD - ok 10:21:10.0011 0x0790 [ 1878A79551F2EDAE7EBD110AAE6D33AD, 1F409360B44AEB3A6023E953EAB350FFB3EB8322F589E2422AB312288B33A2DA ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe 10:21:10.0022 0x0790 HPSupportSolutionsFrameworkService - ok 10:21:10.0025 0x0790 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys 10:21:10.0038 0x0790 HTCAND64 - ok 10:21:10.0042 0x0790 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys 10:21:10.0052 0x0790 htcnprot - ok 10:21:10.0070 0x0790 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 10:21:10.0096 0x0790 HTTP - ok 10:21:10.0099 0x0790 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 10:21:10.0111 0x0790 hwpolicy - ok 10:21:10.0115 0x0790 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 10:21:10.0129 0x0790 i8042prt - ok 10:21:10.0141 0x0790 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 10:21:10.0159 0x0790 iaStorV - ok 10:21:10.0165 0x0790 [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 10:21:10.0172 0x0790 ICCS - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:12.0806 0x0790 Detect skipped due to KSN trusted 10:21:12.0806 0x0790 ICCS - ok 10:21:12.0810 0x0790 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 10:21:12.0816 0x0790 IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:15.0451 0x0790 Detect skipped due to KSN trusted 10:21:15.0451 0x0790 IDriverT - ok 10:21:15.0472 0x0790 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 10:21:15.0499 0x0790 idsvc - ok 10:21:15.0519 0x0790 [ 3448DB2B812AA873ED6E5D609B1DB067, E0F9B35FE59713C09BD838FAD5305DF5FDF24DF1D88F8849F7F88466CF93A7F7 ] IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20151124.001\IDSvia64.sys 10:21:15.0543 0x0790 IDSVia64 - ok 10:21:15.0546 0x0790 IEEtwCollectorService - ok 10:21:15.0549 0x0790 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 10:21:15.0561 0x0790 iirsp - ok 10:21:15.0583 0x0790 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 10:21:15.0611 0x0790 IKEEXT - ok 10:21:15.0667 0x0790 [ E8017F1662D9142F45CEAB694D013C00, 75EE9DF292C4D980B9461ABEB8810D22DD57EBBAD5A37FE7B046CBAD419EE9E0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 10:21:15.0721 0x0790 IntcAzAudAddService - ok 10:21:15.0726 0x0790 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 10:21:15.0737 0x0790 intelide - ok 10:21:15.0741 0x0790 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 10:21:15.0754 0x0790 intelppm - ok 10:21:15.0759 0x0790 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 10:21:15.0788 0x0790 IPBusEnum - ok 10:21:15.0792 0x0790 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:21:15.0819 0x0790 IpFilterDriver - ok 10:21:15.0833 0x0790 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 10:21:15.0856 0x0790 iphlpsvc - ok 10:21:15.0861 0x0790 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 10:21:15.0874 0x0790 IPMIDRV - ok 10:21:15.0879 0x0790 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 10:21:15.0908 0x0790 IPNAT - ok 10:21:15.0911 0x0790 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 10:21:15.0926 0x0790 IRENUM - ok 10:21:15.0929 0x0790 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 10:21:15.0940 0x0790 isapnp - ok 10:21:15.0952 0x0790 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 10:21:15.0967 0x0790 iScsiPrt - ok 10:21:15.0971 0x0790 [ 8BAECD09CF6DABB25C0C1BD262E0F7F7, B16A0BB2882B65FA8339BADB847EBF4800DD0166FEBEB21A8BC79DA8F9058157 ] JabraDFU C:\Windows\system32\Drivers\JabraMobileCsrDfuX64.sys 10:21:15.0980 0x0790 JabraDFU - ok 10:21:15.0997 0x0790 [ 0D2DA1C6D8ED85F51E3758EAE22455F2, 73DC4CA53C84287B55410582C26F93AC9064C176B134809E8C2D9C86737E8343 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe 10:21:16.0008 0x0790 JMB36X - ok 10:21:16.0013 0x0790 [ 50DE7DD7EDB1B512B13666588AEFBF6F, 47FFBA2CA40718614C5A43C2D231B46C22E96221B9EFD8BD4C2D355412811DF4 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys 10:21:16.0023 0x0790 JRAID - ok 10:21:16.0026 0x0790 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 10:21:16.0038 0x0790 kbdclass - ok 10:21:16.0041 0x0790 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 10:21:16.0054 0x0790 kbdhid - ok 10:21:16.0056 0x0790 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe 10:21:16.0069 0x0790 KeyIso - ok 10:21:16.0073 0x0790 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 10:21:16.0086 0x0790 KSecDD - ok 10:21:16.0091 0x0790 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 10:21:16.0105 0x0790 KSecPkg - ok 10:21:16.0108 0x0790 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 10:21:16.0135 0x0790 ksthunk - ok 10:21:16.0145 0x0790 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 10:21:16.0179 0x0790 KtmRm - ok 10:21:16.0187 0x0790 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 10:21:16.0218 0x0790 LanmanServer - ok 10:21:16.0223 0x0790 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 10:21:16.0252 0x0790 LanmanWorkstation - ok 10:21:16.0263 0x0790 [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 10:21:16.0279 0x0790 LBTServ - ok 10:21:16.0285 0x0790 [ 91EFE53FB930B8C9C95EE622E4D30295, E91808F63214A510D88F55551EF152DD2264C3FF2800C0EA63225A139E311E3E ] Lexware_Update_Service C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe 10:21:16.0296 0x0790 Lexware_Update_Service - ok 10:21:16.0299 0x0790 [ 174803F2EEA3B22165DFE0E5A1F20685, 165EEF66706F38B78C338FD86AF4B25F83B6819024A25E9E646BC8B84682D59E ] LgBttPort C:\Windows\system32\DRIVERS\lgbtpt64.sys 10:21:16.0312 0x0790 LgBttPort - ok 10:21:16.0314 0x0790 [ 565F93BB7C0361E61B3DAEA670C354D6, E11C466C73BC46A1E56ACDB046BF7801949E8B9D9C617086172A134966BC3974 ] lgbusenum C:\Windows\system32\DRIVERS\lgbtbs64.sys 10:21:16.0326 0x0790 lgbusenum - ok 10:21:16.0329 0x0790 [ ABF477857B7CED873362EC92C6CE10A7, 08FC44EFACBF147EAF8AD5C4EC7977401A7EA3A184924A5803ECC7E74B405F04 ] LGVMODEM C:\Windows\system32\DRIVERS\lgvmdm64.sys 10:21:16.0341 0x0790 LGVMODEM - ok 10:21:16.0345 0x0790 [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 10:21:16.0357 0x0790 LHidFilt - ok 10:21:16.0361 0x0790 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 10:21:16.0390 0x0790 lltdio - ok 10:21:16.0399 0x0790 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 10:21:16.0433 0x0790 lltdsvc - ok 10:21:16.0436 0x0790 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 10:21:16.0465 0x0790 lmhosts - ok 10:21:16.0469 0x0790 [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 10:21:16.0479 0x0790 LMouFilt - ok 10:21:16.0487 0x0790 [ E38775922D4A4C05B5D96733AB4CE169, 92888BF351C4249C81189CA7F25419077017DD2F1F88FD91D1F4A51CEBF98A62 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 10:21:16.0500 0x0790 LMS - ok 10:21:16.0506 0x0790 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 10:21:16.0519 0x0790 LSI_FC - ok 10:21:16.0524 0x0790 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 10:21:16.0536 0x0790 LSI_SAS - ok 10:21:16.0540 0x0790 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 10:21:16.0552 0x0790 LSI_SAS2 - ok 10:21:16.0556 0x0790 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 10:21:16.0569 0x0790 LSI_SCSI - ok 10:21:16.0574 0x0790 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 10:21:16.0603 0x0790 luafv - ok 10:21:16.0606 0x0790 [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys 10:21:16.0615 0x0790 LVPr2M64 - ok 10:21:16.0619 0x0790 [ B3944D06EB4B64D57BD7E5FE89415F58, D6A4D17A887F54EEB6138909D10CD708582B10A51F1094275F53C9FFC2447F5F ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys 10:21:16.0628 0x0790 LVPr2Mon - ok 10:21:16.0637 0x0790 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 10:21:16.0653 0x0790 LVRS64 - ok 10:21:16.0753 0x0790 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 10:21:16.0855 0x0790 LVUVC64 - ok 10:21:16.0864 0x0790 [ 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849, 80E571FEE4373E4AF487176C9265FB89912739E961C47880A60115BD50638AEA ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys 10:21:16.0875 0x0790 mbamchameleon - ok 10:21:16.0878 0x0790 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 10:21:16.0888 0x0790 MBAMProtector - ok 10:21:16.0921 0x0790 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 10:21:16.0959 0x0790 MBAMScheduler - ok 10:21:16.0986 0x0790 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 10:21:17.0015 0x0790 MBAMService - ok 10:21:17.0023 0x0790 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys 10:21:17.0035 0x0790 MBAMSwissArmy - ok 10:21:17.0040 0x0790 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 10:21:17.0050 0x0790 MBAMWebAccessControl - ok 10:21:17.0053 0x0790 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 10:21:17.0064 0x0790 megasas - ok 10:21:17.0072 0x0790 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 10:21:17.0089 0x0790 MegaSR - ok 10:21:17.0093 0x0790 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 10:21:17.0122 0x0790 MMCSS - ok 10:21:17.0125 0x0790 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 10:21:17.0152 0x0790 Modem - ok 10:21:17.0156 0x0790 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 10:21:17.0170 0x0790 monitor - ok 10:21:17.0173 0x0790 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 10:21:17.0185 0x0790 mouclass - ok 10:21:17.0188 0x0790 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 10:21:17.0201 0x0790 mouhid - ok 10:21:17.0205 0x0790 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 10:21:17.0217 0x0790 mountmgr - ok 10:21:17.0223 0x0790 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 10:21:17.0236 0x0790 MozillaMaintenance - ok 10:21:17.0242 0x0790 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 10:21:17.0255 0x0790 mpio - ok 10:21:17.0260 0x0790 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 10:21:17.0289 0x0790 mpsdrv - ok 10:21:17.0309 0x0790 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 10:21:17.0352 0x0790 MpsSvc - ok 10:21:17.0358 0x0790 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 10:21:17.0374 0x0790 MRxDAV - ok 10:21:17.0380 0x0790 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 10:21:17.0396 0x0790 mrxsmb - ok 10:21:17.0405 0x0790 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:21:17.0423 0x0790 mrxsmb10 - ok 10:21:17.0429 0x0790 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:21:17.0443 0x0790 mrxsmb20 - ok 10:21:17.0447 0x0790 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 10:21:17.0458 0x0790 msahci - ok 10:21:17.0463 0x0790 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 10:21:17.0476 0x0790 msdsm - ok 10:21:17.0482 0x0790 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 10:21:17.0498 0x0790 MSDTC - ok 10:21:17.0503 0x0790 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 10:21:17.0530 0x0790 Msfs - ok 10:21:17.0533 0x0790 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 10:21:17.0559 0x0790 mshidkmdf - ok 10:21:17.0562 0x0790 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 10:21:17.0573 0x0790 msisadrv - ok 10:21:17.0579 0x0790 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 10:21:17.0609 0x0790 MSiSCSI - ok 10:21:17.0611 0x0790 msiserver - ok 10:21:17.0614 0x0790 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 10:21:17.0641 0x0790 MSKSSRV - ok 10:21:17.0643 0x0790 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 10:21:17.0670 0x0790 MSPCLOCK - ok 10:21:17.0672 0x0790 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 10:21:17.0700 0x0790 MSPQM - ok 10:21:17.0710 0x0790 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 10:21:17.0729 0x0790 MsRPC - ok 10:21:17.0733 0x0790 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 10:21:17.0744 0x0790 mssmbios - ok 10:21:17.0747 0x0790 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 10:21:17.0774 0x0790 MSTEE - ok 10:21:17.0776 0x0790 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 10:21:17.0789 0x0790 MTConfig - ok 10:21:17.0793 0x0790 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 10:21:17.0805 0x0790 Mup - ok 10:21:17.0816 0x0790 [ 86E6E661C3B5FB6BF8E01D94864650F0, D651484002E911F98E55428593F8080FB40A9F0EB11445B1A9986A4F07E76782 ] N360 C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\N360.exe 10:21:17.0830 0x0790 N360 - ok 10:21:17.0843 0x0790 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 10:21:17.0879 0x0790 napagent - ok 10:21:17.0888 0x0790 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 10:21:17.0909 0x0790 NativeWifiP - ok 10:21:17.0915 0x0790 [ FE7B38240E86075E6BC5953496B5C2F1, 13CBDCFD5E63A49D6E66D9EBA701037F014EEED9BBFE8588CE2968A35FF2E16E ] NAVENG C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20151124.021\ENG64.SYS 10:21:17.0928 0x0790 NAVENG - ok 10:21:17.0975 0x0790 [ C002FA84570CA35F704ACF0AC4A5EAB0, E4246631E5D7AFD31CE642157A9102CB0DDE5B5051D08C3A5EA736CB3C99C6D9 ] NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20151124.021\EX64.SYS 10:21:18.0025 0x0790 NAVEX15 - ok 10:21:18.0049 0x0790 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys 10:21:18.0078 0x0790 NDIS - ok 10:21:18.0082 0x0790 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 10:21:18.0109 0x0790 NdisCap - ok 10:21:18.0112 0x0790 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 10:21:18.0139 0x0790 NdisTapi - ok 10:21:18.0143 0x0790 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 10:21:18.0170 0x0790 Ndisuio - ok 10:21:18.0176 0x0790 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 10:21:18.0205 0x0790 NdisWan - ok 10:21:18.0209 0x0790 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 10:21:18.0236 0x0790 NDProxy - ok 10:21:18.0241 0x0790 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 10:21:18.0247 0x0790 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:20.0885 0x0790 Detect skipped due to KSN trusted 10:21:20.0885 0x0790 Net Driver HPZ12 - ok 10:21:20.0888 0x0790 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 10:21:20.0916 0x0790 NetBIOS - ok 10:21:20.0924 0x0790 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 10:21:20.0954 0x0790 NetBT - ok 10:21:20.0957 0x0790 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe 10:21:20.0970 0x0790 Netlogon - ok 10:21:20.0980 0x0790 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 10:21:21.0014 0x0790 Netman - ok 10:21:21.0023 0x0790 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:21:21.0037 0x0790 NetMsmqActivator - ok 10:21:21.0042 0x0790 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:21:21.0057 0x0790 NetPipeActivator - ok 10:21:21.0069 0x0790 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 10:21:21.0105 0x0790 netprofm - ok 10:21:21.0110 0x0790 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:21:21.0124 0x0790 NetTcpActivator - ok 10:21:21.0129 0x0790 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:21:21.0144 0x0790 NetTcpPortSharing - ok 10:21:21.0147 0x0790 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 10:21:21.0159 0x0790 nfrd960 - ok 10:21:21.0168 0x0790 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 10:21:21.0186 0x0790 NlaSvc - ok 10:21:21.0189 0x0790 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2, 7A3FA5B779CBBED46CA81328951B71352E4FC60153A91965877834EC7C6F0074 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys 10:21:21.0209 0x0790 nmwcd - ok 10:21:21.0212 0x0790 [ 41C1AC1F3613435EB32D67BCB80A5FA5, 93A313BC4A7FA2FC3372CFBF2D76F417007B4A82455092724D3B0B6FA5A88F23 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys 10:21:21.0232 0x0790 nmwcdc - ok 10:21:21.0236 0x0790 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF C:\Windows\system32\drivers\npf.sys 10:21:21.0246 0x0790 NPF - ok 10:21:21.0249 0x0790 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 10:21:21.0278 0x0790 Npfs - ok 10:21:21.0281 0x0790 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 10:21:21.0310 0x0790 nsi - ok 10:21:21.0313 0x0790 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 10:21:21.0341 0x0790 nsiproxy - ok 10:21:21.0379 0x0790 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 10:21:21.0428 0x0790 Ntfs - ok 10:21:21.0432 0x0790 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 10:21:21.0459 0x0790 Null - ok 10:21:21.0464 0x0790 [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 10:21:21.0474 0x0790 nusb3hub - ok 10:21:21.0481 0x0790 [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 10:21:21.0493 0x0790 nusb3xhc - ok 10:21:21.0500 0x0790 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 10:21:21.0514 0x0790 NVHDA - ok 10:21:21.0773 0x0790 [ 5D89C0070BC2643117CF33D0367AFABA, C245E0C0DB6665B6226B4D188F620272C175F0FEA63617ECA45B4FA86273E20C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 10:21:22.0027 0x0790 nvlddmkm - ok 10:21:22.0078 0x0790 [ F758A5752CA282925CE3324FDBBADBED, E9DE21AE4509BC401FE7BD717E1585BDEAF2E016A4DC8BB829DD43F54101923F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 10:21:22.0122 0x0790 NvNetworkService - ok 10:21:22.0129 0x0790 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 10:21:22.0143 0x0790 nvraid - ok 10:21:22.0148 0x0790 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 10:21:22.0162 0x0790 nvstor - ok 10:21:22.0166 0x0790 [ 0772513BF441995A61A6C6F87BE12174, 308203FACAAFC87AA18765F0F358ADF5F99D0CAA9ADE51C14C43416FAB68FA18 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 10:21:22.0175 0x0790 NvStreamKms - ok 10:21:22.0177 0x0790 NvStreamSvc - ok 10:21:22.0201 0x0790 [ C5647FB500C2A1F946B77C953528042D, E0A53D158B2141EBBE6762165154B4DE9524E6BD3AD7247B6D25AC96E0A34AA0 ] NVSvc C:\Windows\system32\nvvsvc.exe 10:21:22.0228 0x0790 NVSvc - ok 10:21:22.0233 0x0790 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys 10:21:22.0244 0x0790 nvvad_WaveExtensible - ok 10:21:22.0248 0x0790 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 10:21:22.0262 0x0790 nv_agp - ok 10:21:22.0275 0x0790 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 10:21:22.0293 0x0790 odserv - ok 10:21:22.0298 0x0790 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 10:21:22.0312 0x0790 ohci1394 - ok 10:21:22.0317 0x0790 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 10:21:22.0330 0x0790 ose - ok 10:21:22.0340 0x0790 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 10:21:22.0360 0x0790 p2pimsvc - ok 10:21:22.0373 0x0790 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 10:21:22.0394 0x0790 p2psvc - ok 10:21:22.0398 0x0790 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys 10:21:22.0412 0x0790 Parport - ok 10:21:22.0416 0x0790 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 10:21:22.0428 0x0790 partmgr - ok 10:21:22.0433 0x0790 [ 39B9DCD7040654C2E57D7396736C718E, 70A637A955A2611E5ADA31FDD4B1D7EEECFBC22504A770DA71B502E160AEDAFD ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 10:21:22.0438 0x0790 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:23.0115 0x0da0 Object required for P2P: [ 86E6E661C3B5FB6BF8E01D94864650F0 ] N360 10:21:25.0152 0x0790 Detect skipped due to KSN trusted 10:21:25.0152 0x0790 PassThru Service - ok 10:21:25.0159 0x0790 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 10:21:25.0176 0x0790 PcaSvc - ok 10:21:25.0181 0x0790 [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 10:21:25.0193 0x0790 pccsmcfd - ok 10:21:25.0200 0x0790 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 10:21:25.0215 0x0790 pci - ok 10:21:25.0217 0x0790 [ B0B1F1F117B9AA14ECE9DF979176520F, FA59D95935639AF910C07874B962D0B66E252C5BA66D5A387B87916EB9F0EEE6 ] PciDumpr C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys 10:21:25.0221 0x0790 PciDumpr - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:25.0854 0x0da0 Object send P2P result: true 10:21:27.0865 0x0790 Detect skipped due to KSN trusted 10:21:27.0865 0x0790 PciDumpr - ok 10:21:27.0868 0x0790 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 10:21:27.0879 0x0790 pciide - ok 10:21:27.0887 0x0790 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 10:21:27.0902 0x0790 pcmcia - ok 10:21:27.0905 0x0790 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 10:21:27.0917 0x0790 pcw - ok 10:21:27.0926 0x0790 [ 7CADB4ABAE72390951886CF259791F5F, 9A0F4113F4E09911A44843F31E8C7047EEA39611AB490A4CF16FAE9D95310076 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe 10:21:27.0938 0x0790 PDFProFiltSrvPP - ok 10:21:27.0954 0x0790 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 10:21:27.0978 0x0790 PEAUTH - ok 10:21:28.0010 0x0790 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 10:21:28.0048 0x0790 PeerDistSvc - ok 10:21:28.0067 0x0790 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 10:21:28.0081 0x0790 PerfHost - ok 10:21:28.0115 0x0790 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 10:21:28.0169 0x0790 pla - ok 10:21:28.0181 0x0790 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 10:21:28.0203 0x0790 PlugPlay - ok 10:21:28.0208 0x0790 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 10:21:28.0214 0x0790 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:30.0847 0x0790 Detect skipped due to KSN trusted 10:21:30.0847 0x0790 Pml Driver HPZ12 - ok 10:21:30.0850 0x0790 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 10:21:30.0865 0x0790 PNRPAutoReg - ok 10:21:30.0874 0x0790 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 10:21:30.0892 0x0790 PNRPsvc - ok 10:21:30.0906 0x0790 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 10:21:30.0941 0x0790 PolicyAgent - ok 10:21:30.0984 0x0790 [ C58AE9881CD83BB1662A7E062E11CBD6, 80969EC975C15718DC14136B7E1533FFD3E1530E1A1F6B1411ED3EE0F55016E6 ] PORTMON D:\Downloads\Win 7\SysinternalsSuite\PORTMSYS.SYS 10:21:30.0989 0x0790 PORTMON - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:33.0666 0x0790 Detect skipped due to KSN trusted 10:21:33.0666 0x0790 PORTMON - ok 10:21:33.0673 0x0790 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 10:21:33.0705 0x0790 Power - ok 10:21:33.0710 0x0790 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 10:21:33.0738 0x0790 PptpMiniport - ok 10:21:33.0742 0x0790 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys 10:21:33.0756 0x0790 Processor - ok 10:21:33.0765 0x0790 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 10:21:33.0781 0x0790 ProfSvc - ok 10:21:33.0784 0x0790 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe 10:21:33.0797 0x0790 ProtectedStorage - ok 10:21:33.0803 0x0790 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 10:21:33.0832 0x0790 Psched - ok 10:21:33.0835 0x0790 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys 10:21:33.0845 0x0790 PSI - ok 10:21:33.0851 0x0790 QDrive - ok 10:21:33.0884 0x0790 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 10:21:33.0923 0x0790 ql2300 - ok 10:21:33.0930 0x0790 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 10:21:33.0943 0x0790 ql40xx - ok 10:21:33.0950 0x0790 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 10:21:33.0971 0x0790 QWAVE - ok 10:21:33.0974 0x0790 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 10:21:33.0990 0x0790 QWAVEdrv - ok 10:21:33.0992 0x0790 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 10:21:34.0020 0x0790 RasAcd - ok 10:21:34.0025 0x0790 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 10:21:34.0054 0x0790 RasAgileVpn - ok 10:21:34.0058 0x0790 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 10:21:34.0090 0x0790 RasAuto - ok 10:21:34.0095 0x0790 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 10:21:34.0125 0x0790 Rasl2tp - ok 10:21:34.0135 0x0790 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 10:21:34.0170 0x0790 RasMan - ok 10:21:34.0174 0x0790 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 10:21:34.0203 0x0790 RasPppoe - ok 10:21:34.0207 0x0790 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 10:21:34.0235 0x0790 RasSstp - ok 10:21:34.0244 0x0790 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 10:21:34.0276 0x0790 rdbss - ok 10:21:34.0279 0x0790 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 10:21:34.0293 0x0790 rdpbus - ok 10:21:34.0295 0x0790 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 10:21:34.0322 0x0790 RDPCDD - ok 10:21:34.0329 0x0790 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 10:21:34.0344 0x0790 RDPDR - ok 10:21:34.0347 0x0790 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 10:21:34.0374 0x0790 RDPENCDD - ok 10:21:34.0377 0x0790 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 10:21:34.0404 0x0790 RDPREFMP - ok 10:21:34.0409 0x0790 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 10:21:34.0421 0x0790 RdpVideoMiniport - ok 10:21:34.0428 0x0790 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 10:21:34.0446 0x0790 RDPWD - ok 10:21:34.0453 0x0790 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 10:21:34.0467 0x0790 rdyboost - ok 10:21:34.0472 0x0790 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 10:21:34.0501 0x0790 RemoteAccess - ok 10:21:34.0507 0x0790 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 10:21:34.0538 0x0790 RemoteRegistry - ok 10:21:34.0543 0x0790 [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe 10:21:34.0553 0x0790 rpcapd - ok 10:21:34.0557 0x0790 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 10:21:34.0586 0x0790 RpcEptMapper - ok 10:21:34.0589 0x0790 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 10:21:34.0602 0x0790 RpcLocator - ok 10:21:34.0616 0x0790 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 10:21:34.0653 0x0790 RpcSs - ok 10:21:34.0658 0x0790 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 10:21:34.0686 0x0790 rspndr - ok 10:21:34.0696 0x0790 [ 4FBDA07EF0A3097CE14C5CABF723B278, 6F1E21362F0057E9C6A180D9189AEB51761F4C019A6835E50E4AD19ED1F58FE6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 10:21:34.0712 0x0790 RTL8167 - ok 10:21:34.0715 0x0790 [ 2B38C905492F36FE42B59DA52D6B4EB7, 966AA4E15A4BB079E91C1900AB2B565DC0BEFCDCBFD49CDD480CE9348BFCB73B ] RtNdPt60 C:\Windows\system32\DRIVERS\RtNdPt60.sys 10:21:34.0726 0x0790 RtNdPt60 - ok 10:21:34.0729 0x0790 [ 8B6B42D782202363A562F82B0E13B1C0, 760A4F4F9448BA3175857451EB2B7372E105A987B047A66C69FBAC9117144A42 ] RTVLANPT C:\Windows\system32\DRIVERS\RtVlan60.sys 10:21:34.0740 0x0790 RTVLANPT - ok 10:21:34.0742 0x0790 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 10:21:34.0754 0x0790 s3cap - ok 10:21:34.0757 0x0790 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe 10:21:34.0770 0x0790 SamSs - ok 10:21:34.0782 0x0790 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 10:21:34.0791 0x0790 SASDIFSV - ok 10:21:34.0794 0x0790 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 10:21:34.0803 0x0790 SASKUTIL - ok 10:21:34.0807 0x0790 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 10:21:34.0820 0x0790 sbp2port - ok 10:21:34.0827 0x0790 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 10:21:34.0858 0x0790 SCardSvr - ok 10:21:34.0861 0x0790 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 10:21:34.0888 0x0790 scfilter - ok 10:21:34.0914 0x0790 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 10:21:34.0948 0x0790 Schedule - ok 10:21:34.0953 0x0790 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 10:21:34.0981 0x0790 SCPolicySvc - ok 10:21:34.0987 0x0790 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 10:21:35.0005 0x0790 SDRSVC - ok 10:21:35.0010 0x0790 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 10:21:35.0026 0x0790 secdrv - ok 10:21:35.0029 0x0790 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 10:21:35.0058 0x0790 seclogon - ok 10:21:35.0086 0x0790 [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe 10:21:35.0119 0x0790 Secunia PSI Agent - ok 10:21:35.0136 0x0790 [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] |
![]() | #6 |
![]() ![]() | ![]() svchost.exe 4 GB gross und der Rest von Log: Code:
ATTFilter Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe 10:21:35.0158 0x0790 Secunia Update Agent - ok 10:21:35.0163 0x0790 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 10:21:35.0192 0x0790 SENS - ok 10:21:35.0195 0x0790 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 10:21:35.0208 0x0790 SensrSvc - ok 10:21:35.0211 0x0790 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 10:21:35.0223 0x0790 Serenum - ok 10:21:35.0228 0x0790 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 10:21:35.0242 0x0790 Serial - ok 10:21:35.0245 0x0790 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 10:21:35.0258 0x0790 sermouse - ok 10:21:35.0276 0x0790 [ 668043F192AB9659761A349A4703600D, 44443E477A38913C6973817C06C25A776574F2C0F9F52609F070BAFA836EBE2E ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 10:21:35.0299 0x0790 ServiceLayer - ok 10:21:35.0308 0x0790 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 10:21:35.0337 0x0790 SessionEnv - ok 10:21:35.0340 0x0790 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 10:21:35.0354 0x0790 sffdisk - ok 10:21:35.0357 0x0790 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 10:21:35.0371 0x0790 sffp_mmc - ok 10:21:35.0373 0x0790 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 10:21:35.0387 0x0790 sffp_sd - ok 10:21:35.0390 0x0790 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 10:21:35.0403 0x0790 sfloppy - ok 10:21:35.0413 0x0790 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 10:21:35.0447 0x0790 SharedAccess - ok 10:21:35.0458 0x0790 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 10:21:35.0491 0x0790 ShellHWDetection - ok 10:21:35.0495 0x0790 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 10:21:35.0506 0x0790 SiSRaid2 - ok 10:21:35.0510 0x0790 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 10:21:35.0522 0x0790 SiSRaid4 - ok 10:21:35.0532 0x0790 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 10:21:35.0550 0x0790 SkypeUpdate - ok 10:21:35.0555 0x0790 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 10:21:35.0583 0x0790 Smb - ok 10:21:35.0594 0x0790 [ 10450F432811D7FDA60A97FCC674D7B2, FD6245B06DD81C6E287DA47173D622357D86D84E3A5444CD34645973FE2E8BF5 ] snapman C:\Windows\system32\DRIVERS\snapman.sys 10:21:35.0607 0x0790 snapman - ok 10:21:35.0610 0x0790 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 10:21:35.0624 0x0790 SNMPTRAP - ok 10:21:35.0627 0x0790 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 10:21:35.0638 0x0790 spldr - ok 10:21:35.0652 0x0790 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 10:21:35.0676 0x0790 Spooler - ok 10:21:35.0751 0x0790 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 10:21:35.0843 0x0790 sppsvc - ok 10:21:35.0850 0x0790 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 10:21:35.0879 0x0790 sppuinotify - ok 10:21:35.0971 0x0790 [ 46FC99DECF394F35CAA7065148424232, 40936A2A9241ED3A8D80C6AB5EA47D5F75CDCFE569A1ECD78F9064AED7914D61 ] SpRecordService C:\Program Files (x86)\SpRecord3\SpRecord.exe 10:21:36.0061 0x0790 SpRecordService - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:38.0723 0x0790 SpRecordService ( UnsignedFile.Multi.Generic ) - warning 10:21:38.0723 0x0790 Force sending object to P2P due to detect: SpRecordService 10:21:41.0485 0x0790 Object send P2P result: true 10:21:44.0206 0x0790 [ A76BC8BBB5DC1DDDE610B3FFC203272B, 8C2EB5C04948CAAEEF0864F3427D895706869D3BC6209AB61019446D4A0A8AC7 ] srdbService C:\Program Files (x86)\SpRecord3\srdbServ.exe 10:21:44.0266 0x0790 srdbService - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:46.0990 0x0790 srdbService ( UnsignedFile.Multi.Generic ) - warning 10:21:46.0990 0x0790 Force sending object to P2P due to detect: srdbService 10:21:49.0788 0x0790 Object send P2P result: true 10:21:52.0475 0x0790 [ BFA32A566B958EF5A1D6383F3CB03AA2, BD899DE3815C88F825C3D93AA8AA43C178626F43E4B14C107A91C68155D64F71 ] SRTSP C:\Windows\System32\Drivers\N360x64\1605040.018\SRTSP64.SYS 10:21:52.0503 0x0790 SRTSP - ok 10:21:52.0507 0x0790 [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX C:\Windows\system32\drivers\N360x64\1605040.018\SRTSPX64.SYS 10:21:52.0518 0x0790 SRTSPX - ok 10:21:52.0531 0x0790 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 10:21:52.0551 0x0790 srv - ok 10:21:52.0563 0x0790 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 10:21:52.0582 0x0790 srv2 - ok 10:21:52.0588 0x0790 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 10:21:52.0603 0x0790 srvnet - ok 10:21:52.0610 0x0790 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 10:21:52.0641 0x0790 SSDPSRV - ok 10:21:52.0646 0x0790 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 10:21:52.0675 0x0790 SstpSvc - ok 10:21:52.0681 0x0790 [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 10:21:52.0695 0x0790 ssudmdm - ok 10:21:52.0714 0x0790 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe 10:21:52.0737 0x0790 ss_conn_service - ok 10:21:52.0756 0x0790 [ 0A21F4F24F41EE0F8B56C58A2DE1C03C, E10509296D217040C610397884D1552B73CF134EB7BABCADD85A065710D27AC8 ] StarMoney 10 OnlineUpdate C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe 10:21:52.0779 0x0790 StarMoney 10 OnlineUpdate - ok 10:21:52.0791 0x0790 [ 32B37DD6E7D423DF3CF3B196C8005F85, 5989DD72AB03009625D5A49CC05D7955D07E3A933AEB292882F22928C5D60565 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 10:21:52.0808 0x0790 Stereo Service - ok 10:21:52.0812 0x0790 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 10:21:52.0824 0x0790 stexstor - ok 10:21:52.0827 0x0790 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 10:21:52.0840 0x0790 StillCam - ok 10:21:52.0856 0x0790 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 10:21:52.0884 0x0790 stisvc - ok 10:21:52.0888 0x0790 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 10:21:52.0900 0x0790 storflt - ok 10:21:52.0903 0x0790 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll 10:21:52.0916 0x0790 StorSvc - ok 10:21:52.0919 0x0790 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 10:21:52.0930 0x0790 storvsc - ok 10:21:52.0933 0x0790 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 10:21:52.0944 0x0790 swenum - ok 10:21:52.0957 0x0790 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 10:21:52.0994 0x0790 swprv - ok 10:21:53.0032 0x0790 [ C9EC22D5B3C6B32A7C8B4A73870A7379, BA530C64FDE63D9A4023BB9E667497D5248B2910BC1A214B592318CC64034735 ] SymEFASI C:\Windows\system32\drivers\N360x64\1605040.018\SYMEFASI64.SYS 10:21:53.0073 0x0790 SymEFASI - ok 10:21:53.0079 0x0790 [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 10:21:53.0092 0x0790 SymEvent - ok 10:21:53.0101 0x0790 [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON C:\Windows\system32\drivers\N360x64\1605040.018\Ironx64.SYS 10:21:53.0116 0x0790 SymIRON - ok 10:21:53.0131 0x0790 [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS C:\Windows\System32\Drivers\N360x64\1605040.018\SYMNETS.SYS 10:21:53.0152 0x0790 SymNetS - ok 10:21:53.0190 0x0790 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 10:21:53.0236 0x0790 SysMain - ok 10:21:53.0242 0x0790 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 10:21:53.0260 0x0790 TabletInputService - ok 10:21:53.0269 0x0790 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 10:21:53.0302 0x0790 TapiSrv - ok 10:21:53.0306 0x0790 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 10:21:53.0335 0x0790 TBS - ok 10:21:53.0376 0x0790 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 10:21:53.0422 0x0790 Tcpip - ok 10:21:53.0466 0x0790 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 10:21:53.0511 0x0790 TCPIP6 - ok 10:21:53.0517 0x0790 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 10:21:53.0530 0x0790 tcpipreg - ok 10:21:53.0534 0x0790 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 10:21:53.0547 0x0790 TDPIPE - ok 10:21:53.0576 0x0790 [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys 10:21:53.0608 0x0790 tdrpman273 - ok 10:21:53.0618 0x0790 [ 1226A953D4FDBDFD570DA5CEE66EAA55, 640922152493057519198A55373A82CD1C7DCF0C219F4ECE7D2C30363FFA1E86 ] TDslMgrService C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe 10:21:53.0627 0x0790 TDslMgrService - detected UnsignedFile.Multi.Generic ( 1 ) 10:21:56.0287 0x0790 Detect skipped due to KSN trusted 10:21:56.0287 0x0790 TDslMgrService - ok 10:21:56.0290 0x0790 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 10:21:56.0303 0x0790 TDTCP - ok 10:21:56.0307 0x0790 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 10:21:56.0321 0x0790 tdx - ok 10:21:56.0325 0x0790 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 10:21:56.0337 0x0790 TermDD - ok 10:21:56.0354 0x0790 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 10:21:56.0380 0x0790 TermService - ok 10:21:56.0383 0x0790 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 10:21:56.0400 0x0790 Themes - ok 10:21:56.0404 0x0790 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 10:21:56.0432 0x0790 THREADORDER - ok 10:21:56.0456 0x0790 [ EBBAEA02F0095A798000C7E06B16D41B, CBEAC6CBF0F8D5B72ACCBADA6BD1DF1EB31F84B0D973DA955337991D4DBBDF7E ] timounter C:\Windows\system32\DRIVERS\timntr.sys 10:21:56.0482 0x0790 timounter - ok 10:21:56.0488 0x0790 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 10:21:56.0518 0x0790 TrkWks - ok 10:21:56.0525 0x0790 [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys 10:21:56.0539 0x0790 truecrypt - ok 10:21:56.0546 0x0790 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 10:21:56.0575 0x0790 TrustedInstaller - ok 10:21:56.0580 0x0790 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 10:21:56.0592 0x0790 tssecsrv - ok 10:21:56.0596 0x0790 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 10:21:56.0609 0x0790 TsUsbFlt - ok 10:21:56.0614 0x0790 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 10:21:56.0642 0x0790 tunnel - ok 10:21:56.0646 0x0790 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 10:21:56.0658 0x0790 uagp35 - ok 10:21:56.0667 0x0790 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 10:21:56.0700 0x0790 udfs - ok 10:21:56.0706 0x0790 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 10:21:56.0721 0x0790 UI0Detect - ok 10:21:56.0725 0x0790 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 10:21:56.0738 0x0790 uliagpkx - ok 10:21:56.0742 0x0790 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 10:21:56.0756 0x0790 umbus - ok 10:21:56.0759 0x0790 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 10:21:56.0773 0x0790 UmPass - ok 10:21:56.0780 0x0790 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 10:21:56.0798 0x0790 UmRdpService - ok 10:21:56.0848 0x0790 [ 02C298382359653BEC4C737C2AB7F9C5, 44F285478591DAD476B7FDF5F15A78C76FE3FB207408D1C665ACD54B758EAC1B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 10:21:56.0900 0x0790 UNS - ok 10:21:56.0911 0x0790 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 10:21:56.0946 0x0790 upnphost - ok 10:21:56.0949 0x0790 [ 4E93C8496359E97830C75AC36393654D, D0482257B019512D77484D92E4DEFEFE4FED53CB440ACB7AA879D6FD0574FA9A ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 10:21:56.0968 0x0790 upperdev - ok 10:21:56.0973 0x0790 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 10:21:56.0987 0x0790 usbaudio - ok 10:21:56.0990 0x0790 [ C85B8247FADD432FA54FE11667C8D97D, 93129EBBADB3CCADA1B7E9193C965A2AE7CF64A7950FCA93BF077164E62D0F90 ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys 10:21:57.0001 0x0790 usbbus - ok 10:21:57.0006 0x0790 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 10:21:57.0020 0x0790 usbccgp - ok 10:21:57.0024 0x0790 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 10:21:57.0038 0x0790 usbcir - ok 10:21:57.0042 0x0790 [ D8CDC12F5429878F23DDB3785A0FDF95, 4662923D6532E95401BF9A57D695C1210121E9C2D23E29C279CEFEAEB9F010A3 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys 10:21:57.0053 0x0790 UsbDiag - ok 10:21:57.0056 0x0790 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 10:21:57.0069 0x0790 usbehci - ok 10:21:57.0079 0x0790 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 10:21:57.0097 0x0790 usbhub - ok 10:21:57.0101 0x0790 [ 79FA7A22B0F6F0082F640CBC82A00FCE, F1EA2E9161CB5842A9DB4B77DF6D67BCD13EF26A3795190C46004582A30C727D ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys 10:21:57.0112 0x0790 USBModem - ok 10:21:57.0115 0x0790 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 10:21:57.0127 0x0790 usbohci - ok 10:21:57.0130 0x0790 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 10:21:57.0144 0x0790 usbprint - ok 10:21:57.0148 0x0790 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys 10:21:57.0160 0x0790 usbser - ok 10:21:57.0163 0x0790 [ 8844CB19A37B65E27049D4A7786726A9, 4D772174A320F02E2F87BDF8C6EBBFDE04C9763D3C21FE9557DE938521508A59 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 10:21:57.0182 0x0790 UsbserFilt - ok 10:21:57.0187 0x0790 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:21:57.0200 0x0790 USBSTOR - ok 10:21:57.0204 0x0790 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 10:21:57.0216 0x0790 usbuhci - ok 10:21:57.0219 0x0790 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 10:21:57.0248 0x0790 UxSms - ok 10:21:57.0251 0x0790 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe 10:21:57.0263 0x0790 VaultSvc - ok 10:21:57.0285 0x0790 [ 7D99F5F96DB4A5789C7A6B8BBC8AED95, 911251CD3418079905790DDF2404DC0DE537DBBBEE7F993CE8E1FC3A003F6180 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys 10:21:57.0312 0x0790 VBoxDrv - ok 10:21:57.0319 0x0790 [ 0239B3849DE58C1D13F79D2B2BFA780F, FC31F00727D1AD603DE439236278CF7584CF3A783CAB4F938F3F3FD9005A2903 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 10:21:57.0331 0x0790 VBoxNetAdp - ok 10:21:57.0338 0x0790 [ 4485FDDC62FD8582D23C9603CA4B603D, 015221150052B40150D3DAD4375234C58B1E97329D4829B031D22FD4E74892E4 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys 10:21:57.0350 0x0790 VBoxNetFlt - ok 10:21:57.0356 0x0790 [ 3447B8DC38D7E53E8C4BBA8270B5B9E8, 175DE2B17CA7A1542A743DEDECD5D420C1B030B5726B9368D61E62DE86DF49E8 ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys 10:21:57.0368 0x0790 VBoxUSB - ok 10:21:57.0373 0x0790 [ EC2DFAD046DEB5E92E1BA4D366B6B9EE, E48BEFECD2CF2C9CF946E4B3AEE41B98AA1FB4D240A9F62A6978B9E1E476E42D ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys 10:21:57.0384 0x0790 VBoxUSBMon - ok 10:21:57.0388 0x0790 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 10:21:57.0399 0x0790 vdrvroot - ok 10:21:57.0413 0x0790 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 10:21:57.0450 0x0790 vds - ok 10:21:57.0457 0x0790 [ CF87B9F10D2BF47EBBAF92D5C6245843, 16761D1F81F5EB5A8FE790624BBE7CA828EB10609E3DEF9A991F1D85917EE6D9 ] veracrypt C:\Windows\system32\drivers\veracrypt.sys 10:21:57.0470 0x0790 veracrypt - ok 10:21:57.0473 0x0790 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 10:21:57.0488 0x0790 vga - ok 10:21:57.0491 0x0790 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 10:21:57.0518 0x0790 VgaSave - ok 10:21:57.0525 0x0790 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 10:21:57.0539 0x0790 vhdmp - ok 10:21:57.0542 0x0790 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 10:21:57.0553 0x0790 viaide - ok 10:21:57.0556 0x0790 [ 8B6B42D782202363A562F82B0E13B1C0, 760A4F4F9448BA3175857451EB2B7372E105A987B047A66C69FBAC9117144A42 ] VLAN C:\Windows\system32\DRIVERS\RtVLAN60.sys 10:21:57.0567 0x0790 VLAN - ok 10:21:57.0573 0x0790 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 10:21:57.0588 0x0790 vmbus - ok 10:21:57.0591 0x0790 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 10:21:57.0603 0x0790 VMBusHID - ok 10:21:57.0607 0x0790 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 10:21:57.0619 0x0790 volmgr - ok 10:21:57.0629 0x0790 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 10:21:57.0647 0x0790 volmgrx - ok 10:21:57.0655 0x0790 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 10:21:57.0673 0x0790 volsnap - ok 10:21:57.0679 0x0790 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 10:21:57.0693 0x0790 vsmraid - ok 10:21:57.0728 0x0790 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 10:21:57.0786 0x0790 VSS - ok 10:21:57.0790 0x0790 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 10:21:57.0806 0x0790 vwifibus - ok 10:21:57.0816 0x0790 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 10:21:57.0851 0x0790 W32Time - ok 10:21:57.0856 0x0790 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 10:21:57.0868 0x0790 WacomPen - ok 10:21:57.0873 0x0790 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 10:21:57.0901 0x0790 WANARP - ok 10:21:57.0904 0x0790 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 10:21:57.0932 0x0790 Wanarpv6 - ok 10:21:57.0965 0x0790 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 10:21:58.0006 0x0790 wbengine - ok 10:21:58.0014 0x0790 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 10:21:58.0033 0x0790 WbioSrvc - ok 10:21:58.0043 0x0790 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 10:21:58.0067 0x0790 wcncsvc - ok 10:21:58.0071 0x0790 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 10:21:58.0084 0x0790 WcsPlugInService - ok 10:21:58.0087 0x0790 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys 10:21:58.0098 0x0790 Wd - ok 10:21:58.0117 0x0790 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 10:21:58.0144 0x0790 Wdf01000 - ok 10:21:58.0149 0x0790 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 10:21:58.0163 0x0790 WdiServiceHost - ok 10:21:58.0167 0x0790 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 10:21:58.0181 0x0790 WdiSystemHost - ok 10:21:58.0189 0x0790 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll 10:21:58.0207 0x0790 WebClient - ok 10:21:58.0214 0x0790 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 10:21:58.0247 0x0790 Wecsvc - ok 10:21:58.0251 0x0790 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 10:21:58.0280 0x0790 wercplsupport - ok 10:21:58.0285 0x0790 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 10:21:58.0314 0x0790 WerSvc - ok 10:21:58.0317 0x0790 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 10:21:58.0344 0x0790 WfpLwf - ok 10:21:58.0347 0x0790 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 10:21:58.0358 0x0790 WIMMount - ok 10:21:58.0360 0x0790 WinDefend - ok 10:21:58.0364 0x0790 WinHttpAutoProxySvc - ok 10:21:58.0374 0x0790 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 10:21:58.0406 0x0790 Winmgmt - ok 10:21:58.0450 0x0790 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 10:21:58.0501 0x0790 WinRM - ok 10:21:58.0509 0x0790 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys 10:21:58.0523 0x0790 WinUsb - ok 10:21:58.0545 0x0790 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 10:21:58.0577 0x0790 Wlansvc - ok 10:21:58.0628 0x0790 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 10:21:58.0681 0x0790 wlidsvc - ok 10:21:58.0686 0x0790 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 10:21:58.0700 0x0790 WmiAcpi - ok 10:21:58.0708 0x0790 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 10:21:58.0726 0x0790 wmiApSrv - ok 10:21:58.0729 0x0790 WMPNetworkSvc - ok 10:21:58.0734 0x0790 [ D3A42115767C18685AD5E11CD7119237, B811E5E48863A270F24306B186DDFE6B5312047FB2DEA7888C19AF15D9CBAD9C ] wovad_micarray C:\Windows\system32\drivers\womic.sys 10:21:58.0740 0x0790 wovad_micarray - detected UnsignedFile.Multi.Generic ( 1 ) 10:22:01.0411 0x0790 wovad_micarray ( UnsignedFile.Multi.Generic ) - warning 10:22:04.0094 0x0790 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 10:22:04.0108 0x0790 WPCSvc - ok 10:22:04.0113 0x0790 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 10:22:04.0130 0x0790 WPDBusEnum - ok 10:22:04.0133 0x0790 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 10:22:04.0160 0x0790 ws2ifsl - ok 10:22:04.0164 0x0790 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 10:22:04.0182 0x0790 wscsvc - ok 10:22:04.0186 0x0790 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 10:22:04.0201 0x0790 WSDPrintDevice - ok 10:22:04.0204 0x0790 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 10:22:04.0216 0x0790 WSDScan - ok 10:22:04.0218 0x0790 WSearch - ok 10:22:04.0275 0x0790 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll 10:22:04.0337 0x0790 wuauserv - ok 10:22:04.0343 0x0790 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 10:22:04.0357 0x0790 WudfPf - ok 10:22:04.0364 0x0790 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 10:22:04.0380 0x0790 WUDFRd - ok 10:22:04.0385 0x0790 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 10:22:04.0399 0x0790 wudfsvc - ok 10:22:04.0407 0x0790 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 10:22:04.0424 0x0790 WwanSvc - ok 10:22:04.0428 0x0790 ================ Scan global =============================== 10:22:04.0431 0x0790 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 10:22:04.0438 0x0790 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 10:22:04.0449 0x0790 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 10:22:04.0456 0x0790 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 10:22:04.0466 0x0790 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 10:22:04.0472 0x0790 [ Global ] - ok 10:22:04.0473 0x0790 ================ Scan MBR ================================== 10:22:04.0474 0x0790 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 10:22:05.0181 0x0790 \Device\Harddisk0\DR0 - ok 10:22:05.0183 0x0790 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 10:22:05.0263 0x0790 \Device\Harddisk1\DR1 - ok 10:22:05.0264 0x0790 ================ Scan VBR ================================== 10:22:05.0265 0x0790 [ B0B566C46833FC2C2E32EA515CAB8EEA ] \Device\Harddisk0\DR0\Partition1 10:22:05.0303 0x0790 \Device\Harddisk0\DR0\Partition1 - ok 10:22:05.0305 0x0790 [ 5CCCA7457189AC328C40CC89CE188B43 ] \Device\Harddisk0\DR0\Partition2 10:22:05.0306 0x0790 \Device\Harddisk0\DR0\Partition2 - ok 10:22:05.0308 0x0790 [ 1A19D6098458137601C7EBD551813A62 ] \Device\Harddisk1\DR1\Partition1 10:22:05.0309 0x0790 \Device\Harddisk1\DR1\Partition1 - ok 10:22:05.0311 0x0790 [ 072B57DE9EBAB9B595F1FABA24BC7BB1 ] \Device\Harddisk1\DR1\Partition2 10:22:05.0312 0x0790 \Device\Harddisk1\DR1\Partition2 - ok 10:22:05.0313 0x0790 ================ Scan generic autorun ====================== 10:22:05.0535 0x0790 [ 798DF4955D7DE4552706B3ECB65B3C80, C0DD4999D8E5505EBC5ADB2B458339BA1444FE897C8568E872C9F8CCF7C5360B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 10:22:05.0789 0x0790 RtHDVCpl - ok 10:22:05.0807 0x0790 [ 4F9240906F3BB0DE27C9D431FB5EB576, F1917A4D6AC7824B7E6702F08DEF7106F624EE40C96213ECC6ECA1931EBF56BD ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe 10:22:05.0822 0x0790 Acronis Scheduler2 Service - ok 10:22:05.0825 0x0790 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe 10:22:05.0840 0x0790 ShadowPlay - ok 10:22:05.0896 0x0790 [ 638644168D9B5B5093AD84C9C162B550, BDBAB13BA6D369B7F87F721518F7EBD4B14D85B80BCC1E37FA929BB77200401B ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 10:22:05.0965 0x0790 NvBackend - ok 10:22:06.0030 0x0790 [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe 10:22:06.0107 0x0790 EvtMgr6 - ok 10:22:06.0113 0x0790 [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe 10:22:06.0125 0x0790 NUSB3MON - ok 10:22:06.0128 0x0790 [ 881EBEAB57FD063DBF73C9085A00A5A5, 5079808A2648C37DA73979A6DFCC1768D0CCF32AD1ED43EBD49C80552732FC08 ] C:\Windows\RaidTool\xInsIDE.exe 10:22:06.0137 0x0790 JMB36X IDE Setup - ok 10:22:06.0253 0x0790 [ A7D3BA9573C2BD5DDCA2A87140915D6A, 2D36D01A10B5F988FB6ED2204FAB3F05B7E31373B7A16B13E3CE5E8EB81420EA ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe 10:22:06.0384 0x0790 TrueImageMonitor.exe - ok 10:22:06.0454 0x0790 [ C433243E73FCF988435CEC1F461C48EE, 65C601B72EC48528F9CFF8F412E5AB75497E018E92754A4669741F34996A954E ] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe 10:22:06.0520 0x0790 SAOB Monitor - ok 10:22:06.0528 0x0790 [ A2418D3C557C0A0C634DA713A8AC3789, 4D8212B15081A31134167B9A328EEE778797ADDEBD23C8B0160FA43BCA1349DE ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe 10:22:06.0543 0x0790 LWS - ok 10:22:06.0552 0x0790 [ 2EA68E33DFF41A10F1BAB15FC3A28076, C971C009F36A87116FBE785E45EB7192EAD9BAF713C43C8A3AC643624144ECF9 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe 10:22:06.0567 0x0790 KiesTrayAgent - ok 10:22:06.0571 0x0790 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 10:22:06.0583 0x0790 HP Software Update - ok 10:22:06.0609 0x0790 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 10:22:06.0653 0x0790 Sidebar - ok 10:22:06.0657 0x0790 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 10:22:06.0676 0x0790 mctadmin - ok 10:22:06.0703 0x0790 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 10:22:06.0737 0x0790 Sidebar - ok 10:22:06.0742 0x0790 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 10:22:06.0759 0x0790 mctadmin - ok 10:22:06.0836 0x0790 [ B1A463CF8EF52A23548F098217419B8F, 731852E868B052A78BAC9AD1394B585FBF94550B62A3FE115A8463A29973EBA9 ] C:\Program Files (x86)\SpRecord3\srShell.exe 10:22:06.0922 0x0790 SpRecord - detected UnsignedFile.Multi.Generic ( 1 ) 10:22:09.0557 0x0790 SpRecord ( UnsignedFile.Multi.Generic ) - warning 10:22:12.0233 0x0790 [ 9D1F084831332B3367FB8506E5E6602D, 47BC80EFE3636E077F27BB07C142E4AD5ECAF156619DD198EAE341F6636A9D61 ] C:\Program Files (x86)\DVBViewer\DVBVCtrl.exe 10:22:12.0238 0x0790 DVBV Service Ctrl - detected UnsignedFile.Multi.Generic ( 1 ) 10:22:15.0055 0x0790 DVBV Service Ctrl ( UnsignedFile.Multi.Generic ) - warning 10:22:17.0744 0x0790 [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe 10:22:17.0757 0x0790 ISUSPM - ok 10:22:17.0812 0x0790 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe 10:22:17.0878 0x0790 HP Officejet Pro 8600 (NET) - ok 10:22:17.0913 0x0790 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 10:22:17.0958 0x0790 Sidebar - ok 10:22:17.0967 0x0790 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Helmut\AppData\Local\Google\Update\GoogleUpdate.exe 10:22:17.0978 0x0790 Google Update - ok 10:22:17.0978 0x0790 Waiting for KSN requests completion. In queue: 3 10:22:18.0978 0x0790 Waiting for KSN requests completion. In queue: 3 10:22:19.0978 0x0790 Waiting for KSN requests completion. In queue: 3 10:22:21.0005 0x0790 AV detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated ) 10:22:21.0006 0x0790 FW detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\22.5.4.24\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled ) 10:22:23.0690 0x0790 ============================================================ 10:22:23.0690 0x0790 Scan finished 10:22:23.0690 0x0790 ============================================================ 10:22:23.0695 0x0908 Detected object count: 8 10:22:23.0695 0x0908 Actual detected object count: 8 10:23:44.0060 0x0908 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user 10:23:44.0060 0x0908 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:23:44.0061 0x0908 DVBVRecorder ( UnsignedFile.Multi.Generic ) - skipped by user 10:23:44.0061 0x0908 DVBVRecorder ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:23:44.0062 0x0908 ElRawDisk ( UnsignedFile.Multi.Generic ) - skipped by user 10:23:44.0062 0x0908 ElRawDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:23:44.0063 0x0908 SpRecordService ( UnsignedFile.Multi.Generic ) - skipped by user 10:23:44.0063 0x0908 SpRecordService ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:23:44.0064 0x0908 srdbService ( UnsignedFile.Multi.Generic ) - skipped by user 10:23:44.0064 0x0908 srdbService ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:23:44.0065 0x0908 wovad_micarray ( UnsignedFile.Multi.Generic ) - skipped by user 10:23:44.0065 0x0908 wovad_micarray ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:23:44.0066 0x0908 SpRecord ( UnsignedFile.Multi.Generic ) - skipped by user 10:23:44.0066 0x0908 SpRecord ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:23:44.0066 0x0908 DVBV Service Ctrl ( UnsignedFile.Multi.Generic ) - skipped by user 10:23:44.0066 0x0908 DVBV Service Ctrl ( UnsignedFile.Multi.Generic ) - User select action: Skip |
![]() |
Themen zu svchost.exe 4 GB gross |
.exe, anderes, anwendung, arbeitsspeicher, beenden, datei, eintrag, eset, explorer, firefox, gefunde, gekillt, gross, hilft, komisches, meldung, neustart, nicht, process, programm, svchost.exe, thunderbird, woche |