| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Watch4 VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.11.2015, 17:32
| #1 |
| |  Watch4 Virus Hallo zusammen, habe heute auch auf einmal das Problem gehabt, dass Chrome einfach einen neuen Tab mit watch4 geöffnet hat. EDIT: habe auch zusätzlich kurz vorher das problem gehabt dass eine werbung im hintergrund abgespielt wurde obwohl ich keinerlei werbung / video offen hatte Habe schon einige Scans durchgeführt, wie soll ich weiter verfahren? malwarebytes scan Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.11.2015 Suchlaufzeit: 16:58 Protokolldatei: mwbytes01.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.30.03 Rootkit-Datenbank: v2015.11.26.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Jan Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 349887 Abgelaufene Zeit: 4 Min., 19 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 4 PUP.Optional.ViView.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://myhome.vi-view.com/web/?type=ds&ts=1419847593&from=cor&uid=ST2000DM001-1ER164_Z4Z13N2PXXXXZ4Z13N2P&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/web/?type=ds&ts=1419847593&from=cor&uid=ST2000DM001-1ER164_Z4Z13N2PXXXXZ4Z13N2P&q={searchTerms}),,[3fec7113fd8eea4c2b06e3810400b050] PUP.Optional.ViView.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://myhome.vi-view.com/web/?type=ds&ts=1419847593&from=cor&uid=ST2000DM001-1ER164_Z4Z13N2PXXXXZ4Z13N2P&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/web/?type=ds&ts=1419847593&from=cor&uid=ST2000DM001-1ER164_Z4Z13N2PXXXXZ4Z13N2P&q={searchTerms}),,[60cb0f75b3d8ce6821100e5662a28779] PUP.Optional.ViView.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://myhome.vi-view.com/web/?type=ds&ts=1419847593&from=cor&uid=ST2000DM001-1ER164_Z4Z13N2PXXXXZ4Z13N2P&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/web/?type=ds&ts=1419847593&from=cor&uid=ST2000DM001-1ER164_Z4Z13N2PXXXXZ4Z13N2P&q={searchTerms}),,[d05b3b49751679bd19186202a75dc739] PUP.Optional.ViView.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://myhome.vi-view.com/web/?type=ds&ts=1419847593&from=cor&uid=ST2000DM001-1ER164_Z4Z13N2PXXXXZ4Z13N2P&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://myhome.vi-view.com/web/?type=ds&ts=1419847593&from=cor&uid=ST2000DM001-1ER164_Z4Z13N2PXXXXZ4Z13N2P&q={searchTerms}),,[04274b39c2c9a294dd54d4908084847c] Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
30.11.2015, 17:33
| #2 |
| | Watch4 Virus Junkware removal tool
__________________Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 8.1 Pro x64
Ran by Jan (Administrator) on 30.11.2015 at 17:11:01,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5 (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.11.2015 at 17:13:47,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-11-2015
durchgeführt von Jan (Administrator) auf JANNXZT (30-11-2015 17:25:30)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(TeamViewer GmbH) E:\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-08-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392344 2014-08-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-30] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [518496 2015-06-24] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231776 2015-06-24] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => E:\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7088408 2015-01-22] (Piriform Ltd)
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\Run: [Spotify Web Helper] => C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-18] (Spotify Ltd)
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\Run: [Spotify] => C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-18] (Spotify Ltd)
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\MountPoints2: {ec049c43-8795-11e5-8366-382c4a7226d9} - "N:\OnePlus_setup.exe" /s
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-30] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5A7DB931-9FCC-42C1-98FB-FAF820AEDE46}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-30] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-19] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-30] (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-19] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bq8zfuay.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-30] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-30] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-06-24] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-11-30]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-10-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-11-30]
Chrome:
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-25]
CHR Extension: (Steam inventory helper) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-11-25]
CHR Extension: (Google-Suche) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Avast Online Security) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Skype Click to Call) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-14]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-09-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Google Mail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-04-24] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-04-24] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-02] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-30] (AVAST Software)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-07-16] (AOMEI Tech Co., Ltd.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-06] (DTS, Inc)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
S2 MBAMService; E:\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; E:\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-02-25] () [Datei ist nicht signiert]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2015-02-25] () [Datei ist nicht signiert]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2015-02-25] () [Datei ist nicht signiert]
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [24792 2014-06-13] (hxxp://www.asmedia.com.tw)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-30] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-28] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-14] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\Jan\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 GPUZ; \??\C:\Users\Jan\AppData\Local\Temp\GPUZ.sys [X]
S3 SANDRA; \??\E:\SiSoftware Sandra Lite 2015x\WNt600x64\Sandra.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-30 17:25 - 2015-11-30 17:25 - 00031577 _____ C:\Users\Jan\Desktop\FRST.txt
2015-11-30 17:25 - 2015-11-30 17:25 - 00000000 ____D C:\FRST
2015-11-30 17:24 - 2015-11-30 17:24 - 02350080 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2015-11-30 17:16 - 2015-11-30 17:16 - 02870984 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2015-11-30 17:16 - 2015-11-30 17:16 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-30 17:13 - 2015-11-30 17:13 - 00000694 _____ C:\Users\Jan\Desktop\JRT.txt
2015-11-30 17:10 - 2015-11-30 17:10 - 01599336 _____ (Malwarebytes) C:\Users\Jan\Desktop\JRT.exe
2015-11-30 17:08 - 2015-11-30 17:08 - 00000000 ____D C:\AdwCleaner
2015-11-30 17:03 - 2015-11-30 17:03 - 00002824 _____ C:\Users\Jan\Desktop\mwbytes01.txt
2015-11-30 16:56 - 2015-11-30 16:56 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-11-30 16:56 - 2015-11-30 16:56 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-11-30 11:32 - 2015-11-30 11:32 - 00876868 _____ C:\Users\Jan\Desktop\Referat_Recht_Betriebsübergang.zip
2015-11-27 21:13 - 2015-11-30 17:23 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-27 21:13 - 2015-11-30 17:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-27 21:13 - 2015-11-27 21:13 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-11-27 16:07 - 2015-11-30 17:04 - 00002150 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-11-27 16:07 - 2015-11-27 16:07 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-11-27 16:07 - 2015-11-14 06:53 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-11-27 16:06 - 2015-11-16 04:35 - 42913912 _____ C:\Windows\system32\nvcompiler.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 37881976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 22310008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 18363000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 15717864 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 13527440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 11130488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-27 16:06 - 2015-11-16 04:35 - 02870576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 02490672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435900.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435900.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00501056 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00413816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-11-27 16:06 - 2015-11-16 04:35 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-11-27 16:06 - 2015-11-16 04:35 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-11-27 16:04 - 2015-11-12 19:37 - 00112712 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-11-27 14:31 - 2015-11-27 14:38 - 00338784 _____ C:\Users\Jan\Desktop\12283171_889263511128896_31008986_n.psd
2015-11-25 22:33 - 2015-11-25 22:33 - 00800824 _____ (Microsoft Corporation) C:\Users\Default\AppData\Roaming\DPInst.exe
2015-11-25 22:33 - 2015-11-25 22:33 - 00800824 _____ (Microsoft Corporation) C:\Users\Default User\AppData\Roaming\DPInst.exe
2015-11-25 22:33 - 2015-11-25 22:33 - 00106496 _____ (Microsoft Corporation) C:\Users\Default\AppData\Roaming\gacutil.exe
2015-11-25 22:33 - 2015-11-25 22:33 - 00106496 _____ (Microsoft Corporation) C:\Users\Default User\AppData\Roaming\gacutil.exe
2015-11-25 22:33 - 2015-11-25 22:33 - 00036352 _____ (Microsoft Corporation) C:\Users\Default\AppData\Roaming\PnPutil.exe
2015-11-25 22:33 - 2015-11-25 22:33 - 00036352 _____ (Microsoft Corporation) C:\Users\Default User\AppData\Roaming\PnPutil.exe
2015-11-25 22:33 - 2015-11-25 22:33 - 00000181 _____ C:\Users\Default\AppData\Roaming\gacutil.exe.config
2015-11-25 22:33 - 2015-11-25 22:33 - 00000181 _____ C:\Users\Default User\AppData\Roaming\gacutil.exe.config
2015-11-25 22:33 - 2015-11-25 22:33 - 00000000 ____D C:\Users\Default\AppData\Roaming\Temp
2015-11-25 22:33 - 2015-11-25 22:33 - 00000000 ____D C:\Users\Default\AppData\Roaming\KODAK AiO Home Center1706335706
2015-11-25 22:33 - 2015-11-25 22:33 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Temp
2015-11-25 22:33 - 2015-11-25 22:33 - 00000000 ____D C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center1706335706
2015-11-20 00:21 - 2015-11-30 17:03 - 00000652 _____ C:\Users\Jan\Desktop\Musik.lnk
2015-11-19 01:42 - 2015-11-19 01:42 - 00000000 ____D C:\Users\Jan\AppData\Local\Blizzard
2015-11-18 22:06 - 2015-11-30 17:04 - 00001168 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-11-18 22:06 - 2015-11-18 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-11-18 22:04 - 2015-11-19 01:42 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-11-18 22:00 - 2015-11-18 22:00 - 00000000 ____D C:\Users\Jan\AppData\Local\Blizzard Entertainment
2015-11-18 21:59 - 2015-11-30 17:04 - 00001131 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-11-18 21:59 - 2015-11-19 02:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Battle.net
2015-11-18 21:59 - 2015-11-19 01:41 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-18 21:59 - 2015-11-18 22:04 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Battle.net
2015-11-18 21:59 - 2015-11-18 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-11-18 21:59 - 2015-11-18 21:59 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-11-18 21:58 - 2015-11-18 21:58 - 00000000 ____D C:\ProgramData\Battle.net
2015-11-17 20:47 - 2015-11-17 20:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-11-11 21:54 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 21:54 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 21:54 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 21:54 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 21:54 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 21:54 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 21:54 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 21:54 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 21:54 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 21:54 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 21:54 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 21:54 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 21:54 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 21:54 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 21:54 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 21:54 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 21:54 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 21:54 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 21:54 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 21:54 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 21:54 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 21:54 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 21:54 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 21:54 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 21:54 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 21:54 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 21:54 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 21:54 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 21:54 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 21:54 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 21:54 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 21:54 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 21:54 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 21:54 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 21:54 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 21:54 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 21:54 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 21:54 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 21:54 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 21:54 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 21:54 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 21:54 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 21:54 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 21:54 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 21:54 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 21:54 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 21:54 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 21:54 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 21:54 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 21:54 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 21:54 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 21:54 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 21:54 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 21:54 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 21:54 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 21:54 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 21:54 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 21:54 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 21:54 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 21:54 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 21:54 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 21:54 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 21:54 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 21:54 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 21:54 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2015-11-11 21:54 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2015-11-11 21:54 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 21:54 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 21:54 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 21:54 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 21:54 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 21:54 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-01 18:09 - 2015-11-30 17:04 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-01 18:09 - 2015-11-30 17:04 - 00002064 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-30 17:25 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-11-30 17:23 - 2014-12-28 22:20 - 00000000 ____D C:\Users\Jan\AppData\Local\Adobe
2015-11-30 17:18 - 2014-12-28 21:45 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-30 17:11 - 2015-06-23 21:06 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2015-11-30 17:11 - 2015-01-30 13:15 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Spotify
2015-11-30 17:09 - 2015-01-30 13:16 - 00000000 ____D C:\Users\Jan\AppData\Local\Spotify
2015-11-30 17:09 - 2014-12-28 21:28 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2666469628-2591938262-1318115230-1001
2015-11-30 17:04 - 2015-10-13 22:55 - 00002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2015-11-30 17:04 - 2015-10-13 22:55 - 00002475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2015-11-30 17:04 - 2015-10-13 22:55 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2015-11-30 17:04 - 2015-10-13 22:55 - 00002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2015-11-30 17:04 - 2015-10-13 22:55 - 00002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2015-11-30 17:04 - 2015-10-13 22:55 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2015-11-30 17:04 - 2015-10-13 22:55 - 00002392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2015-11-30 17:04 - 2015-10-13 22:55 - 00002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-11-30 17:04 - 2015-10-13 22:55 - 00002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-11-30 17:04 - 2015-10-06 23:48 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-30 17:04 - 2015-09-21 19:57 - 00001740 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2015-11-30 17:04 - 2015-09-13 15:19 - 00000633 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2015-11-30 17:04 - 2015-07-22 00:20 - 00001074 _____ C:\Users\Public\Desktop\AOMEI Backupper Standard.lnk
2015-11-30 17:04 - 2015-06-29 16:10 - 00001160 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-30 17:04 - 2015-04-04 14:32 - 00000634 _____ C:\Users\Public\Desktop\Kingo ROOT.lnk
2015-11-30 17:04 - 2015-03-23 14:54 - 00000995 _____ C:\Users\Public\Desktop\Gyazo.lnk
2015-11-30 17:04 - 2015-03-23 14:54 - 00000995 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2015-11-30 17:04 - 2015-02-19 15:07 - 00001020 _____ C:\Users\Public\Desktop\EXPERTool.lnk
2015-11-30 17:04 - 2015-02-17 18:05 - 00000566 _____ C:\Users\Public\Desktop\Audacity.lnk
2015-11-30 17:04 - 2015-02-17 18:05 - 00000566 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-11-30 17:04 - 2015-02-10 14:04 - 00001032 _____ C:\Users\Public\Desktop\Crazybump.lnk
2015-11-30 17:04 - 2015-02-05 18:01 - 00000534 _____ C:\Users\Public\Desktop\Fraps.lnk
2015-11-30 17:04 - 2015-01-07 22:43 - 00000586 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-30 17:04 - 2015-01-07 22:43 - 00000586 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-30 17:04 - 2015-01-02 02:01 - 00000849 _____ C:\Users\Public\Desktop\Speccy.lnk
2015-11-30 17:04 - 2014-12-31 17:19 - 00001415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-11-30 17:04 - 2014-12-31 17:19 - 00001409 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-11-30 17:04 - 2014-12-31 17:07 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2015-11-30 17:04 - 2014-12-31 17:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2015-11-30 17:04 - 2014-12-31 17:07 - 00002043 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2015-11-30 17:04 - 2014-12-31 17:05 - 00001004 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-11-30 17:04 - 2014-12-30 12:12 - 00000651 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-30 17:04 - 2014-12-29 11:00 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-11-30 17:04 - 2014-12-28 22:37 - 00000928 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-30 17:04 - 2014-12-28 22:35 - 00002018 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-11-30 17:04 - 2014-12-28 22:23 - 00001960 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-11-30 17:04 - 2014-12-28 22:12 - 00000973 _____ C:\Users\Public\Desktop\Steam.lnk
2015-11-30 17:04 - 2014-12-28 22:10 - 00002102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-11-30 17:04 - 2014-12-28 22:10 - 00002096 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-11-30 17:04 - 2014-12-28 21:54 - 00001239 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2015-11-30 17:04 - 2014-12-28 21:46 - 00002192 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-30 17:03 - 2015-09-21 19:44 - 00000685 _____ C:\Users\Jan\Desktop\MASTER.lnk
2015-11-30 17:03 - 2015-09-09 00:30 - 00000526 _____ C:\Users\Jan\Desktop\CAPIVARA.lnk
2015-11-30 17:03 - 2015-09-03 14:56 - 00001224 _____ C:\Users\Jan\Desktop\Uplay.lnk
2015-11-30 17:03 - 2015-09-02 11:07 - 00000490 _____ C:\Users\Jan\Desktop\Backup (L).lnk
2015-11-30 17:03 - 2015-08-25 17:53 - 00000859 _____ C:\Users\Jan\Desktop\FileZilla Client.lnk
2015-11-30 17:03 - 2015-08-25 16:16 - 00000508 _____ C:\Users\Jan\Desktop\Aktuelle Projekte (F).lnk
2015-11-30 17:03 - 2015-08-25 16:16 - 00000472 _____ C:\Users\Jan\Desktop\Archiv (K).lnk
2015-11-30 17:03 - 2015-07-21 10:36 - 00001205 _____ C:\Users\Jan\Desktop\CrystalDiskInfo.lnk
2015-11-30 17:03 - 2015-04-05 00:59 - 00000644 _____ C:\Users\Jan\Desktop\Notepad++.lnk
2015-11-30 17:03 - 2015-02-19 17:24 - 00000631 _____ C:\Users\Jan\Desktop\MSI Afterburner.lnk
2015-11-30 17:03 - 2015-02-18 10:41 - 00000585 _____ C:\Users\Jan\Desktop\FurMark.lnk
2015-11-30 17:03 - 2015-01-30 13:16 - 00001844 _____ C:\Users\Jan\Desktop\Spotify.lnk
2015-11-30 17:03 - 2015-01-30 13:16 - 00001830 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-30 17:03 - 2015-01-17 02:55 - 00001101 _____ C:\Users\Jan\Desktop\PC Remote Server.lnk
2015-11-30 17:03 - 2015-01-13 19:52 - 00000954 _____ C:\Users\Jan\Desktop\Open Broadcaster Software.lnk
2015-11-30 17:03 - 2015-01-07 22:35 - 00001220 _____ C:\Users\Jan\Desktop\Snipping Tool.lnk
2015-11-30 17:03 - 2015-01-05 21:08 - 00000755 _____ C:\Users\Jan\Desktop\OpenOffice 4.1.1.lnk
2015-11-30 17:03 - 2015-01-02 01:46 - 00001573 _____ C:\Users\Jan\Desktop\CINEMA 4D R16.lnk
2015-11-30 17:03 - 2014-12-31 17:12 - 00001773 _____ C:\Users\Jan\Desktop\Adobe Media Encoder.lnk
2015-11-30 17:03 - 2014-12-31 17:12 - 00001734 _____ C:\Users\Jan\Desktop\Photoshop.lnk
2015-11-30 17:03 - 2014-12-31 17:12 - 00001581 _____ C:\Users\Jan\Desktop\Adobe Illustrator CS6 (64 Bit).lnk
2015-11-30 17:03 - 2014-12-31 17:12 - 00001362 _____ C:\Users\Jan\Desktop\Adobe After Effects CS6.lnk
2015-11-30 17:03 - 2014-12-29 12:12 - 00000520 _____ C:\Users\Jan\Desktop\Musik - Filme - Bilder (M).lnk
2015-11-30 17:03 - 2014-12-29 11:07 - 00000754 _____ C:\Users\Jan\Desktop\JDownloader 2.lnk
2015-11-30 17:03 - 2014-12-29 11:02 - 00000586 _____ C:\Users\Jan\Desktop\MediathekView.lnk
2015-11-30 17:03 - 2014-12-28 22:39 - 00000648 _____ C:\Users\Jan\Desktop\TeamSpeak 3 Client.lnk
2015-11-30 17:03 - 2014-12-28 22:29 - 00000591 _____ C:\Users\Jan\Desktop\PDF Blender.lnk
2015-11-30 17:03 - 2014-12-28 22:26 - 00000881 _____ C:\Users\Jan\Desktop\CCleaner.lnk
2015-11-30 17:03 - 2014-12-28 21:33 - 00000525 _____ C:\Users\Jan\Desktop\Stock Footage - Presets (G).lnk
2015-11-30 17:03 - 2014-12-28 21:33 - 00000512 _____ C:\Users\Jan\Desktop\SSD (C).lnk
2015-11-30 17:03 - 2014-12-28 21:33 - 00000496 _____ C:\Users\Jan\Desktop\HDD Programme (E).lnk
2015-11-30 17:03 - 2014-12-28 21:33 - 00000484 _____ C:\Users\Jan\Desktop\Dokumente (H).lnk
2015-11-30 17:03 - 2014-12-28 21:33 - 00000431 _____ C:\Users\Jan\Desktop\CD-Laufwerk.lnk
2015-11-30 17:03 - 2014-12-26 01:33 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-30 17:03 - 2014-12-26 01:30 - 00001454 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-30 17:03 - 2013-08-23 00:24 - 00765378 _____ C:\Windows\system32\perfh007.dat
2015-11-30 17:03 - 2013-08-23 00:24 - 00159696 _____ C:\Windows\system32\perfc007.dat
2015-11-30 17:03 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2015-11-30 16:58 - 2014-12-30 12:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-30 16:57 - 2015-06-28 18:01 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-30 16:57 - 2014-12-28 21:45 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-30 16:57 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-30 16:56 - 2014-12-28 22:35 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-30 16:56 - 2014-12-28 22:35 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-30 16:56 - 2014-12-28 22:35 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-30 16:56 - 2014-12-28 22:35 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-30 16:56 - 2014-12-28 22:35 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-30 16:56 - 2014-12-28 22:35 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-30 16:56 - 2014-12-28 22:35 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-30 16:56 - 2014-12-28 22:35 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-30 16:56 - 2014-12-28 22:35 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-30 16:53 - 2014-12-28 22:12 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-30 16:52 - 2014-12-30 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-11-30 16:50 - 2015-01-04 11:18 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2015-11-30 11:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-30 11:32 - 2014-12-26 01:30 - 00000000 ____D C:\Users\Jan\AppData\Local\Packages
2015-11-30 11:31 - 2014-12-28 21:27 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FA2F2FBF-E537-494D-AC42-AC1D21CEC988}
2015-11-30 00:34 - 2015-01-01 20:41 - 00000000 ____D C:\Users\Jan\AppData\Roaming\TS3Client
2015-11-27 20:39 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-27 16:07 - 2015-06-28 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-11-27 16:07 - 2014-12-29 12:04 - 00000000 ____D C:\Temp
2015-11-27 16:06 - 2015-06-28 18:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-27 16:04 - 2015-06-28 18:02 - 00000000 ____D C:\Users\Jan\AppData\Local\NVIDIA Corporation
2015-11-27 15:59 - 2015-01-03 13:52 - 00000132 _____ C:\Users\Jan\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-11-25 22:33 - 2015-03-09 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak
2015-11-25 22:33 - 2015-03-09 17:40 - 00000000 ____D C:\ProgramData\Kodak
2015-11-22 21:59 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-20 00:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-11-19 22:40 - 2014-12-29 10:58 - 00000000 ____D C:\ProgramData\Oracle
2015-11-19 22:39 - 2015-10-06 23:43 - 00000000 ____D C:\Users\Jan\.oracle_jre_usage
2015-11-19 22:39 - 2015-01-24 14:54 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-19 22:39 - 2014-12-29 10:58 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-19 22:39 - 2014-12-29 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-17 20:47 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-17 20:47 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-17 20:46 - 2015-10-13 22:51 - 00000000 ____D C:\Program Files\Microsoft Office
2015-11-16 04:35 - 2015-06-28 18:01 - 17515528 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-16 04:35 - 2015-06-28 18:01 - 15122296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-16 04:35 - 2015-06-28 18:01 - 12770944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-16 04:35 - 2015-06-28 18:01 - 03579696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-16 04:35 - 2015-06-28 18:01 - 03159248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-16 04:35 - 2015-06-28 18:01 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-11-16 04:35 - 2015-06-28 18:01 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-11-16 04:35 - 2015-06-28 18:01 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-16 04:35 - 2015-06-28 18:01 - 00033607 _____ C:\Windows\system32\nvinfo.pb
2015-11-14 07:06 - 2015-06-28 18:01 - 06358832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-14 07:06 - 2015-06-28 18:01 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-14 07:06 - 2015-06-28 18:01 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-14 07:06 - 2015-06-28 18:01 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-14 07:06 - 2015-06-28 18:01 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-14 07:06 - 2015-06-28 18:01 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-12 19:37 - 2015-06-28 18:02 - 01828160 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-11-12 19:37 - 2015-06-28 18:02 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-11-12 19:37 - 2015-06-28 18:02 - 01509824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-11-12 19:37 - 2015-06-28 18:02 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-11-12 10:01 - 2013-08-22 15:44 - 07466432 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 22:35 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-11 22:23 - 2014-12-28 22:54 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 22:23 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-11 22:21 - 2014-12-28 22:54 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-08 22:35 - 2015-01-04 11:18 - 00000000 ____D C:\ProgramData\Skype
2015-11-06 19:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-03 22:37 - 2015-02-19 20:12 - 00000000 ____D C:\Users\Jan\AppData\Local\Steam
2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-02 20:09 - 2015-07-22 00:20 - 00001024 ____H C:\SYSTAG.BIN
2015-11-02 20:09 - 2015-07-22 00:20 - 00000082 _____ C:\Windows\SysWOW64\winsevr.dat
2015-11-01 18:09 - 2014-12-29 10:51 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-01 18:09 - 2014-12-28 22:21 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-01 17:45 - 2015-10-13 22:58 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2666469628-2591938262-1318115230-1001
2015-11-01 17:45 - 2015-10-13 22:58 - 00000000 ___RD C:\Users\Jan\OneDrive
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-01-03 13:52 - 2015-11-27 15:59 - 0000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-01-06 11:55 - 2015-01-06 11:55 - 0326144 _____ () C:\Users\Jan\AppData\Roaming\CodecsLE_Install.log
2015-01-03 13:44 - 2015-06-23 16:18 - 0001456 _____ () C:\Users\Jan\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-12-28 21:32 - 2014-12-28 21:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-20 20:12
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-11-2015
durchgeführt von Jan (2015-11-30 17:25:46)
Gestartet von C:\Users\Jan\Desktop
Windows 8.1 Pro (X64) (2014-12-26 00:30:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2666469628-2591938262-1318115230-500 - Administrator - Disabled)
Gast (S-1-5-21-2666469628-2591938262-1318115230-501 - Limited - Disabled)
Jan (S-1-5-21-2666469628-2591938262-1318115230-1001 - Administrator - Enabled) => C:\Users\Jan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version: - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version: - )
AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.90 - ASUSTeK Computer Inc.)
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.15.0 - Asmedia Technology)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.2.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.6.2.3 - ASUSTek COMPUTER INC.) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2241 - AVAST Software)
Avid Codecs LE (HKLM-x32\...\{8F390998-2668-4F30-97C3-FBE3317639DB}) (Version: 2.5.0 - Avid Technology, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
CameraTracker 1.0v3 (64 bit) for AE (HKLM\...\CameraTracker for AE_is1) (Version: - The Foundry)
Camtasia Studio 8 (HKLM-x32\...\{645B4291-26F6-4AE0-859A-C1FDD7407143}) (Version: 8.5.1.1962 - TechSmith Corporation)
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.3.0.5014 - Citrix Systems, Inc.)
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Damage version 2.5 (HKLM-x32\...\{03D0FE1B-9788-418C-A95E-DA7D4376F82C}_is1) (Version: 2.5 - Digieffects)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.0.3 - CEWE Stiftung u Co. KGaA)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
EXPERTool v9.10 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 9.10.0.0 - Gainward Co. Ltd.)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
FileZilla Client 3.13.1 (HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\FileZilla Client) (Version: 3.13.1 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
frischluft AEX Plug-ins Bundle 64-bit (HKLM\...\frischluft AEX Plug-ins Bundle_is1) (Version: 1.28 - Team V.R)
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Gyazo 3.1.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingo ROOT version 1.3.5.2267 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.3.5.2267 - Kingosoft Technology Ltd.)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6001.1038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 de)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 359.00 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OctaneRender 2.16 32bit (HKLM-x32\...\OctaneRender 2.16 32bit) (Version: 2.16 - OTOY)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.3.0.5014 - Citrix Systems, Inc.) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PC Remote (HKLM-x32\...\{C934DF74-D0D9-445C-90AA-34012A04E11D}) (Version: 3.51 - PC Remote)
PDF Blender (HKLM-x32\...\PDF Blender) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7329 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.8.100.5 - Red Giant, LLC)
ReelSmart Motion Blur AE (HKLM\...\ReelSmart Motion Blur Pro 5.0.2 AE CE_is1) (Version: 5.0.2 - Team V.R)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.0 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Self-Service Plug-in (x32 Version: 4.3.0.8352 - Citrix Systems, Inc.) Hidden
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{A27FDB06-60C8-4D5A-BB2F-8038FD151E3C}) (Version: 11.0.3 - Red Giant Software)
Trapcode Suite 64-bit (Version: 11.0.3 - Red Giant Software) Hidden
Twixtor 5, After Effects-compatible plugin set (HKLM-x32\...\Twixtor 5, After Effects-compatible plugin set) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2666469628-2591938262-1318115230-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Jan\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
==================== Wiederherstellungspunkte =========================
11-11-2015 22:20:41 Windows Update
29-11-2015 23:22:24 Geplanter Prüfpunkt
30-11-2015 17:11:04 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2014-12-31 17:11 - 00001028 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B580EDB-3D1C-432F-8950-2B9454278845} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-02] ()
Task: {0FF7C4D4-BD36-4136-931C-206B78DC0256} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1579DDE6-A81F-4AB4-A518-4DD4BC408FE3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-30] (Adobe Systems Incorporated)
Task: {18859D10-A297-4C3C-B5D4-C26713D01341} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {28EF7082-E5A1-47CF-A88A-C3F4F203A4EB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {32AF2BA9-689D-43B6-BC1B-FFEAB6CB9ED4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {3FABFEA1-085D-415D-9B35-39CE2BF7CD4F} - System32\Tasks\AdobeAAMUpdater-1.0-JanNXZT-Jan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {844667B9-46DE-4234-BE28-BE304CA13A48} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {8914931C-5FEF-41DB-AF47-96893ACC7166} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {8A81C751-B283-4F0C-A758-8DFB50FCE560} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {9C637F50-12ED-4194-A321-F6934223CF6B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {9CF33410-ADE6-4B3C-98BA-DAAC3A774FE5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {9DA00A12-9DB9-4DB3-9B56-54EC2031E09B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-11-01] (Microsoft Corporation)
Task: {A051DE80-CB1C-4AC3-B93C-91AF30625ED0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-11-30] (AVAST Software)
Task: {AAE7CE5E-049E-44DA-AA56-642885B7E822} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {B9310221-59D7-448F-98B6-7AB5E123EBF0} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2666469628-2591938262-1318115230-1001 => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-01] (Microsoft Corporation)
Task: {BE4AC7FA-9DD7-4026-892F-BA5CE9E3B1BD} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2015-06-18] ()
Task: {BE7F2CD3-6D77-4491-8C48-A5734FB7AE84} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.)
Task: {C479BA18-F11E-4E35-81BF-A470D2CE7080} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-11-01] (Microsoft Corporation)
Task: {C713A088-8994-4ED4-84D6-0E0758F50936} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-08-26] (ASUSTeK Computer Inc.)
Task: {CBBAE16A-9FDB-43DB-BFC5-13A1624BF1F9} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-10-09] ()
Task: {D719303D-0452-48A1-80AC-59B6EE5E7682} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {EB787211-350A-4C51-9BCF-F50CD205D71F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {EF769BA9-1B46-4FA3-9643-8E1A8656A87F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-11-01] (Microsoft Corporation)
Task: {F7E18D53-D70C-4B58-BDBD-B20E75E0C5B4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OTOY\OctaneRender 2.16 32bit\Install Octane Daemon.lnk -> C:\Program Files (x86)\OTOY\OctaneRender 2.16\_install_daemon.bat () <==== ACHTUNG
Shortcut: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OTOY\OctaneRender 2.16 32bit\Start Octane Daemon.lnk -> C:\Program Files (x86)\OTOY\OctaneRender 2.16\_run_installed_daemon.bat () <==== ACHTUNG
Shortcut: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OTOY\OctaneRender 2.16 32bit\Uninstall Octane Daemon.lnk -> C:\Program Files (x86)\OTOY\OctaneRender 2.16\_uninstall_daemon.bat () <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-12-28 21:30 - 2014-04-24 23:03 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2014-12-28 21:30 - 2014-04-24 07:29 - 01360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2015-10-13 22:51 - 2015-11-01 02:11 - 00161448 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-01-19 15:12 - 2014-10-02 09:35 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () E:\Notepad++\NppShell_06.dll
2015-11-30 16:56 - 2015-11-30 16:56 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-11-30 16:56 - 2015-11-30 16:56 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-30 12:21 - 2015-11-30 12:21 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\15113000\algo.dll
2015-11-30 16:56 - 2015-11-30 16:56 - 00466448 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-11-30 16:56 - 2015-11-30 16:56 - 00233680 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2014-12-28 21:30 - 2015-11-30 16:57 - 00042640 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2014-12-28 21:30 - 2014-04-24 23:03 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00306904 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00241368 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00290520 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00122584 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00347864 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00028376 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00483032 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00069336 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00691928 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00077528 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00962264 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00118488 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00155352 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2015-07-22 00:20 - 2015-02-25 23:00 - 02403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00253656 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2015-07-22 00:20 - 2015-07-16 09:31 - 00175832 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2015-01-19 15:12 - 2014-10-02 09:35 - 00235008 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2015-01-19 15:12 - 2014-10-02 09:35 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-01-19 15:12 - 2014-10-02 09:35 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-01-19 15:12 - 2014-10-02 09:35 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-01-19 15:12 - 2014-10-02 09:35 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-01-19 15:12 - 2014-10-02 09:35 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll
2015-01-19 15:12 - 2014-10-02 09:35 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2015-11-30 16:56 - 2015-11-30 16:56 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-03 16:48 - 2014-04-03 16:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-28 18:01 - 2015-11-12 19:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-24 14:56 - 2015-08-24 14:56 - 00039384 _____ () E:\FileZilla\FileZilla FTP Client\fzshellext.dll
2015-11-11 22:19 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-11 22:19 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Jan\Cookies:yKtae47HAmmlMiOPWWTXekXr
AlternateDataStreams: C:\Users\Jan\AppData\Local\Temporary Internet Files:Ks4EEo4G0hdZTvp0sIjyk3
AlternateDataStreams: C:\Users\Jan\AppData\Local\Temporary Internet Files:v4NAmwb3dV9W6ZezMPDSIp2Fc
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "EKStatusMonitor"
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\StartupApproved\Run: => "Speccy"
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5"
HKU\S-1-5-21-2666469628-2591938262-1318115230-1001\...\StartupApproved\Run: => "Gyazo"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5F2F01C6-D0EF-4180-820C-2EA7E1DE02CF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A590BDAB-1B0B-4FA2-992A-0430C7A60461}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{12903C7B-D0BE-4C2D-A3D7-127DA35A6F9D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0304874-8AC8-4BF6-9F14-5FAF71511BBB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF4F5A48-E97C-4B6D-8AA0-7F21D253B77F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{F7B8FE8A-67AF-49F3-8074-E569C40BAC22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{29739617-39BF-46F9-B2A6-227AB7B2317B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{7C390C21-D42E-482B-AB88-9D2A7B4D74FB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5DD905BA-9DE9-4BEE-BE4D-5340ED4455C7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A95CBDD7-5B9B-4AE8-B4FA-F819976AE174}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [UDP Query User{B983686F-7820-4108-9769-7765D9DA8E61}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Block) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [{53A0413B-6EB3-42E4-9287-564A60D9D250}] => (Allow) E:\TeamViewer\TeamViewer.exe
FirewallRules: [{FA167718-6883-4FF6-8F76-5728AEFDE18A}] => (Allow) E:\TeamViewer\TeamViewer.exe
FirewallRules: [{5C41AA12-01D0-4C9E-BD24-1A2D1EA7BE79}] => (Allow) E:\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F1130132-A273-465B-BF98-E133AE4EFC88}] => (Allow) E:\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{4A2950A8-6836-4675-AF20-8FF25E980DE7}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{406007CF-2509-49CE-ABC5-B367F0AC16D9}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{9667CA34-65F7-40CF-8198-7D72BA7AA0F1}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DA21615F-B5BF-4167-AEA0-785477BCA8DC}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DD25EABA-28EC-4F3E-BCD1-74B1521E0C95}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{69A150EE-D676-4C26-B183-99E95E7D3B02}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [TCP Query User{7A1033A7-236D-40E7-A682-FCD786B964FA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E63F3F23-41E3-40B9-9B76-AAD469847D07}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{AB62731C-5AD5-49D1-AC90-9A443917DF58}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3FEC8F58-8CAE-4BF3-9831-F1B8594C5F4B}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{86436F5E-4F2F-4389-8248-31A0A874DF6A}] => (Allow) LPort=5353
FirewallRules: [{F7C49BF7-91B1-4FE9-B794-C39CC82AED2A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{0DB74ED7-F388-4832-8D15-81D61FA788CD}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{98563649-C14A-42D5-A0D3-B7F339A80BFD}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{B7244DC9-2201-464A-8B81-A5933F4125C1}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{AEBCCE49-4D6E-41E6-84BA-9EDF8A29F630}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{6FCBF066-EC8E-45A8-ADE0-69F81E75F278}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{349BB029-62E0-4A10-8592-153EE56706B4}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{C9E5B6E0-FD14-4F60-9D7E-797B9DE979A2}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{1F470C83-0EF4-46B3-BF05-EC640FCA6392}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{9DA9FE43-FAE0-4142-8EAB-416B340D1EC8}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{2D81C269-35F2-4B1F-85AA-C14D6234B4A8}] => (Allow) LPort=9322
FirewallRules: [{3A676292-72BA-40AF-88F0-E58C5F6BF85B}] => (Allow) LPort=5353
FirewallRules: [TCP Query User{FD8A017F-359E-4124-A045-2D8F7D115EF6}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [UDP Query User{156BA498-F12B-4652-9A79-542B6AE4DA25}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [TCP Query User{A0800BC3-3A25-4376-9803-66F4FCF454AA}C:\program files\adobe\adobe media encoder cs6\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cs6\adobe media encoder.exe
FirewallRules: [UDP Query User{1A41F66E-7B63-435F-A83F-C2EE19D3D6B0}C:\program files\adobe\adobe media encoder cs6\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cs6\adobe media encoder.exe
FirewallRules: [{E16B52DC-6B24-4049-948F-E44E10B68B1B}] => (Allow) E:\TeamViewer\TeamViewer.exe
FirewallRules: [{1F102923-B237-4A7A-BB3E-28FADA9FA887}] => (Allow) E:\TeamViewer\TeamViewer.exe
FirewallRules: [{0FD78A3E-73B9-455C-8186-320346711E4B}] => (Allow) E:\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{459552F2-A936-4670-9CDC-FF990D02070F}] => (Allow) E:\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FA9F7D94-6AD8-4CAE-BE48-B83261EBC1D4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4E367AAB-0902-42F6-94DF-B6440F0DD281}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F89C8B16-C7C9-470B-911C-FDB4B9D9808B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{160E0798-B55F-406B-902E-89531273708A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4DB3AB31-7C4E-46C5-93E9-67FB9EFA6507}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D9874FE1-64F0-4765-B364-1D05034A3857}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7ECE38CA-CB30-48BB-8DCC-F2B19DDE2135}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2E939FD0-35F9-4090-B5AD-5F38B1860DC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{390231D6-85EC-4904-8331-A27ABF8B00B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{48EB5980-FD85-4956-ACEB-C065CCFE4ECF}] => (Allow) E:\FarCry 4\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{D6FA018B-91A4-4D6C-9823-09A80F9BCBBE}] => (Allow) E:\FarCry 4\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{44F6F483-4410-4639-8C71-1D2C7F962332}] => (Allow) E:\FarCry 4\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{D862EB65-CDB1-4A92-905F-488E00B37FC4}] => (Allow) E:\FarCry 4\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{477F92D2-89E6-4FBD-8CA5-4CEBFC796DC8}] => (Allow) LPort=8317
FirewallRules: [{923CF63C-48C8-4837-B3A7-C0C0F10AB456}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5E10D9B0-8A67-4B89-9B40-CF80102B2790}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BA37A21E-795E-468A-AAED-F462E9E955BC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{3B7E4AA9-23C8-440A-83F8-F478BDA3FE51}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0175C9C5-3030-4F7E-980E-3D435A0C615F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{278351F7-2E15-442E-A328-CBFFEE7A7B74}] => (Allow) C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{05D82EF2-6ADD-459B-93B1-2DB528FDFC7A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{D7FA1D5A-2083-4716-8016-B1E7570FE560}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{B07AF721-AE73-4F59-8C4D-FD0566D4ACF6}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{951C4E79-B441-479C-ACB9-BE27D4DED23E}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{74B1DEC6-D814-42AD-AD7F-4CFB93812F39}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/30/2015 05:16:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (11/30/2015 05:16:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (11/30/2015 05:16:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (11/30/2015 05:16:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (11/30/2015 05:16:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (11/30/2015 05:11:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SelfServicePlugin.exe, Version: 4.3.0.8352, Zeitstempel: 0x5583fdd4
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4bcfc
Ausnahmecode: 0xc0020001
Fehleroffset: 0x00015b68
ID des fehlerhaften Prozesses: 0x7bc
Startzeit der fehlerhaften Anwendung: 0xSelfServicePlugin.exe0
Pfad der fehlerhaften Anwendung: SelfServicePlugin.exe1
Pfad des fehlerhaften Moduls: SelfServicePlugin.exe2
Berichtskennung: SelfServicePlugin.exe3
Vollständiger Name des fehlerhaften Pakets: SelfServicePlugin.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SelfServicePlugin.exe5
Error: (11/30/2015 05:11:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/30/2015 04:57:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4bcfc
Ausnahmecode: 0x40010006
Fehleroffset: 0x00015b68
ID des fehlerhaften Prozesses: 0xb6c
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Error: (11/30/2015 04:26:39 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (11/30/2015 11:29:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4bcfc
Ausnahmecode: 0x40010006
Fehleroffset: 0x00015b68
ID des fehlerhaften Prozesses: 0x1618
Startzeit der fehlerhaften Anwendung: 0xDipAwayMode.exe0
Pfad der fehlerhaften Anwendung: DipAwayMode.exe1
Pfad des fehlerhaften Moduls: DipAwayMode.exe2
Berichtskennung: DipAwayMode.exe3
Vollständiger Name des fehlerhaften Pakets: DipAwayMode.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DipAwayMode.exe5
Systemfehler:
=============
Error: (11/30/2015 05:16:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (11/30/2015 05:16:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jan\AppData\Local\Temp\ehdrv.sys
Error: (11/30/2015 05:16:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (11/30/2015 05:16:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jan\AppData\Local\Temp\ehdrv.sys
Error: (11/30/2015 05:16:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (11/30/2015 05:16:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jan\AppData\Local\Temp\ehdrv.sys
Error: (11/30/2015 05:11:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/29/2015 11:22:21 PM) (Source: DCOM) (EventID: 10010) (User: JanNXZT)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (11/29/2015 11:21:51 PM) (Source: DCOM) (EventID: 10010) (User: JanNXZT)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (11/27/2015 04:07:10 PM) (Source: DCOM) (EventID: 10001) (User: JanNXZT)
Description: "C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe" -Embedding5{5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}Nicht verfügbarNicht verfügbar
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 32669.63 MB
Verfügbarer physikalischer RAM: 28209.54 MB
Summe virtueller Speicher: 37533.63 MB
Verfügbarer virtueller Speicher: 32949.83 MB
==================== Laufwerke ================================
Drive c: (SSD) (Fixed) (Total:238.13 GB) (Free:110.23 GB) NTFS
Drive e: (HDD Programme ) (Fixed) (Total:732.42 GB) (Free:606.14 GB) NTFS
Drive f: (Aktuelle Projekte ) (Fixed) (Total:976.56 GB) (Free:924.45 GB) NTFS
Drive g: (Stock Footage / Presets) (Fixed) (Total:97.66 GB) (Free:44.21 GB) NTFS
Drive h: (Dokumente ) (Fixed) (Total:24.41 GB) (Free:9.28 GB) NTFS
Drive k: (Archiv) (Fixed) (Total:886.45 GB) (Free:631.11 GB) NTFS
Drive l: (WD3TB_Backup) (Fixed) (Total:2794.49 GB) (Free:2394.99 GB) NTFS
Drive m: (Musik / Filme / Bilder) (Fixed) (Total:488.28 GB) (Free:196.16 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: FF54DD03)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=238.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 86503BED)
Partition 1: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: B5A88588)
Partition 1: (Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1252.7 GB) - (Type=OF Extended)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
==================== Ende von Addition.txt ============================
|
|
30.11.2015, 20:56
| #3 |
| | Watch4 Virus ESET Scan
__________________Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=18b3f582d7f3934b885aa2e54e8282ef
# end=init
# utc_time=2015-11-30 04:16:19
# local_time=2015-11-30 05:16:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 26975
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=18b3f582d7f3934b885aa2e54e8282ef
# end=updated
# utc_time=2015-11-30 04:18:10
# local_time=2015-11-30 05:18:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=18b3f582d7f3934b885aa2e54e8282ef
# engine=26975
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-30 04:25:04
# local_time=2015-11-30 05:25:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 5258 29101807 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9585843 13798932 0 0
# scanned=77376
# found=0
# cleaned=0
# scan_time=413
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=18b3f582d7f3934b885aa2e54e8282ef
# end=init
# utc_time=2015-11-30 04:38:04
# local_time=2015-11-30 05:38:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 26975
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=18b3f582d7f3934b885aa2e54e8282ef
# end=updated
# utc_time=2015-11-30 04:38:14
# local_time=2015-11-30 05:38:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=18b3f582d7f3934b885aa2e54e8282ef
# engine=26975
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-30 05:41:18
# local_time=2015-11-30 06:41:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 6232 29106381 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9590417 13803506 0 0
# scanned=521115
# found=0
# cleaned=0
# scan_time=3784
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.11.30.04
rootkit: v2015.11.26.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18098
Jan :: JANNXZT [administrator]
30.11.2015 20:40:24
mbar-log-2015-11-30 (20-40-24).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 352138
Time elapsed: 8 minute(s), 54 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 20:52:30.0228 0x1728 TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
20:52:32.0447 0x1728 ============================================================
20:52:32.0447 0x1728 Current date / time: 2015/11/30 20:52:32.0447
20:52:32.0447 0x1728 SystemInfo:
20:52:32.0447 0x1728
20:52:32.0447 0x1728 OS Version: 6.3.9600 ServicePack: 0.0
20:52:32.0447 0x1728 Product type: Workstation
20:52:32.0447 0x1728 ComputerName: JANNXZT
20:52:32.0447 0x1728 UserName: Jan
20:52:32.0447 0x1728 Windows directory: C:\Windows
20:52:32.0447 0x1728 System windows directory: C:\Windows
20:52:32.0447 0x1728 Running under WOW64
20:52:32.0447 0x1728 Processor architecture: Intel x64
20:52:32.0447 0x1728 Number of processors: 12
20:52:32.0447 0x1728 Page size: 0x1000
20:52:32.0447 0x1728 Boot type: Normal boot
20:52:32.0447 0x1728 ============================================================
20:52:32.0509 0x1728 KLMD registered as C:\Windows\system32\drivers\67925858.sys
20:52:32.0572 0x1728 System UUID: {A2C19BB6-EAED-3E81-EFAC-E832187AF3AF}
20:52:32.0806 0x1728 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:52:32.0806 0x1728 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:52:32.0822 0x1728 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:52:32.0837 0x1728 Drive \Device\Harddisk4\DR4 - Size: 0x2BA9F400000 ( 2794.49 Gb ), SectorSize: 0x1000, Cylinders: 0xB21F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:52:32.0837 0x1728 ============================================================
20:52:32.0837 0x1728 \Device\Harddisk0\DR0:
20:52:32.0837 0x1728 MBR partitions:
20:52:32.0837 0x1728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
20:52:32.0837 0x1728 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1DC43000
20:52:32.0837 0x1728 \Device\Harddisk1\DR1:
20:52:32.0837 0x1728 MBR partitions:
20:52:32.0837 0x1728 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x7A120000
20:52:32.0837 0x1728 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x7A120800, BlocksNum 0x6ECE7000
20:52:32.0837 0x1728 \Device\Harddisk2\DR2:
20:52:32.0837 0x1728 MBR partitions:
20:52:32.0837 0x1728 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D090000
20:52:32.0837 0x1728 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x3D090800, BlocksNum 0xC350000
20:52:32.0837 0x1728 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x493E0800, BlocksNum 0x30D4000
20:52:32.0853 0x1728 \Device\Harddisk2\DR2\Partition4: MBR, Type 0x7, StartLBA 0x4C4B5000, BlocksNum 0x5B8D8000
20:52:32.0853 0x1728 \Device\Harddisk4\DR4:
20:52:32.0853 0x1728 MBR partitions:
20:52:32.0853 0x1728 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BA9F300
20:52:32.0853 0x1728 ============================================================
20:52:32.0853 0x1728 C: <-> \Device\Harddisk0\DR0\Partition2
20:52:32.0869 0x1728 E: <-> \Device\Harddisk2\DR2\Partition4
20:52:32.0900 0x1728 G: <-> \Device\Harddisk2\DR2\Partition2
20:52:32.0916 0x1728 H: <-> \Device\Harddisk2\DR2\Partition3
20:52:32.0931 0x1728 M: <-> \Device\Harddisk2\DR2\Partition1
20:52:33.0447 0x1728 L: <-> \Device\Harddisk4\DR4\Partition1
20:52:34.0103 0x1728 F: <-> \Device\Harddisk1\DR1\Partition1
20:52:34.0103 0x1728 K: <-> \Device\Harddisk1\DR1\Partition2
20:52:34.0103 0x1728 ============================================================
20:52:34.0103 0x1728 Initialize success
20:52:34.0103 0x1728 ============================================================
20:52:44.0250 0x1968 ============================================================
20:52:44.0250 0x1968 Scan started
20:52:44.0250 0x1968 Mode: Manual; SigCheck; TDLFS;
20:52:44.0250 0x1968 ============================================================
20:52:44.0250 0x1968 KSN ping started
20:52:46.0875 0x1968 KSN ping finished: true
20:52:50.0164 0x1968 ================ Scan system memory ========================
20:52:50.0164 0x1968 System memory - ok
20:52:50.0164 0x1968 ================ Scan services =============================
20:52:50.0195 0x1968 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
20:52:50.0226 0x1968 1394ohci - ok
20:52:50.0242 0x1968 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
20:52:50.0242 0x1968 3ware - ok
20:52:50.0257 0x1968 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:52:50.0289 0x1968 ACPI - ok
20:52:50.0289 0x1968 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
20:52:50.0304 0x1968 acpiex - ok
20:52:50.0304 0x1968 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
20:52:50.0320 0x1968 acpipagr - ok
20:52:50.0320 0x1968 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
20:52:50.0336 0x1968 AcpiPmi - ok
20:52:50.0336 0x1968 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
20:52:50.0351 0x1968 acpitime - ok
20:52:50.0351 0x1968 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:52:50.0367 0x1968 AdobeARMservice - ok
20:52:50.0386 0x1968 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:52:50.0386 0x1968 AdobeFlashPlayerUpdateSvc - ok
20:52:50.0402 0x1968 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
20:52:50.0433 0x1968 ADP80XX - ok
20:52:50.0433 0x1968 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:52:50.0449 0x1968 AeLookupSvc - ok
20:52:50.0449 0x1968 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys
20:52:50.0480 0x1968 AFD - ok
20:52:50.0480 0x1968 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:52:50.0495 0x1968 agp440 - ok
20:52:50.0527 0x1968 [ A9F3294F6939172C45D6C5AF2E563714, 5A3C1CFF254222D210974E974D4E5FEC38CA83D855E3DF341719CD0E3BA67171 ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
20:52:50.0558 0x1968 AGSService - ok
20:52:50.0558 0x1968 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
20:52:50.0574 0x1968 ahcache - ok
20:52:50.0574 0x1968 [ 4BFB41025FA1C37205EDEEFDE36F7771, EA171520C0C8DAFA3D656EC4815393F77096C1E22EC9F39756B52D1565483102 ] AiChargerPlus C:\Windows\syswow64\drivers\AiChargerPlus.sys
20:52:50.0589 0x1968 AiChargerPlus - ok
20:52:50.0589 0x1968 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe
20:52:50.0605 0x1968 ALG - ok
20:52:50.0605 0x1968 [ E019017558B28A707119F8545AD1A1C0, 7A080DB2BDD1AE7E849EE79BF42B737D78A4F6EA6D07F61D6E994D7A383E9551 ] ambakdrv C:\Windows\system32\ambakdrv.sys
20:52:50.0605 0x1968 ambakdrv - detected UnsignedFile.Multi.Generic ( 1 )
20:52:53.0792 0x1968 Detect skipped due to KSN trusted
20:52:53.0792 0x1968 ambakdrv - ok
20:52:53.0792 0x1968 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
20:52:53.0808 0x1968 AmdK8 - ok
20:52:53.0824 0x1968 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
20:52:53.0839 0x1968 AmdPPM - ok
20:52:53.0839 0x1968 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:52:53.0855 0x1968 amdsata - ok
20:52:53.0855 0x1968 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:52:53.0870 0x1968 amdsbs - ok
20:52:53.0886 0x1968 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:52:53.0886 0x1968 amdxata - ok
20:52:53.0902 0x1968 [ 46014EDFDC8AF8733E14947448D122C5, 8CE2BD29CF7230A624745334A76F5F8C2E5C01EEDB2B803F9468771BC9DCBC4D ] ammntdrv C:\Windows\system32\ammntdrv.sys
20:52:53.0902 0x1968 ammntdrv - detected UnsignedFile.Multi.Generic ( 1 )
20:52:56.0230 0x1968 Detect skipped due to KSN trusted
20:52:56.0230 0x1968 ammntdrv - ok
20:52:56.0230 0x1968 [ 7CD08E63219E00BB206077F5BA708677, E8F4031E5E524C60D5853B5DE3AC37E45F28B490665F0CD2016754EDCFA4B2F2 ] amwrtdrv C:\Windows\system32\amwrtdrv.sys
20:52:56.0245 0x1968 amwrtdrv - detected UnsignedFile.Multi.Generic ( 1 )
20:52:58.0571 0x1968 Detect skipped due to KSN trusted
20:52:58.0571 0x1968 amwrtdrv - ok
20:52:58.0587 0x1968 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
20:52:58.0602 0x1968 AppID - ok
20:52:58.0602 0x1968 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:52:58.0618 0x1968 AppIDSvc - ok
20:52:58.0618 0x1968 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
20:52:58.0618 0x1968 Appinfo - ok
20:52:58.0634 0x1968 [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\Windows\System32\appmgmts.dll
20:52:58.0634 0x1968 AppMgmt - ok
20:52:58.0649 0x1968 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\Windows\system32\AppReadiness.dll
20:52:58.0665 0x1968 AppReadiness - ok
20:52:58.0680 0x1968 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
20:52:58.0712 0x1968 AppXSvc - ok
20:52:58.0712 0x1968 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:52:58.0727 0x1968 arcsas - ok
20:52:58.0743 0x1968 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
20:52:58.0759 0x1968 asComSvc - ok
20:52:58.0759 0x1968 [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT C:\Windows\SysWOW64\ASGT.exe
20:52:58.0774 0x1968 ASGT - detected UnsignedFile.Multi.Generic ( 1 )
20:53:01.0087 0x1968 Detect skipped due to KSN trusted
20:53:01.0087 0x1968 ASGT - ok
20:53:01.0102 0x1968 [ 5F1091FA113607C9C9B2ECF4FBC76F37, F4406635C555A942242F40CACEC7EFD2FED47103C191CB3C2EDF21EE78C8122E ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
20:53:01.0118 0x1968 asHmComSvc - ok
20:53:01.0134 0x1968 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
20:53:01.0134 0x1968 AsIO - ok
20:53:01.0149 0x1968 [ AEE6A1FE4B4A7BBBD2084AB2DA9079BF, 7503138CD8CFE8474FF73EFC747E99B1B37CBD4F5A9E72B443AA96898F656039 ] ASMTFilter C:\Windows\syswow64\drivers\asmtufdriver.sys
20:53:01.0149 0x1968 ASMTFilter - ok
20:53:01.0149 0x1968 [ 30284361A316A61306D3494953B72BF8, 169B7E1439A506C8E827988DAD796B37CE81A32B5EB2DEBDD5032AC6C9845380 ] asmthub3 C:\Windows\System32\drivers\asmthub3.sys
20:53:01.0165 0x1968 asmthub3 - ok
20:53:01.0180 0x1968 [ 7E75F23151F893E9B6620784994BFCE1, 53D4F655FC29B182A58A482E3199C322D1466D12841E5087159C937AEE14C6E4 ] asmtxhci C:\Windows\System32\drivers\asmtxhci.sys
20:53:01.0196 0x1968 asmtxhci - ok
20:53:01.0212 0x1968 [ 37F7DD839A711B5706B1264F4D8D4BDC, C949A7BB236C6C03E197EF7F9A6DF53E34EC35D925034351B5FD5D7DB62A770E ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
20:53:01.0243 0x1968 AsSysCtrlService - detected UnsignedFile.Multi.Generic ( 1 )
20:53:04.0212 0x1968 Detect skipped due to KSN trusted
20:53:04.0212 0x1968 AsSysCtrlService - ok
20:53:04.0212 0x1968 [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
20:53:04.0227 0x1968 AsUpIO - ok
20:53:04.0227 0x1968 [ 9A1BAED68C52FA4668C3933AA93E9530, B92B2E9DBFFBB329D6009A72A7B766350833A1F9CAA74E63C380A8BA0B580BE0 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
20:53:04.0243 0x1968 AsusFanControlService - detected UnsignedFile.Multi.Generic ( 1 )
20:53:06.0556 0x1968 Detect skipped due to KSN trusted
20:53:06.0556 0x1968 AsusFanControlService - ok
20:53:06.0572 0x1968 [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER C:\Windows\syswow64\drivers\ASUSFILTER.sys
20:53:06.0572 0x1968 ASUSFILTER - ok
20:53:06.0572 0x1968 [ D34E4A194A595FDBCBB314B68C3DC833, D62134F8D90258DAD2376C8C69BB5324AB0B2F73CB62C2CF5E2CC7370F9FC138 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
20:53:06.0588 0x1968 aswHwid - ok
20:53:06.0588 0x1968 [ 7B2E6767FA25540C400CFDA8E7E4FB11, 9757C56BEABBBB26BB23D125D0DE7BF954585F7E987F48B0E20D52C32A6FADC1 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:53:06.0603 0x1968 aswMonFlt - ok
20:53:06.0603 0x1968 [ 6D1E4B74AA1E8C3C41EE601C2C8490ED, ED5AA1EB6172D57921C40422C5D44E5E6C86919880023B5FF452BD258C19A196 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
20:53:06.0619 0x1968 aswRdr - ok
20:53:06.0619 0x1968 [ 4ACDEA0ABC0EB8519E51D370F0D036FB, 9A13DF4AAEE76C38E2D7C1382E8C225F368CD829950B20221615F81D8C40DE35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:53:06.0634 0x1968 aswRvrt - ok
20:53:06.0650 0x1968 [ ED9451A5BA5940D90A9464A901D08844, 455727645069C5F87DE91D650C043954BE21024F4986AE56893A0F4B108E2CB3 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:53:06.0681 0x1968 aswSnx - ok
20:53:06.0697 0x1968 [ F667A04F874F39125489984F36620CC2, AB69126160FA75E10B9FEFBF1F09FB12FA3E7E597146CEAEB6C8E0FB8A84F1BD ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:53:06.0713 0x1968 aswSP - ok
20:53:06.0713 0x1968 [ 9F3215B03BE9F28D1F2FDBECDE5302E1, DEF40008924A7453589939D49BC24EDE3CFC3A444EA0909EBAD6961DE66211E1 ] aswStm C:\Windows\system32\drivers\aswStm.sys
20:53:06.0713 0x1968 aswStm - ok
20:53:06.0728 0x1968 [ ADD0EC73AEFBC170E5B8C4734DB74AA0, D33665EB079C1BEC2CA65E97064375FB423118BD1D943B1339E9FA44F64FC4F4 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:53:06.0744 0x1968 aswVmm - ok
20:53:06.0744 0x1968 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
20:53:06.0744 0x1968 atapi - ok
20:53:06.0759 0x1968 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:53:06.0759 0x1968 AudioEndpointBuilder - ok
20:53:06.0775 0x1968 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:53:06.0806 0x1968 Audiosrv - ok
20:53:06.0806 0x1968 [ 199D3FA1AF32FCE46A38E8EB64FFF520, 49B15E568AAC2A7B4A322827F743BA9BC09D11E830F6C00F1F48B7C83A474626 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:53:06.0806 0x1968 avast! Antivirus - ok
20:53:06.0822 0x1968 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:53:06.0822 0x1968 AxInstSV - ok
20:53:06.0838 0x1968 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:53:06.0853 0x1968 b06bdrv - ok
20:53:06.0853 0x1968 [ 41BE8EE6649976DFFDA8A89D7B48F1D5, 68AB60E9C6E3B131FC0AEFB321D3EC84D441B4F3E9BB8B771A77DFE39F2B57E9 ] Backupper Service C:\Program Files (x86)\AOMEI Backupper\ABService.exe
20:53:06.0869 0x1968 Backupper Service - ok
20:53:06.0869 0x1968 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
20:53:06.0884 0x1968 BasicDisplay - ok
20:53:06.0884 0x1968 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
20:53:06.0900 0x1968 BasicRender - ok
20:53:06.0900 0x1968 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
20:53:06.0900 0x1968 bcmfn2 - ok
20:53:06.0916 0x1968 [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\Windows\System32\bdesvc.dll
20:53:06.0931 0x1968 BDESVC - ok
20:53:06.0931 0x1968 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
20:53:06.0931 0x1968 Beep - ok
20:53:06.0947 0x1968 [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\Windows\System32\bfe.dll
20:53:06.0963 0x1968 BFE - ok
20:53:06.0994 0x1968 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll
20:53:07.0009 0x1968 BITS - ok
20:53:07.0009 0x1968 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:53:07.0025 0x1968 bowser - ok
20:53:07.0025 0x1968 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:53:07.0041 0x1968 BrokerInfrastructure - ok
20:53:07.0041 0x1968 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\Windows\System32\browser.dll
20:53:07.0056 0x1968 Browser - ok
20:53:07.0056 0x1968 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
20:53:07.0072 0x1968 BthAvrcpTg - ok
20:53:07.0072 0x1968 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
20:53:07.0088 0x1968 BthHFEnum - ok
20:53:07.0088 0x1968 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
20:53:07.0103 0x1968 bthhfhid - ok
20:53:07.0103 0x1968 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
20:53:07.0119 0x1968 BthHFSrv - ok
20:53:07.0119 0x1968 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
20:53:07.0150 0x1968 BTHMODEM - ok
20:53:07.0150 0x1968 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll
20:53:07.0166 0x1968 bthserv - ok
20:53:07.0181 0x1968 [ 68BD23A0AD9E934F037A1D8A1929D1E2, 7104B04435930D085D01779065C8F293A265800D90C9DEFB19C998D9326E44E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
20:53:07.0213 0x1968 c2cautoupdatesvc - ok
20:53:07.0228 0x1968 [ 13297729C696656F990A5DBA53023129, EB2B34B04B79756199DBBBDE99ACBB576D20C7C0AF3E4F3C0CF0040948216AAC ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
20:53:07.0259 0x1968 c2cpnrsvc - ok
20:53:07.0275 0x1968 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:53:07.0291 0x1968 cdfs - ok
20:53:07.0291 0x1968 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
20:53:07.0306 0x1968 cdrom - ok
20:53:07.0306 0x1968 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll
20:53:07.0322 0x1968 CertPropSvc - ok
20:53:07.0322 0x1968 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
20:53:07.0338 0x1968 circlass - ok
20:53:07.0338 0x1968 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
20:53:07.0353 0x1968 CLFS - ok
20:53:07.0400 0x1968 [ 2CE5D5AEE7EC90FE0CF8A8FBBB1B1A6C, E93E8362FB1D173D8F15C753190CF41474C183A667AF90378389563A70D93864 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
20:53:07.0447 0x1968 ClickToRunSvc - ok
20:53:07.0447 0x1968 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
20:53:07.0463 0x1968 CmBatt - ok
20:53:07.0478 0x1968 [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\Windows\system32\Drivers\cng.sys
20:53:07.0494 0x1968 CNG - ok
20:53:07.0509 0x1968 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
20:53:07.0509 0x1968 CompositeBus - ok
20:53:07.0525 0x1968 COMSysApp - ok
20:53:07.0525 0x1968 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
20:53:07.0541 0x1968 condrv - ok
20:53:07.0541 0x1968 cpuz138 - ok
20:53:07.0541 0x1968 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:53:07.0556 0x1968 CryptSvc - ok
20:53:07.0556 0x1968 [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\Windows\system32\drivers\csc.sys
20:53:07.0588 0x1968 CSC - ok
20:53:07.0603 0x1968 [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\Windows\System32\cscsvc.dll
20:53:07.0619 0x1968 CscService - ok
20:53:07.0619 0x1968 [ DC08465037FA57A5203BDF3E963422C2, ADA7F6B4ED68413924E187DA1A609BB7B7AA5E483055994A17AEBC7F1BCEC5F2 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
20:53:07.0634 0x1968 ctxusbm - ok
20:53:07.0634 0x1968 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\Windows\system32\drivers\dam.sys
20:53:07.0650 0x1968 dam - ok
20:53:07.0666 0x1968 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:53:07.0681 0x1968 DcomLaunch - ok
20:53:07.0681 0x1968 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\Windows\System32\defragsvc.dll
20:53:07.0697 0x1968 defragsvc - ok
20:53:07.0713 0x1968 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
20:53:07.0713 0x1968 DeviceAssociationService - ok
20:53:07.0728 0x1968 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
20:53:07.0728 0x1968 DeviceInstall - ok
20:53:07.0744 0x1968 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
20:53:07.0759 0x1968 Dfsc - ok
20:53:07.0759 0x1968 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:53:07.0759 0x1968 dg_ssudbus - ok
20:53:07.0775 0x1968 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:53:07.0791 0x1968 Dhcp - ok
20:53:07.0806 0x1968 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\Windows\system32\diagtrack.dll
20:53:07.0838 0x1968 DiagTrack - ok
20:53:07.0838 0x1968 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
20:53:07.0853 0x1968 disk - ok
20:53:07.0853 0x1968 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
20:53:07.0869 0x1968 dmvsc - ok
20:53:07.0884 0x1968 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:53:07.0884 0x1968 Dnscache - ok
20:53:07.0900 0x1968 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll
20:53:07.0900 0x1968 dot3svc - ok
20:53:07.0916 0x1968 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll
20:53:07.0931 0x1968 DPS - ok
20:53:07.0931 0x1968 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:53:07.0931 0x1968 drmkaud - ok
20:53:07.0947 0x1968 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
20:53:07.0963 0x1968 DsmSvc - ok
20:53:07.0963 0x1968 [ 6688B6F74C360CBC366B7AF948D9084D, 9ED4BEEB5E53D1BA9095D1C3F680FCB9FD8389C4AD7BE388786AC3CECC7EC98A ] DTSAudioSvc C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
20:53:07.0963 0x1968 DTSAudioSvc - ok
20:53:07.0978 0x1968 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\System32\drivers\dtsoftbus01.sys
20:53:07.0994 0x1968 dtsoftbus01 - ok
20:53:08.0009 0x1968 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:53:08.0056 0x1968 DXGKrnl - ok
20:53:08.0072 0x1968 [ ABFC5D28535E4FC109CD623E84A553B1, 525CC64F14BF66C944F2651ABA7CC927A9B9D27841D81A5E4AD6187DE3DE7459 ] e1dexpress C:\Windows\system32\DRIVERS\e1d64x64.sys
20:53:08.0088 0x1968 e1dexpress - ok
20:53:08.0088 0x1968 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll
20:53:08.0103 0x1968 Eaphost - ok
20:53:08.0150 0x1968 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:53:08.0213 0x1968 ebdrv - ok
20:53:08.0213 0x1968 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe
20:53:08.0228 0x1968 EFS - ok
20:53:08.0228 0x1968 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
20:53:08.0244 0x1968 EhStorClass - ok
20:53:08.0244 0x1968 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:53:08.0259 0x1968 EhStorTcgDrv - ok
20:53:08.0259 0x1968 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
20:53:08.0275 0x1968 ErrDev - ok
20:53:08.0275 0x1968 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll
20:53:08.0291 0x1968 EventSystem - ok
20:53:08.0306 0x1968 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
20:53:08.0322 0x1968 exfat - ok
20:53:08.0322 0x1968 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:53:08.0338 0x1968 fastfat - ok
20:53:08.0353 0x1968 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe
20:53:08.0369 0x1968 Fax - ok
20:53:08.0369 0x1968 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
20:53:08.0384 0x1968 fdc - ok
20:53:08.0384 0x1968 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll
20:53:08.0400 0x1968 fdPHost - ok
20:53:08.0400 0x1968 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll
20:53:08.0400 0x1968 FDResPub - ok
20:53:08.0416 0x1968 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll
20:53:08.0416 0x1968 fhsvc - ok
20:53:08.0416 0x1968 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:53:08.0431 0x1968 FileInfo - ok
20:53:08.0431 0x1968 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:53:08.0447 0x1968 Filetrace - ok
20:53:08.0447 0x1968 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
20:53:08.0463 0x1968 flpydisk - ok
20:53:08.0478 0x1968 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:53:08.0494 0x1968 FltMgr - ok
20:53:08.0509 0x1968 [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache C:\Windows\system32\FntCache.dll
20:53:08.0541 0x1968 FontCache - ok
20:53:08.0541 0x1968 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:53:08.0541 0x1968 FontCache3.0.0.0 - ok
20:53:08.0556 0x1968 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:53:08.0556 0x1968 FsDepends - ok
20:53:08.0572 0x1968 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:53:08.0572 0x1968 Fs_Rec - ok
20:53:08.0588 0x1968 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:53:08.0603 0x1968 fvevol - ok
20:53:08.0619 0x1968 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
20:53:08.0619 0x1968 FxPPM - ok
20:53:08.0634 0x1968 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:53:08.0634 0x1968 gagp30kx - ok
20:53:08.0650 0x1968 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
20:53:08.0650 0x1968 gencounter - ok
20:53:08.0666 0x1968 [ 5E42BDFF22707E577AD82BE4C43C3BCE, 4C0BBF6AAA7EB30A789D91A4F29726C2A6D941D457B59CF376EF96571F3E1BB4 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:53:08.0697 0x1968 GfExperienceService - ok
20:53:08.0697 0x1968 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
20:53:08.0713 0x1968 GPIOClx0101 - ok
20:53:08.0728 0x1968 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\Windows\System32\gpsvc.dll
20:53:08.0759 0x1968 gpsvc - ok
20:53:08.0759 0x1968 GPUZ - ok
20:53:08.0759 0x1968 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:53:08.0759 0x1968 gupdate - ok
20:53:08.0775 0x1968 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:53:08.0775 0x1968 gupdatem - ok
20:53:08.0791 0x1968 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:53:08.0806 0x1968 HdAudAddService - ok
20:53:08.0806 0x1968 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
20:53:08.0822 0x1968 HDAudBus - ok
20:53:08.0822 0x1968 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
20:53:08.0838 0x1968 HidBatt - ok
20:53:08.0838 0x1968 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
20:53:08.0853 0x1968 HidBth - ok
20:53:08.0853 0x1968 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
20:53:08.0869 0x1968 hidi2c - ok
20:53:08.0869 0x1968 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
20:53:08.0884 0x1968 HidIr - ok
20:53:08.0884 0x1968 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll
20:53:08.0900 0x1968 hidserv - ok
20:53:08.0900 0x1968 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
20:53:08.0900 0x1968 HidUsb - ok
20:53:08.0916 0x1968 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:53:08.0916 0x1968 hkmsvc - ok
20:53:08.0931 0x1968 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:53:08.0931 0x1968 HomeGroupListener - ok
20:53:08.0947 0x1968 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:53:08.0963 0x1968 HomeGroupProvider - ok
20:53:08.0963 0x1968 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:53:08.0978 0x1968 HpSAMD - ok
20:53:08.0994 0x1968 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:53:09.0025 0x1968 HTTP - ok
20:53:09.0025 0x1968 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:53:09.0041 0x1968 hwpolicy - ok
20:53:09.0041 0x1968 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
20:53:09.0056 0x1968 hyperkbd - ok
20:53:09.0056 0x1968 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
20:53:09.0056 0x1968 HyperVideo - ok
20:53:09.0072 0x1968 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
20:53:09.0088 0x1968 i8042prt - ok
20:53:09.0088 0x1968 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
20:53:09.0088 0x1968 iaLPSSi_GPIO - ok
20:53:09.0103 0x1968 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
20:53:09.0103 0x1968 iaLPSSi_I2C - ok
20:53:09.0119 0x1968 [ 9EBE1AE8B3DA91D06BE1971EB37F7DA0, 55B0E66139C966AF0D4955B44363123198C559968C864DA85F6610CF1C844E8D ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
20:53:09.0150 0x1968 iaStorA - ok
20:53:09.0150 0x1968 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
20:53:09.0181 0x1968 iaStorAV - ok
20:53:09.0181 0x1968 [ D524B034148F14C60F1CA66D267EE56A, 18045270C5CA718501285EE05EDED8B0EF998A881ACF19D9602F91A2A30E40AB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:53:09.0181 0x1968 IAStorDataMgrSvc - ok
20:53:09.0197 0x1968 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:53:09.0213 0x1968 iaStorV - ok
20:53:09.0213 0x1968 [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
20:53:09.0228 0x1968 ICCS - ok
20:53:09.0228 0x1968 IEEtwCollectorService - ok
20:53:09.0244 0x1968 [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\Windows\System32\ikeext.dll
20:53:09.0260 0x1968 IKEEXT - ok
20:53:09.0338 0x1968 [ DEB42305E49BBD1543541438DC044444, 5D77F13F8F634662E14153911F9CBE99B5F3EA8E6D4F60F124CFB4D1B78EDFF0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:53:09.0431 0x1968 IntcAzAudAddService - ok
20:53:09.0447 0x1968 [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:53:09.0463 0x1968 Intel(R) Capability Licensing Service TCP IP Interface - ok
20:53:09.0463 0x1968 [ 9417DBC88A3A80F6177BCA204B16A016, A1CAEEDB634C5858D6C448F38BB1464F555D9AC1EC4340DFD0E10E69B4F3CF07 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
20:53:09.0478 0x1968 Intel(R) ME Service - ok
20:53:09.0478 0x1968 [ E42505363945956ECB5D38A4EB21CB39, C6A46A7621721EB1EA46E5F7D2E560D8022A97241F0792814015F803D96A2C92 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
20:53:09.0478 0x1968 Intel(R) PROSet Monitoring Service - ok
20:53:09.0494 0x1968 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
20:53:09.0494 0x1968 intelide - ok
20:53:09.0494 0x1968 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\Windows\system32\drivers\intelpep.sys
20:53:09.0510 0x1968 intelpep - ok
20:53:09.0510 0x1968 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
20:53:09.0525 0x1968 intelppm - ok
20:53:09.0525 0x1968 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:53:09.0541 0x1968 IpFilterDriver - ok
20:53:09.0556 0x1968 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:53:09.0588 0x1968 iphlpsvc - ok
20:53:09.0588 0x1968 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
20:53:09.0603 0x1968 IPMIDRV - ok
20:53:09.0603 0x1968 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:53:09.0619 0x1968 IPNAT - ok
20:53:09.0619 0x1968 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:53:09.0635 0x1968 IRENUM - ok
20:53:09.0635 0x1968 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:53:09.0650 0x1968 isapnp - ok
20:53:09.0650 0x1968 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
20:53:09.0666 0x1968 iScsiPrt - ok
20:53:09.0666 0x1968 [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
20:53:09.0681 0x1968 iumsvc - ok
20:53:09.0681 0x1968 [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:53:09.0697 0x1968 jhi_service - ok
20:53:09.0697 0x1968 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
20:53:09.0713 0x1968 kbdclass - ok
20:53:09.0713 0x1968 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
20:53:09.0728 0x1968 kbdhid - ok
20:53:09.0728 0x1968 [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\Windows\system32\drivers\kbldfltr.sys
20:53:09.0744 0x1968 kbldfltr - ok
20:53:09.0744 0x1968 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
20:53:09.0744 0x1968 kdnic - ok
20:53:09.0760 0x1968 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe
20:53:09.0760 0x1968 KeyIso - ok
20:53:09.0760 0x1968 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:53:09.0775 0x1968 KSecDD - ok
20:53:09.0775 0x1968 [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:53:09.0791 0x1968 KSecPkg - ok
20:53:09.0806 0x1968 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:53:09.0806 0x1968 ksthunk - ok
20:53:09.0822 0x1968 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:53:09.0838 0x1968 KtmRm - ok
20:53:09.0838 0x1968 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\Windows\system32\srvsvc.dll
20:53:09.0853 0x1968 LanmanServer - ok
20:53:09.0853 0x1968 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:53:09.0869 0x1968 LanmanWorkstation - ok
20:53:09.0885 0x1968 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
20:53:09.0900 0x1968 lfsvc - ok
20:53:09.0900 0x1968 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:53:09.0916 0x1968 lltdio - ok
20:53:09.0916 0x1968 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:53:09.0931 0x1968 lltdsvc - ok
20:53:09.0931 0x1968 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:53:09.0947 0x1968 lmhosts - ok
20:53:09.0947 0x1968 [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:53:09.0963 0x1968 LMS - ok
20:53:09.0963 0x1968 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:53:09.0978 0x1968 LSI_SAS - ok
20:53:09.0978 0x1968 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:53:09.0994 0x1968 LSI_SAS2 - ok
20:53:09.0994 0x1968 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
20:53:10.0010 0x1968 LSI_SAS3 - ok
20:53:10.0010 0x1968 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
20:53:10.0025 0x1968 LSI_SSS - ok
20:53:10.0041 0x1968 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
20:53:10.0056 0x1968 LSM - ok
20:53:10.0056 0x1968 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
20:53:10.0072 0x1968 luafv - ok
20:53:10.0072 0x1968 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
20:53:10.0088 0x1968 LVRS64 - ok
20:53:10.0150 0x1968 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
20:53:10.0228 0x1968 LVUVC64 - ok
20:53:10.0228 0x1968 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:53:10.0244 0x1968 MBAMProtector - ok
20:53:10.0306 0x1968 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService E:\ Malwarebytes Anti-Malware \mbamservice.exe
20:53:10.0322 0x1968 MBAMService - ok
20:53:10.0322 0x1968 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:53:10.0338 0x1968 MBAMWebAccessControl - ok
20:53:10.0338 0x1968 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
20:53:10.0353 0x1968 megasas - ok
20:53:10.0369 0x1968 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
20:53:10.0385 0x1968 megasr - ok
20:53:10.0385 0x1968 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
20:53:10.0400 0x1968 MEIx64 - ok
20:53:10.0400 0x1968 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll
20:53:10.0416 0x1968 MMCSS - ok
20:53:10.0416 0x1968 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
20:53:10.0431 0x1968 Modem - ok
20:53:10.0431 0x1968 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
20:53:10.0431 0x1968 monitor - ok
20:53:10.0447 0x1968 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
20:53:10.0447 0x1968 mouclass - ok
20:53:10.0463 0x1968 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
20:53:10.0463 0x1968 mouhid - ok
20:53:10.0478 0x1968 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:53:10.0478 0x1968 mountmgr - ok
20:53:10.0494 0x1968 [ 05D7AF9196DAA3E5215FB7B053603C36, 1A3C6B9FC3906D7B2DDAE7270BD4F78D8A63A02F8CD9A79FCD63EF0F9562FF7D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:53:10.0494 0x1968 MozillaMaintenance - ok
20:53:10.0494 0x1968 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:53:10.0510 0x1968 mpsdrv - ok
20:53:10.0525 0x1968 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:53:10.0556 0x1968 MpsSvc - ok
20:53:10.0556 0x1968 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:53:10.0572 0x1968 MRxDAV - ok
20:53:10.0588 0x1968 [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:53:10.0603 0x1968 mrxsmb - ok
20:53:10.0619 0x1968 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:53:10.0635 0x1968 mrxsmb10 - ok
20:53:10.0635 0x1968 [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:53:10.0650 0x1968 mrxsmb20 - ok
20:53:10.0650 0x1968 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
20:53:10.0666 0x1968 MsBridge - ok
20:53:10.0666 0x1968 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe
20:53:10.0681 0x1968 MSDTC - ok
20:53:10.0681 0x1968 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:53:10.0697 0x1968 Msfs - ok
20:53:10.0697 0x1968 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
20:53:10.0713 0x1968 msgpiowin32 - ok
20:53:10.0713 0x1968 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:53:10.0728 0x1968 mshidkmdf - ok
20:53:10.0728 0x1968 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
20:53:10.0744 0x1968 mshidumdf - ok
20:53:10.0744 0x1968 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:53:10.0760 0x1968 msisadrv - ok
20:53:10.0760 0x1968 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:53:10.0760 0x1968 MSiSCSI - ok
20:53:10.0775 0x1968 msiserver - ok
20:53:10.0775 0x1968 [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
20:53:10.0775 0x1968 MsKeyboardFilter - ok
20:53:10.0775 0x1968 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:53:10.0791 0x1968 MSKSSRV - ok
20:53:10.0791 0x1968 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
20:53:10.0806 0x1968 MsLldp - ok
20:53:10.0806 0x1968 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:53:10.0822 0x1968 MSPCLOCK - ok
20:53:10.0822 0x1968 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:53:10.0838 0x1968 MSPQM - ok
20:53:10.0853 0x1968 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:53:10.0869 0x1968 MsRPC - ok
20:53:10.0869 0x1968 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
20:53:10.0885 0x1968 mssmbios - ok
20:53:10.0885 0x1968 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:53:10.0900 0x1968 MSTEE - ok
20:53:10.0900 0x1968 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
20:53:10.0916 0x1968 MTConfig - ok
20:53:10.0916 0x1968 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
20:53:10.0916 0x1968 Mup - ok
20:53:10.0931 0x1968 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
20:53:10.0931 0x1968 mvumis - ok
20:53:10.0947 0x1968 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll
20:53:10.0963 0x1968 napagent - ok
20:53:10.0978 0x1968 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:53:10.0994 0x1968 NativeWifiP - ok
20:53:10.0994 0x1968 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll
20:53:11.0010 0x1968 NcaSvc - ok
20:53:11.0010 0x1968 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll
20:53:11.0025 0x1968 NcbService - ok
20:53:11.0025 0x1968 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
20:53:11.0041 0x1968 NcdAutoSetup - ok
20:53:11.0056 0x1968 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:53:11.0088 0x1968 NDIS - ok
20:53:11.0088 0x1968 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:53:11.0103 0x1968 NdisCap - ok
20:53:11.0119 0x1968 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:53:11.0119 0x1968 NdisImPlatform - ok
20:53:11.0135 0x1968 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:53:11.0135 0x1968 NdisTapi - ok
20:53:11.0135 0x1968 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:53:11.0150 0x1968 Ndisuio - ok
20:53:11.0150 0x1968 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
20:53:11.0166 0x1968 NdisVirtualBus - ok
20:53:11.0181 0x1968 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:53:11.0197 0x1968 NdisWan - ok
20:53:11.0197 0x1968 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
20:53:11.0213 0x1968 NdisWanLegacy - ok
20:53:11.0213 0x1968 [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:53:11.0228 0x1968 NDProxy - ok
20:53:11.0228 0x1968 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys
20:53:11.0244 0x1968 Ndu - ok
20:53:11.0260 0x1968 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:53:11.0260 0x1968 NetBIOS - ok
20:53:11.0275 0x1968 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:53:11.0291 0x1968 NetBT - ok
20:53:11.0291 0x1968 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe
20:53:11.0306 0x1968 Netlogon - ok
20:53:11.0306 0x1968 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll
20:53:11.0322 0x1968 Netman - ok
20:53:11.0322 0x1968 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll
20:53:11.0338 0x1968 netprofm - ok
20:53:11.0385 0x1968 [ 91307C4F3AA4E42404BC4F513CCD5430, FD829B655EFA813EA88AFFC0D8AB8E7924CC8456A063278F9490F055BC7874F0 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
20:53:11.0431 0x1968 netr28ux - ok
20:53:11.0447 0x1968 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:53:11.0447 0x1968 NetTcpPortSharing - ok
20:53:11.0463 0x1968 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys
20:53:11.0463 0x1968 netvsc - ok
20:53:11.0478 0x1968 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
20:53:11.0494 0x1968 NlaSvc - ok
20:53:11.0494 0x1968 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:53:11.0510 0x1968 Npfs - ok
20:53:11.0510 0x1968 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
20:53:11.0525 0x1968 npsvctrig - ok
20:53:11.0525 0x1968 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll
20:53:11.0525 0x1968 nsi - ok
20:53:11.0541 0x1968 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:53:11.0541 0x1968 nsiproxy - ok
20:53:11.0572 0x1968 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:53:11.0635 0x1968 Ntfs - ok
20:53:11.0635 0x1968 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
20:53:11.0650 0x1968 Null - ok
20:53:11.0650 0x1968 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:53:11.0666 0x1968 NVHDA - ok
20:53:11.0822 0x1968 [ 6DDB922F08C17C342F1FB868D7EB22CD, A62E476FD377EA9974122DC7C426735B6BE5CECCD0D3DA22502DF7CBB208B49E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:53:11.0978 0x1968 nvlddmkm - ok
20:53:12.0010 0x1968 [ 2CCD9A74A0F9C7605EAFA3F3AC8DC476, DEE95B0C0CA4525850E06AD3C1233A6C6E88D97EE874F83801686B87FD23F0BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:53:12.0041 0x1968 NvNetworkService - ok
20:53:12.0041 0x1968 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:53:12.0056 0x1968 nvraid - ok
20:53:12.0056 0x1968 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:53:12.0072 0x1968 nvstor - ok
20:53:12.0072 0x1968 [ 2F61DB46C84CCBB5D9F75065A85D2173, 79049D42F0D82BD3C5A9C8231CF2F412B50C9E6483DB14F41CD48301D85C166C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:53:12.0088 0x1968 NvStreamKms - ok
20:53:12.0197 0x1968 [ 6F5AC1C495DA6D19AF99A59DC44BC13F, 61E8C0C0B9EEEF6ADE86AD4BC8D43256A6B20AEEB43BBC3C44B3B6140544259F ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
20:53:12.0306 0x1968 NvStreamNetworkSvc - ok
20:53:12.0400 0x1968 [ 73FA6B2DF3348AF05E1F98310854BD4F, F0B7CF54495C81EE4C8B44580E399F3B22E190CB553AC7BA8E2DC13A28477566 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
20:53:12.0478 0x1968 NvStreamSvc - ok
20:53:12.0510 0x1968 [ 5A3DE85307FB54C09C0D1D52B97916FE, EAE8FF99337557F60078F94F952BAC48880CA279A763FD14E098E34B4EE8534F ] nvsvc C:\Windows\system32\nvvsvc.exe
20:53:12.0525 0x1968 nvsvc - ok
20:53:12.0525 0x1968 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:53:12.0541 0x1968 nvvad_WaveExtensible - ok
20:53:12.0541 0x1968 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:53:12.0556 0x1968 nv_agp - ok
20:53:12.0556 0x1968 [ 9DC3547435561227EDA476EA9D04A085, B859D7544867FC38A837D32B36515894235F915D4702736A515C9EB389C8CB95 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:53:12.0572 0x1968 ose64 - ok
20:53:12.0572 0x1968 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:53:12.0588 0x1968 p2pimsvc - ok
20:53:12.0588 0x1968 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll
20:53:12.0603 0x1968 p2psvc - ok
20:53:12.0619 0x1968 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
20:53:12.0619 0x1968 Parport - ok
20:53:12.0635 0x1968 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:53:12.0635 0x1968 partmgr - ok
20:53:12.0650 0x1968 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:53:12.0666 0x1968 PcaSvc - ok
20:53:12.0666 0x1968 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
20:53:12.0681 0x1968 pci - ok
20:53:12.0697 0x1968 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
20:53:12.0697 0x1968 pciide - ok
20:53:12.0697 0x1968 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:53:12.0713 0x1968 pcmcia - ok
20:53:12.0728 0x1968 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
20:53:12.0728 0x1968 pcw - ok
20:53:12.0728 0x1968 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\Windows\system32\drivers\pdc.sys
20:53:12.0744 0x1968 pdc - ok
20:53:12.0760 0x1968 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:53:12.0775 0x1968 PEAUTH - ok
20:53:12.0806 0x1968 [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:53:12.0838 0x1968 PeerDistSvc - ok
20:53:12.0869 0x1968 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:53:12.0869 0x1968 PerfHost - ok
20:53:12.0900 0x1968 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll
20:53:12.0931 0x1968 pla - ok
20:53:12.0931 0x1968 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:53:12.0947 0x1968 PlugPlay - ok
20:53:12.0947 0x1968 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:53:12.0947 0x1968 PNRPAutoReg - ok
20:53:12.0963 0x1968 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:53:12.0963 0x1968 PNRPsvc - ok
20:53:12.0978 0x1968 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:53:12.0994 0x1968 PolicyAgent - ok
20:53:12.0994 0x1968 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll
20:53:13.0010 0x1968 Power - ok
20:53:13.0041 0x1968 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:53:13.0088 0x1968 PrintNotify - ok
20:53:13.0103 0x1968 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
20:53:13.0119 0x1968 Processor - ok
20:53:13.0119 0x1968 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
20:53:13.0135 0x1968 ProfSvc - ok
20:53:13.0135 0x1968 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:53:13.0150 0x1968 Psched - ok
20:53:13.0150 0x1968 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll
20:53:13.0166 0x1968 QWAVE - ok
20:53:13.0166 0x1968 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:53:13.0181 0x1968 QWAVEdrv - ok
20:53:13.0197 0x1968 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:53:13.0197 0x1968 RasAcd - ok
20:53:13.0213 0x1968 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll
20:53:13.0213 0x1968 RasAuto - ok
20:53:13.0228 0x1968 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\Windows\System32\rasmans.dll
20:53:13.0244 0x1968 RasMan - ok
20:53:13.0244 0x1968 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:53:13.0260 0x1968 RasPppoe - ok
20:53:13.0260 0x1968 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:53:13.0291 0x1968 rdbss - ok
20:53:13.0291 0x1968 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
20:53:13.0306 0x1968 rdpbus - ok
20:53:13.0306 0x1968 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:53:13.0322 0x1968 RDPDR - ok
20:53:13.0322 0x1968 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:53:13.0338 0x1968 RdpVideoMiniport - ok
20:53:13.0338 0x1968 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
|
|
30.11.2015, 20:57
| #4 |
| | Watch4 Virus TDSS Killer Part 2/2 Code:
ATTFilter 20:53:13.0353 0x1968 rdyboost - ok
20:53:13.0369 0x1968 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\Windows\system32\drivers\ReFS.sys
20:53:13.0400 0x1968 ReFS - ok
20:53:13.0416 0x1968 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:53:13.0431 0x1968 RemoteAccess - ok
20:53:13.0431 0x1968 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:53:13.0447 0x1968 RemoteRegistry - ok
20:53:13.0447 0x1968 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:53:13.0463 0x1968 RpcEptMapper - ok
20:53:13.0463 0x1968 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe
20:53:13.0463 0x1968 RpcLocator - ok
20:53:13.0478 0x1968 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\Windows\system32\rpcss.dll
20:53:13.0494 0x1968 RpcSs - ok
20:53:13.0494 0x1968 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:53:13.0510 0x1968 rspndr - ok
20:53:13.0525 0x1968 [ 333224D4D25F9BCCA488E08345083E1C, 368CA50C6791849A029F0E55036D0F2952922D5D17BE3C35D1195C6AFED0D94F ] RTL8187 C:\Windows\system32\DRIVERS\rtl8187.sys
20:53:13.0541 0x1968 RTL8187 - ok
20:53:13.0541 0x1968 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
20:53:13.0556 0x1968 s3cap - ok
20:53:13.0556 0x1968 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe
20:53:13.0572 0x1968 SamSs - ok
20:53:13.0572 0x1968 [ EA9C5A00B1FCD8CC60245BD66B5120CE, 20699B583D3C60138D3FFFE5DD45F394A67820464928AC001BF8C1ED2DE66331 ] SamsungRapidDiskFltr C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys
20:53:13.0588 0x1968 SamsungRapidDiskFltr - ok
20:53:13.0588 0x1968 [ 966D55C3EBE86897C2ADFC680A2F954A, FEFAADC4FEA30E228013CA67BD4B19C72985ABDE0A258330942B2BCE47E8D510 ] SamsungRapidFSFltr C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys
20:53:13.0603 0x1968 SamsungRapidFSFltr - ok
20:53:13.0603 0x1968 [ 534E728704E465B09F94548A54E9E38C, C613B69CBB41D932FF96C01E3B0E73F7FB021D31C62D63F939D4DA92945EC8CA ] SamsungRapidSvc C:\Windows\system32\RAPID\SamsungRapidSvc.exe
20:53:13.0603 0x1968 SamsungRapidSvc - ok
20:53:13.0603 0x1968 SANDRA - ok
20:53:13.0619 0x1968 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:53:13.0635 0x1968 sbp2port - ok
20:53:13.0635 0x1968 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:53:13.0650 0x1968 SCardSvr - ok
20:53:13.0650 0x1968 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
20:53:13.0666 0x1968 ScDeviceEnum - ok
20:53:13.0666 0x1968 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:53:13.0681 0x1968 scfilter - ok
20:53:13.0697 0x1968 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
20:53:13.0713 0x1968 Schedule - ok
20:53:13.0728 0x1968 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:53:13.0744 0x1968 SCPolicySvc - ok
20:53:13.0744 0x1968 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
20:53:13.0760 0x1968 sdbus - ok
20:53:13.0760 0x1968 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
20:53:13.0775 0x1968 sdstor - ok
20:53:13.0775 0x1968 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:53:13.0791 0x1968 secdrv - ok
20:53:13.0791 0x1968 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll
20:53:13.0806 0x1968 seclogon - ok
20:53:13.0806 0x1968 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll
20:53:13.0822 0x1968 SENS - ok
20:53:13.0822 0x1968 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:53:13.0838 0x1968 SensrSvc - ok
20:53:13.0838 0x1968 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
20:53:13.0853 0x1968 SerCx - ok
20:53:13.0853 0x1968 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
20:53:13.0869 0x1968 SerCx2 - ok
20:53:13.0869 0x1968 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
20:53:13.0885 0x1968 Serenum - ok
20:53:13.0885 0x1968 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
20:53:13.0900 0x1968 Serial - ok
20:53:13.0900 0x1968 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
20:53:13.0916 0x1968 sermouse - ok
20:53:13.0931 0x1968 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\Windows\system32\sessenv.dll
20:53:13.0931 0x1968 SessionEnv - ok
20:53:13.0947 0x1968 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
20:53:13.0947 0x1968 sfloppy - ok
20:53:13.0963 0x1968 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:53:13.0978 0x1968 SharedAccess - ok
20:53:13.0978 0x1968 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:53:14.0010 0x1968 ShellHWDetection - ok
20:53:14.0010 0x1968 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:53:14.0025 0x1968 SiSRaid2 - ok
20:53:14.0025 0x1968 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:53:14.0041 0x1968 SiSRaid4 - ok
20:53:14.0041 0x1968 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:53:14.0056 0x1968 SkypeUpdate - ok
20:53:14.0056 0x1968 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll
20:53:14.0072 0x1968 smphost - ok
20:53:14.0072 0x1968 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:53:14.0088 0x1968 SNMPTRAP - ok
20:53:14.0088 0x1968 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\Windows\system32\drivers\spaceport.sys
20:53:14.0119 0x1968 spaceport - ok
20:53:14.0119 0x1968 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
20:53:14.0135 0x1968 SpbCx - ok
20:53:14.0135 0x1968 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\Windows\System32\spoolsv.exe
20:53:14.0166 0x1968 Spooler - ok
20:53:14.0260 0x1968 [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc C:\Windows\system32\sppsvc.exe
20:53:14.0369 0x1968 sppsvc - ok
20:53:14.0385 0x1968 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:53:14.0400 0x1968 srv - ok
20:53:14.0416 0x1968 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:53:14.0447 0x1968 srv2 - ok
20:53:14.0447 0x1968 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:53:14.0463 0x1968 srvnet - ok
20:53:14.0478 0x1968 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:53:14.0494 0x1968 SSDPSRV - ok
20:53:14.0494 0x1968 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:53:14.0510 0x1968 SstpSvc - ok
20:53:14.0510 0x1968 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:53:14.0510 0x1968 ssudmdm - ok
20:53:14.0525 0x1968 [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:53:14.0541 0x1968 Steam Client Service - ok
20:53:14.0556 0x1968 [ 937821881026EBE17DA25285CD5461A8, 79C503798BD6CE218598229AAB417EBD43E151A2E821BE99E138BFA9F841103A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:53:14.0556 0x1968 Stereo Service - ok
20:53:14.0556 0x1968 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:53:14.0572 0x1968 stexstor - ok
20:53:14.0588 0x1968 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll
20:53:14.0603 0x1968 stisvc - ok
20:53:14.0603 0x1968 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
20:53:14.0619 0x1968 storahci - ok
20:53:14.0619 0x1968 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
20:53:14.0635 0x1968 storflt - ok
20:53:14.0635 0x1968 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
20:53:14.0650 0x1968 stornvme - ok
20:53:14.0650 0x1968 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll
20:53:14.0650 0x1968 StorSvc - ok
20:53:14.0666 0x1968 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:53:14.0666 0x1968 storvsc - ok
20:53:14.0681 0x1968 [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp C:\Windows\System32\drivers\storvsp.sys
20:53:14.0681 0x1968 storvsp - ok
20:53:14.0681 0x1968 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll
20:53:14.0697 0x1968 svsvc - ok
20:53:14.0697 0x1968 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys
20:53:14.0713 0x1968 swenum - ok
20:53:14.0728 0x1968 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:53:14.0728 0x1968 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:53:16.0297 0x17e8 Object required for P2P: [ 199D3FA1AF32FCE46A38E8EB64FFF520 ] avast! Antivirus
20:53:17.0062 0x1968 Detect skipped due to KSN trusted
20:53:17.0062 0x1968 SwitchBoard - ok
20:53:17.0078 0x1968 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\Windows\System32\swprv.dll
20:53:17.0093 0x1968 swprv - ok
20:53:17.0125 0x1968 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
20:53:17.0140 0x1968 SysMain - ok
20:53:17.0156 0x1968 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:53:17.0172 0x1968 SystemEventsBroker - ok
20:53:17.0172 0x1968 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
20:53:17.0187 0x1968 TabletInputService - ok
20:53:17.0187 0x1968 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:53:17.0203 0x1968 TapiSrv - ok
20:53:17.0234 0x1968 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:53:17.0312 0x1968 Tcpip - ok
20:53:17.0343 0x1968 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:53:17.0422 0x1968 TCPIP6 - ok
20:53:17.0422 0x1968 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:53:17.0437 0x1968 tcpipreg - ok
20:53:17.0437 0x1968 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:53:17.0453 0x1968 tdx - ok
20:53:17.0578 0x1968 [ 6CA83C69643E7BF144A428B7BDC7D630, DB015BA4428509E1D5BE74FEFB446A29D316564617EB15A379424B3FCE3B74A9 ] TeamViewer E:\TeamViewer\TeamViewer_Service.exe
20:53:17.0656 0x1968 TeamViewer - ok
20:53:17.0672 0x1968 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
20:53:17.0672 0x1968 terminpt - ok
20:53:17.0687 0x1968 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\Windows\System32\termsrv.dll
20:53:17.0718 0x1968 TermService - ok
20:53:17.0718 0x1968 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll
20:53:17.0734 0x1968 Themes - ok
20:53:17.0734 0x1968 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll
20:53:17.0750 0x1968 THREADORDER - ok
20:53:17.0750 0x1968 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
20:53:17.0765 0x1968 TimeBroker - ok
20:53:17.0765 0x1968 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
20:53:17.0781 0x1968 TPM - ok
20:53:17.0781 0x1968 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll
20:53:17.0797 0x1968 TrkWks - ok
20:53:17.0797 0x1968 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:53:17.0812 0x1968 TrustedInstaller - ok
20:53:17.0812 0x1968 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:53:17.0828 0x1968 TsUsbFlt - ok
20:53:17.0828 0x1968 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
20:53:17.0843 0x1968 TsUsbGD - ok
20:53:17.0843 0x1968 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:53:17.0859 0x1968 tunnel - ok
20:53:17.0859 0x1968 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:53:17.0875 0x1968 uagp35 - ok
20:53:17.0875 0x1968 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
20:53:17.0890 0x1968 UASPStor - ok
20:53:17.0890 0x1968 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
20:53:17.0906 0x1968 UCX01000 - ok
20:53:17.0922 0x1968 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:53:17.0937 0x1968 udfs - ok
20:53:17.0937 0x1968 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
20:53:17.0937 0x1968 UEFI - ok
20:53:17.0953 0x1968 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:53:17.0953 0x1968 UI0Detect - ok
20:53:17.0968 0x1968 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:53:17.0968 0x1968 uliagpkx - ok
20:53:17.0984 0x1968 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
20:53:17.0984 0x1968 umbus - ok
20:53:17.0984 0x1968 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
20:53:18.0000 0x1968 UmPass - ok
20:53:18.0015 0x1968 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll
20:53:18.0015 0x1968 UmRdpService - ok
20:53:18.0031 0x1968 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll
20:53:18.0047 0x1968 upnphost - ok
20:53:18.0047 0x1968 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:53:18.0062 0x1968 usbaudio - ok
20:53:18.0062 0x1968 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
20:53:18.0089 0x1968 usbccgp - ok
20:53:18.0093 0x1968 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys
20:53:18.0100 0x1968 usbcir - ok
20:53:18.0100 0x1968 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
20:53:18.0116 0x1968 usbehci - ok
20:53:18.0132 0x1968 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
20:53:18.0147 0x1968 usbhub - ok
20:53:18.0163 0x1968 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
20:53:18.0179 0x1968 USBHUB3 - ok
20:53:18.0179 0x1968 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
20:53:18.0194 0x1968 usbohci - ok
20:53:18.0194 0x1968 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
20:53:18.0210 0x1968 usbprint - ok
20:53:18.0210 0x1968 [ F3F90825C416B264D016AA9D02C244C4, EEBB594BFF2FB52521995211858C9DB90CD317C5C0E2FB61BF837078BC438FD3 ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
20:53:18.0225 0x1968 usbrndis6 - ok
20:53:18.0225 0x1968 [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:53:18.0241 0x1968 usbscan - ok
20:53:18.0241 0x1968 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
20:53:18.0257 0x1968 USBSTOR - ok
20:53:18.0257 0x1968 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
20:53:18.0272 0x1968 usbuhci - ok
20:53:18.0272 0x1968 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:53:18.0288 0x1968 usbvideo - ok
20:53:18.0304 0x1968 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
20:53:18.0319 0x1968 USBXHCI - ok
20:53:18.0319 0x1968 [ 3CAAB947B1F247A570DE15983BEDEBCF, 81480D999F67A1755D5C21CE046FB439F0FBD743F73D23C19BC8C4DEB78A4F91 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
20:53:18.0335 0x1968 usb_rndisx - ok
20:53:18.0335 0x1968 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe
20:53:18.0350 0x1968 VaultSvc - ok
20:53:18.0350 0x1968 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:53:18.0366 0x1968 vdrvroot - ok
20:53:18.0382 0x1968 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\Windows\System32\vds.exe
20:53:18.0413 0x1968 vds - ok
20:53:18.0413 0x1968 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
20:53:18.0429 0x1968 VerifierExt - ok
20:53:18.0444 0x1968 [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
20:53:18.0460 0x1968 vhdmp - ok
20:53:18.0460 0x1968 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
20:53:18.0475 0x1968 viaide - ok
20:53:18.0475 0x1968 [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\Windows\System32\drivers\Vid.sys
20:53:18.0491 0x1968 Vid - ok
20:53:18.0491 0x1968 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:53:18.0507 0x1968 vmbus - ok
20:53:18.0507 0x1968 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
20:53:18.0522 0x1968 VMBusHID - ok
20:53:18.0522 0x1968 [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\Windows\System32\drivers\vmbusr.sys
20:53:18.0538 0x1968 vmbusr - ok
20:53:18.0554 0x1968 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
20:53:18.0569 0x1968 vmicguestinterface - ok
20:53:18.0569 0x1968 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
20:53:18.0585 0x1968 vmicheartbeat - ok
20:53:18.0600 0x1968 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:53:18.0600 0x1968 vmickvpexchange - ok
20:53:18.0616 0x1968 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll
20:53:18.0632 0x1968 vmicrdv - ok
20:53:18.0632 0x1968 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll
20:53:18.0647 0x1968 vmicshutdown - ok
20:53:18.0663 0x1968 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll
20:53:18.0679 0x1968 vmictimesync - ok
20:53:18.0679 0x1968 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll
20:53:18.0694 0x1968 vmicvss - ok
20:53:18.0694 0x1968 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:53:18.0719 0x1968 volmgr - ok
20:53:18.0728 0x1968 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:53:18.0741 0x1968 volmgrx - ok
20:53:18.0741 0x1968 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:53:18.0757 0x17e8 Object send P2P result: true
20:53:18.0773 0x1968 volsnap - ok
20:53:18.0773 0x1968 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys
20:53:18.0788 0x17e8 Object required for P2P: [ 6F5AC1C495DA6D19AF99A59DC44BC13F ] NvStreamNetworkSvc
20:53:18.0788 0x1968 vpci - ok
20:53:18.0804 0x1968 [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys
20:53:18.0804 0x1968 vpcivsp - ok
20:53:18.0819 0x1968 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:53:18.0835 0x1968 vsmraid - ok
20:53:18.0851 0x1968 [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\Windows\system32\vssvc.exe
20:53:18.0882 0x1968 VSS - ok
20:53:18.0882 0x1968 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
20:53:18.0898 0x1968 VSTXRAID - ok
20:53:18.0913 0x1968 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:53:18.0913 0x1968 vwifibus - ok
20:53:18.0929 0x1968 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:53:18.0929 0x1968 vwififlt - ok
20:53:18.0944 0x1968 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:53:18.0944 0x1968 vwifimp - ok
20:53:18.0960 0x1968 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll
20:53:18.0976 0x1968 W32Time - ok
20:53:18.0976 0x1968 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
20:53:18.0991 0x1968 WacomPen - ok
20:53:19.0007 0x1968 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\Windows\system32\wbengine.exe
20:53:19.0038 0x1968 wbengine - ok
20:53:19.0054 0x1968 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:53:19.0070 0x1968 WbioSrvc - ok
20:53:19.0070 0x1968 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
20:53:19.0085 0x1968 Wcmsvc - ok
20:53:19.0101 0x1968 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:53:19.0116 0x1968 wcncsvc - ok
20:53:19.0116 0x1968 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:53:19.0116 0x1968 WcsPlugInService - ok
20:53:19.0116 0x1968 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
20:53:19.0132 0x1968 WdBoot - ok
20:53:19.0132 0x1968 [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM C:\Windows\System32\drivers\wdcsam64.sys
20:53:19.0148 0x1968 WDC_SAM - ok
20:53:19.0163 0x1968 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:53:19.0194 0x1968 Wdf01000 - ok
20:53:19.0194 0x1968 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
20:53:19.0210 0x1968 WdFilter - ok
20:53:19.0210 0x1968 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:53:19.0226 0x1968 WdiServiceHost - ok
20:53:19.0226 0x1968 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:53:19.0241 0x1968 WdiSystemHost - ok
20:53:19.0241 0x1968 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
20:53:19.0257 0x1968 WdNisDrv - ok
20:53:19.0257 0x1968 WdNisSvc - ok
20:53:19.0273 0x1968 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\Windows\System32\webclnt.dll
20:53:19.0273 0x1968 WebClient - ok
20:53:19.0288 0x1968 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll
20:53:19.0304 0x1968 Wecsvc - ok
20:53:19.0304 0x1968 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
20:53:19.0304 0x1968 WEPHOSTSVC - ok
20:53:19.0319 0x1968 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:53:19.0319 0x1968 wercplsupport - ok
20:53:19.0319 0x1968 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\Windows\System32\WerSvc.dll
20:53:19.0335 0x1968 WerSvc - ok
20:53:19.0335 0x1968 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
20:53:19.0351 0x1968 WFPLWFS - ok
20:53:19.0351 0x1968 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll
20:53:19.0366 0x1968 WiaRpc - ok
20:53:19.0366 0x1968 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:53:19.0382 0x1968 WIMMount - ok
20:53:19.0382 0x1968 WinDefend - ok
20:53:19.0398 0x1968 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:53:19.0413 0x1968 WinHttpAutoProxySvc - ok
20:53:19.0429 0x1968 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:53:19.0429 0x1968 Winmgmt - ok
20:53:19.0476 0x1968 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\Windows\system32\WsmSvc.dll
20:53:19.0507 0x1968 WinRM - ok
20:53:19.0523 0x1968 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:53:19.0538 0x1968 WinUsb - ok
20:53:19.0554 0x1968 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\Windows\System32\wlansvc.dll
20:53:19.0585 0x1968 WlanSvc - ok
20:53:19.0616 0x1968 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\Windows\system32\wlidsvc.dll
20:53:19.0648 0x1968 wlidsvc - ok
20:53:19.0648 0x1968 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
20:53:19.0648 0x1968 WmiAcpi - ok
20:53:19.0663 0x1968 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:53:19.0663 0x1968 wmiApSrv - ok
20:53:19.0679 0x1968 WMPNetworkSvc - ok
20:53:19.0679 0x1968 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
20:53:19.0695 0x1968 Wof - ok
20:53:19.0710 0x1968 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
20:53:19.0741 0x1968 workfolderssvc - ok
20:53:19.0757 0x1968 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
20:53:19.0757 0x1968 wpcfltr - ok
20:53:19.0757 0x1968 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:53:19.0773 0x1968 WPCSvc - ok
20:53:19.0773 0x1968 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:53:19.0788 0x1968 WPDBusEnum - ok
20:53:19.0788 0x1968 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
20:53:19.0804 0x1968 WpdUpFltr - ok
20:53:19.0804 0x1968 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:53:19.0820 0x1968 ws2ifsl - ok
20:53:19.0820 0x1968 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\Windows\System32\wscsvc.dll
20:53:19.0835 0x1968 wscsvc - ok
20:53:19.0835 0x1968 WSearch - ok
20:53:19.0882 0x1968 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\Windows\System32\WSService.dll
20:53:19.0945 0x1968 WSService - ok
20:53:19.0991 0x1968 [ 4BD3138EF061E24F9FDC722B49274B40, F9339F6AA8822E5E1334E41BE4140F9E8E5B24D1CD85B4C746D714AFDD485B49 ] wuauserv C:\Windows\system32\wuaueng.dll
20:53:20.0054 0x1968 wuauserv - ok
20:53:20.0069 0x1968 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:53:20.0085 0x1968 WudfPf - ok
20:53:20.0085 0x1968 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
20:53:20.0101 0x1968 WUDFRd - ok
20:53:20.0101 0x1968 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\Windows\System32\drivers\WUDFRd.sys
20:53:20.0116 0x1968 WUDFSensorLP - ok
20:53:20.0116 0x1968 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:53:20.0132 0x1968 wudfsvc - ok
20:53:20.0132 0x1968 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
20:53:20.0148 0x1968 WUDFWpdFs - ok
20:53:20.0163 0x1968 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
20:53:20.0179 0x1968 WUDFWpdMtp - ok
20:53:20.0179 0x1968 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll
20:53:20.0194 0x1968 WwanSvc - ok
20:53:20.0194 0x1968 ================ Scan global ===============================
20:53:20.0210 0x1968 [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
20:53:20.0210 0x1968 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
20:53:20.0210 0x1968 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
20:53:20.0226 0x1968 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
20:53:20.0226 0x1968 [ Global ] - ok
20:53:20.0226 0x1968 ================ Scan MBR ==================================
20:53:20.0226 0x1968 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:53:20.0289 0x1968 \Device\Harddisk0\DR0 - ok
20:53:20.0820 0x1968 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:53:20.0898 0x1968 \Device\Harddisk1\DR1 - ok
20:53:20.0898 0x1968 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
20:53:21.0023 0x1968 \Device\Harddisk2\DR2 - ok
20:53:21.0226 0x17e8 Object send P2P result: true
20:53:21.0226 0x17e8 Object required for P2P: [ 73FA6B2DF3348AF05E1F98310854BD4F ] NvStreamSvc
20:53:21.0554 0x1968 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR4
20:53:21.0632 0x1968 \Device\Harddisk4\DR4 - ok
20:53:21.0632 0x1968 ================ Scan VBR ==================================
20:53:21.0632 0x1968 [ 7A80613452F73C66B227B4047946C5B5 ] \Device\Harddisk0\DR0\Partition1
20:53:21.0632 0x1968 \Device\Harddisk0\DR0\Partition1 - ok
20:53:21.0632 0x1968 [ 7451D951CB93B3835F32C4C07DE2452B ] \Device\Harddisk0\DR0\Partition2
20:53:21.0648 0x1968 \Device\Harddisk0\DR0\Partition2 - ok
20:53:21.0648 0x1968 [ 0942BD3DB09CD3A90BB8C2A5BCF5A22A ] \Device\Harddisk1\DR1\Partition1
20:53:21.0679 0x1968 \Device\Harddisk1\DR1\Partition1 - ok
20:53:21.0695 0x1968 [ A8BE59F94A5795BBB51796320884D92A ] \Device\Harddisk1\DR1\Partition2
20:53:21.0726 0x1968 \Device\Harddisk1\DR1\Partition2 - ok
20:53:21.0742 0x1968 [ CCA0A540C0147B2E8FC9FF4537318601 ] \Device\Harddisk2\DR2\Partition1
20:53:21.0773 0x1968 \Device\Harddisk2\DR2\Partition1 - ok
20:53:21.0773 0x1968 [ 83CBF098E6441292B17177CB31D89616 ] \Device\Harddisk2\DR2\Partition2
20:53:21.0820 0x1968 \Device\Harddisk2\DR2\Partition2 - ok
20:53:21.0820 0x1968 [ FFA725B3BB3C02D5396709F742DED9D1 ] \Device\Harddisk2\DR2\Partition3
20:53:21.0867 0x1968 \Device\Harddisk2\DR2\Partition3 - ok
20:53:21.0867 0x1968 [ 3283D6BAF2FC39CE4C240D209749E15B ] \Device\Harddisk2\DR2\Partition4
20:53:21.0914 0x1968 \Device\Harddisk2\DR2\Partition4 - ok
20:53:21.0914 0x1968 [ AEC43607C9F666259FF2ED0A9CF871BA ] \Device\Harddisk4\DR4\Partition1
20:53:21.0945 0x1968 \Device\Harddisk4\DR4\Partition1 - ok
20:53:21.0945 0x1968 ================ Scan generic autorun ======================
20:53:22.0054 0x1968 [ 59C2BBE5BE40286C3393B27ABB8AE31F, C8DCFA5B91311BAA4127660E91C2C4FE0CE57B5BB7C945BFEA38FD8B96E12BDE ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:53:22.0164 0x1968 RTHDVCPL - ok
20:53:22.0179 0x1968 [ F61BA9111156D8EE279AC65B59FA7FE1, 42BFF70F95CEE5EB980E1E887765FBC696CF2C7C24CBCC061DE443C268156332 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:53:22.0210 0x1968 RtHDVBg_DTS - ok
20:53:22.0210 0x1968 [ F14327BA386AAA2246585BFADD8FE8E8, 2804D7985B116C808942B4501362D4F4BAE4B540E9A6AC9B176B30DD448BA5AC ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:53:22.0210 0x1968 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
20:53:23.0648 0x17e8 Object send P2P result: true
20:53:23.0648 0x17e8 Object required for P2P: [ 5A3DE85307FB54C09C0D1D52B97916FE ] nvsvc
20:53:24.0554 0x1968 Detect skipped due to KSN trusted
20:53:24.0554 0x1968 IAStorIcon - ok
20:53:24.0554 0x1968 [ 63B913AAB1244D8DED54CF0EFC8A56BD, 639830E9ECB004F09EA968EDF68C0037B5DFF7CCFF007DE5D11DEF2166707341 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:53:24.0570 0x1968 AdobeAAMUpdater-1.0 - ok
20:53:24.0585 0x1968 [ 6F4E71A0C3817FC8F36532796632A259, 3BF731130158C1F78DA21D7B8026CBB6EFA0F0F5F8DE4994728CA3D0A06B8819 ] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
20:53:24.0585 0x1968 SamsungRapidApp - ok
20:53:24.0632 0x1968 [ DD37DC13DF1224A8719208AE5CDE2B63, EA365A7358637C555D8CDEDD59BCA574C8B6EB8BB3C1B8790FEC7D76A37FC4AB ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:53:24.0664 0x1968 NvBackend - ok
20:53:24.0664 0x1968 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
20:53:24.0679 0x1968 ShadowPlay - ok
20:53:24.0773 0x1968 [ 2F722690B624C9AD160EDC24DCA880DF, DB0D8B6A929550F8A7B0B518CEBFCAB077B07CECA55B2800C1A752F990B05E7C ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
20:53:24.0882 0x1968 AvastUI.exe - ok
20:53:24.0882 0x1968 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:53:24.0898 0x1968 APSDaemon - ok
20:53:24.0898 0x1968 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:53:24.0914 0x1968 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:53:24.0914 0x1968 Detect skipped due to KSN trusted
20:53:24.0914 0x1968 SwitchBoard - ok
20:53:24.0929 0x1968 [ 3EE19173AC7BB16AD239B195D97C13B0, A9E5FC90F20DC7500A186C9D184ED55BC04038FFC6D97714E64C660EAE808A98 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
20:53:24.0945 0x1968 AdobeCS6ServiceManager - ok
20:53:24.0992 0x1968 [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
20:53:25.0054 0x1968 DAEMON Tools Lite - ok
20:53:25.0148 0x1968 [ 813A2CA558A10F98D72E0D72E1808343, 814F508C99ABA73A5A98FC83B827B3974F0CBF002DFB1D6F006AF0A8F8283351 ] C:\Program Files\Speccy\Speccy64.exe
20:53:25.0242 0x1968 Speccy - ok
20:53:25.0289 0x1968 [ 6F8574160EE5D7E22FD8BB4DD1F6EF79, 92DB7E3C3054BBB0958F852ACA9BF56931ECEDDD10862198D39E3C42F666E850 ] C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:53:25.0320 0x1968 Spotify Web Helper - ok
20:53:25.0367 0x1968 [ 0DEEC48955C21BE596C5D9907A0707E7, 5F6E321B00DE7A56048B7E9389D314B59AB11DF47691F5C9734B084213E8BC20 ] C:\Program Files (x86)\Gyazo\GyStation.exe
20:53:25.0414 0x1968 Gyazo - ok
20:53:25.0523 0x1968 [ 047E74650DDEE078C6621AE8C4A0F7F5, F5DF32512489AC7769C069A4D0B44BD21B87CAA9B7ACB1425F0398AAD8F140BB ] C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
20:53:25.0648 0x1968 Spotify - ok
20:53:25.0664 0x1968 [ 7A2870C2A8283B3630BF7670D0362B94, A36AA6F2A78DF3E66ACA484E9E33D0CB01207FF52A0A8C006424493A5C489C48 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:53:25.0679 0x1968 GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5 - ok
20:53:25.0679 0x1968 Waiting for KSN requests completion. In queue: 230
20:53:26.0101 0x17e8 Object send P2P result: true
20:53:26.0684 0x1968 Waiting for KSN requests completion. In queue: 167
20:53:27.0699 0x1968 Waiting for KSN requests completion. In queue: 13
20:53:28.0012 0x1e88 Object required for P2P: [ 2F722690B624C9AD160EDC24DCA880DF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
20:53:28.0715 0x1968 Waiting for KSN requests completion. In queue: 9
20:53:29.0720 0x1968 Waiting for KSN requests completion. In queue: 9
20:53:30.0454 0x1e88 Object send P2P result: true
20:53:30.0454 0x1e88 Object required for P2P: [ 6F8574160EE5D7E22FD8BB4DD1F6EF79 ] C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:53:30.0736 0x1968 Waiting for KSN requests completion. In queue: 4
20:53:31.0751 0x1968 Waiting for KSN requests completion. In queue: 4
20:53:32.0767 0x1968 Waiting for KSN requests completion. In queue: 4
20:53:32.0892 0x1e88 Object send P2P result: true
20:53:33.0783 0x1968 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
20:53:33.0783 0x1968 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2241.1482 ), 0x41000 ( enabled : updated )
20:53:33.0783 0x1968 Win FW state via NFP2: enabled ( trusted )
20:53:36.0181 0x1968 ============================================================
20:53:36.0181 0x1968 Scan finished
20:53:36.0181 0x1968 ============================================================
20:53:36.0181 0x1e34 Detected object count: 0
20:53:36.0181 0x1e34 Actual detected object count: 0
|
|
30.11.2015, 23:24
| #5 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Watch4 Virus Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1  Bitte lade Dir herdprotect von Reason Software (portable edition) auf Deinen Desktop.
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.12.2015, 17:17
| #6 |
| | Watch4 Virus herdProtect Log Code:
ATTFilter Saved date: 01.12.2015 17:13:52
Files detected: 17
Files scanned: 10.537
Processes scanned: 86
Modules scanned: 886
ASEPs scanned: 559
Downloads scanned: 4
Deep analysis: 1/0
---------------------------------------------------------------------------------
Files
---------------------------------------------------------------------------------
File path: c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll
Publisher: Microsoft Corporation
MD5: a58e3c42883f36d743f9be9b21bfc990
SHA-1: 5a3fb51c414bde296273e41198ecb1a2aa9e3b03
Created: 22.08.2013 01:53:00
Detections: 1
Determination: Ignore detections (false positive)
- Bkav FE as HW32.Laneul (Undefined)
---------------------------------------------------------------------------------
File path: c:\windows\system32\drivers\lvuvc64.sys
Publisher: Logitech Inc.
Signer: Logitech, Inc.
MD5: 415e344294d1c0d04627b29146f68481
SHA-1: 0a6cc2c66fc30dc9c53358874048d72b0da6fe4b
Created: 26.10.2012 16:42:22
Detections: 1
Determination: Ignore detections (false positive)
- Clam AntiVirus as PUA.Win32.Packer.PrivateExeProte-7
---------------------------------------------------------------------------------
File path: c:\users\jan\desktop\frst64.exe
Publisher: Farbar
MD5: acbbb91218eed829c19a1ad319e6cf46
SHA-1: d524edd3fc1ffe1a6df019e36e6e6bbdce126f9c
Created: 30.11.2015 17:24:45
Detections: 2
Determination: Ignore detections (false positive)
- McAfee Web Gateway as BehavesLike.Win64.YahLover.vc (Undefined)
- Jiangmin as Trojan/PSW.Autoit.ic (Undefined)
---------------------------------------------------------------------------------
File path: c:\users\jan\appdata\local\temp\jrt\nfo\nircmdc.exe
Publisher: NirSoft
MD5: 2f9c7fda92c346cb5aa32091536ae0cb
SHA-1: a3bbbba563eac751692ba814ada18c3f1c33dd9b
Created: 30.11.2015 17:10:45
Detections: 2
Determination: Ignore detections (false positive)
- The Hacker as Posible_Worm32 (Undefined)
- Sophos as PUA 'NirCmd'
---------------------------------------------------------------------------------
File path: c:\users\jan\desktop\display driver uninstaller (ddu)\display driver uninstaller.exe
Publisher:
MD5: 665a1738477fde63ce8d8433ceaef65e
SHA-1: affc22f89602b206a4f616e41d797be1c60c4915
Created: 28.06.2015 18:46:43
Detections: 1
Determination: Inconclusive
- Kaspersky as UDS:DangerousObject.Multi.Generic (Undefined)
---------------------------------------------------------------------------------
File path: c:\users\jan\desktop\mediathekview_9\mediathekview-ipv4__start.exe
Publisher:
MD5: fd4fcb0cb10cf80431590278fb75d6d6
SHA-1: f745cbba85cff8f10c9c17a7519d6d25ce25bdfb
Created: 09.03.2015 13:14:25
Detections: 1
Determination: Ignore detections (false positive)
- Jiangmin as Backdoor/Java.aw (Undefined)
---------------------------------------------------------------------------------
File path: c:\users\jan\desktop\mediathekview_9\mediathekview__start.exe
Publisher:
MD5: 0cc3acbb2627990e76540d838084e148
SHA-1: 0074e21c6c765937b9f9d43f66eaa6dfe94e134b
Created: 09.03.2015 13:14:25
Detections: 1
Determination: Ignore detections (false positive)
- Jiangmin as Backdoor/Java.aw (Undefined)
---------------------------------------------------------------------------------
File path: c:\users\jan\desktop\mediathekview_9\bin\flvstreamer_win32_latest.exe
Publisher:
MD5: ed72685435dde2583812d2fec5c26c1f
SHA-1: a77f4afecbb9d39843641bef5a5ef48dfdf0cfd9
Created: 09.03.2015 13:14:26
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan.Malware.KillAV.Gen.001 (Undefined)
---------------------------------------------------------------------------------
File path: c:\users\jan\desktop\mediathekview_9\portable\mediathekview__portable.exe
Publisher:
MD5: 703f8795a82ba3e838bbd6428e4b9d2f
SHA-1: 5277e37f0792575ea12aa0601a0d4c8d7d7ec89a
Created: 09.03.2015 13:14:25
Detections: 1
Determination: Ignore detections (false positive)
- Jiangmin as Backdoor/Java.aw (Undefined)
---------------------------------------------------------------------------------
File path: c:\windows\system32\cosmorenderer_x64.dll
Publisher:
MD5: 146814864ceddce7ab116bd9db3f59ba
SHA-1: 1f049eab13c63fcb40750af47349cadbd3fc4eaf
Created: 04.02.2015 12:23:47
Detections: 1
Determination: Ignore detections (false positive)
- F-Secure as Riskware.Gen:Application.Heur.Bv1@ma2adhaO (Adware)
---------------------------------------------------------------------------------
File path: c:\windows\syswow64\ext-ms-win-cluster-clusapi-l1-1-1.dll
Publisher: Microsoft Corporation
MD5: 6f5557e3f97cb2a957da5dcdaf1e22c1
SHA-1: c2a27e776fbfc3666642425dcc5f2b34bb41cb10
Created: 22.08.2013 06:14:14
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Backdoor/Bifrose.fxu (Undefined)
---------------------------------------------------------------------------------
File path: c:\windows\syswow64\kbdcherp.dll
Publisher: Microsoft Corporation
MD5: f992fe1d923f59f806442449f3ea557b
SHA-1: d216f5bc5d466c1c9d94aa57a28c5226b214bdbc
Created: 22.08.2013 06:15:06
Detections: 1
Determination: Ignore detections (false positive)
- The Hacker as Trojan/Kryptik.ahcy (Undefined)
---------------------------------------------------------------------------------
File path: c:\programdata\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\asus\ai suite iii\dip5\appsetup\assysctrlservice\asacpi.dll
Publisher: ASUS
MD5: a7a060977abc1d51246580efc3106293
SHA-1: 80171e4ad14d959a3ac61d484e6423cb5230e5e8
Created: 19.01.2015 15:14:08
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)
---------------------------------------------------------------------------------
File path: c:\programdata\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\intel\package cache\{1ceac85d-2590-4760-800f-8de5e91f3700}\setup.exe
Publisher: Intel Corporation
MD5: 6c645b22d3a742b34ca998e3244d2e45
SHA-1: 1c6b847c7e11687a9119bf255d7fa650acc59af4
Created: 28.12.2014 21:34:56
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan-Downloader.win32.Agent.aad (Undefined)
---------------------------------------------------------------------------------
File path: c:\programdata\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\application data\asus\ai suite iii\dip5\appsetup\assysctrlservice\asacpi.dll
Publisher: ASUS
MD5: a7a060977abc1d51246580efc3106293
SHA-1: 80171e4ad14d959a3ac61d484e6423cb5230e5e8
Created: 19.01.2015 15:14:08
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)
---------------------------------------------------------------------------------
File path: c:\programdata\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\asus\ai suite iii\dip5\appsetup\assysctrlservice\asacpi.dll
Publisher: ASUS
MD5: a7a060977abc1d51246580efc3106293
SHA-1: 80171e4ad14d959a3ac61d484e6423cb5230e5e8
Created: 19.01.2015 15:14:08
Detections: 1
Determination: Ignore detections (false positive)
- Antiy Labs AVL as Virus/Win32.Xpaj.gen (Undefined)
---------------------------------------------------------------------------------
File path: c:\programdata\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\anwendungsdaten\intel\package cache\{1ceac85d-2590-4760-800f-8de5e91f3700}\setup.exe
Publisher: Intel Corporation
MD5: 6c645b22d3a742b34ca998e3244d2e45
SHA-1: 1c6b847c7e11687a9119bf255d7fa650acc59af4
Created: 28.12.2014 21:34:56
Detections: 1
Determination: Ignore detections (false positive)
- ByteHero BDV as Trojan-Downloader.win32.Agent.aad (Undefined)
hxxp://www.directupload.net/file/d/4189/53wk9cok_png.htm hxxp://www.directupload.net/file/d/4189/2llvo74z_png.htm |
|
01.12.2015, 18:05
| #7 |
| /// TB-Ausbilder /// Anleitungs-Guru | Watch4 Virus Ok. Danke, passt. Tritt das Problem denn weiterhin auf?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.12.2015, 18:22
| #8 |
| | Watch4 Virus Bis jetzt ist's noch nicht wieder aufgetreten. Sehen deiner Meinung nach denn die ganzen Logs sauber aus? |
|
01.12.2015, 18:31
| #9 |
| /// TB-Ausbilder /// Anleitungs-Guru | Watch4 Virus Beobachte das mal weiter und gib Rückmeldung. Ich schaue mir die Logs nochmal genauer an. Aber Malware ist da keine, wenn überhaupt irgendwelcher Adware-Kram...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.12.2015, 18:35
| #10 |
| | Watch4 Virus Alles klar ich melde mich hier, sobald nochmal etwas komisches auftritt. Kannst mir ja auch nach Log Durchsicht nochmal hier eine kleine Rückmeldung geben wie du das Ganze einschätzt, das erleichtert einen dann auch ein wenig  |
|
01.12.2015, 18:38
| #11 |
| /// TB-Ausbilder /// Anleitungs-Guru | Watch4 Virus Hab ich ja schon. Malware ist das keine...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.12.2015, 18:42
| #12 |
| | Watch4 Virus Alles klar, dank dir  Melde mich, falls nochmal was auftritt hier. |
|
01.12.2015, 18:53
| #13 |
| /// TB-Ausbilder /// Anleitungs-Guru | Watch4 Virus OK. Ich schaue mir die Logs nochmal genau an. Bin nur mit Handy da.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.12.2015, 18:55
| #14 |
| | Watch4 Virus Danke Melde dich hier sobald du was Unerwartendes/-wünschtes entdecken solltest |
|
01.12.2015, 21:42
| #15 |
| /// TB-Ausbilder /// Anleitungs-Guru | Watch4 Virus OK.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Watch4 Virus |
| bösartige, code, durchgeführt, einfach, erkannt, explorer, hallo zusammen, heute, interne, internet, internet explorer, kostenlose, microsoft, neue, neuen, problem, schlecht, search, software, tab, virus, watch, websites, windows, zusammen |
Linear-Darstellung
