|
Plagegeister aller Art und deren Bekämpfung: Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar..Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
08.01.2016, 13:56 | #1 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Hallo Zusammen, Ich habe folgendes Problem; Mein Antivir Free meldet mir beim öffnen des Avira Kontrollzentrums, dass der Echtzeitscanner nicht läuft. Ich kann den Button auch nicht Manuell verschieben. Ich muss dazu sagen, dass mein HP Notebook vor 2 Wochen einen Fehler im NTFS Dateisystem hatte und ich den Laptop mühsam mit TestDisk, etc. wiederhergestellt habe. Habe auch schon den Avira Boots Stick heruntergeladen (derjenige mit dem kleinen Debian System), welcher mir keine Viren, Trojaner oder sonstiges angezeigt hatte nach dem Scann. Ich Post ein Bild des Problems, entschuldigt bitte, dass es nicht der Original Screenshot ist, bin momentan an einem anderen PC. PS: Neuinstallation hat nichts gebracht.. Denkt ihr da ist ein Trojaner oder so was welcher er nicht erkennt?? Ich hoffe, es kann mir jemand bei diesem Problem helfen, wäre echt froh, Gewissheit zu haben (denn Windows meint Virenschutz mässig sei alles o.k + der Echtzeitscanner-Dienst läuft, wenn ich im Prozess-Manager / unter Windows-Dienste) Nachsehe. Habe zu Avira Free noch das Tool Spyware Search and Destroy und mein Betriebssystem ist ein Windows 8.1. im Voraus... |
08.01.2016, 15:42 | #2 |
/// TB-Ausbilder | Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar..Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
08.01.2016, 19:50 | #3 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Hallo Matthias, erstmal danke für die schnelle Antwort =)
__________________Konnte das Problem beheben in dem ich das Internet abstellte, Antivir nochmals neu installierte und dann Updatete. Antivir läuft normal und scannt und tut wieder wie gewohnt. Sehr wahrscheinlich war dieses Problem ein "Nachbeben", meines PC Super-Gaus vor einer Woche ( Alle Partitionene zerschossen, und mit alt-linux /TestDisk wiederhergestellt). Um sicherzugehen, habe ich jedoch die scan's mit FRSCT und TDSSKiller doch noch gemacht. Ich poste noch die Log-Dateien jillsy2k frst.txt und danach addition.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015 durchgeführt von Jillsy (Administrator) auf JILLSY-PC (08-01-2016 19:40:20) Gestartet von C:\Users\Jillsy\Desktop Geladene Profile: Jillsy (Verfügbare Profile: Jillsy) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7165000 2014-01-24] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2014-12-05] (Synaptics Incorporated) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-11-01] (IVT Corporation) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\kies 2\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {3d668a6f-8552-11e3-be7c-0c84dc705658} - "G:\SETUP.EXE" HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {9d99a095-270e-11e4-80ba-806e6f6e6963} - "K:\WD Drive Unlock.exe" autoplay=true ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{36D0A91B-153F-40A1-99EB-E82C452784FD}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{D3C34DF9-E5D6-442B-9AA5-E7CD700D047C}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/12 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/12 HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ch/ HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/12 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default FF Homepage: hxxp://www.google.ch/ FF Session Restore: -> ist aktiviert. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] () FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-12-05] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-12-05] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.) FF user.js: detected! => C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\user.js [2014-05-17] FF Extension: PDF Download - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2015-05-31] FF Extension: Download Statusbar Fixed - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{4204c864-50bf-467a-95b3-0912b7f15869}.xpi [2016-01-06] FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\artur.dubovoy@gmail.com [2016-01-06] FF Extension: Personas Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\personas@christopher.beard.xpi [2016-01-08] FF Extension: Show MyIP - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}.xpi [2016-01-08] FF Extension: Ghostery - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\firefox@ghostery.com.xpi [2016-01-02] FF Extension: Kein Name - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\jid1-nGMZvOxL2PYSxg@jetpack.xpi [2015-05-31] [ist nicht signiert] FF Extension: Download Status Bar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-05-31] FF Extension: NoScript - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-08] FF Extension: Video DownloadHelper - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-01-08] FF Extension: Adblock Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16] FF Extension: Download Statusbar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2015-05-31] FF Extension: Clean Video - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2015-05-31] Chrome: ======= CHR Session Restore: Default -> ist aktiviert. CHR Profile: C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15] CHR Extension: (Google Drive) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google-Suche) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Donna Karan) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2014-04-27] CHR Extension: (Google Docs Offline) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16] CHR Extension: (Google Mail) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1706744 2013-11-01] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-11-01] (IVT Corporation) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Datei ist nicht signiert] S3 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-12-05] (Intel Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-12-05] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-08-26] (IObit) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert] S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-12-05] (Intel Corporation) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] () R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-24] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.) S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-02] (RTS Corporation) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [27440 2015-10-16] () [Datei ist nicht signiert] R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-12-05] (Synaptics Incorporated) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-08 19:40 - 2016-01-08 19:41 - 00027707 _____ C:\Users\Jillsy\Desktop\FRST.txt 2016-01-08 19:39 - 2016-01-08 19:40 - 00000000 ____D C:\FRST 2016-01-08 19:38 - 2016-01-08 19:39 - 02370560 _____ (Farbar) C:\Users\Jillsy\Desktop\FRST64.exe 2016-01-08 18:54 - 2016-01-08 18:54 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (6).exe 2016-01-08 18:53 - 2016-01-08 18:53 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Avira 2016-01-08 18:52 - 2015-12-03 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2016-01-08 18:49 - 2016-01-08 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-01-08 18:49 - 2016-01-08 18:49 - 00001233 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-01-08 12:00 - 2016-01-08 19:14 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-08 12:00 - 2016-01-08 19:05 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-08 12:00 - 2016-01-08 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-01-08 11:59 - 2016-01-08 11:59 - 00927824 _____ (Google Inc.) C:\Users\Jillsy\Downloads\ChromeSetup.exe 2016-01-08 10:36 - 2016-01-08 10:36 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_568efddb9c96e__ws.exe 2016-01-08 00:51 - 2016-01-08 10:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-08 00:47 - 2016-01-08 00:47 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (5).exe 2016-01-08 00:46 - 2016-01-08 00:46 - 26352816 _____ (DVDVideoSoft Ltd. ) C:\Users\Jillsy\Downloads\FreeAudioConverter (1).exe 2016-01-08 00:46 - 2016-01-08 00:46 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (4).exe 2016-01-08 00:41 - 2016-01-08 00:41 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (3).exe 2016-01-08 00:34 - 2016-01-08 00:34 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (2).exe 2016-01-06 23:27 - 2016-01-06 23:27 - 00000702 _____ C:\Users\Public\Desktop\World of Tanks.lnk 2016-01-06 23:27 - 2016-01-06 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2016-01-06 23:26 - 2016-01-06 23:26 - 05124704 _____ (Wargaming.net ) C:\Users\Jillsy\Downloads\WoT_internet_install_eu.exe 2016-01-06 16:54 - 2016-01-06 16:54 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Jillsy\Downloads\28790_HPUSBFW_v2.2.3.exe 2016-01-06 16:18 - 2016-01-06 17:00 - 00000000 ____D C:\Users\Jillsy\Desktop\Sicherung K 2016-01-05 23:49 - 2016-01-05 23:49 - 00000345 _____ C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update.lnk 2016-01-05 23:47 - 2016-01-05 23:47 - 30073472 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-cross-i386-win32-win64.exe 2016-01-05 23:47 - 2016-01-05 23:47 - 00001859 _____ C:\Users\Jillsy\Downloads\README.txt 2016-01-05 23:46 - 2016-01-05 23:47 - 113126489 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-win32.exe 2016-01-05 23:05 - 2016-01-05 23:05 - 00001027 _____ C:\Users\Jillsy\Desktop\Videos.lnk 2016-01-04 23:07 - 2016-01-04 23:07 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Microsoft_Corporation 2016-01-04 23:00 - 2016-01-04 23:00 - 00000000 _____ C:\Users\Jillsy\Desktop\Neues Textdokument (2).txt 2016-01-03 23:58 - 2015-12-20 23:50 - 36684866 _____ C:\Users\Jillsy\Desktop\cncmod_launcher.zip 2016-01-03 23:58 - 2015-10-07 18:28 - 18340735 _____ C:\Users\Jillsy\Desktop\cnctuc_launchers.zip 2016-01-01 22:43 - 2016-01-07 23:32 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-01-01 22:43 - 2016-01-01 22:43 - 00001137 _____ C:\Users\Public\Desktop\Battle.net.lnk 2016-01-01 22:12 - 2016-01-01 22:13 - 00285624 _____ C:\Windows\Minidump\010116-25250-01.dmp 2016-01-01 13:50 - 2016-01-01 13:51 - 00285568 _____ C:\Windows\Minidump\010116-33593-01.dmp 2015-12-30 23:01 - 2015-12-30 23:02 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Jillsy\Downloads\LinuxLive USB Creator 2.9.4.exe 2015-12-29 18:00 - 2015-12-29 18:00 - 00285568 _____ C:\Windows\Minidump\122915-38406-01.dmp 2015-12-28 01:46 - 2015-12-28 01:46 - 00000000 _____ C:\Users\Jillsy\Desktop\Neues Textdokument.txt 2015-12-22 13:59 - 2015-12-22 14:03 - 00069632 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe 2015-12-22 13:59 - 2015-12-22 14:03 - 00033209 _____ C:\Windows\scunin.dat 2015-12-22 13:59 - 2015-12-22 14:03 - 00000967 _____ C:\Windows\ScUnin.pif 2015-12-22 13:59 - 2015-12-22 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft 2015-12-22 13:56 - 1999-03-19 18:40 - 598221809 _____ (Blizzard Entertainment) C:\Users\Jillsy\Desktop\BroodWar.mpq 2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\Program Files\Oracle 2015-12-21 01:13 - 2015-11-10 17:56 - 00964928 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2015-12-21 01:13 - 2015-11-10 17:56 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2015-12-21 01:07 - 2015-12-21 01:08 - 116982472 _____ (Oracle Corporation) C:\Users\Jillsy\Downloads\VirtualBox-5.0.10-104061-Win.exe 2015-12-16 13:37 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-16 13:37 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-16 13:37 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-16 13:37 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-12-16 13:37 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-16 13:37 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-16 13:37 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-16 13:37 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-16 13:37 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-16 13:37 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-16 13:37 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-16 13:37 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-16 13:37 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-12-16 13:37 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-16 13:37 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-16 13:37 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-16 13:37 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-16 13:37 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-12-16 13:37 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-16 13:37 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-16 13:37 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-16 13:37 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-16 13:37 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-16 13:37 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-16 13:37 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-16 13:37 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-16 13:37 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-16 13:37 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-12-16 13:37 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-12-16 13:37 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-16 13:37 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-16 13:37 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-16 13:37 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-16 13:37 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-16 13:37 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-16 13:37 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-12-16 13:37 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-16 13:37 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-16 13:37 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-16 13:37 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-16 13:30 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-12-16 13:30 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-12-16 13:30 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-12-16 13:30 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-12-16 13:30 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-12-16 13:30 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-12-16 13:30 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-12-16 13:30 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-12-16 13:30 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-12-16 13:30 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-16 13:30 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-16 13:30 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-16 13:30 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-16 13:30 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-16 13:30 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-16 13:30 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-16 13:30 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-16 13:30 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2015-12-16 13:30 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-16 13:30 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-16 13:30 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2015-12-16 13:30 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-12-16 13:30 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-12-10 19:38 - 2015-12-13 23:36 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Zero Hour Data ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-08 19:41 - 2014-05-15 17:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-08 19:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2016-01-08 19:19 - 2014-01-24 00:24 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-933261645-1527721118-3068914036-1001 2016-01-08 19:16 - 2014-01-24 09:45 - 00003619 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI 2016-01-08 19:15 - 2014-11-29 01:10 - 00000000 __SHD C:\Users\Jillsy\IntelGraphicsProfiles 2016-01-08 19:15 - 2013-11-20 10:44 - 00001060 _____ C:\Windows\SysWOW64\bscs.ini 2016-01-08 19:14 - 2014-01-24 09:45 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI 2016-01-08 19:14 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-08 19:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2016-01-08 18:52 - 2014-08-15 19:08 - 00000000 ____D C:\ProgramData\Avira 2016-01-08 18:52 - 2014-01-23 06:52 - 00000000 ____D C:\Program Files (x86)\Avira 2016-01-08 18:48 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Package Cache 2016-01-08 18:45 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-01-08 18:40 - 2015-07-12 13:31 - 00000000 ____D C:\ProgramData\ProductData 2016-01-08 12:00 - 2014-01-24 00:25 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-01-08 12:00 - 2014-01-24 00:25 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-01-08 12:00 - 2014-01-24 00:25 - 00000000 ____D C:\Program Files (x86)\Google 2016-01-08 10:26 - 2014-09-24 07:17 - 01984420 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-08 10:26 - 2014-09-24 06:43 - 00843606 _____ C:\Windows\system32\perfh007.dat 2016-01-08 10:26 - 2014-09-24 06:43 - 00192300 _____ C:\Windows\system32\perfc007.dat 2016-01-08 10:26 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2016-01-08 10:10 - 2014-01-25 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-08 00:48 - 2015-08-16 14:59 - 00001264 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-01-08 00:22 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Battle.net 2016-01-07 23:32 - 2014-09-15 03:00 - 00000000 ____D C:\Users\Jillsy\Downloads\Everything-1.3.4.686.x86 2016-01-07 23:32 - 2014-02-26 16:50 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueJ 2016-01-07 23:32 - 2014-01-24 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2016-01-07 22:11 - 2014-11-29 01:26 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9BD55254-7A97-4A43-AE4A-A69447C0F3FC} 2016-01-07 22:04 - 2014-11-29 00:44 - 00000000 ____D C:\Users\Jillsy 2016-01-06 23:29 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Origin 2016-01-06 23:27 - 2014-04-20 12:11 - 00000000 ____D C:\Games 2016-01-06 22:27 - 2014-01-25 15:05 - 00000000 ____D C:\Users\Jillsy\.VirtualBox 2016-01-06 20:53 - 2015-07-19 14:41 - 00000000 ____D C:\Users\Jillsy\AppData\Local\lazarus 2016-01-05 23:58 - 2015-07-25 16:26 - 00000000 ____D C:\lazarus 2016-01-05 23:56 - 2015-07-25 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus 2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Glyph 2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Program Files (x86)\Glyph 2016-01-03 23:56 - 2014-07-03 12:47 - 00000000 ____D C:\ProgramData\Glyph 2016-01-02 13:26 - 2014-06-05 15:42 - 00000000 ____D C:\Diablo II 2016-01-02 09:39 - 2015-08-22 12:18 - 00000000 ____D C:\Users\Jillsy\VirtualBox VMs 2016-01-02 00:30 - 2014-01-25 11:14 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-01-02 00:21 - 2014-01-25 13:29 - 00000000 ___RD C:\Users\Jillsy\Documents\Codes 2016-01-01 23:17 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp 2016-01-01 23:16 - 2014-08-18 18:06 - 00000000 ____D C:\Program Files (x86)\Western Digital 2016-01-01 22:42 - 2014-01-25 02:20 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Tropico 4 2016-01-01 22:41 - 2014-01-25 04:21 - 00001345 _____ C:\Users\Jillsy\Desktop\Tropico 4.lnk 2016-01-01 22:12 - 2014-12-01 21:18 - 00000000 ____D C:\Windows\Minidump 2016-01-01 22:12 - 2014-05-29 23:41 - 777293901 _____ C:\Windows\MEMORY.DMP 2015-12-30 23:01 - 2014-11-03 11:48 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator 2015-12-30 18:01 - 2015-11-24 20:20 - 00000000 ____D C:\Program Files\Cloud Imperium Games 2015-12-30 18:00 - 2015-04-15 19:33 - 00000000 ____D C:\ProgramData\Skype 2015-12-30 18:00 - 2014-07-09 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-12-29 14:41 - 2014-05-15 17:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-26 09:48 - 2014-09-24 08:46 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-26 09:48 - 2014-09-24 08:46 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-22 19:05 - 2015-11-30 00:06 - 00000000 ____D C:\Program Files\Starcraft 2015-12-21 22:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-12-21 01:13 - 2015-07-19 14:46 - 00001099 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2015-12-21 00:50 - 2014-01-24 23:28 - 00000000 ____D C:\Program Files (x86)\Diablo III 2015-12-17 22:39 - 2015-12-06 23:45 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Data 2015-12-17 15:44 - 2014-01-25 01:59 - 00000000 ____D C:\Program Files (x86)\Origin 2015-12-16 21:20 - 2015-10-15 14:17 - 00003172 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJillsy 2015-12-16 21:20 - 2015-10-15 14:17 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForJillsy.job 2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-16 14:02 - 2015-08-08 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-16 13:57 - 2013-08-22 15:44 - 00391440 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-16 13:54 - 2014-01-23 09:04 - 00000000 ____D C:\Windows\system32\MRT 2015-12-16 13:48 - 2014-01-25 02:01 - 00000000 ____D C:\Program Files (x86)\Origin Games 2015-12-16 13:45 - 2014-02-01 00:30 - 00000000 ____D C:\Program Files (x86)\SPEEDLINK 2015-12-16 13:41 - 2015-11-12 19:22 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Razer 2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\ProgramData\Razer 2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\Program Files (x86)\Razer 2015-12-16 13:38 - 2014-01-23 09:04 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-16 13:21 - 2015-05-14 13:29 - 00000000 ___RD C:\Users\Jillsy\OneDrive 2015-12-16 13:21 - 2015-02-14 19:02 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-933261645-1527721118-3068914036-1001 2015-12-16 13:21 - 2014-02-07 13:42 - 00000000 ____D C:\Program Files (x86)\Zenimax Online 2015-12-16 13:09 - 2015-07-12 13:33 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\ProductData 2015-12-16 13:09 - 2014-05-04 01:42 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\SleepTimerUltimate 2015-12-16 13:09 - 2014-01-25 00:09 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Wise Registry Cleaner 2015-12-16 13:09 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Battle.net 2015-12-16 13:09 - 2014-01-24 19:17 - 00000000 ____D C:\Users\Jillsy\AppData\Local\bluesoleil 2015-12-16 13:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-16 12:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-05 20:39 - 2014-10-13 00:00 - 0002181 _____ () C:\Users\Jillsy\AppData\Roaming\FoxitReaderUpdateInfo.txt 2014-10-01 18:36 - 2014-10-01 18:36 - 0000859 _____ () C:\Users\Jillsy\AppData\Local\recently-used.xbel Einige Dateien in TEMP: ==================== C:\Users\Jillsy\AppData\Local\Temp\avgnt.exe C:\Users\Jillsy\AppData\Local\Temp\procexp64.exe C:\Users\Jillsy\AppData\Local\Temp\sp64126.exe C:\Users\Jillsy\AppData\Local\Temp\Uninst.exe C:\Users\Jillsy\AppData\Local\Temp\UninstallHPSA.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-07 23:11 ==================== Ende von FRST.txt ============================ Geändert von jillsy2k (08.01.2016 um 19:44 Uhr) |
08.01.2016, 19:51 | #4 |
/// TB-Ausbilder | Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Servus, es fehlen noch die Addition.txt von FRST und die Log von TDSS-Killer. |
08.01.2016, 20:00 | #5 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. addition.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015 durchgeführt von Jillsy (Administrator) auf JILLSY-PC (08-01-2016 19:40:20) Gestartet von C:\Users\Jillsy\Desktop Geladene Profile: Jillsy (Verfügbare Profile: Jillsy) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7165000 2014-01-24] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2014-12-05] (Synaptics Incorporated) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-11-01] (IVT Corporation) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\kies 2\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {3d668a6f-8552-11e3-be7c-0c84dc705658} - "G:\SETUP.EXE" HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {9d99a095-270e-11e4-80ba-806e6f6e6963} - "K:\WD Drive Unlock.exe" autoplay=true ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{36D0A91B-153F-40A1-99EB-E82C452784FD}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{D3C34DF9-E5D6-442B-9AA5-E7CD700D047C}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/12 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/12 HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ch/ HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/12 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default FF Homepage: hxxp://www.google.ch/ FF Session Restore: -> ist aktiviert. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] () FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-12-05] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-12-05] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.) FF user.js: detected! => C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\user.js [2014-05-17] FF Extension: PDF Download - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2015-05-31] FF Extension: Download Statusbar Fixed - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{4204c864-50bf-467a-95b3-0912b7f15869}.xpi [2016-01-06] FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\artur.dubovoy@gmail.com [2016-01-06] FF Extension: Personas Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\personas@christopher.beard.xpi [2016-01-08] FF Extension: Show MyIP - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}.xpi [2016-01-08] FF Extension: Ghostery - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\firefox@ghostery.com.xpi [2016-01-02] FF Extension: Kein Name - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\jid1-nGMZvOxL2PYSxg@jetpack.xpi [2015-05-31] [ist nicht signiert] FF Extension: Download Status Bar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-05-31] FF Extension: NoScript - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-08] FF Extension: Video DownloadHelper - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-01-08] FF Extension: Adblock Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16] FF Extension: Download Statusbar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2015-05-31] FF Extension: Clean Video - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2015-05-31] Chrome: ======= CHR Session Restore: Default -> ist aktiviert. CHR Profile: C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15] CHR Extension: (Google Drive) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google-Suche) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Donna Karan) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2014-04-27] CHR Extension: (Google Docs Offline) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16] CHR Extension: (Google Mail) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1706744 2013-11-01] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-11-01] (IVT Corporation) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Datei ist nicht signiert] S3 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-12-05] (Intel Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-12-05] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-08-26] (IObit) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert] S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-12-05] (Intel Corporation) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] () R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-24] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.) S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-02] (RTS Corporation) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [27440 2015-10-16] () [Datei ist nicht signiert] R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-12-05] (Synaptics Incorporated) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-08 19:40 - 2016-01-08 19:41 - 00027707 _____ C:\Users\Jillsy\Desktop\FRST.txt 2016-01-08 19:39 - 2016-01-08 19:40 - 00000000 ____D C:\FRST 2016-01-08 19:38 - 2016-01-08 19:39 - 02370560 _____ (Farbar) C:\Users\Jillsy\Desktop\FRST64.exe 2016-01-08 18:54 - 2016-01-08 18:54 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (6).exe 2016-01-08 18:53 - 2016-01-08 18:53 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Avira 2016-01-08 18:52 - 2015-12-03 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2016-01-08 18:49 - 2016-01-08 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-01-08 18:49 - 2016-01-08 18:49 - 00001233 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-01-08 12:00 - 2016-01-08 19:14 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-08 12:00 - 2016-01-08 19:05 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-08 12:00 - 2016-01-08 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-01-08 11:59 - 2016-01-08 11:59 - 00927824 _____ (Google Inc.) C:\Users\Jillsy\Downloads\ChromeSetup.exe 2016-01-08 10:36 - 2016-01-08 10:36 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_568efddb9c96e__ws.exe 2016-01-08 00:51 - 2016-01-08 10:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-08 00:47 - 2016-01-08 00:47 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (5).exe 2016-01-08 00:46 - 2016-01-08 00:46 - 26352816 _____ (DVDVideoSoft Ltd. ) C:\Users\Jillsy\Downloads\FreeAudioConverter (1).exe 2016-01-08 00:46 - 2016-01-08 00:46 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (4).exe 2016-01-08 00:41 - 2016-01-08 00:41 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (3).exe 2016-01-08 00:34 - 2016-01-08 00:34 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (2).exe 2016-01-06 23:27 - 2016-01-06 23:27 - 00000702 _____ C:\Users\Public\Desktop\World of Tanks.lnk 2016-01-06 23:27 - 2016-01-06 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2016-01-06 23:26 - 2016-01-06 23:26 - 05124704 _____ (Wargaming.net ) C:\Users\Jillsy\Downloads\WoT_internet_install_eu.exe 2016-01-06 16:54 - 2016-01-06 16:54 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Jillsy\Downloads\28790_HPUSBFW_v2.2.3.exe 2016-01-06 16:18 - 2016-01-06 17:00 - 00000000 ____D C:\Users\Jillsy\Desktop\Sicherung K 2016-01-05 23:49 - 2016-01-05 23:49 - 00000345 _____ C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update.lnk 2016-01-05 23:47 - 2016-01-05 23:47 - 30073472 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-cross-i386-win32-win64.exe 2016-01-05 23:47 - 2016-01-05 23:47 - 00001859 _____ C:\Users\Jillsy\Downloads\README.txt 2016-01-05 23:46 - 2016-01-05 23:47 - 113126489 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-win32.exe 2016-01-05 23:05 - 2016-01-05 23:05 - 00001027 _____ C:\Users\Jillsy\Desktop\Videos.lnk 2016-01-04 23:07 - 2016-01-04 23:07 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Microsoft_Corporation 2016-01-04 23:00 - 2016-01-04 23:00 - 00000000 _____ C:\Users\Jillsy\Desktop\Neues Textdokument (2).txt 2016-01-03 23:58 - 2015-12-20 23:50 - 36684866 _____ C:\Users\Jillsy\Desktop\cncmod_launcher.zip 2016-01-03 23:58 - 2015-10-07 18:28 - 18340735 _____ C:\Users\Jillsy\Desktop\cnctuc_launchers.zip 2016-01-01 22:43 - 2016-01-07 23:32 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-01-01 22:43 - 2016-01-01 22:43 - 00001137 _____ C:\Users\Public\Desktop\Battle.net.lnk 2016-01-01 22:12 - 2016-01-01 22:13 - 00285624 _____ C:\Windows\Minidump\010116-25250-01.dmp 2016-01-01 13:50 - 2016-01-01 13:51 - 00285568 _____ C:\Windows\Minidump\010116-33593-01.dmp 2015-12-30 23:01 - 2015-12-30 23:02 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Jillsy\Downloads\LinuxLive USB Creator 2.9.4.exe 2015-12-29 18:00 - 2015-12-29 18:00 - 00285568 _____ C:\Windows\Minidump\122915-38406-01.dmp 2015-12-28 01:46 - 2015-12-28 01:46 - 00000000 _____ C:\Users\Jillsy\Desktop\Neues Textdokument.txt 2015-12-22 13:59 - 2015-12-22 14:03 - 00069632 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe 2015-12-22 13:59 - 2015-12-22 14:03 - 00033209 _____ C:\Windows\scunin.dat 2015-12-22 13:59 - 2015-12-22 14:03 - 00000967 _____ C:\Windows\ScUnin.pif 2015-12-22 13:59 - 2015-12-22 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft 2015-12-22 13:56 - 1999-03-19 18:40 - 598221809 _____ (Blizzard Entertainment) C:\Users\Jillsy\Desktop\BroodWar.mpq 2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\Program Files\Oracle 2015-12-21 01:13 - 2015-11-10 17:56 - 00964928 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2015-12-21 01:13 - 2015-11-10 17:56 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2015-12-21 01:07 - 2015-12-21 01:08 - 116982472 _____ (Oracle Corporation) C:\Users\Jillsy\Downloads\VirtualBox-5.0.10-104061-Win.exe 2015-12-16 13:37 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-16 13:37 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-16 13:37 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-16 13:37 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-12-16 13:37 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-16 13:37 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-16 13:37 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-16 13:37 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-16 13:37 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-16 13:37 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-16 13:37 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-16 13:37 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-16 13:37 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-12-16 13:37 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-16 13:37 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-16 13:37 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-16 13:37 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-16 13:37 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-12-16 13:37 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-16 13:37 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-16 13:37 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-16 13:37 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-16 13:37 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-16 13:37 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-16 13:37 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-16 13:37 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-16 13:37 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-16 13:37 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-12-16 13:37 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-12-16 13:37 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-16 13:37 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-16 13:37 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-16 13:37 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-16 13:37 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-16 13:37 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-16 13:37 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-12-16 13:37 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-16 13:37 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-16 13:37 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-16 13:37 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-16 13:30 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-12-16 13:30 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-12-16 13:30 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-12-16 13:30 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-12-16 13:30 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-12-16 13:30 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-12-16 13:30 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-12-16 13:30 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-12-16 13:30 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-12-16 13:30 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-16 13:30 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-16 13:30 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-16 13:30 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-16 13:30 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-16 13:30 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-16 13:30 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-16 13:30 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-16 13:30 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2015-12-16 13:30 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-16 13:30 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-16 13:30 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2015-12-16 13:30 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-12-16 13:30 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-12-10 19:38 - 2015-12-13 23:36 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Zero Hour Data ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-08 19:41 - 2014-05-15 17:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-08 19:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2016-01-08 19:19 - 2014-01-24 00:24 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-933261645-1527721118-3068914036-1001 2016-01-08 19:16 - 2014-01-24 09:45 - 00003619 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI 2016-01-08 19:15 - 2014-11-29 01:10 - 00000000 __SHD C:\Users\Jillsy\IntelGraphicsProfiles 2016-01-08 19:15 - 2013-11-20 10:44 - 00001060 _____ C:\Windows\SysWOW64\bscs.ini 2016-01-08 19:14 - 2014-01-24 09:45 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI 2016-01-08 19:14 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-08 19:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2016-01-08 18:52 - 2014-08-15 19:08 - 00000000 ____D C:\ProgramData\Avira 2016-01-08 18:52 - 2014-01-23 06:52 - 00000000 ____D C:\Program Files (x86)\Avira 2016-01-08 18:48 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Package Cache 2016-01-08 18:45 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-01-08 18:40 - 2015-07-12 13:31 - 00000000 ____D C:\ProgramData\ProductData 2016-01-08 12:00 - 2014-01-24 00:25 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-01-08 12:00 - 2014-01-24 00:25 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-01-08 12:00 - 2014-01-24 00:25 - 00000000 ____D C:\Program Files (x86)\Google 2016-01-08 10:26 - 2014-09-24 07:17 - 01984420 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-08 10:26 - 2014-09-24 06:43 - 00843606 _____ C:\Windows\system32\perfh007.dat 2016-01-08 10:26 - 2014-09-24 06:43 - 00192300 _____ C:\Windows\system32\perfc007.dat 2016-01-08 10:26 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2016-01-08 10:10 - 2014-01-25 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-08 00:48 - 2015-08-16 14:59 - 00001264 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-01-08 00:22 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Battle.net 2016-01-07 23:32 - 2014-09-15 03:00 - 00000000 ____D C:\Users\Jillsy\Downloads\Everything-1.3.4.686.x86 2016-01-07 23:32 - 2014-02-26 16:50 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueJ 2016-01-07 23:32 - 2014-01-24 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2016-01-07 22:11 - 2014-11-29 01:26 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9BD55254-7A97-4A43-AE4A-A69447C0F3FC} 2016-01-07 22:04 - 2014-11-29 00:44 - 00000000 ____D C:\Users\Jillsy 2016-01-06 23:29 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Origin 2016-01-06 23:27 - 2014-04-20 12:11 - 00000000 ____D C:\Games 2016-01-06 22:27 - 2014-01-25 15:05 - 00000000 ____D C:\Users\Jillsy\.VirtualBox 2016-01-06 20:53 - 2015-07-19 14:41 - 00000000 ____D C:\Users\Jillsy\AppData\Local\lazarus 2016-01-05 23:58 - 2015-07-25 16:26 - 00000000 ____D C:\lazarus 2016-01-05 23:56 - 2015-07-25 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus 2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Glyph 2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Program Files (x86)\Glyph 2016-01-03 23:56 - 2014-07-03 12:47 - 00000000 ____D C:\ProgramData\Glyph 2016-01-02 13:26 - 2014-06-05 15:42 - 00000000 ____D C:\Diablo II 2016-01-02 09:39 - 2015-08-22 12:18 - 00000000 ____D C:\Users\Jillsy\VirtualBox VMs 2016-01-02 00:30 - 2014-01-25 11:14 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-01-02 00:21 - 2014-01-25 13:29 - 00000000 ___RD C:\Users\Jillsy\Documents\Codes 2016-01-01 23:17 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp 2016-01-01 23:16 - 2014-08-18 18:06 - 00000000 ____D C:\Program Files (x86)\Western Digital 2016-01-01 22:42 - 2014-01-25 02:20 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Tropico 4 2016-01-01 22:41 - 2014-01-25 04:21 - 00001345 _____ C:\Users\Jillsy\Desktop\Tropico 4.lnk 2016-01-01 22:12 - 2014-12-01 21:18 - 00000000 ____D C:\Windows\Minidump 2016-01-01 22:12 - 2014-05-29 23:41 - 777293901 _____ C:\Windows\MEMORY.DMP 2015-12-30 23:01 - 2014-11-03 11:48 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator 2015-12-30 18:01 - 2015-11-24 20:20 - 00000000 ____D C:\Program Files\Cloud Imperium Games 2015-12-30 18:00 - 2015-04-15 19:33 - 00000000 ____D C:\ProgramData\Skype 2015-12-30 18:00 - 2014-07-09 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-12-29 14:41 - 2014-05-15 17:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-26 09:48 - 2014-09-24 08:46 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-26 09:48 - 2014-09-24 08:46 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-22 19:05 - 2015-11-30 00:06 - 00000000 ____D C:\Program Files\Starcraft 2015-12-21 22:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-12-21 01:13 - 2015-07-19 14:46 - 00001099 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2015-12-21 00:50 - 2014-01-24 23:28 - 00000000 ____D C:\Program Files (x86)\Diablo III 2015-12-17 22:39 - 2015-12-06 23:45 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Data 2015-12-17 15:44 - 2014-01-25 01:59 - 00000000 ____D C:\Program Files (x86)\Origin 2015-12-16 21:20 - 2015-10-15 14:17 - 00003172 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJillsy 2015-12-16 21:20 - 2015-10-15 14:17 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForJillsy.job 2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-16 14:02 - 2015-08-08 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-16 13:57 - 2013-08-22 15:44 - 00391440 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-16 13:54 - 2014-01-23 09:04 - 00000000 ____D C:\Windows\system32\MRT 2015-12-16 13:48 - 2014-01-25 02:01 - 00000000 ____D C:\Program Files (x86)\Origin Games 2015-12-16 13:45 - 2014-02-01 00:30 - 00000000 ____D C:\Program Files (x86)\SPEEDLINK 2015-12-16 13:41 - 2015-11-12 19:22 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Razer 2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\ProgramData\Razer 2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\Program Files (x86)\Razer 2015-12-16 13:38 - 2014-01-23 09:04 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-16 13:21 - 2015-05-14 13:29 - 00000000 ___RD C:\Users\Jillsy\OneDrive 2015-12-16 13:21 - 2015-02-14 19:02 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-933261645-1527721118-3068914036-1001 2015-12-16 13:21 - 2014-02-07 13:42 - 00000000 ____D C:\Program Files (x86)\Zenimax Online 2015-12-16 13:09 - 2015-07-12 13:33 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\ProductData 2015-12-16 13:09 - 2014-05-04 01:42 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\SleepTimerUltimate 2015-12-16 13:09 - 2014-01-25 00:09 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Wise Registry Cleaner 2015-12-16 13:09 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Battle.net 2015-12-16 13:09 - 2014-01-24 19:17 - 00000000 ____D C:\Users\Jillsy\AppData\Local\bluesoleil 2015-12-16 13:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-16 12:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-05 20:39 - 2014-10-13 00:00 - 0002181 _____ () C:\Users\Jillsy\AppData\Roaming\FoxitReaderUpdateInfo.txt 2014-10-01 18:36 - 2014-10-01 18:36 - 0000859 _____ () C:\Users\Jillsy\AppData\Local\recently-used.xbel Einige Dateien in TEMP: ==================== C:\Users\Jillsy\AppData\Local\Temp\avgnt.exe C:\Users\Jillsy\AppData\Local\Temp\procexp64.exe C:\Users\Jillsy\AppData\Local\Temp\sp64126.exe C:\Users\Jillsy\AppData\Local\Temp\Uninst.exe C:\Users\Jillsy\AppData\Local\Temp\UninstallHPSA.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-07 23:11 ==================== Ende von FRST.txt ============================ Dankeschön für alles, jillsy2k |
08.01.2016, 20:02 | #6 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. TDDSKILLER-Log datei (aufgespalten, sorry bin neu hier ^^ Code:
ATTFilter 19:53:16.0183 0x15e0 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 19:53:16.0183 0x15e0 UEFI system 19:53:21.0993 0x15e0 ============================================================ 19:53:21.0993 0x15e0 Current date / time: 2016/01/08 19:53:21.0993 19:53:21.0993 0x15e0 SystemInfo: 19:53:21.0993 0x15e0 19:53:21.0993 0x15e0 OS Version: 6.3.9600 ServicePack: 0.0 19:53:21.0993 0x15e0 Product type: Workstation 19:53:21.0993 0x15e0 ComputerName: JILLSY-PC 19:53:21.0993 0x15e0 UserName: Jillsy 19:53:21.0993 0x15e0 Windows directory: C:\Windows 19:53:21.0993 0x15e0 System windows directory: C:\Windows 19:53:21.0993 0x15e0 Running under WOW64 19:53:21.0993 0x15e0 Processor architecture: Intel x64 19:53:21.0993 0x15e0 Number of processors: 8 19:53:21.0993 0x15e0 Page size: 0x1000 19:53:21.0993 0x15e0 Boot type: Normal boot 19:53:21.0993 0x15e0 ============================================================ 19:53:22.0806 0x15e0 KLMD registered as C:\Windows\system32\drivers\11834481.sys 19:53:23.0103 0x15e0 System UUID: {4B54420E-C983-18B7-2E35-12AB3D0F6D5E} 19:53:23.0509 0x15e0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:53:23.0525 0x15e0 Drive \Device\Harddisk1\DR1 - Size: 0x3B5980000 ( 14.84 Gb ), SectorSize: 0x200, Cylinders: 0x790, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 19:53:23.0556 0x15e0 Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 ( 1862.99 Gb ), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 19:53:23.0556 0x15e0 ============================================================ 19:53:23.0556 0x15e0 \Device\Harddisk0\DR0: 19:53:23.0556 0x15e0 GPT partitions: 19:53:23.0556 0x15e0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8BFE47D9-C1EE-0144-A798-40A2CA6E362B}, Name: , StartLBA 0x800, BlocksNum 0xC8000 19:53:23.0556 0x15e0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F8687CAF-87C1-0E4C-B46A-6779B16ED2D7}, Name: , StartLBA 0xC8800, BlocksNum 0x82000 19:53:23.0556 0x15e0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B61706C4-9830-4E45-AFA3-1054F4D46E05}, Name: , StartLBA 0x18A800, BlocksNum 0x591C5000 19:53:23.0556 0x15e0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3D6CE166-B0CE-11E5-B3C2-A72F3213F2A6}, Name: , StartLBA 0x5934F800, BlocksNum 0xE1000 19:53:23.0556 0x15e0 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E79716BF-C7B7-0E42-9AC7-6F09F10BAD1D}, Name: , StartLBA 0x59430800, BlocksNum 0xC7FF800 19:53:23.0556 0x15e0 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7321DAE5-A654-9E4E-806D-26DA071EEC0B}, Name: , StartLBA 0x65C30800, BlocksNum 0xC35B800 19:53:23.0556 0x15e0 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3D6CE167-B0CE-11E5-B3C2-A72F3213F2A6}, Name: , StartLBA 0x71F8C800, BlocksNum 0x277A000 19:53:23.0556 0x15e0 MBR partitions: 19:53:23.0556 0x15e0 \Device\Harddisk1\DR1: 19:53:23.0556 0x15e0 MBR partitions: 19:53:23.0556 0x15e0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x1DAC400 19:53:23.0556 0x15e0 \Device\Harddisk2\DR2: 19:53:23.0556 0x15e0 MBR partitions: 19:53:23.0556 0x15e0 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000 19:53:23.0556 0x15e0 ============================================================ 19:53:23.0571 0x15e0 C: <-> \Device\Harddisk0\DR0\Partition3 19:53:23.0618 0x15e0 D: <-> \Device\Harddisk0\DR0\Partition4 19:53:23.0650 0x15e0 I: <-> \Device\Harddisk0\DR0\Partition7 19:53:23.0681 0x15e0 L: <-> \Device\Harddisk2\DR2\Partition1 19:53:23.0696 0x15e0 F: <-> \Device\Harddisk0\DR0\Partition6 19:53:23.0712 0x15e0 H: <-> \Device\Harddisk0\DR0\Partition5 19:53:23.0712 0x15e0 ============================================================ 19:53:23.0712 0x15e0 Initialize success 19:53:23.0712 0x15e0 ============================================================ 19:53:28.0384 0x12ec ============================================================ 19:53:28.0384 0x12ec Scan started 19:53:28.0384 0x12ec Mode: Manual; 19:53:28.0384 0x12ec ============================================================ 19:53:28.0384 0x12ec KSN ping started 19:53:30.0693 0x12ec KSN ping finished: true 19:53:35.0881 0x12ec ================ Scan system memory ======================== 19:53:35.0881 0x12ec System memory - ok 19:53:35.0881 0x12ec ================ Scan services ============================= 19:53:36.0084 0x12ec [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys 19:53:36.0084 0x12ec 1394ohci - ok 19:53:36.0115 0x12ec [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys 19:53:36.0115 0x12ec 3ware - ok 19:53:36.0146 0x12ec [ 899B7E724BF19F17978B6A37B864A277, F7D166DC5F7642D4B834B1E0D956929BA94F3E4D402989FC1A681A08FA1F86B6 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys 19:53:36.0146 0x12ec Accelerometer - ok 19:53:36.0178 0x12ec [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys 19:53:36.0193 0x12ec ACPI - ok 19:53:36.0193 0x12ec [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys 19:53:36.0193 0x12ec acpiex - ok 19:53:36.0209 0x12ec [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys 19:53:36.0209 0x12ec acpipagr - ok 19:53:36.0240 0x12ec [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys 19:53:36.0240 0x12ec AcpiPmi - ok 19:53:36.0256 0x12ec [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys 19:53:36.0256 0x12ec acpitime - ok 19:53:36.0381 0x12ec [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:53:36.0396 0x12ec AdobeFlashPlayerUpdateSvc - ok 19:53:36.0428 0x12ec [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS 19:53:36.0443 0x12ec ADP80XX - ok 19:53:36.0475 0x12ec [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:53:36.0475 0x12ec AeLookupSvc - ok 19:53:36.0553 0x12ec [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE 19:53:36.0553 0x12ec AERTFilters - ok 19:53:36.0615 0x12ec [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys 19:53:36.0631 0x12ec AFD - ok 19:53:36.0646 0x12ec [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys 19:53:36.0646 0x12ec agp440 - ok 19:53:36.0693 0x12ec [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys 19:53:36.0693 0x12ec ahcache - ok 19:53:36.0709 0x12ec [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe 19:53:36.0709 0x12ec ALG - ok 19:53:36.0740 0x12ec [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 19:53:36.0740 0x12ec AMD External Events Utility - ok 19:53:36.0756 0x12ec [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys 19:53:36.0756 0x12ec AmdK8 - ok 19:53:37.0193 0x12ec [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 19:53:37.0428 0x12ec amdkmdag - ok 19:53:37.0475 0x12ec [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 19:53:37.0490 0x12ec amdkmdap - ok 19:53:37.0522 0x12ec [ 5878E12EE33DC8BF2E79DEE7A802EFCA, 7D7BCC2E4BD33F84F9B8D950094EB3AE016BD16844F2CD8D28F5A4BEEDF6FBDC ] amdkmpfd C:\Windows\system32\drivers\amdkmpfd.sys 19:53:37.0522 0x12ec amdkmpfd - ok 19:53:37.0537 0x12ec [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys 19:53:37.0553 0x12ec AmdPPM - ok 19:53:37.0584 0x12ec [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:53:37.0584 0x12ec amdsata - ok 19:53:37.0615 0x12ec [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 19:53:37.0615 0x12ec amdsbs - ok 19:53:37.0647 0x12ec [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:53:37.0647 0x12ec amdxata - ok 19:53:37.0881 0x12ec [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe 19:53:37.0881 0x12ec AntiVirMailService - ok 19:53:38.0037 0x12ec [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe 19:53:38.0053 0x12ec AntiVirSchedulerService - ok 19:53:38.0100 0x12ec [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe 19:53:38.0100 0x12ec AntiVirService - ok 19:53:38.0178 0x12ec [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe 19:53:38.0193 0x12ec AntiVirWebService - ok 19:53:38.0272 0x12ec [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll 19:53:38.0272 0x12ec AppHostSvc - ok 19:53:38.0303 0x12ec [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys 19:53:38.0318 0x12ec AppID - ok 19:53:38.0350 0x12ec [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:53:38.0350 0x12ec AppIDSvc - ok 19:53:38.0381 0x12ec [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll 19:53:38.0381 0x12ec Appinfo - ok 19:53:38.0443 0x12ec [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll 19:53:38.0459 0x12ec AppReadiness - ok 19:53:38.0522 0x12ec [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll 19:53:38.0537 0x12ec AppXSvc - ok 19:53:38.0553 0x12ec [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys 19:53:38.0553 0x12ec arcsas - ok 19:53:38.0662 0x12ec [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 19:53:38.0662 0x12ec aspnet_state - ok 19:53:38.0709 0x12ec [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:53:38.0709 0x12ec AsyncMac - ok 19:53:38.0725 0x12ec [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys 19:53:38.0725 0x12ec atapi - ok 19:53:38.0772 0x12ec [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll 19:53:38.0772 0x12ec AudioEndpointBuilder - ok 19:53:38.0834 0x12ec [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll 19:53:38.0850 0x12ec Audiosrv - ok 19:53:38.0865 0x12ec [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 19:53:38.0881 0x12ec avgntflt - ok 19:53:38.0897 0x12ec [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 19:53:38.0897 0x12ec avipbb - ok 19:53:38.0959 0x12ec [ BB73DD7B20132FB1A30990E025DEA1E4, 6A474ABB8B2D696ECBC50D717AF11E8F77DA65DEDA4B663E4496B89F624847DE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 19:53:38.0975 0x12ec Avira.ServiceHost - ok 19:53:38.0990 0x12ec [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 19:53:38.0990 0x12ec avkmgr - ok 19:53:39.0022 0x12ec [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 19:53:39.0022 0x12ec avnetflt - ok 19:53:39.0053 0x12ec [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:53:39.0053 0x12ec AxInstSV - ok 19:53:39.0100 0x12ec [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 19:53:39.0100 0x12ec b06bdrv - ok 19:53:39.0147 0x12ec [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys 19:53:39.0147 0x12ec BasicDisplay - ok 19:53:39.0147 0x12ec [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys 19:53:39.0162 0x12ec BasicRender - ok 19:53:39.0178 0x12ec [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys 19:53:39.0178 0x12ec bcmfn2 - ok 19:53:39.0209 0x12ec [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\Windows\System32\bdesvc.dll 19:53:39.0209 0x12ec BDESVC - ok 19:53:39.0256 0x12ec [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys 19:53:39.0256 0x12ec Beep - ok 19:53:39.0318 0x12ec [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\Windows\System32\bfe.dll 19:53:39.0334 0x12ec BFE - ok 19:53:39.0397 0x12ec [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll 19:53:39.0412 0x12ec BITS - ok 19:53:39.0490 0x12ec [ 9EA0331B0BE5FBBB252348E0CF55D109, 13E1DCA616D1DB720B1F401E4E72D03B343C40505CBFA30457ED584C94306718 ] BlueSoleilCS C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe 19:53:39.0522 0x12ec BlueSoleilCS - ok 19:53:39.0537 0x12ec [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:53:39.0537 0x12ec bowser - ok 19:53:39.0553 0x12ec [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll 19:53:39.0553 0x12ec BrokerInfrastructure - ok 19:53:39.0584 0x12ec [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll 19:53:39.0584 0x12ec Browser - ok 19:53:39.0600 0x12ec [ 548744FF67C654C378FCA0C897CCB3C0, DC8ADAFDC93CF36EF45EDF2AEA8ECBFD4A6CA5B76E0B6F9AAD04DB411C1346F9 ] BsHelpCS C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe 19:53:39.0615 0x12ec BsHelpCS - ok 19:53:39.0647 0x12ec [ 34AAF6FD68B8403E76F0D08A8C1C1DA3, 2255F88C04E89AA80231B67287D81271DC226007F01CFCB55EB1EBF640C6FCF5 ] BtAudioBusSrv C:\Windows\System32\Drivers\BtAudioBus.sys 19:53:39.0647 0x12ec BtAudioBusSrv - ok 19:53:39.0678 0x12ec [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys 19:53:39.0678 0x12ec BthAvrcpTg - ok 19:53:39.0709 0x12ec [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum C:\Windows\System32\drivers\BthEnum.sys 19:53:39.0709 0x12ec BthEnum - ok 19:53:39.0740 0x12ec [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys 19:53:39.0740 0x12ec BthHFEnum - ok 19:53:39.0756 0x12ec [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys 19:53:39.0756 0x12ec bthhfhid - ok 19:53:39.0756 0x12ec BthHFSrv - ok 19:53:39.0803 0x12ec [ CE3921CC0814574A699628776B3AE301, 63FF436E5FB3D3FF83191191425F124E5F8551E33F3AC222495EC2E39E44E63F ] BthL2caScoIfSrv C:\Windows\System32\Drivers\BtL2caScoIf.sys 19:53:39.0803 0x12ec BthL2caScoIfSrv - ok 19:53:39.0834 0x12ec [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys 19:53:39.0850 0x12ec BthLEEnum - ok 19:53:39.0865 0x12ec [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys 19:53:39.0865 0x12ec BTHMODEM - ok 19:53:39.0912 0x12ec [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys 19:53:39.0912 0x12ec BthPan - ok 19:53:39.0975 0x12ec [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 19:53:39.0990 0x12ec BTHPORT - ok 19:53:40.0006 0x12ec [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll 19:53:40.0006 0x12ec bthserv - ok 19:53:40.0037 0x12ec [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 19:53:40.0037 0x12ec BTHUSB - ok 19:53:40.0084 0x12ec [ 6F9C5E08B53E9AB0C1AE380B87F41A9C, 3B6565E6463168C8FCAE631D569167F79E9DD53D8850760920A5ADE018040312 ] btUrbFilterDrv C:\Windows\System32\Drivers\IvtUrbBtFlt.sys 19:53:40.0084 0x12ec btUrbFilterDrv - ok 19:53:40.0100 0x12ec [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:53:40.0100 0x12ec cdfs - ok 19:53:40.0131 0x12ec [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys 19:53:40.0131 0x12ec cdrom - ok 19:53:40.0162 0x12ec [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll 19:53:40.0162 0x12ec CertPropSvc - ok 19:53:40.0194 0x12ec [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys 19:53:40.0194 0x12ec circlass - ok 19:53:40.0240 0x12ec [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys 19:53:40.0240 0x12ec CLFS - ok 19:53:40.0272 0x12ec [ 3E76A1547F2448BCEE3D2F4AE3931AB5, 31B41723FAA4210A86B1AE02D6C052BD8B738C4B89FB0177C1AE997D24BA5B8C ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys 19:53:40.0272 0x12ec CLVirtualDrive - ok 19:53:40.0287 0x12ec [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys 19:53:40.0287 0x12ec CmBatt - ok 19:53:40.0319 0x12ec [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\Windows\system32\Drivers\cng.sys 19:53:40.0319 0x12ec CNG - ok 19:53:40.0350 0x12ec [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys 19:53:40.0350 0x12ec CompositeBus - ok 19:53:40.0350 0x12ec COMSysApp - ok 19:53:40.0381 0x12ec [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys 19:53:40.0381 0x12ec condrv - ok 19:53:40.0475 0x12ec [ BB812787B838A74943DEF209350C3883, 2C168F48A68644AA3CB6167BEC2A260E3E9C78D0766A15AA0FAA39CDBD7FA040 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 19:53:40.0490 0x12ec cphs - ok 19:53:40.0522 0x1788 Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc 19:53:40.0522 0x12ec [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:53:40.0522 0x12ec CryptSvc - ok 19:53:40.0553 0x12ec [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\Windows\system32\drivers\dam.sys 19:53:40.0553 0x12ec dam - ok 19:53:40.0600 0x12ec [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll 19:53:40.0615 0x12ec DcomLaunch - ok 19:53:40.0647 0x12ec [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll 19:53:40.0647 0x12ec defragsvc - ok 19:53:40.0678 0x12ec [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll 19:53:40.0678 0x12ec DeviceAssociationService - ok 19:53:40.0709 0x12ec [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll 19:53:40.0709 0x12ec DeviceInstall - ok 19:53:40.0740 0x12ec [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys 19:53:40.0740 0x12ec Dfsc - ok 19:53:40.0772 0x12ec [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 19:53:40.0772 0x12ec dg_ssudbus - ok 19:53:40.0819 0x12ec [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll 19:53:40.0819 0x12ec Dhcp - ok 19:53:40.0881 0x12ec [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\Windows\system32\diagtrack.dll 19:53:40.0912 0x12ec DiagTrack - ok 19:53:41.0022 0x12ec [ 68BFCCC1EC25F0F942EA32AD9D67A131, CF19DA2816262D9D532249970581E55DF595A5FD0ABE44C5124A40F42A9B28B4 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe 19:53:41.0037 0x12ec DigitalWave.Update.Service - ok 19:53:41.0037 0x12ec [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys 19:53:41.0053 0x12ec disk - ok 19:53:41.0084 0x12ec [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys 19:53:41.0084 0x12ec dmvsc - ok 19:53:41.0115 0x12ec [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:53:41.0115 0x12ec Dnscache - ok 19:53:41.0131 0x12ec [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll 19:53:41.0147 0x12ec dot3svc - ok 19:53:41.0178 0x12ec [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll 19:53:41.0178 0x12ec DPS - ok 19:53:41.0194 0x12ec [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:53:41.0194 0x12ec drmkaud - ok 19:53:41.0209 0x12ec [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll 19:53:41.0225 0x12ec DsmSvc - ok 19:53:41.0272 0x12ec [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:53:41.0303 0x12ec DXGKrnl - ok 19:53:41.0319 0x12ec [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll 19:53:41.0319 0x12ec Eaphost - ok 19:53:41.0428 0x12ec [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys 19:53:41.0475 0x12ec ebdrv - ok 19:53:41.0506 0x12ec [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe 19:53:41.0506 0x12ec EFS - ok 19:53:41.0553 0x12ec [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys 19:53:41.0553 0x12ec EhStorClass - ok 19:53:41.0569 0x12ec [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys 19:53:41.0569 0x12ec EhStorTcgDrv - ok 19:53:41.0584 0x12ec [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 19:53:41.0584 0x12ec ElbyCDIO - ok 19:53:41.0615 0x12ec [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys 19:53:41.0615 0x12ec ErrDev - ok 19:53:41.0662 0x12ec [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll 19:53:41.0678 0x12ec EventSystem - ok 19:53:41.0725 0x12ec [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys 19:53:41.0725 0x12ec exfat - ok 19:53:41.0740 0x12ec [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:53:41.0740 0x12ec fastfat - ok 19:53:41.0787 0x12ec [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe 19:53:41.0803 0x12ec Fax - ok 19:53:41.0803 0x12ec [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys 19:53:41.0803 0x12ec fdc - ok 19:53:41.0819 0x12ec [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll 19:53:41.0819 0x12ec fdPHost - ok 19:53:41.0850 0x12ec [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll 19:53:41.0850 0x12ec FDResPub - ok 19:53:41.0866 0x12ec [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll 19:53:41.0881 0x12ec fhsvc - ok 19:53:41.0881 0x16fc Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService 19:53:41.0897 0x12ec [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:53:41.0897 0x12ec FileInfo - ok 19:53:41.0928 0x12ec [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:53:41.0928 0x12ec Filetrace - ok 19:53:41.0944 0x12ec [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys 19:53:41.0944 0x12ec flpydisk - ok 19:53:41.0991 0x12ec [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:53:41.0991 0x12ec FltMgr - ok 19:53:42.0084 0x12ec [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\Windows\system32\FntCache.dll 19:53:42.0100 0x12ec FontCache - ok 19:53:42.0225 0x12ec [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:53:42.0225 0x12ec FontCache3.0.0.0 - ok 19:53:42.0287 0x12ec [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:53:42.0287 0x12ec FsDepends - ok 19:53:42.0334 0x12ec [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:53:42.0334 0x12ec Fs_Rec - ok 19:53:42.0366 0x12ec [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:53:42.0381 0x12ec fvevol - ok 19:53:42.0397 0x12ec [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys 19:53:42.0397 0x12ec FxPPM - ok 19:53:42.0412 0x12ec [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 19:53:42.0412 0x12ec gagp30kx - ok 19:53:42.0428 0x12ec [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys 19:53:42.0428 0x12ec gencounter - ok 19:53:42.0475 0x12ec [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys 19:53:42.0475 0x12ec GPIOClx0101 - ok 19:53:42.0569 0x12ec [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll 19:53:42.0584 0x12ec gpsvc - ok 19:53:42.0631 0x12ec [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:53:42.0631 0x12ec gupdate - ok 19:53:42.0647 0x12ec [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:53:42.0662 0x12ec gupdatem - ok 19:53:42.0694 0x12ec [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys 19:53:42.0694 0x12ec HDAudBus - ok 19:53:42.0709 0x12ec [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys 19:53:42.0709 0x12ec HidBatt - ok 19:53:42.0725 0x12ec [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys 19:53:42.0741 0x12ec HidBth - ok 19:53:42.0756 0x12ec [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys 19:53:42.0756 0x12ec hidi2c - ok 19:53:42.0772 0x12ec [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys 19:53:42.0787 0x12ec HidIr - ok 19:53:42.0803 0x12ec [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll 19:53:42.0803 0x12ec hidserv - ok 19:53:42.0803 0x12ec [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys 19:53:42.0803 0x12ec HidUsb - ok 19:53:42.0819 0x12ec [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll 19:53:42.0819 0x12ec hkmsvc - ok 19:53:42.0866 0x12ec [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:53:42.0866 0x12ec HomeGroupListener - ok 19:53:42.0897 0x12ec [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:53:42.0897 0x12ec HomeGroupProvider - ok 19:53:42.0944 0x1788 Object send P2P result: true 19:53:42.0944 0x1788 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService 19:53:42.0991 0x12ec [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 19:53:43.0006 0x12ec HP Support Assistant Service - ok 19:53:43.0037 0x12ec [ D104FF402FC3DDB686E6DEF00334DB26, 6CCE56587C02ECE474C6BF959C4A6F752A1FF0B718FBE8EE4FD9755313A207C1 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys 19:53:43.0037 0x12ec hpdskflt - ok 19:53:43.0116 0x12ec [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 19:53:43.0131 0x12ec hpqwmiex - ok 19:53:43.0162 0x12ec [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 19:53:43.0162 0x12ec HpSAMD - ok 19:53:43.0162 0x12ec [ 55FFCBB036D7BE4BCA6FA1421203A27F, 5BB865FC631390F59AF5F2452D4D2DA47E34A49E194C8010E942F5A2013F3895 ] hpsrv C:\Windows\system32\Hpservice.exe 19:53:43.0178 0x12ec hpsrv - ok 19:53:43.0225 0x12ec [ 3DB220B90C0C99057C5FDC735C8A7FA8, ECF6BAB435055C27609A9253F7ECBF917C3C411CF576373A877EA01A717D6FB3 ] HPWMISVC c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe 19:53:43.0241 0x12ec HPWMISVC - ok 19:53:43.0287 0x12ec [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:53:43.0303 0x12ec HTTP - ok 19:53:43.0334 0x12ec [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:53:43.0334 0x12ec hwpolicy - ok 19:53:43.0366 0x12ec [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys 19:53:43.0366 0x12ec hyperkbd - ok 19:53:43.0381 0x12ec [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys 19:53:43.0381 0x12ec HyperVideo - ok 19:53:43.0428 0x12ec [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys 19:53:43.0428 0x12ec i8042prt - ok 19:53:43.0475 0x12ec [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 19:53:43.0475 0x12ec iaLPSSi_GPIO - ok 19:53:43.0491 0x12ec [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys 19:53:43.0491 0x12ec iaLPSSi_I2C - ok 19:53:43.0537 0x12ec [ 60F6526DB3297C7324957EF3143F88FF, F0D4AF7E66CD42793C5137B4F5E66AFCE13253C3FF8D397921EA23CD04D49763 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys 19:53:43.0537 0x12ec iaStorA - ok 19:53:43.0584 0x12ec [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys 19:53:43.0584 0x12ec iaStorAV - ok 19:53:43.0694 0x12ec [ 9D7AFC77C928460336642D6EFDB5BDEA, 9CF555B94A21D7A518B9228B6BE86679200FEC4219156D7D2183CDC906BA4548 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 19:53:43.0694 0x12ec IAStorDataMgrSvc - ok 19:53:43.0709 0x12ec [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:53:43.0709 0x12ec iaStorV - ok 19:53:43.0772 0x12ec [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 19:53:43.0772 0x12ec ICCS - ok 19:53:43.0772 0x12ec IEEtwCollectorService - ok 19:53:43.0912 0x12ec [ CEFA6BDB4789F3DA003ACBDCC64F5877, 0FE78AEFA9A75B4A99AD6B73AC3252E4C6DFA9D306FEC02D26C1FD574108BFBA ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 19:53:43.0959 0x12ec igfx - ok 19:53:44.0006 0x12ec [ 75909533EECD0CD9D5974B59474AA6C0, F81D0F949F1F01D09C91735C79288395B82C27B8FB78804752E5A678D7EF3860 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe 19:53:44.0006 0x12ec igfxCUIService1.0.0.0 - ok 19:53:44.0053 0x12ec [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\Windows\System32\ikeext.dll 19:53:44.0069 0x12ec IKEEXT - ok 19:53:44.0116 0x12ec [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 19:53:44.0116 0x12ec intaud_WaveExtensible - ok 19:53:44.0241 0x12ec [ 6237A7F235E7BB3D4FAFB7E71B0D6EC1, 5FC6A225BDFEA3461713C16F4A2EAA1728E2D1AEDDFFB4165833EB0D82A99B31 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 19:53:44.0272 0x12ec IntcAzAudAddService - ok 19:53:44.0319 0x16fc Object send P2P result: true 19:53:44.0334 0x12ec [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 19:53:44.0334 0x16fc Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb 19:53:44.0350 0x12ec IntcDAud - ok 19:53:44.0413 0x12ec [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 19:53:44.0428 0x12ec Intel(R) Capability Licensing Service Interface - ok 19:53:44.0459 0x12ec [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 19:53:44.0475 0x12ec Intel(R) Capability Licensing Service TCP IP Interface - ok 19:53:44.0522 0x12ec [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 19:53:44.0522 0x12ec Intel(R) ME Service - ok 19:53:44.0553 0x12ec [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys 19:53:44.0553 0x12ec intelide - ok 19:53:44.0569 0x12ec [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\Windows\system32\drivers\intelpep.sys 19:53:44.0584 0x12ec intelpep - ok 19:53:44.0600 0x12ec [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys 19:53:44.0600 0x12ec intelppm - ok 19:53:44.0647 0x12ec [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:53:44.0647 0x12ec IpFilterDriver - ok 19:53:44.0709 0x12ec [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:53:44.0725 0x12ec iphlpsvc - ok 19:53:44.0772 0x12ec [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys 19:53:44.0772 0x12ec IPMIDRV - ok 19:53:44.0803 0x12ec [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:53:44.0803 0x12ec IPNAT - ok 19:53:44.0866 0x12ec [ B76542085ABAD1AD4E5684F761DFC2EF, C6699B788D6E81E73519433F12BFD3B12C71A5EE2A12810697FE9C4350A179B3 ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe 19:53:44.0866 0x12ec IpOverUsbSvc - ok 19:53:44.0881 0x12ec [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:53:44.0881 0x12ec IRENUM - ok 19:53:44.0897 0x12ec [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:53:44.0897 0x12ec isapnp - ok 19:53:44.0944 0x12ec [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys 19:53:44.0959 0x12ec iScsiPrt - ok 19:53:44.0991 0x12ec [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus C:\Windows\System32\drivers\iwdbus.sys 19:53:44.0991 0x12ec iwdbus - ok 19:53:45.0022 0x12ec [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 19:53:45.0022 0x12ec jhi_service - ok 19:53:45.0053 0x12ec [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys 19:53:45.0053 0x12ec kbdclass - ok 19:53:45.0084 0x12ec [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys 19:53:45.0084 0x12ec kbdhid - ok 19:53:45.0131 0x12ec [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys 19:53:45.0131 0x12ec kdnic - ok 19:53:45.0131 0x12ec [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe 19:53:45.0147 0x12ec KeyIso - ok 19:53:45.0163 0x12ec [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:53:45.0178 0x12ec KSecDD - ok 19:53:45.0209 0x12ec [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:53:45.0209 0x12ec KSecPkg - ok 19:53:45.0241 0x12ec [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 19:53:45.0241 0x12ec ksthunk - ok 19:53:45.0272 0x12ec [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll 19:53:45.0272 0x12ec KtmRm - ok 19:53:45.0319 0x12ec [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll 19:53:45.0319 0x12ec LanmanServer - ok 19:53:45.0366 0x1788 Object send P2P result: true 19:53:45.0366 0x1788 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService 19:53:45.0366 0x12ec [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:53:45.0381 0x12ec LanmanWorkstation - ok 19:53:45.0413 0x12ec [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll 19:53:45.0428 0x12ec lfsvc - ok 19:53:45.0538 0x12ec [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe 19:53:45.0584 0x12ec LiveUpdateSvc - ok 19:53:45.0616 0x12ec [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:53:45.0616 0x12ec lltdio - ok 19:53:45.0663 0x12ec [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:53:45.0678 0x12ec lltdsvc - ok 19:53:45.0709 0x12ec [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll 19:53:45.0709 0x12ec lmhosts - ok 19:53:45.0756 0x12ec [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 19:53:45.0772 0x12ec LMS - ok 19:53:45.0803 0x12ec [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 19:53:45.0803 0x12ec LSI_SAS - ok 19:53:45.0819 0x12ec [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 19:53:45.0819 0x12ec LSI_SAS2 - ok 19:53:45.0834 0x12ec [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys 19:53:45.0834 0x12ec LSI_SAS3 - ok 19:53:45.0850 0x12ec [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys 19:53:45.0850 0x12ec LSI_SSS - ok 19:53:45.0913 0x12ec [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll 19:53:45.0928 0x12ec LSM - ok 19:53:45.0944 0x12ec [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys 19:53:45.0944 0x12ec luafv - ok 19:53:45.0959 0x12ec [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys 19:53:45.0959 0x12ec megasas - ok 19:53:45.0991 0x12ec [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys 19:53:46.0006 0x12ec megasr - ok 19:53:46.0022 0x12ec [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys 19:53:46.0022 0x12ec MEIx64 - ok 19:53:46.0053 0x12ec [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll 19:53:46.0053 0x12ec MMCSS - ok 19:53:46.0084 0x12ec [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys 19:53:46.0084 0x12ec Modem - ok 19:53:46.0100 0x12ec [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys 19:53:46.0100 0x12ec monitor - ok 19:53:46.0116 0x12ec [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys 19:53:46.0116 0x12ec mouclass - ok 19:53:46.0163 0x12ec [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys 19:53:46.0163 0x12ec mouhid - ok 19:53:46.0194 0x12ec [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:53:46.0209 0x12ec mountmgr - ok 19:53:46.0241 0x12ec [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:53:46.0256 0x12ec MozillaMaintenance - ok 19:53:46.0272 0x12ec [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:53:46.0288 0x12ec mpsdrv - ok 19:53:46.0334 0x12ec [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll 19:53:46.0350 0x12ec MpsSvc - ok 19:53:46.0366 0x12ec [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:53:46.0381 0x12ec MRxDAV - ok 19:53:46.0428 0x12ec [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:53:46.0444 0x12ec mrxsmb - ok 19:53:46.0459 0x12ec [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:53:46.0475 0x12ec mrxsmb10 - ok 19:53:46.0506 0x12ec [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:53:46.0506 0x12ec mrxsmb20 - ok 19:53:46.0538 0x12ec [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys 19:53:46.0538 0x12ec MsBridge - ok 19:53:46.0553 0x12ec [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe 19:53:46.0569 0x12ec MSDTC - ok 19:53:46.0585 0x12ec [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:53:46.0585 0x12ec Msfs - ok 19:53:46.0631 0x12ec [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys 19:53:46.0631 0x12ec msgpiowin32 - ok 19:53:46.0647 0x12ec [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:53:46.0647 0x12ec mshidkmdf - ok 19:53:46.0647 0x12ec [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys 19:53:46.0647 0x12ec mshidumdf - ok 19:53:46.0663 0x12ec [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:53:46.0663 0x12ec msisadrv - ok 19:53:46.0694 0x12ec [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:53:46.0694 0x12ec MSiSCSI - ok 19:53:46.0694 0x12ec msiserver - ok 19:53:46.0710 0x12ec [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:53:46.0710 0x12ec MSKSSRV - ok 19:53:46.0741 0x12ec [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys 19:53:46.0741 0x12ec MsLldp - ok 19:53:46.0756 0x12ec [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:53:46.0756 0x12ec MSPCLOCK - ok 19:53:46.0756 0x16fc Object send P2P result: true 19:53:46.0756 0x16fc Object required for P2P: [ BB73DD7B20132FB1A30990E025DEA1E4 ] Avira.ServiceHost 19:53:46.0756 0x12ec [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:53:46.0756 0x12ec MSPQM - ok 19:53:46.0772 0x12ec [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:53:46.0788 0x12ec MsRPC - ok 19:53:46.0803 0x12ec [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys 19:53:46.0803 0x12ec mssmbios - ok 19:53:46.0803 0x12ec [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:53:46.0803 0x12ec MSTEE - ok 19:53:46.0819 0x12ec [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys 19:53:46.0819 0x12ec MTConfig - ok 19:53:46.0835 0x12ec [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys 19:53:46.0835 0x12ec Mup - ok 19:53:46.0850 0x12ec [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys 19:53:46.0850 0x12ec mvumis - ok 19:53:46.0913 0x12ec [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll 19:53:46.0913 0x12ec napagent - ok 19:53:46.0960 0x12ec [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:53:46.0960 0x12ec NativeWifiP - ok 19:53:46.0975 0x12ec [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll 19:53:46.0975 0x12ec NcaSvc - ok 19:53:47.0006 0x12ec [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll 19:53:47.0006 0x12ec NcbService - ok 19:53:47.0022 0x12ec [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll 19:53:47.0038 0x12ec NcdAutoSetup - ok 19:53:47.0085 0x12ec [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:53:47.0100 0x12ec NDIS - ok 19:53:47.0131 0x12ec [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:53:47.0131 0x12ec NdisCap - ok 19:53:47.0147 0x12ec [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys 19:53:47.0163 0x12ec NdisImPlatform - ok 19:53:47.0178 0x12ec [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:53:47.0178 0x12ec NdisTapi - ok 19:53:47.0210 0x12ec [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:53:47.0210 0x12ec Ndisuio - ok 19:53:47.0225 0x12ec [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys 19:53:47.0225 0x12ec NdisVirtualBus - ok 19:53:47.0241 0x12ec [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:53:47.0256 0x12ec NdisWan - ok 19:53:47.0256 0x12ec [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys 19:53:47.0256 0x12ec NdisWanLegacy - ok 19:53:47.0288 0x12ec [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:53:47.0288 0x12ec NDProxy - ok 19:53:47.0350 0x12ec [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys 19:53:47.0350 0x12ec Ndu - ok 19:53:47.0366 0x12ec [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:53:47.0366 0x12ec NetBIOS - ok 19:53:47.0381 0x12ec [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:53:47.0381 0x12ec NetBT - ok 19:53:47.0397 0x12ec [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe 19:53:47.0397 0x12ec Netlogon - ok 19:53:47.0428 0x12ec [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll 19:53:47.0428 0x12ec Netman - ok 19:53:47.0460 0x12ec [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll 19:53:47.0475 0x12ec netprofm - ok 19:53:47.0585 0x12ec [ B863D45D0E5FA6DF7C06B404D7F8C2AA, BC3EA27ACEB0D5DF1319D0374FA37BBE8D2D3F6B673F0CB1954624175255F95B ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys 19:53:47.0616 0x12ec netr28x - ok 19:53:47.0678 0x12ec [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:53:47.0678 0x12ec NetTcpPortSharing - ok 19:53:47.0710 0x12ec [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys 19:53:47.0710 0x12ec netvsc - ok 19:53:47.0756 0x12ec [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll 19:53:47.0772 0x12ec NlaSvc - ok 19:53:47.0788 0x1788 Object send P2P result: true 19:53:47.0788 0x1788 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService 19:53:47.0803 0x12ec [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:53:47.0803 0x12ec Npfs - ok 19:53:47.0866 0x12ec [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys 19:53:47.0866 0x12ec npsvctrig - ok 19:53:47.0897 0x12ec [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll 19:53:47.0897 0x12ec nsi - ok 19:53:47.0913 0x12ec [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:53:47.0913 0x12ec nsiproxy - ok 19:53:47.0991 0x12ec [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:53:48.0053 0x12ec Ntfs - ok 19:53:48.0085 0x12ec [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys 19:53:48.0085 0x12ec Null - ok 19:53:48.0100 0x12ec [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:53:48.0100 0x12ec nvraid - ok 19:53:48.0116 0x12ec [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:53:48.0116 0x12ec nvstor - ok 19:53:48.0131 0x12ec [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:53:48.0131 0x12ec nv_agp - ok 19:53:48.0225 0x12ec [ 40CB809645F1D0A93C535F9B0402F269, E683ED4ED824CE4E49715F23E3D3E8245B398D7A0D279E1F31470B9D7AF7E223 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe 19:53:48.0256 0x12ec Origin Client Service - ok 19:53:48.0303 0x12ec [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:53:48.0303 0x12ec p2pimsvc - ok 19:53:48.0350 0x12ec [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll 19:53:48.0366 0x12ec p2psvc - ok 19:53:48.0381 0x12ec [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys 19:53:48.0381 0x12ec Parport - ok 19:53:48.0397 0x12ec [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:53:48.0413 0x12ec partmgr - ok 19:53:48.0444 0x12ec [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:53:48.0444 0x12ec PcaSvc - ok 19:53:48.0491 0x12ec [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys 19:53:48.0491 0x12ec pci - ok 19:53:48.0522 0x12ec [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys 19:53:48.0522 0x12ec pciide - ok 19:53:48.0538 0x12ec [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 19:53:48.0538 0x12ec pcmcia - ok 19:53:48.0538 0x12ec [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys 19:53:48.0538 0x12ec pcw - ok 19:53:48.0553 0x12ec [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\Windows\system32\drivers\pdc.sys 19:53:48.0569 0x12ec pdc - ok 19:53:48.0616 0x12ec [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:53:48.0616 0x12ec PEAUTH - ok 19:53:48.0725 0x12ec [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe 19:53:48.0725 0x12ec PerfHost - ok 19:53:48.0803 0x12ec [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll 19:53:48.0819 0x12ec pla - ok 19:53:48.0850 0x12ec [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:53:48.0850 0x12ec PlugPlay - ok 19:53:48.0881 0x12ec [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:53:48.0881 0x12ec PNRPAutoReg - ok 19:53:48.0897 0x12ec [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:53:48.0913 0x12ec PNRPsvc - ok 19:53:48.0944 0x12ec [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:53:48.0944 0x12ec PolicyAgent - ok 19:53:48.0975 0x12ec [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll 19:53:48.0975 0x12ec Power - ok 19:53:49.0007 0x12ec [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:53:49.0022 0x12ec PptpMiniport - ok 19:53:49.0163 0x12ec [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 19:53:49.0178 0x16fc Object send P2P result: true 19:53:49.0178 0x16fc Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt |
08.01.2016, 20:05 | #7 |
/// TB-Ausbilder | Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Servus, du hast zweimal die FRST.txt gepostet. Kannst du bitte noch die Addition.txt posten? |
08.01.2016, 20:06 | #8 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar..Code:
ATTFilter 19:53:49.0210 0x12ec PrintNotify - ok 19:53:49.0241 0x12ec [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys 19:53:49.0241 0x12ec Processor - ok 19:53:49.0288 0x12ec [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll 19:53:49.0288 0x12ec ProfSvc - ok 19:53:49.0319 0x12ec [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:53:49.0319 0x12ec Psched - ok 19:53:49.0350 0x12ec [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio C:\Windows\system32\pwdrvio.sys 19:53:49.0350 0x12ec pwdrvio - ok 19:53:49.0366 0x12ec [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio C:\WINDOWS\system32\pwdspio.sys 19:53:49.0366 0x12ec pwdspio - ok 19:53:49.0382 0x12ec [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll 19:53:49.0382 0x12ec QWAVE - ok 19:53:49.0413 0x12ec [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:53:49.0413 0x12ec QWAVEdrv - ok 19:53:49.0444 0x12ec [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:53:49.0444 0x12ec RasAcd - ok 19:53:49.0460 0x12ec [ 3EE5097945A7F680E320953271EB2D4F, 0B9F2B458177A654F65C5E862B7C55B35E20271B76D5E20A20F30D3223A1216F ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:53:49.0460 0x12ec RasAgileVpn - ok 19:53:49.0522 0x12ec [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll 19:53:49.0538 0x12ec RasAuto - ok 19:53:49.0553 0x12ec [ 1BD3022FD6E450B00DE560265638FD2A, 3878B443053DFFED62641BE8736891F426C7121EB8C4DB38FF0F218697133A6D ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:53:49.0569 0x12ec Rasl2tp - ok 19:53:49.0632 0x12ec [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll 19:53:49.0647 0x12ec RasMan - ok 19:53:49.0663 0x12ec [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:53:49.0663 0x12ec RasPppoe - ok 19:53:49.0678 0x12ec [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:53:49.0678 0x12ec RasSstp - ok 19:53:49.0725 0x12ec [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:53:49.0725 0x12ec rdbss - ok 19:53:49.0757 0x12ec [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys 19:53:49.0757 0x12ec rdpbus - ok 19:53:49.0772 0x12ec [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 19:53:49.0772 0x12ec RDPDR - ok 19:53:49.0788 0x12ec [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 19:53:49.0788 0x12ec RdpVideoMiniport - ok 19:53:49.0803 0x12ec [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:53:49.0819 0x12ec rdyboost - ok 19:53:49.0882 0x12ec [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys 19:53:49.0897 0x12ec ReFS - ok 19:53:49.0928 0x12ec [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll 19:53:49.0944 0x12ec RemoteAccess - ok 19:53:49.0960 0x12ec [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:53:49.0960 0x12ec RemoteRegistry - ok 19:53:50.0007 0x12ec [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys 19:53:50.0007 0x12ec RFCOMM - ok 19:53:50.0038 0x12ec [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:53:50.0038 0x12ec RpcEptMapper - ok 19:53:50.0069 0x12ec [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe 19:53:50.0069 0x12ec RpcLocator - ok 19:53:50.0100 0x12ec [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll 19:53:50.0116 0x12ec RpcSs - ok 19:53:50.0147 0x12ec [ 60BCF0F09DD963D0F89F571F9D1EB8C1, 59BC9EA4D6C5B24352FC7C2DF4856398F6F734A2C52FD9A9195539593C37C8BC ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys 19:53:50.0163 0x12ec RSP2STOR - ok 19:53:50.0194 0x12ec [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:53:50.0194 0x12ec rspndr - ok 19:53:50.0194 0x1788 Object send P2P result: true 19:53:50.0272 0x12ec [ 3B7A94926B52D171C5B515EDECC2118E, 4D3A8F24AAA8DD155BE2B5814701FFE67C367BB29D31D615685277D2DEF0DB0A ] rtbth C:\Windows\System32\drivers\rtbth.sys 19:53:50.0288 0x12ec rtbth - ok 19:53:50.0382 0x12ec [ 3A50489C017292386C1C6CF6EB283F23, 42E2C75A83A45070BB548591B83C3744F5DF6BB3743221D0442C1BA23789AD5D ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 19:53:50.0382 0x12ec RtkAudioService - ok 19:53:50.0428 0x12ec [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys 19:53:50.0460 0x12ec RTL8168 - ok 19:53:50.0491 0x12ec [ A336CE9CED25DAD273CC66556A511E0B, BC5FCD9C15F10A5775AA0E5BCEFA556A9D0B57267FA5518E1B3369BE066DD88C ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys 19:53:50.0491 0x12ec RTSPER - ok 19:53:50.0522 0x12ec [ E7E36EA112048AC5AC8AA15B6EC35109, 75AC0FF6E939FFCA1DB3E12E1CA2725AF9527867A25B3938AC5DF20620352F22 ] rzudd C:\Windows\System32\drivers\rzudd.sys 19:53:50.0522 0x12ec rzudd - ok 19:53:50.0553 0x12ec [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys 19:53:50.0553 0x12ec s3cap - ok 19:53:50.0585 0x12ec [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe 19:53:50.0585 0x12ec SamSs - ok 19:53:50.0616 0x12ec [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:53:50.0616 0x12ec sbp2port - ok 19:53:50.0647 0x12ec [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:53:50.0647 0x12ec SCardSvr - ok 19:53:50.0678 0x12ec [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll 19:53:50.0678 0x12ec ScDeviceEnum - ok 19:53:50.0694 0x12ec [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:53:50.0694 0x12ec scfilter - ok 19:53:50.0757 0x12ec [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll 19:53:50.0772 0x12ec Schedule - ok 19:53:50.0803 0x12ec [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll 19:53:50.0803 0x12ec SCPolicySvc - ok 19:53:50.0819 0x12ec [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys 19:53:50.0835 0x12ec sdbus - ok 19:53:50.0960 0x12ec [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 19:53:50.0975 0x12ec SDScannerService - ok 19:53:51.0007 0x12ec [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys 19:53:51.0007 0x12ec sdstor - ok 19:53:51.0069 0x12ec [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 19:53:51.0100 0x12ec SDUpdateService - ok 19:53:51.0116 0x12ec [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 19:53:51.0116 0x12ec SDWSCService - ok 19:53:51.0147 0x12ec [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:53:51.0147 0x12ec secdrv - ok 19:53:51.0163 0x12ec [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll 19:53:51.0163 0x12ec seclogon - ok 19:53:51.0194 0x12ec [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll 19:53:51.0194 0x12ec SENS - ok 19:53:51.0210 0x12ec [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsSimulatorDriver C:\Windows\system32\DRIVERS\WUDFRd.sys 19:53:51.0225 0x12ec SensorsSimulatorDriver - ok 19:53:51.0241 0x12ec [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:53:51.0257 0x12ec SensrSvc - ok 19:53:51.0272 0x12ec [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys 19:53:51.0272 0x12ec SerCx - ok 19:53:51.0303 0x12ec [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys 19:53:51.0303 0x12ec SerCx2 - ok 19:53:51.0335 0x12ec [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys 19:53:51.0335 0x12ec Serenum - ok 19:53:51.0350 0x12ec [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys 19:53:51.0350 0x12ec Serial - ok 19:53:51.0366 0x12ec [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys 19:53:51.0366 0x12ec sermouse - ok 19:53:51.0413 0x12ec [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll 19:53:51.0413 0x12ec SessionEnv - ok 19:53:51.0429 0x12ec [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys 19:53:51.0429 0x12ec sfloppy - ok 19:53:51.0460 0x12ec [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:53:51.0475 0x12ec SharedAccess - ok 19:53:51.0522 0x12ec [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:53:51.0522 0x12ec ShellHWDetection - ok 19:53:51.0569 0x12ec [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 19:53:51.0569 0x12ec SiSRaid2 - ok 19:53:51.0585 0x12ec [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 19:53:51.0585 0x12ec SiSRaid4 - ok 19:53:51.0600 0x16fc Object send P2P result: true 19:53:51.0616 0x12ec [ 3E76F338E42616A22CA3AC379F95F2CB, 8EFE03420FF5BB518D1B9A38770A4A3FF19979D19F023F3C07C21E26676D9317 ] SmbDrv C:\Windows\System32\drivers\Smb_driver_AMDASF.sys 19:53:51.0616 0x12ec SmbDrv - ok 19:53:51.0647 0x12ec [ EBC839A7079CE7B353153AF9FAE8A57A, BEA3A1DEEA0CB0EE2E1B73CD592CC77C9B9FDEA2A0EA9369A0E10DEF97C5F923 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 19:53:51.0647 0x12ec SmbDrvI - ok 19:53:51.0679 0x12ec [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll 19:53:51.0679 0x12ec smphost - ok 19:53:51.0710 0x12ec [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:53:51.0710 0x12ec SNMPTRAP - ok 19:53:51.0757 0x12ec [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys 19:53:51.0757 0x12ec spaceport - ok 19:53:51.0819 0x12ec [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys 19:53:51.0819 0x12ec SpbCx - ok 19:53:51.0897 0x12ec [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\SysWOW64\speedfan.sys 19:53:51.0897 0x12ec speedfan - ok 19:53:51.0960 0x12ec [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\Windows\System32\spoolsv.exe 19:53:51.0991 0x12ec Spooler - ok 19:53:52.0194 0x12ec [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc C:\Windows\system32\sppsvc.exe 19:53:52.0272 0x12ec sppsvc - ok 19:53:52.0366 0x12ec [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 19:53:52.0366 0x12ec SQLWriter - ok 19:53:52.0413 0x12ec [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys 19:53:52.0429 0x12ec srv - ok 19:53:52.0460 0x12ec [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:53:52.0475 0x12ec srv2 - ok 19:53:52.0475 0x12ec [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:53:52.0491 0x12ec srvnet - ok 19:53:52.0507 0x12ec [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:53:52.0507 0x12ec SSDPSRV - ok 19:53:52.0522 0x12ec [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:53:52.0522 0x12ec SstpSvc - ok 19:53:52.0554 0x12ec [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 19:53:52.0569 0x12ec ssudmdm - ok 19:53:52.0710 0x12ec [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe 19:53:52.0725 0x12ec ss_conn_service - ok 19:53:52.0804 0x12ec [ 2DA28B9D2FBB9BE0324B7D03D9854D52, 2D54060A121A1572D9D87E8B334F97DDECDFF723B69105AA10E3AF4CB064BBE3 ] StartMenuService C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe 19:53:52.0819 0x12ec StartMenuService - ok 19:53:52.0866 0x12ec [ 7AE700179C4839F657D245319E234A06, 6EAEFE4A8CAF1A70F1BAD4DD457C6AEC080839542D4E5582376489800BE52E89 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 19:53:52.0882 0x12ec Steam Client Service - ok 19:53:52.0913 0x12ec [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys 19:53:52.0913 0x12ec stexstor - ok 19:53:53.0069 0x12ec [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll 19:53:53.0085 0x12ec stisvc - ok 19:53:53.0100 0x12ec [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys 19:53:53.0100 0x12ec storahci - ok 19:53:53.0132 0x12ec [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 19:53:53.0132 0x12ec storflt - ok 19:53:53.0147 0x12ec [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys 19:53:53.0163 0x12ec stornvme - ok 19:53:53.0179 0x12ec [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll 19:53:53.0179 0x12ec StorSvc - ok 19:53:53.0225 0x12ec [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys 19:53:53.0225 0x12ec storvsc - ok 19:53:53.0241 0x12ec [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll 19:53:53.0241 0x12ec svsvc - ok 19:53:53.0272 0x12ec [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys 19:53:53.0272 0x12ec swenum - ok 19:53:53.0319 0x12ec [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll 19:53:53.0335 0x12ec swprv - ok 19:53:53.0366 0x12ec [ 2D6C2C672D092B82FD22AFDB9E32B1EF, E5988F82955D9A5EE712831CF0E420A88316E7126BC24D834460CF7115F91AD4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 19:53:53.0382 0x12ec SynTP - ok 19:53:53.0460 0x12ec [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll 19:53:53.0475 0x12ec SysMain - ok 19:53:53.0522 0x12ec [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll 19:53:53.0538 0x12ec SystemEventsBroker - ok 19:53:53.0554 0x12ec [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:53:53.0554 0x12ec TabletInputService - ok 19:53:53.0585 0x12ec [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll 19:53:53.0585 0x12ec TapiSrv - ok 19:53:53.0694 0x12ec [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:53:53.0741 0x12ec Tcpip - ok 19:53:53.0804 0x12ec [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:53:53.0835 0x12ec TCPIP6 - ok 19:53:53.0866 0x12ec [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:53:53.0866 0x12ec tcpipreg - ok 19:53:53.0913 0x12ec [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:53:53.0913 0x12ec tdx - ok 19:53:53.0991 0x12ec [ 1A4B1847BD8C7079C3A6C873342CC84A, E49E60896C6726EB8F8EE3A443B839AA6A6E802919C7D102DD820AD7C3DDA32C ] Te.Service C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe 19:53:53.0991 0x12ec Te.Service - ok 19:53:54.0022 0x12ec [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys 19:53:54.0022 0x12ec terminpt - ok 19:53:54.0085 0x12ec [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll 19:53:54.0116 0x12ec TermService - ok 19:53:54.0132 0x12ec [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll 19:53:54.0132 0x12ec Themes - ok 19:53:54.0163 0x12ec [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll 19:53:54.0163 0x12ec THREADORDER - ok 19:53:54.0179 0x12ec [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll 19:53:54.0194 0x12ec TimeBroker - ok 19:53:54.0226 0x12ec [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys 19:53:54.0226 0x12ec TPM - ok 19:53:54.0257 0x12ec [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll 19:53:54.0257 0x12ec TrkWks - ok 19:53:54.0319 0x12ec [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:53:54.0319 0x12ec TrustedInstaller - ok 19:53:54.0366 0x12ec [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 19:53:54.0366 0x12ec TsUsbFlt - ok 19:53:54.0413 0x12ec [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys 19:53:54.0413 0x12ec TsUsbGD - ok 19:53:54.0444 0x12ec [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:53:54.0460 0x12ec tunnel - ok 19:53:54.0491 0x12ec [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 19:53:54.0491 0x12ec uagp35 - ok 19:53:54.0507 0x12ec [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys 19:53:54.0522 0x12ec UASPStor - ok 19:53:54.0554 0x12ec [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys 19:53:54.0554 0x12ec UCX01000 - ok 19:53:54.0601 0x12ec [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:53:54.0616 0x12ec udfs - ok 19:53:54.0647 0x12ec [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys 19:53:54.0647 0x12ec UEFI - ok 19:53:54.0679 0x12ec [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:53:54.0679 0x12ec UI0Detect - ok 19:53:54.0679 0x12ec [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 19:53:54.0679 0x12ec uliagpkx - ok 19:53:54.0710 0x12ec [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys 19:53:54.0710 0x12ec umbus - ok 19:53:54.0726 0x12ec [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys 19:53:54.0726 0x12ec UmPass - ok 19:53:54.0757 0x12ec [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll 19:53:54.0757 0x12ec UmRdpService - ok 19:53:54.0788 0x12ec [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll 19:53:54.0788 0x12ec upnphost - ok 19:53:54.0819 0x12ec [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 19:53:54.0819 0x12ec usbaudio - ok 19:53:54.0835 0x12ec [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys 19:53:54.0851 0x12ec usbccgp - ok 19:53:54.0866 0x12ec [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys 19:53:54.0866 0x12ec usbcir - ok 19:53:54.0897 0x12ec [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci C:\Windows\System32\drivers\usbehci.sys 19:53:54.0897 0x12ec usbehci - ok 19:53:54.0913 0x12ec [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\Windows\System32\drivers\usbhub.sys 19:53:54.0929 0x12ec usbhub - ok 19:53:54.0960 0x12ec [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys 19:53:54.0960 0x12ec USBHUB3 - ok 19:53:55.0007 0x12ec [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys 19:53:55.0007 0x12ec usbohci - ok 19:53:55.0038 0x12ec [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys 19:53:55.0054 0x12ec usbprint - ok 19:53:55.0085 0x12ec [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS 19:53:55.0101 0x12ec USBSTOR - ok 19:53:55.0116 0x12ec [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys 19:53:55.0116 0x12ec usbuhci - ok 19:53:55.0147 0x12ec [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 19:53:55.0163 0x12ec usbvideo - ok 19:53:55.0210 0x12ec [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS 19:53:55.0210 0x12ec USBXHCI - ok 19:53:55.0241 0x12ec [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe 19:53:55.0241 0x12ec VaultSvc - ok 19:53:55.0288 0x12ec [ 6F2C8F6969E1282FAAC560C04DECF0D1, C313E56E92203E7FDDF22052B751EAA76CC62F652B3FCA1871198441A0F85A1A ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys 19:53:55.0304 0x12ec VBoxDrv - ok 19:53:55.0366 0x12ec [ F844DC3A071B9840B73A07BD81DED40B, B381CCD493660817544B6FED83C8E583028C4B60420AC812357440F6248D351E ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys 19:53:55.0366 0x12ec VBoxNetAdp - ok 19:53:55.0366 0x12ec VBoxNetFlt - ok 19:53:55.0413 0x12ec [ 73B84C1CE9731DA3EA0B11839C47F729, DE91D345DA348AB81992B7D75163EDB276E9A63724FA1B1E15A09DC33F47EF8D ] VBoxNetLwf C:\Windows\system32\DRIVERS\VBoxNetLwf.sys 19:53:55.0429 0x12ec VBoxNetLwf - ok 19:53:55.0444 0x12ec [ 6AB7FC5FA41DCF67929F95D1431B18D1, 67684C16291CFCC0DF9AE307248DFFB34D2E301B350ABD868B2384FA75786DB6 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys 19:53:55.0444 0x12ec VBoxUSBMon - ok 19:53:55.0476 0x12ec [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\System32\drivers\VClone.sys 19:53:55.0476 0x12ec VClone - ok 19:53:55.0507 0x12ec [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 19:53:55.0507 0x12ec vdrvroot - ok 19:53:55.0554 0x12ec [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe 19:53:55.0569 0x12ec vds - ok 19:53:55.0601 0x12ec [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys 19:53:55.0601 0x12ec VerifierExt - ok 19:53:55.0632 0x12ec [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp C:\Windows\System32\drivers\vhdmp.sys 19:53:55.0632 0x12ec vhdmp - ok 19:53:55.0679 0x12ec [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys 19:53:55.0679 0x12ec viaide - ok 19:53:55.0710 0x12ec [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys 19:53:55.0710 0x12ec vmbus - ok 19:53:55.0741 0x12ec [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys 19:53:55.0741 0x12ec VMBusHID - ok 19:53:55.0788 0x12ec [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll 19:53:55.0804 0x12ec vmicguestinterface - ok 19:53:55.0835 0x12ec [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll 19:53:55.0835 0x12ec vmicheartbeat - ok 19:53:55.0851 0x12ec [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll 19:53:55.0866 0x12ec vmickvpexchange - ok 19:53:55.0866 0x12ec [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll 19:53:55.0882 0x12ec vmicrdv - ok 19:53:55.0897 0x12ec [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll 19:53:55.0897 0x12ec vmicshutdown - ok 19:53:55.0913 0x12ec [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll 19:53:55.0913 0x12ec vmictimesync - ok 19:53:55.0929 0x12ec [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll 19:53:55.0944 0x12ec vmicvss - ok 19:53:55.0944 0x12ec [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys 19:53:55.0944 0x12ec volmgr - ok 19:53:55.0960 0x12ec [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:53:55.0976 0x12ec volmgrx - ok 19:53:55.0976 0x12ec [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:53:55.0991 0x12ec volsnap - ok 19:53:56.0007 0x12ec [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys 19:53:56.0023 0x12ec vpci - ok 19:53:56.0038 0x12ec [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 19:53:56.0038 0x12ec vsmraid - ok 19:53:56.0116 0x12ec [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\Windows\system32\vssvc.exe 19:53:56.0132 0x12ec VSS - ok 19:53:56.0257 0x12ec [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe 19:53:56.0257 0x12ec VSStandardCollectorService140 - ok 19:53:56.0288 0x12ec [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys 19:53:56.0304 0x12ec VSTXRAID - ok 19:53:56.0366 0x12ec [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 19:53:56.0366 0x12ec vwifibus - ok 19:53:56.0398 0x12ec [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 19:53:56.0398 0x12ec vwififlt - ok 19:53:56.0413 0x12ec [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 19:53:56.0413 0x12ec vwifimp - ok 19:53:56.0460 0x12ec [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll 19:53:56.0476 0x12ec W32Time - ok 19:53:56.0538 0x12ec [ A22546B0093EBBDE03C52E56C3391373, 0C28D5C6A4E4EF12ABF0195409CAED17E07DEA22FB330D99FEEF847CBBC04A4E ] w3logsvc C:\Windows\system32\inetsrv\w3logsvc.dll 19:53:56.0554 0x12ec w3logsvc - ok 19:53:56.0569 0x12ec [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys 19:53:56.0569 0x12ec WacomPen - ok 19:53:56.0616 0x12ec [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:53:56.0616 0x12ec WANARP - ok 19:53:56.0616 0x12ec [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:53:56.0632 0x12ec Wanarpv6 - ok 19:53:56.0694 0x12ec [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll 19:53:56.0710 0x12ec WAS - ok 19:53:56.0773 0x12ec [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe 19:53:56.0788 0x12ec wbengine - ok 19:53:56.0819 0x12ec [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:53:56.0819 0x12ec WbioSrvc - ok 19:53:56.0851 0x12ec [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll 19:53:56.0851 0x12ec Wcmsvc - ok 19:53:56.0882 0x12ec [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:53:56.0882 0x12ec wcncsvc - ok 19:53:56.0898 0x12ec [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:53:56.0898 0x12ec WcsPlugInService - ok 19:53:56.0929 0x12ec [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys 19:53:56.0929 0x12ec WdBoot - ok 19:53:56.0976 0x12ec [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\Windows\System32\drivers\wdcsam64.sys 19:53:56.0976 0x12ec WDC_SAM - ok 19:53:57.0038 0x12ec [ 464C440F9344289FDEA03F7475C44ACC, 5C7F9C1B604FCF01A78F69DBFC379B47E1A00EE35279A9F0F90E1E3663B0C3B7 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe 19:53:57.0038 0x12ec WDDriveService - ok 19:53:57.0116 0x12ec [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:53:57.0132 0x12ec Wdf01000 - ok 19:53:57.0148 0x12ec [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys 19:53:57.0163 0x12ec WdFilter - ok 19:53:57.0179 0x12ec [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:53:57.0179 0x12ec WdiServiceHost - ok 19:53:57.0179 0x12ec [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:53:57.0179 0x12ec WdiSystemHost - ok 19:53:57.0210 0x12ec [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys 19:53:57.0226 0x12ec WdNisDrv - ok 19:53:57.0241 0x12ec WdNisSvc - ok 19:53:57.0273 0x12ec [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\Windows\System32\webclnt.dll 19:53:57.0273 0x12ec WebClient - ok 19:53:57.0304 0x12ec [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:53:57.0304 0x12ec Wecsvc - ok 19:53:57.0319 0x12ec [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll 19:53:57.0319 0x12ec WEPHOSTSVC - ok 19:53:57.0351 0x12ec [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:53:57.0351 0x12ec wercplsupport - ok 19:53:57.0382 0x12ec [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll 19:53:57.0382 0x12ec WerSvc - ok 19:53:57.0413 0x12ec [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys 19:53:57.0413 0x12ec WFPLWFS - ok 19:53:57.0444 0x12ec [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll 19:53:57.0444 0x12ec WiaRpc - ok 19:53:57.0460 0x12ec [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:53:57.0460 0x12ec WIMMount - ok 19:53:57.0476 0x12ec WinDefend - ok 19:53:57.0523 0x12ec [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll 19:53:57.0538 0x12ec WinHttpAutoProxySvc - ok 19:53:57.0601 0x12ec [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:53:57.0601 0x12ec Winmgmt - ok 19:53:57.0679 0x12ec [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll 19:53:57.0726 0x12ec WinRM - ok 19:53:57.0757 0x12ec [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\Windows\System32\drivers\WinUsb.sys 19:53:57.0757 0x12ec WinUsb - ok 19:53:57.0788 0x12ec [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys 19:53:57.0788 0x12ec WirelessButtonDriver - ok 19:53:57.0866 0x12ec [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll 19:53:57.0882 0x12ec WlanSvc - ok 19:53:57.0960 0x12ec [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll 19:53:57.0976 0x12ec wlidsvc - ok 19:53:58.0007 0x12ec [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys 19:53:58.0007 0x12ec WmiAcpi - ok 19:53:58.0069 0x12ec [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:53:58.0069 0x12ec wmiApSrv - ok 19:53:58.0163 0x12ec WMPNetworkSvc - ok 19:53:58.0194 0x12ec [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys 19:53:58.0194 0x12ec Wof - ok 19:53:58.0288 0x12ec [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll 19:53:58.0304 0x12ec workfolderssvc - ok 19:53:58.0335 0x12ec [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys 19:53:58.0335 0x12ec wpcfltr - ok 19:53:58.0366 0x12ec [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:53:58.0366 0x12ec WPCSvc - ok 19:53:58.0413 0x12ec [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:53:58.0413 0x12ec WPDBusEnum - ok 19:53:58.0445 0x12ec [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys 19:53:58.0445 0x12ec WpdUpFltr - ok 19:53:58.0491 0x12ec [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:53:58.0491 0x12ec ws2ifsl - ok 19:53:58.0523 0x12ec [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll 19:53:58.0523 0x12ec wscsvc - ok 19:53:58.0538 0x12ec WSearch - ok 19:53:58.0648 0x12ec [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll 19:53:58.0695 0x12ec WSService - ok 19:53:58.0820 0x12ec [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv C:\Windows\system32\wuaueng.dll 19:53:58.0866 0x12ec wuauserv - ok 19:53:58.0898 0x12ec [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:53:58.0898 0x12ec WudfPf - ok 19:53:58.0913 0x12ec [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys 19:53:58.0929 0x12ec WUDFRd - ok 19:53:58.0960 0x12ec [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:53:58.0960 0x12ec wudfsvc - ok 19:53:58.0976 0x12ec [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys 19:53:58.0976 0x12ec WUDFWpdFs - ok 19:53:58.0991 0x12ec [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys 19:53:58.0991 0x12ec WUDFWpdMtp - ok 19:53:59.0023 0x12ec [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll 19:53:59.0038 0x12ec WwanSvc - ok 19:53:59.0038 0x12ec ================ Scan global =============================== 19:53:59.0085 0x12ec [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll 19:53:59.0101 0x12ec [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll 19:53:59.0132 0x12ec [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll 19:53:59.0163 0x12ec [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe 19:53:59.0179 0x12ec [ Global ] - ok 19:53:59.0179 0x12ec ================ Scan MBR ================================== 19:53:59.0195 0x12ec [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 19:53:59.0195 0x12ec \Device\Harddisk0\DR0 - ok 19:53:59.0226 0x12ec [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 19:53:59.0226 0x12ec \Device\Harddisk1\DR1 - ok 19:53:59.0820 0x12ec [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2 19:53:59.0835 0x12ec \Device\Harddisk2\DR2 - ok 19:53:59.0835 0x12ec ================ Scan VBR ================================== 19:53:59.0851 0x12ec [ 216885FB42A51C7ACD8C689E63879383 ] \Device\Harddisk0\DR0\Partition1 19:53:59.0913 0x12ec \Device\Harddisk0\DR0\Partition1 - ok 19:53:59.0929 0x12ec [ 67A2D8D343D38CECBBABC4E91603524D ] \Device\Harddisk0\DR0\Partition2 19:53:59.0991 0x12ec \Device\Harddisk0\DR0\Partition2 - ok 19:54:00.0007 0x12ec [ C55EDC227AA97715A43BF19C136C7EF5 ] \Device\Harddisk0\DR0\Partition3 19:54:00.0070 0x12ec \Device\Harddisk0\DR0\Partition3 - ok 19:54:00.0085 0x12ec [ DAD8E063BE049A797F01ACB48D20893B ] \Device\Harddisk0\DR0\Partition4 19:54:00.0101 0x12ec \Device\Harddisk0\DR0\Partition4 - ok 19:54:00.0116 0x12ec [ 075854CF32EBB5692D2CF583D09400F7 ] \Device\Harddisk0\DR0\Partition5 19:54:00.0132 0x12ec \Device\Harddisk0\DR0\Partition5 - ok 19:54:00.0148 0x12ec [ E78F343ADB8B02F806734D6878BAC3EE ] \Device\Harddisk0\DR0\Partition6 19:54:00.0163 0x12ec \Device\Harddisk0\DR0\Partition6 - ok 19:54:00.0179 0x12ec [ A2B0117760552C2DB5912984F1926969 ] \Device\Harddisk0\DR0\Partition7 19:54:00.0179 0x12ec \Device\Harddisk0\DR0\Partition7 - ok 19:54:00.0210 0x12ec [ A55BD79B9E781791B5AE70A41B4ED1DC ] \Device\Harddisk1\DR1\Partition1 19:54:00.0210 0x12ec \Device\Harddisk1\DR1\Partition1 - ok 19:54:00.0210 0x12ec [ E98C61614179C13B334C11E0A855394B ] \Device\Harddisk2\DR2\Partition1 19:54:00.0273 0x12ec \Device\Harddisk2\DR2\Partition1 - ok 19:54:00.0273 0x12ec ================ Scan generic autorun ====================== 19:54:00.0507 0x12ec [ E3F5788BE024B06D28C0623AD87AF60B, CF9D1853863DE3D2F79D2DAD8E5D2119EA77C28624F1F0B94E87A35A34A66306 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 19:54:00.0632 0x12ec RTHDVCPL - ok 19:54:00.0632 0x12ec SynTPEnh - ok 19:54:00.0679 0x12ec [ 21CBCE4FC4B7916E7755710883C36AE1, 2E20E072E3D2DAAC5F413A6F56070C6C8C5DAB3DDD6BE0A12F90E56BD5137F5B ] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe 19:54:00.0679 0x12ec BtTray - ok 19:54:00.0726 0x12ec [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe 19:54:00.0726 0x12ec VirtualCloneDrive - ok 19:54:00.0882 0x12ec [ 25218B917E6C638A5A0257BBAF3AF7DB, 7DC4D65462D45CE4230300555C5EE666729179F135C720B2B79DC8409743A0F7 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe 19:54:00.0992 0x12ec WD Quick View - ok 19:54:01.0085 0x12ec [ 3A0710EED4371267DC2CA63AAE26954A, 1233DA56E9AE50E948D8F428AD5B4C748DBBD528D409A57AA6F60381FE95068B ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe 19:54:01.0101 0x12ec HPMessageService - ok 19:54:01.0195 0x12ec [ 845A4F50702714950804D6BD428083C1, 9718115B968BBCAEE35B3B0AE9817CAF1DAFAD3EE0F3927375CFF41A7E3F48EA ] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe 19:54:01.0242 0x12ec DriveUtilitiesHelper - ok 19:54:01.0335 0x12ec [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe 19:54:01.0351 0x12ec StartCCC - ok 19:54:01.0476 0x12ec [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe 19:54:01.0523 0x12ec SDTray - ok 19:54:01.0601 0x12ec [ 2EA68E33DFF41A10F1BAB15FC3A28076, C971C009F36A87116FBE785E45EB7192EAD9BAF713C43C8A3AC643624144ECF9 ] C:\Program Files (x86)\Samsung\kies 2\Kies\KiesTrayAgent.exe 19:54:01.0601 0x12ec KiesTrayAgent - ok 19:54:01.0679 0x12ec [ 7733088C1C9AF0D59A2E18095687AD0A, 79F82FEB231BACB849DD1D95B84B40731E3276202B489003038DE15AA765B65F ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe 19:54:01.0679 0x12ec Avira SystrayStartTrigger - ok 19:54:01.0867 0x12ec [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe 19:54:01.0882 0x12ec avgnt - ok 19:54:01.0929 0x12ec [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe 19:54:01.0945 0x12ec SpybotPostWindows10UpgradeReInstall - ok 19:54:01.0945 0x12ec Waiting for KSN requests completion. In queue: 102 19:54:02.0960 0x12ec Waiting for KSN requests completion. In queue: 102 19:54:03.0976 0x12ec Waiting for KSN requests completion. In queue: 102 19:54:05.0007 0x12ec AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated ) 19:54:05.0007 0x12ec AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated ) 19:54:05.0023 0x12ec Win FW state via NFP2: enabled ( trusted ) 19:54:07.0382 0x12ec ============================================================ 19:54:07.0382 0x12ec Scan finished 19:54:07.0382 0x12ec ============================================================ 19:54:07.0398 0x12a8 Detected object count: 0 19:54:07.0398 0x12a8 Actual detected object count: 0 19:54:11.0258 0x1608 Deinitialize success |
08.01.2016, 21:12 | #9 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Ja, tschuldige. Hier die addition; Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-01-2015 durchgeführt von Jillsy (2016-01-08 19:41:25) Gestartet von C:\Users\Jillsy\Desktop Windows 8.1 (X64) (2014-11-29 00:10:02) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-933261645-1527721118-3068914036-500 - Administrator - Disabled) Gast (S-1-5-21-933261645-1527721118-3068914036-501 - Limited - Disabled) Jillsy (S-1-5-21-933261645-1527721118-3068914036-1001 - Administrator - Enabled) => C:\Users\Jillsy ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1914 - Die Schalen des Zorns (HKLM-x32\...\{404E1E52-9302-45D2-B4F8-50D2251C391E}) (Version: 1.00.0000 - Rondomedia) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Act of Aggression (HKLM-x32\...\Steam App 318020) (Version: - Eugen Systems) Act of War: Direct Action (HKLM-x32\...\Steam App 2710) (Version: - Eugen Systems) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{eac7da46-2097-4dd4-80a6-8b67cbb2b23f}) (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Hidden Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts) Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team) Build Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Buildtools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden C&C - Zero Hour - Full Uncut Patch Final v.2.5 (HKLM-x32\...\C&C - Zero Hour - Full Uncut Patch Final v.2.5) (Version: - ) CodedUITestUAP (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ and The Covert Operations™ (HKLM-x32\...\{050E298D-C9B8-4582-A332-26201268A297}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ Red Alert, Counterstrike and The Aftermath (HKLM-x32\...\{B9A7CCBE-48F7-4B3E-BD20-76ADDD4DC69F}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ Renegade (HKLM-x32\...\{24DFBE4C-FD7F-48F2-A7D9-D1A0929B2113}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ Tiberian Sun™ and Firestorm™ (HKLM-x32\...\{78F60BDD-1923-4CF7-B6BD-087D06D7B5BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Day of Defeat (HKLM-x32\...\Steam App 30) (Version: - Valve) Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve) Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Diablo (HKLM-x32\...\Diablo) (Version: - ) Diablo II (HKLM-x32\...\Diablo II) (Version: - ) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Dropbox (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.72.1224 - DVDVideoSoft Ltd.) Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Gemeinsam genutzte Internet-Komponenten von Westwood (HKLM-x32\...\WOLAPI) (Version: - ) Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version: - ) Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games) GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.) Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM\...\{AB5BCC55-18E2-46C7-9405-FF61CB888F05}) (Version: 4.2.9.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}) (Version: 2.20.11 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{F2481209-98FE-4943-8903-90D19E1B7062}) (Version: 1.2.0.0 - Hewlett-Packard) HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard) HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) IDE Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Impire (HKLM-x32\...\Steam App 202130) (Version: - Cyanide Montreal) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle) Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) March of War (HKLM-x32\...\Steam App 234310) (Version: - ISOTX) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Visual Studio Express 2015 für Windows Desktop - DEU (HKLM-x32\...\{1541de02-c602-410d-9962-8f1c6cc255ff}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation) MiniRA Plus 1.2 installer (HKLM-x32\...\MiniRA Plus 1.2 installer) (Version: - ) Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden MyFreeCodec (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MyFreeCodec) (Version: - ) NetBeans IDE 7.4 (HKLM\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org) OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Ihr Firmenname) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation) Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations) PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Ralink Bluetooth Stack (HKLM\...\{C079427A-BB28-5168-3DB1-DC6608D226D4}) (Version: 11.0.748.2 - Mediatek) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6870 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.007 - Realtek Semiconductor Corp.) RIFT (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\RIFT) (Version: - Trion Worlds, Inc.) Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) Scribus 1.4.3 (64bit) (HKLM\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Starcraft (HKLM-x32\...\Starcraft) (Version: - ) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated) System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC) Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version: - ) Total Annihilation (HKLM-x32\...\Total Annihilation) (Version: - ) Tropico 4 1.00 (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Tropico 4) (Version: 1.00 - Kalypso Media) TypeScript Power Tool (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation) Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WD Drive Utilities (HKLM-x32\...\{59E0381C-1047-45A3-B68A-57F586EAF3C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{847C1E81-8A3F-49BF-8FF0-189E56634656}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{E8DDC6BB-0080-4E70-840B-58B74FBCDE11}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{979a4332-3eb0-4561-9f74-a4fb871cf2bd}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.) WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat) WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline) WinAppDeploy (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation) WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {008C2DBE-5F21-45A5-B6E3-BEFF20F6F2BE} - System32\Tasks\{BC9DA1F7-3812-46CE-A25B-0BDE9058B05A} => pcalua.exe -a "C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Command and Conquer Generals Zero Hour\blitzkrieg2.exe" -d "C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Command and Conquer Generals Zero Hour" Task: {0CE604DB-7A1B-409E-B51D-3AB505A79E8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2015-11-30] (Hewlett-Packard) Task: {2029588E-4BE7-4AB4-8BCC-C4BF6A643500} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe Task: {2FBD74D8-D7C0-4128-A16A-06D9E528476C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {56E7BFE8-13F4-4D6D-A81A-E518A1C1391D} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-10-27] (WiseCleaner.com) Task: {69E09619-57F7-45EA-99C4-87EC2135055E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {8664EE1D-ED66-4C58-97D8-3D388BFED8BC} - System32\Tasks\HPCeeScheduleForJillsy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {89E250D8-BF93-4F10-82B1-DA114BA9115C} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.) Task: {8F47A1B7-356E-495F-A46F-3B7A3C9CA05C} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-933261645-1527721118-3068914036-1001 => C:\Users\Jillsy\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-16] (Microsoft Corporation) Task: {92F0C38C-AFE3-4147-8BA4-9DCD0210F807} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-16] (Microsoft Corporation) Task: {A97CC0B6-588E-4DFE-B892-71FFDA363BFD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {B916F941-1A30-46FB-AF19-9D18789CFA73} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink) Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {CA11CFD3-3B00-43D5-8D5B-2CA61F0EE4CD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) Task: {D7702F07-06C1-4849-AA86-E14094963802} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.) Task: {E10533B9-CA87-4F6E-B21C-1185D92ACB93} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated) Task: {EDAD5230-AE74-4C61-BA97-ED62D7C564C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.) Task: {F9DB7AA9-FBD5-4AA5-9D22-8AD8F8CEA151} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.) Task: {FCDE6132-7403-453A-8EA6-F49A9156E762} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForJillsy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2013-11-01 15:48 - 2013-11-01 15:48 - 00371448 _____ () C:\Windows\system32\BsExtendFunc.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00029432 _____ () C:\Windows\system32\BsTrace.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00016632 _____ () C:\Windows\system32\BsHelpCSps.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00062200 _____ () C:\Windows\system32\BlueSoleilCSps.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00029432 _____ () C:\Windows\SYSTEM32\BsTrace.dll 2013-05-24 10:22 - 2013-05-24 10:22 - 00334648 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll 2011-07-05 10:53 - 2011-07-05 10:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00016632 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00062200 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2015-07-19 17:23 - 2015-05-20 18:03 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2015-09-21 10:21 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-09-21 10:21 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-09-21 10:21 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-09-21 10:21 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-09-21 10:21 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2015-07-19 17:23 - 2015-08-26 17:44 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl 2015-07-19 17:23 - 2015-08-26 17:44 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl 2015-07-19 17:23 - 2015-08-26 17:44 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl 2015-07-19 17:23 - 2015-08-26 17:45 - 00268920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll 2015-07-19 17:23 - 2015-08-26 17:44 - 00053024 _____ () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll 2015-07-19 17:23 - 2015-08-26 17:44 - 00622880 _____ () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll 2014-01-25 00:48 - 2013-08-05 08:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2015-07-19 17:23 - 2015-08-26 17:45 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00080120 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00371448 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll 2014-12-05 10:07 - 2014-12-05 10:07 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Da befinden sich 7866 mehr Seiten. IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123simsen.com -> www.123simsen.com Da befinden sich 7867 mehr Seiten. ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2012-07-26 06:26 - 2015-09-21 10:31 - 00450831 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Da befinden sich 15464 zusätzliche Einträge. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jillsy\Pictures\Politisch_sonstiges\communist_screensaver.jpg DNS Servers: 192.168.0.1 - 192.168.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: FoxitCloudUpdateService => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: WSearch => 2 HKLM\...\StartupApproved\Run32: => "SPEEDLINK KUDOS" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "Razer Synapse" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{77B00F4F-D287-4F4F-B225-50E11CAFCEB1}C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat] => (Block) C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat FirewallRules: [TCP Query User{9A87AD92-4F7A-4CBB-9709-F5DA91DCD46C}C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat] => (Block) C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat FirewallRules: [{0871632F-F2C3-4B2E-88FB-DC98E2B8C52C}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe FirewallRules: [{7F1623DC-581B-4733-B6CC-237AEACF2EAC}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DFADDF91-60AE-4D68-8923-393DB307F5B0}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B804410C-17D1-4F60-9BDA-9BCEBDF84D00}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\Command Conquer 3 Kanes Wrath\RetailExe\1.2\cnc3ep1.dat FirewallRules: [{7CD5BCB7-49B7-4405-9722-2387456E07F8}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe FirewallRules: [{818A33F8-BD88-490A-85F8-A2E31517E72F}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe FirewallRules: [{5A9683AF-E0D7-4025-BBB0-4BEE7D3428B5}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe FirewallRules: [{C6F3A2FB-73AA-45A3-A280-5AD665DC1D50}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe FirewallRules: [UDP Query User{54ECFB4C-6323-4541-9224-2B781BAD0F3D}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe FirewallRules: [TCP Query User{A02FC674-045F-42EF-9F5C-6EB9F9B5DD14}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe FirewallRules: [UDP Query User{DF8B3425-D02C-4F0C-9597-9FE96162CD37}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe FirewallRules: [TCP Query User{3CAD24A7-B537-49E3-BDA6-2821C03AD89E}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe FirewallRules: [{F17D43B4-E496-43F4-978D-A250C49DF401}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{0994C847-228F-4118-A1FB-F5CB9A537629}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{7396F9DA-0ACF-4390-BFAA-A02413775D81}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{03C6DCF0-DC4E-4AB1-A0E0-382F3D3AB0C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{D21D6C6B-DF37-4C13-8578-50824BBA7B0D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [{8C623108-47A3-48F5-BDDD-1F212D98A0E0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [UDP Query User{3479FF1F-51DA-4F67-A68A-BAD33DEDC37B}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe FirewallRules: [TCP Query User{E4B2AB9C-3799-4305-B3A4-390E374B4AFB}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe FirewallRules: [{67D10E8F-13AC-42B3-87A8-728785D99A63}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [{B1BBAE92-5261-4662-B010-E6340A62029D}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [{5627B416-724E-40E2-82A4-BE78181B6F3C}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\MarchOfWar\game.exe FirewallRules: [{F2AE1BB2-C783-404A-8FA2-147D3692B79A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\MarchOfWar\game.exe FirewallRules: [{E95530D4-4F4C-46C1-8139-6FD6FD40FC85}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe FirewallRules: [{2FF03B5F-BEAA-4C26-A0D5-BAE00DEEE3B7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe FirewallRules: [{A2311008-A14D-4BAD-914C-A9E787A730A8}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{952A3631-4B4D-421C-9A34-4C17F122DC30}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{43D97D92-C722-49E9-9FDF-918EB74C13BF}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{8C71ADB1-DAF1-45F7-B144-451B1B9D9981}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{4E14DED1-53CA-4E4A-B602-0B495979D819}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{347F59D6-76D7-45C7-B997-82535AF01DEE}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{527EE3A2-4754-4127-90C9-916F633F1258}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Impire\Impire.exe FirewallRules: [{48A9A9A2-E48C-483C-8A85-6A9A875DF5C0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Impire\Impire.exe FirewallRules: [{9603CE39-D288-445F-9692-67E01088498F}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe FirewallRules: [{A5F666EB-0ECC-4DBD-A019-3473A4D8281C}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe FirewallRules: [{F47E7B9F-5665-4BE4-BB14-7A42193EBB06}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe FirewallRules: [{9B708C1C-19E7-4962-9F9B-2C8EF5E4C893}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe FirewallRules: [UDP Query User{30D9ADD7-96E6-4287-A2A7-EF4EE55FA562}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe FirewallRules: [TCP Query User{A3F61336-F95F-4ACB-8EF4-CA21DD7C2AFC}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe FirewallRules: [{9A9D5D9D-0966-4C66-8600-DA77AB0796B4}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe FirewallRules: [{F57658E0-4F8C-48D1-A1E4-A93659AAA2A8}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe FirewallRules: [UDP Query User{C41D3E23-B845-4F67-9D2C-393D00387DC1}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game FirewallRules: [TCP Query User{389222E5-6CF5-4E86-9A71-3957AA90014B}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game FirewallRules: [{A502D93B-C8BA-426F-A2C3-0752E5C014BA}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe FirewallRules: [{B78F6F36-0273-4A58-ADF3-378F58FB5811}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe FirewallRules: [{01D86C80-EE8B-49DE-B269-81D27792E0E2}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe FirewallRules: [{EA374A6A-3F18-41EF-9519-C743E9FE35C7}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe FirewallRules: [{4C75026C-C5C5-45DA-9DE5-DED8A0CA6917}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe FirewallRules: [{A0BCD8D7-92AD-4E0D-A783-3E8E3C0E8C04}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe FirewallRules: [{53CC2CC3-B84C-4443-BC5F-D985CD252961}] => (Allow) C:\Program Files (x86)\Origin Games\CNC and The Covert Operations\CNC95Launcher.exe FirewallRules: [{C99B20CF-EB06-4BD3-BF0B-3E574EA6D27E}] => (Allow) C:\Program Files (x86)\Origin Games\CNC and The Covert Operations\CNC95Launcher.exe FirewallRules: [{815019A8-5A68-492B-936B-0FA7D4EC04DA}] => (Allow) C:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe FirewallRules: [{6BFE26BC-1F34-48C6-96C8-87117738353B}] => (Allow) C:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe FirewallRules: [{F6965599-DE2C-4EB1-A914-6F55A6E5887E}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe FirewallRules: [{8EF57C2A-35EF-4ECA-A486-68E6CBB5E25C}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe FirewallRules: [{99A06801-FE48-4F3E-A164-FAC48088DBD6}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe FirewallRules: [{28C30C02-4FF2-4BC7-8E43-5E130611811F}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe FirewallRules: [{C1A8177D-C255-424F-841C-8752B5D33280}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{689654EF-AA3E-4EE2-A14B-3DBD226691AF}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E1274847-115C-4C64-8014-F03D64E6640F}] => (Allow) F:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [{1C4B4D3F-06DF-493F-9E97-721BF1B380FB}] => (Allow) F:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [{D897E023-AC42-4272-88EE-F643681ED3F5}] => (Allow) F:\Programme\Battle.net\Battle.net.exe FirewallRules: [{30116663-3EA6-400E-B1EC-6F65172870F9}] => (Allow) F:\Programme\Battle.net\Battle.net.exe FirewallRules: [{AD621562-B258-4BEA-918C-72182128D320}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{04996B5E-2478-4745-8EC4-F87DA049BFFE}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{C96BF102-BF94-4AEC-B5E5-26C85089931A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{E5C2C617-4135-43B4-A81A-19D5956AB582}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{A5471AF6-3CAA-44F8-BA4D-AC19A021BC79}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [TCP Query User{E8E30EFE-FFA0-4427-A34D-BCDEC07150AA}F:\program files (x86)\warthunder\launcher.exe] => (Allow) F:\program files (x86)\warthunder\launcher.exe FirewallRules: [UDP Query User{CEC463DF-AA0D-4A32-A573-667B327F3C58}F:\program files (x86)\warthunder\launcher.exe] => (Allow) F:\program files (x86)\warthunder\launcher.exe FirewallRules: [TCP Query User{4E33AA3E-B169-4D6A-B100-2273E22610D6}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe FirewallRules: [UDP Query User{18E9FCE7-EB22-42D1-8CF3-027E5E7DBA0D}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe FirewallRules: [{A577F4F3-9405-40FC-A966-365C88D3E4AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6C379C6F-2BA0-4895-ACF0-84F8A53F6C10}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8DD16FA5-3984-4F17-9AB6-DF8E7F6A3617}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{36E11355-6223-45B8-92FD-CE4F96CF69FA}] => (Allow) LPort=2869 FirewallRules: [{C90CD4C6-C69E-433C-B1B1-5EFE35E248F5}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{1090934E-213D-4240-85FB-F808DA1538F4}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [UDP Query User{A185E50C-6A96-4498-BEED-8E3FD65139A3}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [{8A6EC896-1C58-45B0-9D75-0119F73D41C0}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [{BA039A47-405B-4D32-820A-CDF72A1CF9D0}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [TCP Query User{29C9480D-46C6-46D7-82E3-F66458BD0CDA}C:\program files (x86)\origin games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942.exe FirewallRules: [UDP Query User{5B2D829E-9D84-4124-AE8F-833868268401}C:\program files (x86)\origin games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942.exe FirewallRules: [{8691DE5D-FD28-4B34-9108-8D9827B74659}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\WDExpress.exe FirewallRules: [{BE496921-DC8F-4B8C-B0ED-D9CCB12102A4}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [TCP Query User{0F200D13-0BE7-4157-A25E-97E184D0C21E}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe FirewallRules: [UDP Query User{2F1615C4-8BFB-4586-A3DA-6CD5DCCAAE55}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe FirewallRules: [{054B4AD0-B5D2-4639-9B69-5C6534AA861B}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe FirewallRules: [{0C15EEC7-6C22-46DD-8829-93E4F003549D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe FirewallRules: [{C84DA38C-2C8D-4EA4-9FD1-EA357A44018C}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{F5C6C20F-CBE1-48A3-AE45-A9C7565422CA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{33D285AF-E8CB-4255-8CF8-E6D70C07472D}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of Aggression\ActOfAggression.exe FirewallRules: [{6E0AD701-49A3-4363-8B13-4D1460D8841F}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of Aggression\ActOfAggression.exe FirewallRules: [{1B8F524B-F8C7-4D0C-8D89-5BDD928F06D0}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of War Direct Action\ActOfWar.exe FirewallRules: [{D40963D6-1F31-4420-B044-D9D56FFA9F17}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of War Direct Action\ActOfWar.exe FirewallRules: [{FE5D5EFB-63D9-41BE-A85A-4CCB03AE5913}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9993442B-FB90-455F-9E39-3EA7B09D7622}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{C136AEAE-3562-409B-AE10-23F363B2E160}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe FirewallRules: [UDP Query User{5D514E99-A001-4E29-B445-286B2A637F0C}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe FirewallRules: [TCP Query User{ECA58A2C-2004-40DC-ACB1-68BF786041E1}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe FirewallRules: [UDP Query User{8AE29A91-7605-4168-AE9D-55B3662BB14F}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe FirewallRules: [TCP Query User{A380B121-5621-4B0A-B281-12117533A3A0}C:\program files\starcraft\starcraft.exe] => (Block) C:\program files\starcraft\starcraft.exe FirewallRules: [UDP Query User{CDB73C6F-6D55-41DE-8EC8-DCC348C5C78C}C:\program files\starcraft\starcraft.exe] => (Block) C:\program files\starcraft\starcraft.exe FirewallRules: [TCP Query User{4D3AC84D-C1C8-4447-893E-107C63C9D9D8}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe FirewallRules: [UDP Query User{C5675333-7335-4659-9EF0-E8B707BBF178}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe FirewallRules: [TCP Query User{4DD43A1D-33F0-416E-BAFD-27648E88E6F7}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe FirewallRules: [UDP Query User{FC1D01EE-BB68-416A-A505-8BF9D335FA8F}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe FirewallRules: [{2146CE46-7A40-4B17-82D3-3BB5F2A041AB}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Day of Defeat Source\hl2.exe FirewallRules: [{072C4572-FF00-4B04-A11E-97CA54C24ED6}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Day of Defeat Source\hl2.exe FirewallRules: [{574342EA-8CA3-47FB-9864-9A69DCDF59B6}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{8DED3EAF-DD5C-411C-BE3A-BDF935F72856}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [UDP Query User{28964522-6023-4670-94AF-7A89F229A361}H:\games\world_of_tanks\wotlauncher.exe] => (Allow) H:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{F8CB4C5C-E2F1-4B2F-B407-3AC022D220E0}H:\games\world_of_tanks\wotlauncher.exe] => (Allow) H:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{4390C718-6D50-413F-8E36-82AC51C4927E}H:\games\world_of_tanks\wotlauncher.exe] => (Allow) H:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{9255D280-34B7-4ECC-8CEA-6A230D80C304}H:\games\world_of_tanks\worldoftanks.exe] => (Allow) H:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{DC605707-5D02-4365-BFCF-00121ABF6B2D}H:\games\world_of_tanks\worldoftanks.exe] => (Allow) H:\games\world_of_tanks\worldoftanks.exe FirewallRules: [{D9992707-EBE4-4F08-94CD-E55067FC95CD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Wiederherstellungspunkte ========================= 08-01-2016 00:46:47 DVDVideoSoftRestorePoint 08-01-2016 01:00:00 Removed Avira Savings Advisor ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/08/2016 06:50:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: BlueSoleilCS.exe, Version: 11.0.748.0, Zeitstempel: 0x52735a21 Name des fehlerhaften Moduls: tl_filter.dll, Version: 0.0.0.0, Zeitstempel: 0x519ec946 Ausnahmecode: 0xc0000094 Fehleroffset: 0x0000d53d ID des fehlerhaften Prozesses: 0x778 Startzeit der fehlerhaften Anwendung: 0xBlueSoleilCS.exe0 Pfad der fehlerhaften Anwendung: BlueSoleilCS.exe1 Pfad des fehlerhaften Moduls: BlueSoleilCS.exe2 Berichtskennung: BlueSoleilCS.exe3 Vollständiger Name des fehlerhaften Pakets: BlueSoleilCS.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BlueSoleilCS.exe5 Error: (01/07/2016 11:12:17 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/07/2016 07:22:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: procexp64.exe, Version: 15.40.0.0, Zeitstempel: 0x51f7e32c Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650b9bb Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000f12e0 ID des fehlerhaften Prozesses: 0x167c Startzeit der fehlerhaften Anwendung: 0xprocexp64.exe0 Pfad der fehlerhaften Anwendung: procexp64.exe1 Pfad des fehlerhaften Moduls: procexp64.exe2 Berichtskennung: procexp64.exe3 Vollständiger Name des fehlerhaften Pakets: procexp64.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: procexp64.exe5 Error: (01/07/2016 07:12:59 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: .NETFrameworkC:\Windows\system32\mscoree.dll8 Error: (01/04/2016 12:09:50 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/03/2016 04:19:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm generals.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: c8 Startzeit: 01d146345b00e36a Endzeit: 4294967295 Anwendungspfad: C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Command and Conquer Generals Zero Hour\generals.exe Berichts-ID: 71f8ac04-b22d-11e5-83b1-0c84dc705658 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (01/02/2016 07:05:06 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/02/2016 12:34:19 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe" ; Beschreibung = Created by Wise Registry Cleaner; Fehler = 0x80070422). Error: (01/02/2016 12:33:43 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe" ; Beschreibung = Created by Wise Registry Cleaner; Fehler = 0x80070422). Error: (01/02/2016 12:33:24 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe" ; Beschreibung = Created by Wise Registry Cleaner; Fehler = 0x80070422). Systemfehler: ============= Error: (01/08/2016 06:52:37 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20. Error: (01/08/2016 06:50:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "BlueSoleilCS" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/08/2016 12:57:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Digital Wave Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/08/2016 12:48:59 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "Digital Wave Update Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (01/07/2016 11:12:52 PM) (Source: DCOM) (EventID: 10010) (User: Jillsy-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (01/07/2016 11:12:22 PM) (Source: DCOM) (EventID: 10010) (User: Jillsy-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (01/07/2016 10:02:45 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT) Description: Der Systemüberwachungszeitgeber wurde ausgelöst. Error: (01/07/2016 10:03:39 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 07.01.2016 um 21:39:05 unerwartet heruntergefahren. Error: (01/07/2016 06:25:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (01/07/2016 06:25:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz Prozentuale Nutzung des RAM: 31% Installierter physikalischer RAM: 8084.27 MB Verfügbarer physikalischer RAM: 5561.13 MB Summe virtueller Speicher: 16276.27 MB Verfügbarer virtueller Speicher: 12943.56 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:712.88 GB) (Free:337.77 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS Drive f: (Daten) (Fixed) (Total:97.68 GB) (Free:10.98 GB) NTFS Drive h: (Daten) (Fixed) (Total:100 GB) (Free:20.4 GB) NTFS Drive i: (RECOVERY) (Fixed) (Total:19.74 GB) (Free:1.95 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive j: () (Removable) (Total:14.83 GB) (Free:9.92 GB) FAT32 Drive l: (My Book) (Fixed) (Total:1862.98 GB) (Free:1336.68 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: D2E2694D) Partition: GPT. ======================================================== Disk: 1 (Size: 14.8 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (Size: 1863 GB) (Disk ID: 9371220B) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
09.01.2016, 10:03 | #10 | |
/// TB-Ausbilder | Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Servus, sieht gut aus. Eine Kleinigkeit stört mich: Zitat:
Wir lassen kurz zwei Programme scannen, ob die was finden: Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Bitte poste mit deiner nächsten Antwort
|
09.01.2016, 14:04 | #11 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Hallo Matthias. Hatte heute sehr Zeitdruck und darum nach dem ADWCleaner Scann, (nach Neustart und [glaube ich 1. Fund]), den PC wieder Heruntergefahren.. Bluescreen. Jetzt bin ich wieder heimgekommen und es läuft soweit alles wieder. Poste dir gleich die LOG Files (MBAM Scannt noch. Eine andere Frage, an dich als Profi; soll ich Malware Bytes drauf lassen und Spybot Search and Destroy deinstallieren oder Malware Bytes drauf lassen? Bin mit Spybot bisher sehr gut gefahren. Hier schonmal AdwCleaner Log: Code:
ATTFilter # AdwCleaner v5.028 - Bericht erstellt am 09/01/2016 um 12:04:34 # Aktualisiert am 04/01/2016 von Xplode # Datenbank : 2016-01-04.2 [Server] # Betriebssystem : Windows 8.1 (x64) # Benutzername : Jillsy - JILLSY-PC # Gestartet von : C:\Users\Jillsy\Desktop\AdwCleaner_5.028.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage [-] Datei Gelöscht : C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal [-] Datei Gelöscht : C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.superfish.com_0.localstorage-journal [-] Datei Gelöscht : C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage [-] Datei Gelöscht : C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\user.js ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Schlüssel Gelöscht : HKCU\Software\Ciuvo [-] Schlüssel Gelöscht : HKCU\Software\Myfree Codec [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKCU\Software\DriverTuner_Init [-] Schlüssel Gelöscht : HKCU\Software\DriverTuner [-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ViewPassword [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FAD0F79E-5EA4-542B-76A3-46093E52C1F5} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ciuvo.com ***** [ Internetbrowser ] ***** [-] [C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : delta-search.com [-] [C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : world-of-tanks.softonic.de ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3228 Bytes] ########## Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 09.01.2016 Suchlaufzeit: 13:29 Protokolldatei: mbm1.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.09.02 Rootkit-Datenbank: v2016.01.05.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Jillsy Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 448619 Abgelaufene Zeit: 29 Min., 35 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 09.01.2016 Suchlaufzeit: 13:29 Protokolldatei: mbm1.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.09.02 Rootkit-Datenbank: v2016.01.05.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Jillsy Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 448619 Abgelaufene Zeit: 29 Min., 35 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
09.01.2016, 14:12 | #12 |
/// TB-Ausbilder | Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Servus, ich persönlich würde Spybot deinstallieren und lieber mit Malwarebytes' Anti-Malware ab und zu meinen PC scannen. Ein paar Adware-Reste wurden ja noch entfernt. Bitte nochmal FRST ausführen, ob jetzt alles gut aussieht:
|
09.01.2016, 14:13 | #13 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Nachtrag, besten Dank für deine Hilfe. Ich habe Malwarebytes deinstalliert und werde jetzt einen Wiederherstellungsgspunkt, dann nachher eine komplette Sicherung machen. PS; Nochmal die Frage ist deiner Ansicht nach, MBAM besser als Spybot Search and Destroy? oder Ist es egal? Und was hältst du vom Wise Registry Cleaner? (benutze den regelmässig [bis auf die "PC-Optimierung@]) um die Registry zu reinigen (was er das macht weiss ich nicht im Detail, bisher hat es zumindest nix geschadet und bei einem Kollegen von mir lief danach der Laptop einiges schneller und vorallem kann ich mit dem Tool auf Windows 8.1 64 bit bequem einen Wiederherstellungspunkte. |
09.01.2016, 14:14 | #14 |
/// TB-Ausbilder | Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Servus, lies bitte meinen letzten Post. Deine Fragen beantworte ich dir dann, wenn die Logdateien von FRST sauber sind. |
09.01.2016, 14:51 | #15 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Gut ich bleibe beim Spybot und mache 1x im Monat mit MBAM einen Scan, wäre dies eine option? :-) Hier nochmal FRST und Addition.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015 durchgeführt von Jillsy (Administrator) auf JILLSY-PC (09-01-2016 14:47:18) Gestartet von C:\Users\Jillsy\Desktop Geladene Profile: Jillsy & (Verfügbare Profile: Jillsy) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7165000 2014-01-24] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2014-12-05] (Synaptics Incorporated) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-11-01] (IVT Corporation) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\kies 2\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {3d668a6f-8552-11e3-be7c-0c84dc705658} - "G:\SETUP.EXE" HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {9d99a095-270e-11e4-80ba-806e6f6e6963} - "K:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3d668a6f-8552-11e3-be7c-0c84dc705658} - "G:\SETUP.EXE" HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9d99a095-270e-11e4-80ba-806e6f6e6963} - "K:\WD Drive Unlock.exe" autoplay=true ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{36D0A91B-153F-40A1-99EB-E82C452784FD}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{D3C34DF9-E5D6-442B-9AA5-E7CD700D047C}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default FF Homepage: hxxp://www.google.ch/ FF Session Restore: -> ist aktiviert. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] () FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-12-05] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-12-05] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.) FF Extension: PDF Download - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2015-05-31] FF Extension: Download Statusbar Fixed - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{4204c864-50bf-467a-95b3-0912b7f15869}.xpi [2016-01-06] FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\artur.dubovoy@gmail.com [2016-01-06] FF Extension: Personas Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\personas@christopher.beard.xpi [2016-01-08] FF Extension: Show MyIP - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}.xpi [2016-01-08] FF Extension: Ghostery - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\firefox@ghostery.com.xpi [2016-01-02] FF Extension: Kein Name - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\jid1-nGMZvOxL2PYSxg@jetpack.xpi [2015-05-31] [ist nicht signiert] FF Extension: Download Status Bar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-05-31] FF Extension: NoScript - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-08] FF Extension: Video DownloadHelper - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-01-08] FF Extension: Adblock Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16] FF Extension: Download Statusbar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2015-05-31] FF Extension: Clean Video - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2015-05-31] Chrome: ======= CHR Session Restore: Default -> ist aktiviert. CHR Profile: C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15] CHR Extension: (Google Drive) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google-Suche) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Donna Karan) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2014-04-27] CHR Extension: (Google Docs Offline) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16] CHR Extension: (Google Mail) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1706744 2013-11-01] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-11-01] (IVT Corporation) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Datei ist nicht signiert] S3 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-12-05] (Intel Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-12-05] (Intel Corporation) S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-08-26] (IObit) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert] S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-12-05] (Intel Corporation) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] () R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-24] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.) S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-02] (RTS Corporation) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [27440 2015-10-16] () [Datei ist nicht signiert] R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-12-05] (Synaptics Incorporated) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-09 14:47 - 2016-01-09 14:47 - 00030147 _____ C:\Users\Jillsy\Desktop\FRST.txt 2016-01-09 14:47 - 2016-01-08 19:39 - 02370560 _____ (Farbar) C:\Users\Jillsy\Desktop\FRST64.exe 2016-01-09 14:20 - 2016-01-09 14:20 - 00001589 _____ C:\Users\Jillsy\Desktop\CD USB ISO MAKER.lnk 2016-01-09 14:20 - 2016-01-09 14:20 - 00000000 ____D C:\Program Files (x86)\Unetbootin 2016-01-09 14:02 - 2016-01-09 14:02 - 00000735 _____ C:\protection-mbm2.txt 2016-01-09 14:01 - 2016-01-09 14:01 - 00001198 _____ C:\mbm1.txt 2016-01-09 13:28 - 2016-01-09 13:28 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-09 12:12 - 2016-01-09 12:13 - 00285512 _____ C:\Windows\Minidump\010916-31328-01.dmp 2016-01-09 12:09 - 2016-01-09 12:09 - 00285512 _____ C:\Windows\Minidump\010916-25796-01.dmp 2016-01-09 11:50 - 2016-01-09 12:04 - 00000000 ____D C:\AdwCleaner 2016-01-08 20:06 - 2016-01-08 20:09 - 00251318 _____ C:\TDSSKiller.3.1.0.9_08.01.2016_20.06.08_log.txt 2016-01-08 20:05 - 2016-01-08 20:34 - 00000000 ____D C:\TDSSKILLER 2016-01-08 19:39 - 2016-01-09 14:47 - 00000000 ____D C:\FRST 2016-01-08 18:54 - 2016-01-08 18:54 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (6).exe 2016-01-08 18:53 - 2016-01-08 18:53 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Avira 2016-01-08 18:52 - 2015-12-03 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2016-01-08 18:49 - 2016-01-08 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-01-08 18:49 - 2016-01-08 18:49 - 00001233 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-01-08 12:00 - 2016-01-09 14:05 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-08 12:00 - 2016-01-09 12:13 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-08 12:00 - 2016-01-08 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-01-08 11:59 - 2016-01-08 11:59 - 00927824 _____ (Google Inc.) C:\Users\Jillsy\Downloads\ChromeSetup.exe 2016-01-08 10:36 - 2016-01-08 10:36 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_568efddb9c96e__ws.exe 2016-01-08 00:51 - 2016-01-08 10:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-08 00:47 - 2016-01-08 00:47 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (5).exe 2016-01-08 00:46 - 2016-01-08 00:46 - 26352816 _____ (DVDVideoSoft Ltd. ) C:\Users\Jillsy\Downloads\FreeAudioConverter (1).exe 2016-01-08 00:46 - 2016-01-08 00:46 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (4).exe 2016-01-08 00:41 - 2016-01-08 00:41 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (3).exe 2016-01-08 00:34 - 2016-01-08 00:34 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (2).exe 2016-01-06 23:27 - 2016-01-06 23:27 - 00000702 _____ C:\Users\Public\Desktop\World of Tanks.lnk 2016-01-06 23:27 - 2016-01-06 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2016-01-06 23:26 - 2016-01-06 23:26 - 05124704 _____ (Wargaming.net ) C:\Users\Jillsy\Downloads\WoT_internet_install_eu.exe 2016-01-06 16:54 - 2016-01-06 16:54 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Jillsy\Downloads\28790_HPUSBFW_v2.2.3.exe 2016-01-05 23:49 - 2016-01-05 23:49 - 00000345 _____ C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update.lnk 2016-01-05 23:47 - 2016-01-05 23:47 - 30073472 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-cross-i386-win32-win64.exe 2016-01-05 23:47 - 2016-01-05 23:47 - 00001859 _____ C:\Users\Jillsy\Downloads\README.txt 2016-01-05 23:46 - 2016-01-05 23:47 - 113126489 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-win32.exe 2016-01-05 23:05 - 2016-01-05 23:05 - 00001027 _____ C:\Users\Jillsy\Desktop\Videos.lnk 2016-01-04 23:07 - 2016-01-04 23:07 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Microsoft_Corporation 2016-01-04 23:00 - 2016-01-04 23:00 - 00000000 _____ C:\Users\Jillsy\Desktop\Neues Textdokument (2).txt 2016-01-01 22:43 - 2016-01-07 23:32 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-01-01 22:43 - 2016-01-01 22:43 - 00001137 _____ C:\Users\Public\Desktop\Battle.net.lnk 2016-01-01 22:12 - 2016-01-01 22:13 - 00285624 _____ C:\Windows\Minidump\010116-25250-01.dmp 2016-01-01 13:50 - 2016-01-01 13:51 - 00285568 _____ C:\Windows\Minidump\010116-33593-01.dmp 2015-12-30 23:01 - 2015-12-30 23:02 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Jillsy\Downloads\LinuxLive USB Creator 2.9.4.exe 2015-12-29 18:00 - 2015-12-29 18:00 - 00285568 _____ C:\Windows\Minidump\122915-38406-01.dmp 2015-12-22 13:59 - 2015-12-22 14:03 - 00069632 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe 2015-12-22 13:59 - 2015-12-22 14:03 - 00033209 _____ C:\Windows\scunin.dat 2015-12-22 13:59 - 2015-12-22 14:03 - 00000967 _____ C:\Windows\ScUnin.pif 2015-12-22 13:59 - 2015-12-22 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft 2015-12-22 13:56 - 1999-03-19 18:40 - 598221809 _____ (Blizzard Entertainment) C:\Users\Jillsy\Desktop\BroodWar.mpq 2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\Program Files\Oracle 2015-12-21 01:13 - 2015-11-10 17:56 - 00964928 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2015-12-21 01:13 - 2015-11-10 17:56 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2015-12-21 01:07 - 2015-12-21 01:08 - 116982472 _____ (Oracle Corporation) C:\Users\Jillsy\Downloads\VirtualBox-5.0.10-104061-Win.exe 2015-12-16 13:37 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-16 13:37 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-16 13:37 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-16 13:37 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-12-16 13:37 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-16 13:37 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-16 13:37 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-16 13:37 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-16 13:37 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-16 13:37 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-16 13:37 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-16 13:37 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-16 13:37 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-12-16 13:37 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-16 13:37 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-16 13:37 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-16 13:37 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-16 13:37 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-12-16 13:37 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-16 13:37 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-16 13:37 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-16 13:37 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-16 13:37 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-16 13:37 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-16 13:37 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-16 13:37 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-16 13:37 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-16 13:37 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-12-16 13:37 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-12-16 13:37 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-16 13:37 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-16 13:37 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-16 13:37 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-16 13:37 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-16 13:37 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-16 13:37 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-12-16 13:37 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-16 13:37 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-16 13:37 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-16 13:37 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-16 13:30 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-12-16 13:30 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-12-16 13:30 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-12-16 13:30 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-12-16 13:30 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-12-16 13:30 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-12-16 13:30 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-12-16 13:30 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-12-16 13:30 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-12-16 13:30 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-16 13:30 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-16 13:30 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-16 13:30 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-16 13:30 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-16 13:30 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-16 13:30 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-16 13:30 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-16 13:30 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2015-12-16 13:30 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-16 13:30 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-16 13:30 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2015-12-16 13:30 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-12-16 13:30 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-12-10 19:38 - 2015-12-13 23:36 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Zero Hour Data ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-09 14:41 - 2014-05-15 17:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-09 14:22 - 2014-02-08 21:10 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\TS3Client 2016-01-09 14:22 - 2014-02-08 21:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2016-01-09 14:11 - 2014-01-24 00:24 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-933261645-1527721118-3068914036-1001 2016-01-09 14:06 - 2014-09-15 03:00 - 00000000 ____D C:\Users\Jillsy\Downloads\Everything-1.3.4.686.x86 2016-01-09 13:38 - 2014-01-25 13:29 - 00000000 ___RD C:\Users\Jillsy\Documents\Codes 2016-01-09 12:16 - 2014-11-29 01:10 - 00000000 __SHD C:\Users\Jillsy\IntelGraphicsProfiles 2016-01-09 12:16 - 2014-01-24 09:45 - 00003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI 2016-01-09 12:14 - 2013-11-20 10:44 - 00001060 _____ C:\Windows\SysWOW64\bscs.ini 2016-01-09 12:13 - 2014-01-24 09:45 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI 2016-01-09 12:13 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-09 12:12 - 2014-12-01 21:18 - 00000000 ____D C:\Windows\Minidump 2016-01-09 12:12 - 2014-05-29 23:41 - 639352797 _____ C:\Windows\MEMORY.DMP 2016-01-09 12:12 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2016-01-09 12:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2016-01-09 11:53 - 2014-11-29 01:26 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9BD55254-7A97-4A43-AE4A-A69447C0F3FC} 2016-01-08 23:18 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Origin 2016-01-08 19:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2016-01-08 18:52 - 2014-08-15 19:08 - 00000000 ____D C:\ProgramData\Avira 2016-01-08 18:52 - 2014-01-23 06:52 - 00000000 ____D C:\Program Files (x86)\Avira 2016-01-08 18:48 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Package Cache 2016-01-08 18:45 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-01-08 18:40 - 2015-07-12 13:31 - 00000000 ____D C:\ProgramData\ProductData 2016-01-08 12:00 - 2014-01-24 00:25 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-01-08 12:00 - 2014-01-24 00:25 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-01-08 12:00 - 2014-01-24 00:25 - 00000000 ____D C:\Program Files (x86)\Google 2016-01-08 10:26 - 2014-09-24 07:17 - 01984420 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-08 10:26 - 2014-09-24 06:43 - 00843606 _____ C:\Windows\system32\perfh007.dat 2016-01-08 10:26 - 2014-09-24 06:43 - 00192300 _____ C:\Windows\system32\perfc007.dat 2016-01-08 10:10 - 2014-01-25 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-08 00:48 - 2015-08-16 14:59 - 00001264 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-01-08 00:22 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Battle.net 2016-01-07 23:32 - 2014-02-26 16:50 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueJ 2016-01-07 23:32 - 2014-01-24 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2016-01-07 22:04 - 2014-11-29 00:44 - 00000000 ____D C:\Users\Jillsy 2016-01-06 23:27 - 2014-04-20 12:11 - 00000000 ____D C:\Games 2016-01-06 22:27 - 2014-01-25 15:05 - 00000000 ____D C:\Users\Jillsy\.VirtualBox 2016-01-06 20:53 - 2015-07-19 14:41 - 00000000 ____D C:\Users\Jillsy\AppData\Local\lazarus 2016-01-05 23:58 - 2015-07-25 16:26 - 00000000 ____D C:\lazarus 2016-01-05 23:56 - 2015-07-25 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus 2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Glyph 2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Program Files (x86)\Glyph 2016-01-03 23:56 - 2014-07-03 12:47 - 00000000 ____D C:\ProgramData\Glyph 2016-01-02 13:26 - 2014-06-05 15:42 - 00000000 ____D C:\Diablo II 2016-01-02 09:39 - 2015-08-22 12:18 - 00000000 ____D C:\Users\Jillsy\VirtualBox VMs 2016-01-02 00:30 - 2014-01-25 11:14 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-01-01 23:17 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp 2016-01-01 23:16 - 2014-08-18 18:06 - 00000000 ____D C:\Program Files (x86)\Western Digital 2016-01-01 22:42 - 2014-01-25 02:20 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Tropico 4 2016-01-01 22:41 - 2014-01-25 04:21 - 00001345 _____ C:\Users\Jillsy\Desktop\Tropico 4.lnk 2015-12-30 23:01 - 2014-11-03 11:48 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator 2015-12-30 18:01 - 2015-11-24 20:20 - 00000000 ____D C:\Program Files\Cloud Imperium Games 2015-12-30 18:00 - 2015-04-15 19:33 - 00000000 ____D C:\ProgramData\Skype 2015-12-30 18:00 - 2014-07-09 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-12-29 14:41 - 2014-05-15 17:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-26 09:48 - 2014-09-24 08:46 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-26 09:48 - 2014-09-24 08:46 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-22 19:05 - 2015-11-30 00:06 - 00000000 ____D C:\Program Files\Starcraft 2015-12-21 22:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-12-21 01:13 - 2015-07-19 14:46 - 00001099 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2015-12-21 00:50 - 2014-01-24 23:28 - 00000000 ____D C:\Program Files (x86)\Diablo III 2015-12-17 22:39 - 2015-12-06 23:45 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Data 2015-12-17 15:44 - 2014-01-25 01:59 - 00000000 ____D C:\Program Files (x86)\Origin 2015-12-16 21:20 - 2015-10-15 14:17 - 00003172 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJillsy 2015-12-16 21:20 - 2015-10-15 14:17 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForJillsy.job 2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-16 14:02 - 2015-08-08 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-16 13:57 - 2013-08-22 15:44 - 00391440 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-16 13:54 - 2014-01-23 09:04 - 00000000 ____D C:\Windows\system32\MRT 2015-12-16 13:48 - 2014-01-25 02:01 - 00000000 ____D C:\Program Files (x86)\Origin Games 2015-12-16 13:45 - 2014-02-01 00:30 - 00000000 ____D C:\Program Files (x86)\SPEEDLINK 2015-12-16 13:41 - 2015-11-12 19:22 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Razer 2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\ProgramData\Razer 2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\Program Files (x86)\Razer 2015-12-16 13:38 - 2014-01-23 09:04 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-16 13:21 - 2015-05-14 13:29 - 00000000 ___RD C:\Users\Jillsy\OneDrive 2015-12-16 13:21 - 2015-02-14 19:02 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-933261645-1527721118-3068914036-1001 2015-12-16 13:21 - 2014-02-07 13:42 - 00000000 ____D C:\Program Files (x86)\Zenimax Online 2015-12-16 13:09 - 2015-07-12 13:33 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\ProductData 2015-12-16 13:09 - 2014-05-04 01:42 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\SleepTimerUltimate 2015-12-16 13:09 - 2014-01-25 00:09 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Wise Registry Cleaner 2015-12-16 13:09 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Battle.net 2015-12-16 13:09 - 2014-01-24 19:17 - 00000000 ____D C:\Users\Jillsy\AppData\Local\bluesoleil 2015-12-16 13:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-16 12:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-05 20:39 - 2014-10-13 00:00 - 0002181 _____ () C:\Users\Jillsy\AppData\Roaming\FoxitReaderUpdateInfo.txt 2014-10-01 18:36 - 2014-10-01 18:36 - 0000859 _____ () C:\Users\Jillsy\AppData\Local\recently-used.xbel Einige Dateien in TEMP: ==================== C:\Users\Jillsy\AppData\Local\Temp\avgnt.exe C:\Users\Jillsy\AppData\Local\Temp\sp64126.exe C:\Users\Jillsy\AppData\Local\Temp\sqlite3.dll C:\Users\Jillsy\AppData\Local\Temp\Uninst.exe C:\Users\Jillsy\AppData\Local\Temp\UninstallHPSA.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-09 12:24 ==================== Ende von FRST.txt ============================ |
Themen zu Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. |
antivir, avira, betriebssystem, bild, button, fehler, folge, free, hallo zusammen, laptop, neuinstallation, notebook, problem, scan, schutz, screenshot, spyware, stick, tan, tool, trojaner, viren, virenschutz, windows, öffnen |