| |
| |||||||
Log-Analyse und Auswertung: laut ISP gehacktWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.02.2016, 11:58
| #1 |
 |  laut ISP gehackt Hallo, Ihr fleissigen Helfer, laut meinem ISP wurde ich gehackt. Als mögliche Verursacher stehen 2 Läppis hier herum. Ich fange mal mit dem ersten an: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von Peter (Administrator) auf HASENRENNER (04-02-2016 11:49:23)
Gestartet von C:\Users\Peter\Desktop
Geladene Profile: Peter (Verfügbare Profile: Peter)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13763800 2014-10-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-09] (IvoSoft)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2622432 2016-01-29] (Malwarebytes Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM\...\RunOnce: [ASYNCMAC] => rundll32.exe streamci,StreamingDeviceSetup {eeab7790-c514-11d1-b42b-00805fc1270e},asyncmac,{ad498944-762f-11d0-8dcb-00c04fc3358c},C:\Windows\INF\netrasa.inf,Ndi-Mp-AsyncMac
HKU\S-1-5-21-1254577814-2119570474-3233119861-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-10-22] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1254577814-2119570474-3233119861-1001\...\RunOnce: [Application Restart #0] => C:\Users\Peter\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-cli (Der Dateneintrag hat 549 mehr Zeichen).
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{0FC5DD96-4615-44F3-A32D-75921FD7C5C4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B2F073AB-FFF0-4058-8E83-A55EF3CAF7CC}: [NameServer] 62.220.18.8 89.246.64.8
Internet Explorer:
==================
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1254577814-2119570474-3233119861-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1254577814-2119570474-3233119861-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1254577814-2119570474-3233119861-1001 -> DefaultScope {0096771C-2D1F-4B73-963A-13A85F8630FC} URL =
SearchScopes: HKU\S-1-5-21-1254577814-2119570474-3233119861-1001 -> {0096771C-2D1F-4B73-963A-13A85F8630FC} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
BHO: Kein Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Keine Datei
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-04-09] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
BHO-x32: Kein Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Keine Datei
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\eb4arie4.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-09] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-09] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-1254577814-2119570474-3233119861-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd.)
FF Extension: Flash and Video Download - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\eb4arie4.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-10-26]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\eb4arie4.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-01-25]
FF Extension: Adblock Plus - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\eb4arie4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-25]
FF Extension: Adblock Plus - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\nkvqvzmf.Maus\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-28]
Chrome:
=======
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-12]
CHR Extension: (Google Docs) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-12]
CHR Extension: (Google Drive) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-16]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Adblock Plus) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-10-16]
CHR Extension: (Google-Suche) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-12]
CHR Extension: (Google Tabellen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-12]
CHR Extension: (Google Docs Offline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-16]
CHR Extension: (Google Mail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-12]
Opera:
=======
OPR StartupUrls: "hxxp://www.google.de/"
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [305664 2014-08-21] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [740832 2016-01-29] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18974152 2014-08-09] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-10-22] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-01-29] ()
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-10] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-10] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-10] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-10] (Intel Corporation)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [21448 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 Qcamain; C:\Windows\system32\DRIVERS\Qcamainx64.sys [2220544 2014-08-26] (Qualcomm Atheros, Inc.)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [192648 2015-10-22] (Sandboxie Holdings, LLC)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\Sandra.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-04 11:49 - 2016-02-04 11:49 - 00018879 _____ C:\Users\Peter\Desktop\FRST.txt
2016-02-04 11:49 - 2016-02-04 11:49 - 00000000 ____D C:\FRST
2016-02-04 11:48 - 2016-02-04 11:48 - 02370560 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2016-01-25 19:12 - 2016-01-25 19:12 - 00000162 _____ C:\Users\Peter\Desktop\gewürze.url
2016-01-15 07:25 - 2016-01-16 15:34 - 00000347 _____ C:\Users\Peter\Desktop\Neues Textdokument (3).txt
2016-01-13 19:54 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 19:54 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 19:54 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 19:54 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 08:44 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 08:43 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 08:43 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 08:43 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 08:43 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 08:43 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 08:43 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 08:43 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-01-13 08:43 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 08:43 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 08:43 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 08:43 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 08:43 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-01-13 08:43 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 08:43 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 08:43 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 08:43 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 08:43 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 08:43 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 08:43 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 08:43 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 08:43 - 2015-12-11 01:13 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 08:43 - 2015-12-11 01:13 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 08:43 - 2015-12-11 01:13 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 08:43 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 08:43 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 01:30 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 01:30 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 01:30 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 01:30 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 01:30 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 01:30 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 01:30 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-13 01:30 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 01:30 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 01:30 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 01:29 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 01:29 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 01:29 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 01:29 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 01:29 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 01:29 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 01:29 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 01:29 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-13 01:29 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 01:29 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 01:29 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 01:29 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 01:29 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 01:29 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 01:29 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 01:29 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 01:29 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-01-13 01:29 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-01-13 01:29 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 01:29 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-01-13 01:29 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 01:29 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-01-13 01:29 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 01:29 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-01-13 01:29 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 01:29 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 01:29 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 01:29 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 01:29 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 01:29 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 01:29 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 01:29 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 01:29 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-01-13 01:29 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 01:29 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 01:29 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 01:29 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 01:29 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 01:29 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 01:29 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-01-13 01:29 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 01:29 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 01:29 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 01:29 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 01:29 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-09 11:31 - 2016-01-09 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-09 11:30 - 2016-01-09 11:30 - 00000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-01-09 11:30 - 2016-01-09 11:30 - 00000935 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-01-08 12:05 - 2016-01-08 12:06 - 00000091 _____ C:\Users\Peter\Desktop\Neues Textdokument (2).txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-04 11:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-02-04 11:33 - 2015-05-16 08:16 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1254577814-2119570474-3233119861-1001
2016-02-04 11:23 - 2014-12-23 07:49 - 00660862 _____ C:\Windows\system32\perfh007.dat
2016-02-04 11:23 - 2014-12-23 07:49 - 00134562 _____ C:\Windows\system32\perfc007.dat
2016-02-04 11:23 - 2014-03-18 11:03 - 01561384 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-04 11:23 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-02-03 19:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\tracing
2016-02-03 14:18 - 2015-05-16 08:29 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-03 05:51 - 2015-05-12 20:11 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-03 00:51 - 2015-05-12 20:11 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-03 00:46 - 2015-05-12 20:11 - 00004114 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 00:46 - 2015-05-12 20:11 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 14:49 - 2015-05-16 08:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-02-02 14:49 - 2015-05-16 08:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-02-02 14:10 - 2015-10-18 08:37 - 00001666 _____ C:\Windows\Sandboxie.ini
2016-02-01 23:33 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-31 20:45 - 2015-05-12 20:34 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-29 09:48 - 2015-05-12 20:12 - 00002188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-27 11:11 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-27 10:59 - 2015-05-12 21:28 - 00000000 ____D C:\Users\Peter\AppData\Roaming\vlc
2016-01-27 10:53 - 2015-05-13 07:24 - 00000000 ____D C:\Users\Peter\AppData\Local\ClassicShell
2016-01-22 03:16 - 2015-05-12 09:29 - 00000000 ____D C:\Users\Peter
2016-01-21 12:28 - 2015-05-16 08:29 - 00003874 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1431761369
2016-01-21 12:28 - 2015-05-16 08:29 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-01-16 15:34 - 2015-05-12 17:48 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-16 15:34 - 2015-05-12 17:47 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-15 15:03 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-01-15 15:02 - 2015-05-12 10:43 - 00000000 ____D C:\Windows\system32\MRT
2016-01-15 15:01 - 2015-05-12 10:43 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-13 11:15 - 2015-05-12 20:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-13 11:15 - 2013-08-22 15:44 - 00371608 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-09 09:53 - 2015-05-17 11:43 - 00000000 ____D C:\Users\Peter\AppData\Local\Adobe
2016-01-05 21:04 - 2014-11-07 12:53 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 21:04 - 2014-11-07 12:53 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-28 09:22 - 2015-10-28 09:22 - 0000856 _____ () C:\Users\Peter\AppData\Local\recently-used.xbel
2014-12-22 23:28 - 2014-12-22 23:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-29 10:48
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von Peter (2016-02-04 11:49:52)
Gestartet von C:\Users\Peter\Desktop
Windows 8.1 (X64) (2015-05-12 08:29:36)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1254577814-2119570474-3233119861-500 - Administrator - Disabled)
Gast (S-1-5-21-1254577814-2119570474-3233119861-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1254577814-2119570474-3233119861-1003 - Limited - Enabled)
Peter (S-1-5-21-1254577814-2119570474-3233119861-1001 - Administrator - Enabled) => C:\Users\Peter
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3018 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.09.2004.0 - Acer Incorporated)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX720 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX720_series) (Version: 1.00 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.78.0.2015 - Georgy Berdyshev)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Flash Card Manager (HKLM-x32\...\{639D7427-AAAD-40E9-BAB9-AC2EC75454B7}) (Version: 3.0.3 - Vendant)
Free YouTube Download version 3.2.59.525 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.59.525 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Malwarebytes Anti-Exploit version 1.8.1.1189 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1189 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 333.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 34.0.2036.50 (HKLM-x32\...\Opera 34.0.2036.50) (Version: 34.0.2036.50 - Opera Software)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.0 - Tracker Software Products Ltd)
Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.619A - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Sandboxie 5.06 (64-bit) (HKLM\...\Sandboxie) (Version: 5.06 - Sandboxie Holdings, LLC)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Zattoo Live TV - 1 (HKU\S-1-5-21-1254577814-2119570474-3233119861-1001\...\6d7aa3e3bf931c56) (Version: 1.0.0.47 - Zattoo Europa AG)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {10AD3458-CE91-4FA5-83A0-B88A0FBA721B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {1B82F927-186F-4E3E-9900-E604405792D8} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {3313EE58-0281-494A-8252-62D7962C7053} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {3A7D597B-76C2-47F6-A4D8-5CF82D597424} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {3C162053-7FD9-4948-94CE-81B1BF820B2C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {50F52C55-B264-4A99-B718-3D776D43228F} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-07-23] (Acer Incorporated)
Task: {769F3EE1-29EA-4323-9043-024BD6FADCE4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-12] (Google Inc.)
Task: {793080AF-EFDF-4501-9A52-9D8C5295D363} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {79E78AA4-3A4B-4373-BFC0-2DF96F034A3A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-01-15] (Microsoft Corporation)
Task: {8AC3FF86-15E4-478F-85A9-D2FD8E2AF139} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {A9CDCAC0-8C90-444F-854A-5D20ABEEA94E} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {BF899774-623B-4DF1-8BC3-BA31F07872F7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {C1295E7A-6080-4D96-BEDB-51BC3FA7EB1F} - System32\Tasks\Opera scheduled Autoupdate 1431761369 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-18] (Opera Software)
Task: {CB4EE76D-FFCB-4872-AD42-7F561C9B9129} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {DABEFC69-013D-4D22-A643-DC25EF816633} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-12] (Google Inc.)
Task: {FD27035E-14B0-489E-B8CA-4CA0DCD3B628} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {FF17C8E7-4678-4539-81FD-B7C78636B94F} - System32\Tasks\{6F1D4E69-7914-40DE-A6AA-27B1AB6CF11C} => pcalua.exe -a C:\Users\Peter\Desktop\mp3gain-win-1_2_5.exe -d C:\Users\Peter\Desktop
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-12-22 23:17 - 2014-10-06 20:26 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-21 22:48 - 2014-08-21 22:48 - 00139264 _____ () C:\Windows\system32\ihvmanager\AthIHVManager.dll
2016-01-09 11:30 - 2015-11-16 16:18 - 00020240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2014-11-07 12:10 - 2014-10-24 04:39 - 00456808 _____ () C:\Windows\system32\igfxTray.exe
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2015-07-27 13:23 - 2015-07-27 13:23 - 00014176 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-07-23 15:08 - 2015-07-23 15:08 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-07-01 10:57 - 2014-07-01 10:57 - 00279296 _____ () C:\Program Files (x86)\Acer\AcerCloud Docs\libcurl.dll
2014-10-10 09:37 - 2014-10-10 09:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2015-09-13 11:54 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1254577814-2119570474-3233119861-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 62.220.18.8 - 89.246.64.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-1254577814-2119570474-3233119861-1001\...\StartupApproved\Run: => "SandboxieControl"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1F137559-A0EE-44D4-811A-276CF56D6168}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{344AEF08-882C-4433-913C-60DB144BC314}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{048535E0-B6B8-488A-9F32-794286E214F5}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{7BA6112B-24D1-40B9-B956-7C06BD77C846}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CF67D43C-A183-496B-8302-6A3B1CEC199F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{55B7DD97-AC53-4CF5-ACE9-3A7FCD4E920D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1A53B302-8DC4-43A8-8BC1-8CA91D7EED27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{58D1EC5E-70F0-48C4-BECC-DC7C35870934}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2FDD0B0F-02D2-486A-8889-6E0405F52DF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{236E02C3-4C66-4EB3-AC0F-4A5536C5DFAB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{7DC76314-C085-4D05-BE04-6C02556C3847}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{1E8DCA30-4E3C-4C42-A267-8DBB7A8DD632}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{F2CF651F-7ADF-4401-BCE3-3461E4204C86}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{342B1EBF-D4FC-48E6-B099-C152BD0E2E04}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{E6F9AF01-375F-4B1A-BC00-ED6C69C36242}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{3FA87001-CB66-4AB9-BD88-318859BC3D21}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{3D1A2CF4-6B4B-4427-A469-10411CB93C0E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{4156605A-EF6C-4635-9C56-F4E461178BA3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{4B3EAF2F-476F-454F-B5F1-D30EC88E4663}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{C7679A0D-3BD6-4850-8B10-0B9F9652B8E7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8F7935D6-016D-40FF-BCDA-0A2CD5018FB6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9ABAA675-A3C1-4726-9444-71BA68DAEB55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0ADE1DE6-C969-41BC-8631-D99684B10320}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9B6A69E2-4198-456D-89B6-6E4C5F39E397}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E4583A15-5629-4B84-94DF-49F3A09E4468}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8EEBFA41-7AB6-4B78-8AAF-D40EF0E2FC93}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CBAC99CD-6784-4241-98B1-8688CDB1F291}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CA784DF6-74B2-4247-9E65-5DA0B61F1947}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{7C28D9FC-5D5A-4519-9F48-02DE2974D0DB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{F0A9AA7F-5B80-463D-8839-0DBFBA6B2FA3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{D2833C90-9F02-449A-9D7E-4459FC1A8236}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{2974FC55-77CD-48F5-92A0-7A04259FB3D7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{137B58C5-3644-41AB-BB44-957E896B6A14}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{52986601-A09B-4AEA-B580-81434AE8F955}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{22272ACC-2F7A-4136-8EF2-A54291C6A4C7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F355BF74-7742-4489-907C-A6647DD440AD}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{3B947A10-94BE-401B-8EDB-412D420BD94E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{3017378B-5394-4ACD-956F-8662DACACBAC}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{6A1FE427-8392-4CE0-A1DD-C69E65C9017D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{8DBBC84C-7A7B-49A7-BC25-DB23C98C910D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{F88BFDE3-E437-4C39-919B-712331A839CF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{2C4661F1-6C79-46A2-BD69-632A86BD4AD7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{FD79FEB8-653F-4FEE-9E00-0952358D05A1}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{1791F141-90C4-4327-83B2-0E2A440D5050}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{93E7887E-072B-44A3-85AC-8F5DDCCC7AB4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C7B3B31A-66DD-440E-B73A-C947642B788A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4C08D347-FD79-4F19-ADA7-FF58BA7E49C9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4B1028E2-6C53-4EE8-9C02-5311969E7723}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D652874D-5703-4CBA-A862-36DBA859382B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BE32EBB1-7784-41BB-9168-A21655FBB808}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D9867E94-71D5-46CE-A657-77219654DF34}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{541B50B8-A7B1-489E-9704-9B805A0723C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{007D75EC-E7A7-4705-8CDF-E5608DBA7233}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6CD73B99-775A-47F3-A441-58272BCA5433}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{4486B103-0CEE-4927-A4A8-A3C7F33D4845}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{DF2EC9ED-A5A6-49B0-A7F2-6F38F6691CBF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B7A0BFE0-BD28-4DD5-B72B-1F9B47B754CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C5D8AF6F-6BEC-4EC7-8D2C-41EA491DDA62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{064268CD-37E3-49DD-9E6F-C399689B9559}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1675FEA4-1695-4FFC-A0AC-9553F93074DC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{ABDA486B-CCB1-4D81-AE30-94E5B6AB67CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{84B3EB2D-BFD7-483B-850E-9826A8618983}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{99EBF078-3D4A-4CBA-8CF6-17AF0F554D03}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
06-01-2016 23:26:50 Geplanter Prüfpunkt
14-01-2016 10:12:09 Windows Update
21-01-2016 22:06:47 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/04/2016 11:28:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompatTelRunner.exe, Version: 10.0.11065.1000, Zeitstempel: 0x5646e5d2
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.17415, Zeitstempel: 0x545055fe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000017d7
ID des fehlerhaften Prozesses: 0x46a0
Startzeit der fehlerhaften Anwendung: 0xCompatTelRunner.exe0
Pfad der fehlerhaften Anwendung: CompatTelRunner.exe1
Pfad des fehlerhaften Moduls: CompatTelRunner.exe2
Berichtskennung: CompatTelRunner.exe3
Vollständiger Name des fehlerhaften Pakets: CompatTelRunner.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CompatTelRunner.exe5
Error: (02/02/2016 07:45:25 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.
Error: (02/02/2016 07:43:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: usbhubC:\Windows\system32\usbperf.dll8
Error: (02/02/2016 07:43:19 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.
Error: (02/02/2016 07:43:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8
Error: (02/02/2016 07:43:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\Windows\system32\mscoree.dll8
Error: (02/01/2016 11:33:09 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
Error: (02/01/2016 11:33:09 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0.
Error: (02/01/2016 11:33:09 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (02/01/2016 11:33:08 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Systemfehler:
=============
Error: (02/01/2016 11:33:07 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
Error: (01/30/2016 11:23:24 AM) (Source: DCOM) (EventID: 10010) (User: Hasenrenner)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/30/2016 11:22:53 AM) (Source: DCOM) (EventID: 10010) (User: Hasenrenner)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/29/2016 11:11:18 AM) (Source: DCOM) (EventID: 10010) (User: Hasenrenner)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/29/2016 11:10:48 AM) (Source: DCOM) (EventID: 10010) (User: Hasenrenner)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/29/2016 10:49:44 AM) (Source: DCOM) (EventID: 10010) (User: Hasenrenner)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/29/2016 10:49:14 AM) (Source: DCOM) (EventID: 10010) (User: Hasenrenner)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/28/2016 07:22:05 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
Error: (01/28/2016 11:11:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CCDMonitorService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/27/2016 09:39:50 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
CodeIntegrity:
===================================
Date: 2016-01-29 10:49:02.032
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-24 02:54:06.614
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-31 18:07:00.591
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-29 20:08:12.108
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-23 21:32:55.199
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-12 22:48:22.239
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-01 16:54:36.101
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-26 23:20:32.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-13 23:35:42.683
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-11 22:00:35.776
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 8106.45 MB
Verfügbarer physikalischer RAM: 6375.32 MB
Summe virtueller Speicher: 9386.45 MB
Verfügbarer virtueller Speicher: 7662.07 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:221.65 GB) (Free:176.04 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:443.86 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4F7935F8)
Partition: GPT.
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 4F7935D0)
Partition: GPT.
==================== Ende von Addition.txt ============================
Und nun harre in freudiger Erwartung der Dinge, die da passieren werden! |
|
04.02.2016, 20:58
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | laut ISP gehackt Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
04.02.2016, 21:21
| #3 |
| | laut ISP gehackt Hallo Jürgen,
__________________klar schaffen wir das! Und Danke für die flotte Hilfe. Hier nun die, für mich, böhmischen Dörfer: Code:
ATTFilter 21:15:41.0258 0x154c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
21:15:41.0258 0x154c UEFI system
21:15:47.0061 0x154c ============================================================
21:15:47.0061 0x154c Current date / time: 2016/02/04 21:15:47.0061
21:15:47.0061 0x154c SystemInfo:
21:15:47.0062 0x154c
21:15:47.0062 0x154c OS Version: 6.3.9600 ServicePack: 0.0
21:15:47.0062 0x154c Product type: Workstation
21:15:47.0062 0x154c ComputerName: HASENRENNER
21:15:47.0062 0x154c UserName: Peter
21:15:47.0062 0x154c Windows directory: C:\Windows
21:15:47.0062 0x154c System windows directory: C:\Windows
21:15:47.0062 0x154c Running under WOW64
21:15:47.0062 0x154c Processor architecture: Intel x64
21:15:47.0062 0x154c Number of processors: 4
21:15:47.0062 0x154c Page size: 0x1000
21:15:47.0062 0x154c Boot type: Normal boot
21:15:47.0062 0x154c ============================================================
21:15:47.0187 0x154c KLMD registered as C:\Windows\system32\drivers\88295586.sys
21:15:47.0809 0x154c System UUID: {97D9447F-BB3F-3F6C-215C-9DEC1DD42A6F}
21:15:49.0938 0x154c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:15:49.0939 0x154c Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:15:49.0947 0x154c ============================================================
21:15:49.0947 0x154c \Device\Harddisk0\DR0:
21:15:49.0948 0x154c GPT partitions:
21:15:49.0948 0x154c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {ED891158-A4F5-4BD0-A5E6-149144475E3B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x3A385800
21:15:49.0949 0x154c MBR partitions:
21:15:49.0949 0x154c \Device\Harddisk1\DR1:
21:15:49.0949 0x154c GPT partitions:
21:15:49.0950 0x154c \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F0C0298C-5316-495D-A3EF-020A99648FCE}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
21:15:49.0950 0x154c \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E0EA6664-A64E-436B-BA32-BFC256315B01}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
21:15:49.0950 0x154c \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9D504885-70F0-4894-A64A-28EF2E029497}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
21:15:49.0950 0x154c \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4B6DECBB-6150-4F01-BC32-0B1ECB4C2732}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x1BB4F000
21:15:49.0950 0x154c \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0B3EC7E3-A535-4569-9599-D88F99DDC99F}, Name: Basic data partition, StartLBA 0x1BD51800, BlocksNum 0x1FA1800
21:15:49.0950 0x154c MBR partitions:
21:15:49.0950 0x154c ============================================================
21:15:49.0951 0x154c C: <-> \Device\Harddisk1\DR1\Partition4
21:15:49.0961 0x154c D: <-> \Device\Harddisk0\DR0\Partition1
21:15:49.0961 0x154c ============================================================
21:15:49.0961 0x154c Initialize success
21:15:49.0961 0x154c ============================================================
21:17:12.0337 0x0414 ============================================================
21:17:12.0337 0x0414 Scan started
21:17:12.0337 0x0414 Mode: Manual; SigCheck; TDLFS;
21:17:12.0337 0x0414 ============================================================
21:17:12.0337 0x0414 KSN ping started
21:17:14.0680 0x0414 KSN ping finished: true
21:17:16.0767 0x0414 ================ Scan system memory ========================
21:17:16.0767 0x0414 System memory - ok
21:17:16.0768 0x0414 ================ Scan services =============================
21:17:16.0816 0x0414 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
21:17:16.0898 0x0414 1394ohci - ok
21:17:16.0911 0x0414 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
21:17:16.0934 0x0414 3ware - ok
21:17:16.0962 0x0414 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:17:17.0003 0x0414 ACPI - ok
21:17:17.0011 0x0414 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
21:17:17.0027 0x0414 acpiex - ok
21:17:17.0034 0x0414 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
21:17:17.0048 0x0414 acpipagr - ok
21:17:17.0054 0x0414 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
21:17:17.0075 0x0414 AcpiPmi - ok
21:17:17.0080 0x0414 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
21:17:17.0099 0x0414 acpitime - ok
21:17:17.0129 0x0414 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
21:17:17.0169 0x0414 ADP80XX - ok
21:17:17.0180 0x0414 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:17:17.0203 0x0414 AeLookupSvc - ok
21:17:17.0218 0x0414 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys
21:17:17.0256 0x0414 AFD - ok
21:17:17.0261 0x0414 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:17:17.0271 0x0414 agp440 - ok
21:17:17.0277 0x0414 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
21:17:17.0296 0x0414 ahcache - ok
21:17:17.0301 0x0414 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
21:17:17.0317 0x0414 ALG - ok
21:17:17.0324 0x0414 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
21:17:17.0337 0x0414 AmdK8 - ok
21:17:17.0343 0x0414 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
21:17:17.0355 0x0414 AmdPPM - ok
21:17:17.0360 0x0414 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:17:17.0371 0x0414 amdsata - ok
21:17:17.0380 0x0414 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:17:17.0395 0x0414 amdsbs - ok
21:17:17.0399 0x0414 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:17:17.0409 0x0414 amdxata - ok
21:17:17.0414 0x0414 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
21:17:17.0439 0x0414 AppID - ok
21:17:17.0443 0x0414 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:17:17.0452 0x0414 AppIDSvc - ok
21:17:17.0458 0x0414 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
21:17:17.0473 0x0414 Appinfo - ok
21:17:17.0488 0x0414 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
21:17:17.0516 0x0414 AppReadiness - ok
21:17:17.0547 0x0414 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
21:17:17.0602 0x0414 AppXSvc - ok
21:17:17.0611 0x0414 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:17:17.0625 0x0414 arcsas - ok
21:17:17.0629 0x0414 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:17:17.0640 0x0414 AsyncMac - ok
21:17:17.0645 0x0414 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
21:17:17.0654 0x0414 atapi - ok
21:17:17.0666 0x0414 [ 48386DDF416537A107F19FF51148C613, 7D423F36AC0AB59D0303EAF1914154FD57B20A81E1D8CB657E8DB6CCE19509A5 ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe
21:17:17.0696 0x0414 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
21:17:20.0189 0x0414 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
21:17:22.0575 0x0414 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:17:22.0617 0x0414 AudioEndpointBuilder - ok
21:17:22.0660 0x0414 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:17:22.0719 0x0414 Audiosrv - ok
21:17:22.0728 0x0414 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:17:22.0745 0x0414 AxInstSV - ok
21:17:22.0763 0x0414 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:17:22.0791 0x0414 b06bdrv - ok
21:17:22.0797 0x0414 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
21:17:22.0808 0x0414 BasicDisplay - ok
21:17:22.0813 0x0414 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
21:17:22.0826 0x0414 BasicRender - ok
21:17:22.0832 0x0414 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
21:17:22.0845 0x0414 bcmfn2 - ok
21:17:22.0859 0x0414 [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\Windows\System32\bdesvc.dll
21:17:22.0885 0x0414 BDESVC - ok
21:17:22.0890 0x0414 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
21:17:22.0905 0x0414 Beep - ok
21:17:22.0929 0x0414 [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\Windows\System32\bfe.dll
21:17:22.0966 0x0414 BFE - ok
21:17:22.0991 0x0414 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
21:17:23.0031 0x0414 BITS - ok
21:17:23.0039 0x0414 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:17:23.0048 0x0414 bowser - ok
21:17:23.0058 0x0414 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:17:23.0078 0x0414 BrokerInfrastructure - ok
21:17:23.0086 0x0414 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
21:17:23.0103 0x0414 Browser - ok
21:17:23.0108 0x0414 [ EA0452B7F38BC0D876DC804F8C5E30AC, 27146DA9CBA8C081A888D98777A791E422CF73170062504F8B3B7379C4FF28DC ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
21:17:23.0127 0x0414 BtFilter - ok
21:17:23.0133 0x0414 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
21:17:23.0142 0x0414 BthAvrcpTg - ok
21:17:23.0147 0x0414 [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
21:17:23.0165 0x0414 BthEnum - ok
21:17:23.0171 0x0414 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
21:17:23.0195 0x0414 BthHFEnum - ok
21:17:23.0200 0x0414 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
21:17:23.0211 0x0414 bthhfhid - ok
21:17:23.0225 0x0414 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
21:17:23.0256 0x0414 BthHFSrv - ok
21:17:23.0267 0x0414 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
21:17:23.0288 0x0414 BthLEEnum - ok
21:17:23.0293 0x0414 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
21:17:23.0311 0x0414 BTHMODEM - ok
21:17:23.0318 0x0414 [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys
21:17:23.0342 0x0414 BthPan - ok
21:17:23.0376 0x0414 [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:17:23.0432 0x0414 BTHPORT - ok
21:17:23.0439 0x0414 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
21:17:23.0453 0x0414 bthserv - ok
21:17:23.0460 0x0414 [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:17:23.0480 0x0414 BTHUSB - ok
21:17:23.0539 0x0414 [ 89AD09F3DD8F77F98F44BC2DD4B00E3C, D35E960B73212E34058BB98E70E10935683C0C67D301EF3070E3729DBBF7A94C ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
21:17:24.0765 0x0414 CCDMonitorService - ok
21:17:24.0774 0x0414 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:17:24.0784 0x0414 cdfs - ok
21:17:24.0793 0x0414 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
21:17:24.0806 0x0414 cdrom - ok
21:17:24.0812 0x0414 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
21:17:24.0829 0x0414 CertPropSvc - ok
21:17:24.0834 0x0414 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
21:17:24.0843 0x0414 circlass - ok
21:17:24.0856 0x0414 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
21:17:24.0874 0x0414 CLFS - ok
21:17:24.0884 0x0414 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
21:17:24.0892 0x0414 CmBatt - ok
21:17:24.0907 0x0414 [ C9ACE28CDCD5FF473033A01AA510A184, 8A423D613894EB531C48025A11F1ABB923AFB38070E0A24A8D71909B217CE406 ] CNG C:\Windows\system32\Drivers\cng.sys
21:17:24.0936 0x0414 CNG - ok
21:17:24.0943 0x0414 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
21:17:24.0952 0x0414 CompositeBus - ok
21:17:24.0955 0x0414 COMSysApp - ok
21:17:24.0960 0x0414 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
21:17:24.0971 0x0414 condrv - ok
21:17:24.0992 0x0414 [ 8F2E27C8D70137ADB6F3D398C31FBEF0, 1165C9E1E6993FF4109643D03858E5A35ECA49FB07B3F6C1724C336645F198A9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:17:25.0082 0x0414 cphs - ok
21:17:25.0091 0x0414 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:17:25.0108 0x0414 CryptSvc - ok
21:17:25.0114 0x0414 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\Windows\system32\drivers\dam.sys
21:17:25.0123 0x0414 dam - ok
21:17:25.0145 0x0414 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:17:25.0179 0x0414 DcomLaunch - ok
21:17:25.0194 0x0414 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
21:17:25.0219 0x0414 defragsvc - ok
21:17:25.0233 0x0414 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
21:17:25.0259 0x0414 DeviceAssociationService - ok
21:17:25.0266 0x0414 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
21:17:25.0284 0x0414 DeviceInstall - ok
21:17:25.0290 0x0414 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
21:17:25.0306 0x0414 Dfsc - ok
21:17:25.0318 0x0414 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
21:17:25.0340 0x0414 Dhcp - ok
21:17:25.0376 0x0414 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\Windows\system32\diagtrack.dll
21:17:25.0432 0x0414 DiagTrack - ok
21:17:25.0441 0x0414 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
21:17:25.0451 0x0414 disk - ok
21:17:25.0455 0x0414 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
21:17:25.0468 0x0414 dmvsc - ok
21:17:25.0477 0x0414 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:17:25.0497 0x0414 Dnscache - ok
21:17:25.0506 0x0414 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
21:17:25.0527 0x0414 dot3svc - ok
21:17:25.0535 0x0414 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
21:17:25.0548 0x0414 DPS - ok
21:17:25.0552 0x0414 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:17:25.0560 0x0414 drmkaud - ok
21:17:25.0568 0x0414 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
21:17:25.0581 0x0414 DsmSvc - ok
21:17:25.0622 0x0414 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:17:25.0676 0x0414 DXGKrnl - ok
21:17:25.0684 0x0414 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
21:17:25.0700 0x0414 Eaphost - ok
21:17:25.0775 0x0414 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:17:25.0889 0x0414 ebdrv - ok
21:17:25.0898 0x0414 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
21:17:25.0907 0x0414 EFS - ok
21:17:25.0913 0x0414 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
21:17:25.0925 0x0414 EhStorClass - ok
21:17:25.0933 0x0414 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:17:25.0944 0x0414 EhStorTcgDrv - ok
21:17:25.0999 0x0414 [ 6066FDFF6E02A0F1F2584EBC9D4A1E63, 2CD1405C4664FBE2EB120EB9F56FCDC629F334AD6BA609A9B442FE594CB6A247 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
21:17:26.0066 0x0414 ePowerSvc - ok
21:17:26.0073 0x0414 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
21:17:26.0081 0x0414 ErrDev - ok
21:17:26.0089 0x0414 [ 60281B807AC3F5202D3008F5DA902842, 6E4E91507E29AB865F7DF5A9E667C0853698F55D9C9DBAEB39AA9CE0A9AE885C ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
21:17:26.0097 0x0414 ESProtectionDriver - ok
21:17:26.0114 0x0414 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
21:17:26.0142 0x0414 EventSystem - ok
21:17:26.0150 0x0414 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
21:17:26.0176 0x0414 exfat - ok
21:17:26.0183 0x0414 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:17:26.0197 0x0414 fastfat - ok
21:17:26.0214 0x0414 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
21:17:26.0244 0x0414 Fax - ok
21:17:26.0250 0x0414 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
21:17:26.0259 0x0414 fdc - ok
21:17:26.0263 0x0414 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
21:17:26.0276 0x0414 fdPHost - ok
21:17:26.0280 0x0414 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
21:17:26.0290 0x0414 FDResPub - ok
21:17:26.0296 0x0414 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
21:17:26.0314 0x0414 fhsvc - ok
21:17:26.0319 0x0414 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:17:26.0331 0x0414 FileInfo - ok
21:17:26.0336 0x0414 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:17:26.0350 0x0414 Filetrace - ok
21:17:26.0353 0x0414 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
21:17:26.0362 0x0414 flpydisk - ok
21:17:26.0374 0x0414 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:17:26.0395 0x0414 FltMgr - ok
21:17:26.0425 0x0414 [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\Windows\system32\FntCache.dll
21:17:26.0467 0x0414 FontCache - ok
21:17:26.0474 0x0414 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:17:26.0483 0x0414 FontCache3.0.0.0 - ok
21:17:26.0488 0x0414 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:17:26.0498 0x0414 FsDepends - ok
21:17:26.0503 0x0414 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:17:26.0511 0x0414 Fs_Rec - ok
21:17:26.0526 0x0414 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:17:26.0550 0x0414 fvevol - ok
21:17:26.0554 0x0414 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
21:17:26.0563 0x0414 FxPPM - ok
21:17:26.0568 0x0414 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:17:26.0578 0x0414 gagp30kx - ok
21:17:26.0583 0x0414 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
21:17:26.0592 0x0414 gencounter - ok
21:17:26.0603 0x0414 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
21:17:26.0619 0x0414 GPIOClx0101 - ok
21:17:26.0649 0x0414 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
21:17:26.0690 0x0414 gpsvc - ok
21:17:26.0697 0x0414 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:17:26.0704 0x0414 gupdate - ok
21:17:26.0709 0x0414 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:17:26.0718 0x0414 gupdatem - ok
21:17:26.0733 0x0414 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:17:26.0754 0x0414 HdAudAddService - ok
21:17:26.0760 0x0414 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
21:17:26.0769 0x0414 HDAudBus - ok
21:17:26.0773 0x0414 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
21:17:26.0782 0x0414 HidBatt - ok
21:17:26.0788 0x0414 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
21:17:26.0813 0x0414 HidBth - ok
21:17:26.0817 0x0414 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
21:17:26.0827 0x0414 hidi2c - ok
21:17:26.0831 0x0414 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
21:17:26.0841 0x0414 HidIr - ok
21:17:26.0845 0x0414 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
21:17:26.0854 0x0414 hidserv - ok
21:17:26.0859 0x0414 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
21:17:26.0869 0x0414 HidUsb - ok
21:17:26.0874 0x0414 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
21:17:26.0885 0x0414 hkmsvc - ok
21:17:26.0895 0x0414 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:17:26.0913 0x0414 HomeGroupListener - ok
21:17:26.0927 0x0414 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:17:26.0946 0x0414 HomeGroupProvider - ok
21:17:26.0951 0x0414 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:17:26.0960 0x0414 HpSAMD - ok
21:17:26.0982 0x0414 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:17:27.0015 0x0414 HTTP - ok
21:17:27.0020 0x0414 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:17:27.0028 0x0414 hwpolicy - ok
21:17:27.0032 0x0414 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
21:17:27.0040 0x0414 hyperkbd - ok
21:17:27.0044 0x0414 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
21:17:27.0053 0x0414 HyperVideo - ok
21:17:27.0060 0x0414 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
21:17:27.0083 0x0414 i8042prt - ok
21:17:27.0088 0x0414 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
21:17:27.0094 0x0414 iaLPSSi_GPIO - ok
21:17:27.0101 0x0414 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
21:17:27.0109 0x0414 iaLPSSi_I2C - ok
21:17:27.0114 0x0414 [ 5CC64394DECD35104418773F0C103C8A, 37294D958FE0717ACB93D153319A772745699CADD7100E51BE7F26CD7B80B435 ] iaLPSS_GPIO C:\Windows\System32\drivers\iaLPSS_GPIO.sys
21:17:27.0121 0x0414 iaLPSS_GPIO - ok
21:17:27.0127 0x0414 [ 5CF1951E406FB5795CBAF97DFB816445, 2E7D3C37EA0CBA0D4070E1D327520AC641CFD00759F37C0DD8DED4020C44B67D ] iaLPSS_I2C C:\Windows\System32\drivers\iaLPSS_I2C.sys
21:17:27.0137 0x0414 iaLPSS_I2C - ok
21:17:27.0142 0x0414 [ C7DEAA8A9A1A3F5E20F14E092CD57A75, 4C7FCFD9E8C1DC582CCB41851A7632025934B8F6473333692D2E84A3E0BDD50C ] iaLPSS_SPI C:\Windows\System32\drivers\iaLPSS_SPI.sys
21:17:27.0151 0x0414 iaLPSS_SPI - ok
21:17:27.0157 0x0414 [ 3123CABE4D4D666FFA730D10169B374B, 1E30341AF80180B4F53B900549D15DAB7525D77E0DF47F38F83292775C44AB2A ] iaLPSS_UART2 C:\Windows\System32\drivers\iaLPSS_UART2.sys
21:17:27.0167 0x0414 iaLPSS_UART2 - ok
21:17:27.0185 0x0414 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
21:17:27.0207 0x0414 iaStorAV - ok
21:17:27.0223 0x0414 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:17:27.0242 0x0414 iaStorV - ok
21:17:27.0249 0x0414 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:17:27.0258 0x0414 ICCS - ok
21:17:27.0262 0x0414 IEEtwCollectorService - ok
21:17:27.0356 0x0414 [ 8C11760BD6A812207430B033DB72A3F3, 1BA0011B28FCEA750B924A759672B230CFF91E441D8A7CA3921F68F2904EDD61 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:17:27.0567 0x0414 igfx - ok
21:17:27.0590 0x0414 [ 74498888A23B6CE7E2298C05EF215FA5, 74939E3A8093F7CA663E831943EED68DABA24B2F15C9BF7C6BE3C02226725416 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:17:27.0623 0x0414 igfxCUIService1.0.0.0 - ok
21:17:27.0650 0x0414 [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\Windows\System32\ikeext.dll
21:17:27.0684 0x0414 IKEEXT - ok
21:17:27.0692 0x0414 [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:17:27.0711 0x0414 intaud_WaveExtensible - ok
21:17:27.0830 0x0414 [ 0ED561B13EFE36080760981616107D15, 2FB78BC7825E29A9E216061EC9E4196612B86C6ED5ADB48AA3EBBB8C0E2CCCFF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:17:27.0957 0x0414 IntcAzAudAddService - ok
21:17:27.0977 0x0414 [ 0D92782AEAFEC340F7F637E91C7E367D, 2E2654D017FF567CF8ED4D0BA20209894792C8BDDF50C3396961F2B850E17E36 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:17:28.0010 0x0414 IntcDAud - ok
21:17:28.0032 0x0414 [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:17:28.0856 0x0414 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:17:28.0861 0x0414 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
21:17:28.0872 0x0414 intelide - ok
21:17:28.0877 0x0414 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\Windows\system32\drivers\intelpep.sys
21:17:28.0888 0x0414 intelpep - ok
21:17:28.0894 0x0414 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
21:17:28.0905 0x0414 intelppm - ok
21:17:28.0911 0x0414 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:17:28.0924 0x0414 IpFilterDriver - ok
21:17:28.0946 0x0414 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:17:28.0976 0x0414 iphlpsvc - ok
21:17:28.0984 0x0414 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
21:17:29.0009 0x0414 IPMIDRV - ok
21:17:29.0016 0x0414 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:17:29.0032 0x0414 IPNAT - ok
21:17:29.0036 0x0414 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:17:29.0050 0x0414 IRENUM - ok
21:17:29.0054 0x0414 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:17:29.0062 0x0414 isapnp - ok
21:17:29.0074 0x0414 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
21:17:29.0094 0x0414 iScsiPrt - ok
21:17:29.0099 0x0414 [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
21:17:29.0119 0x0414 iwdbus - ok
21:17:29.0126 0x0414 [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:17:29.0136 0x0414 jhi_service - ok
21:17:29.0142 0x0414 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
21:17:29.0154 0x0414 kbdclass - ok
21:17:29.0158 0x0414 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
21:17:29.0179 0x0414 kbdhid - ok
21:17:29.0183 0x0414 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
21:17:29.0197 0x0414 kdnic - ok
21:17:29.0202 0x0414 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
21:17:29.0210 0x0414 KeyIso - ok
21:17:29.0216 0x0414 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:17:29.0228 0x0414 KSecDD - ok
21:17:29.0236 0x0414 [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:17:29.0247 0x0414 KSecPkg - ok
21:17:29.0252 0x0414 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:17:29.0260 0x0414 ksthunk - ok
21:17:29.0272 0x0414 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:17:29.0290 0x0414 KtmRm - ok
21:17:29.0300 0x0414 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
21:17:29.0319 0x0414 LanmanServer - ok
21:17:29.0329 0x0414 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:17:29.0345 0x0414 LanmanWorkstation - ok
21:17:29.0361 0x0414 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
21:17:29.0386 0x0414 lfsvc - ok
21:17:29.0392 0x0414 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:17:29.0404 0x0414 lltdio - ok
21:17:29.0413 0x0414 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:17:29.0429 0x0414 lltdsvc - ok
21:17:29.0434 0x0414 [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver C:\Windows\System32\drivers\LMDriver.sys
21:17:29.0439 0x0414 LMDriver - ok
21:17:29.0444 0x0414 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:17:29.0458 0x0414 lmhosts - ok
21:17:29.0469 0x0414 [ ED5C8B920F2ACF11A26586B2FA66BF3D, D6F014F0CCAB7EDA38A8CC58F439D2A8CD89195AE84F82E25475CE11CB3883C9 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:17:29.0489 0x0414 LMS - ok
21:17:29.0496 0x0414 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:17:29.0506 0x0414 LSI_SAS - ok
21:17:29.0511 0x0414 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:17:29.0522 0x0414 LSI_SAS2 - ok
21:17:29.0527 0x0414 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
21:17:29.0537 0x0414 LSI_SAS3 - ok
21:17:29.0542 0x0414 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
21:17:29.0552 0x0414 LSI_SSS - ok
21:17:29.0576 0x0414 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
21:17:29.0608 0x0414 LSM - ok
21:17:29.0617 0x0414 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
21:17:29.0627 0x0414 luafv - ok
21:17:29.0646 0x0414 [ 6761C5500F6A54BF31BA91F409234426, 28098724C3F7FBA0FAF753353475F034525EF6505048BB4BA2A817E908CB5600 ] MbaeSvc C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
21:17:29.0665 0x0414 MbaeSvc - ok
21:17:29.0671 0x0414 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:17:29.0676 0x0414 MBAMProtector - ok
21:17:29.0703 0x0414 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:17:29.0738 0x0414 MBAMService - ok
21:17:29.0744 0x0414 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:17:29.0753 0x0414 MBAMWebAccessControl - ok
21:17:29.0758 0x0414 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
21:17:29.0767 0x0414 megasas - ok
21:17:29.0783 0x0414 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
21:17:29.0807 0x0414 megasr - ok
21:17:29.0814 0x0414 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
21:17:29.0837 0x0414 MEIx64 - ok
21:17:29.0842 0x0414 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
21:17:29.0858 0x0414 MMCSS - ok
21:17:29.0862 0x0414 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
21:17:29.0877 0x0414 Modem - ok
21:17:29.0882 0x0414 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
21:17:29.0890 0x0414 monitor - ok
21:17:29.0895 0x0414 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
21:17:29.0905 0x0414 mouclass - ok
21:17:29.0910 0x0414 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
21:17:29.0929 0x0414 mouhid - ok
21:17:29.0934 0x0414 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:17:29.0945 0x0414 mountmgr - ok
21:17:29.0952 0x0414 [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:17:29.0992 0x0414 MozillaMaintenance - ok
21:17:29.0997 0x0414 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:17:30.0017 0x0414 mpsdrv - ok
21:17:30.0038 0x0414 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
21:17:30.0067 0x0414 MpsSvc - ok
21:17:30.0075 0x0414 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:17:30.0099 0x0414 MRxDAV - ok
21:17:30.0111 0x0414 [ 767087A3646D01EBA4E8DDD903920BD0, 2BFB9018DBAD5805796B4F8B7E7E8094240A06657AC50C4D9287B25F49D27426 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:17:30.0146 0x0414 mrxsmb - ok
21:17:30.0156 0x0414 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:17:30.0188 0x0414 mrxsmb10 - ok
21:17:30.0196 0x0414 [ D5EB16B7A8FBD925E5A4F27A653E38C9, B7AADCB7F67D6D3933EB8075DC7D8A48F35D704FE8123C2D447677347DC06379 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:17:30.0219 0x0414 mrxsmb20 - ok
21:17:30.0225 0x0414 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
21:17:30.0248 0x0414 MsBridge - ok
21:17:30.0255 0x0414 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
21:17:30.0267 0x0414 MSDTC - ok
21:17:30.0276 0x0414 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:17:30.0286 0x0414 Msfs - ok
21:17:30.0290 0x0414 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
21:17:30.0299 0x0414 msgpiowin32 - ok
21:17:30.0303 0x0414 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:17:30.0311 0x0414 mshidkmdf - ok
21:17:30.0316 0x0414 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
21:17:30.0325 0x0414 mshidumdf - ok
21:17:30.0329 0x0414 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:17:30.0337 0x0414 msisadrv - ok
21:17:30.0343 0x0414 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:17:30.0355 0x0414 MSiSCSI - ok
21:17:30.0359 0x0414 msiserver - ok
21:17:30.0363 0x0414 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:17:30.0373 0x0414 MSKSSRV - ok
21:17:30.0378 0x0414 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
21:17:30.0400 0x0414 MsLldp - ok
21:17:30.0403 0x0414 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:17:30.0412 0x0414 MSPCLOCK - ok
21:17:30.0415 0x0414 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:17:30.0424 0x0414 MSPQM - ok
21:17:30.0435 0x0414 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:17:30.0453 0x0414 MsRPC - ok
21:17:30.0459 0x0414 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
21:17:30.0468 0x0414 mssmbios - ok
21:17:30.0471 0x0414 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:17:30.0480 0x0414 MSTEE - ok
21:17:30.0484 0x0414 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
21:17:30.0492 0x0414 MTConfig - ok
21:17:30.0498 0x0414 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
21:17:30.0508 0x0414 Mup - ok
21:17:30.0514 0x0414 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
21:17:30.0524 0x0414 mvumis - ok
21:17:30.0537 0x0414 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
21:17:30.0554 0x0414 napagent - ok
21:17:30.0567 0x0414 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:17:30.0597 0x0414 NativeWifiP - ok
21:17:30.0604 0x0414 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
21:17:30.0620 0x0414 NcaSvc - ok
21:17:30.0627 0x0414 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
21:17:30.0644 0x0414 NcbService - ok
21:17:30.0649 0x0414 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
21:17:30.0664 0x0414 NcdAutoSetup - ok
21:17:30.0689 0x0414 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:17:30.0725 0x0414 NDIS - ok
21:17:30.0730 0x0414 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:17:30.0746 0x0414 NdisCap - ok
21:17:30.0753 0x0414 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:17:30.0775 0x0414 NdisImPlatform - ok
21:17:30.0779 0x0414 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:17:30.0795 0x0414 NdisTapi - ok
21:17:30.0800 0x0414 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:17:30.0809 0x0414 Ndisuio - ok
21:17:30.0813 0x0414 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
21:17:30.0824 0x0414 NdisVirtualBus - ok
21:17:30.0832 0x0414 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:17:30.0847 0x0414 NdisWan - ok
21:17:30.0854 0x0414 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
21:17:30.0868 0x0414 NdisWanLegacy - ok
21:17:30.0874 0x0414 [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:17:30.0895 0x0414 NDProxy - ok
21:17:30.0901 0x0414 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
21:17:30.0921 0x0414 Ndu - ok
21:17:30.0926 0x0414 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:17:30.0945 0x0414 NetBIOS - ok
21:17:30.0954 0x0414 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:17:30.0968 0x0414 NetBT - ok
21:17:30.0973 0x0414 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
21:17:30.0982 0x0414 Netlogon - ok
21:17:30.0991 0x0414 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
21:17:31.0006 0x0414 Netman - ok
21:17:31.0022 0x0414 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
21:17:31.0046 0x0414 netprofm - ok
21:17:31.0055 0x0414 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:17:31.0069 0x0414 NetTcpPortSharing - ok
21:17:31.0075 0x0414 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
21:17:31.0098 0x0414 netvsc - ok
21:17:31.0109 0x0414 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
21:17:31.0133 0x0414 NlaSvc - ok
21:17:31.0139 0x0414 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:17:31.0149 0x0414 Npfs - ok
21:17:31.0153 0x0414 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
21:17:31.0164 0x0414 npsvctrig - ok
21:17:31.0169 0x0414 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
21:17:31.0181 0x0414 nsi - ok
21:17:31.0185 0x0414 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:17:31.0204 0x0414 nsiproxy - ok
21:17:31.0248 0x0414 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:17:31.0310 0x0414 Ntfs - ok
21:17:31.0316 0x0414 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
21:17:31.0326 0x0414 Null - ok
21:17:31.0596 0x0414 [ 692E3994556ABEECA52CC4806B488037, 48EE0D03DE8C41B8903C7D9782F2178A7E07640A8A5843AEAC8CC6D95FACA765 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:17:31.0895 0x0414 nvlddmkm - ok
21:17:31.0942 0x0414 [ 85E63F9C45CFC44CC1F43AC07610B79F, EB76634AE88E5586324235C5BF2BFEA2E2C7E7DDE21B938CE7CF3491C78D409B ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:17:31.0985 0x0414 NvNetworkService - ok
21:17:31.0994 0x0414 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:17:32.0008 0x0414 nvraid - ok
21:17:32.0016 0x0414 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:17:32.0032 0x0414 nvstor - ok
21:17:32.0036 0x0414 [ 86E50463CBA2B4F96A7D314FBEFC155A, 28CAC5E036C9283D2D2751F83643AB72BA63E0C939E4A71022C5343E1BF1E080 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:17:32.0042 0x0414 NvStreamKms - ok
21:17:32.0427 0x0414 [ 1476A45E3C6DE6BD26DF10C67533FD99, BBAC9001859F55E517C33948574F5CC553653D1BC1F6F1E237D362C27B5334DC ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
21:17:32.0843 0x0414 NvStreamSvc - ok
21:17:32.0885 0x0414 [ DA2BA3A8C22E6BCBE38DCA8014A83BD3, 25738D7BFAB46C1FA69E781C38964066EDED78206093EE96EBCB21EE69688862 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:17:32.0972 0x0414 nvsvc - ok
21:17:32.0978 0x0414 [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
21:17:32.0987 0x0414 nvvad_WaveExtensible - ok
21:17:32.0992 0x0414 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:17:33.0004 0x0414 nv_agp - ok
21:17:33.0015 0x0414 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:17:33.0039 0x0414 p2pimsvc - ok
21:17:33.0052 0x0414 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
21:17:33.0076 0x0414 p2psvc - ok
21:17:33.0082 0x0414 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
21:17:33.0093 0x0414 Parport - ok
21:17:33.0099 0x0414 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:17:33.0112 0x0414 partmgr - ok
21:17:33.0125 0x0414 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:17:33.0145 0x0414 PcaSvc - ok
21:17:33.0157 0x0414 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
21:17:33.0174 0x0414 pci - ok
21:17:33.0178 0x0414 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
21:17:33.0190 0x0414 pciide - ok
21:17:33.0197 0x0414 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:17:33.0208 0x0414 pcmcia - ok
21:17:33.0213 0x0414 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
21:17:33.0222 0x0414 pcw - ok
21:17:33.0228 0x0414 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\Windows\system32\drivers\pdc.sys
21:17:33.0241 0x0414 pdc - ok
21:17:33.0258 0x0414 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:17:33.0285 0x0414 PEAUTH - ok
21:17:33.0304 0x0414 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:17:33.0319 0x0414 PerfHost - ok
21:17:33.0358 0x0414 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
21:17:33.0407 0x0414 pla - ok
21:17:33.0417 0x0414 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:17:33.0427 0x0414 PlugPlay - ok
21:17:33.0432 0x0414 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:17:33.0441 0x0414 PNRPAutoReg - ok
21:17:33.0455 0x0414 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:17:33.0473 0x0414 PNRPsvc - ok
21:17:33.0488 0x0414 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:17:33.0507 0x0414 PolicyAgent - ok
21:17:33.0514 0x0414 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
21:17:33.0531 0x0414 Power - ok
21:17:33.0536 0x0414 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:17:33.0549 0x0414 PptpMiniport - ok
21:17:33.0608 0x0414 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
21:17:33.0716 0x0414 PrintNotify - ok
21:17:33.0725 0x0414 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
21:17:33.0736 0x0414 Processor - ok
21:17:33.0745 0x0414 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
21:17:33.0764 0x0414 ProfSvc - ok
21:17:33.0771 0x0414 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:17:33.0793 0x0414 Psched - ok
21:17:33.0806 0x0414 [ 992DBEEC25BC2535B03B564367A3B652, 68CA8A8C4B03A06BB71E5DBB3883B3605C4AA64322665BFACC410206362A7AD9 ] QASvc C:\Program Files\Acer\Acer Quick Access\QASvc.exe
21:17:33.0823 0x0414 QASvc - ok
21:17:33.0870 0x0414 [ 0441C9F57745824ED0F05F717181123B, D6422417ACBF403D2CA41FBEFD5DC1D66C5F372A45C98229AEE6BBFB447EFD7F ] Qcamain C:\Windows\system32\DRIVERS\Qcamainx64.sys
21:17:33.0946 0x0414 Qcamain - ok
21:17:33.0958 0x0414 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
21:17:33.0978 0x0414 QWAVE - ok
21:17:33.0984 0x0414 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:17:34.0002 0x0414 QWAVEdrv - ok
21:17:34.0006 0x0414 [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim C:\Windows\System32\drivers\RadioShim.sys
21:17:34.0011 0x0414 RadioShim - ok
21:17:34.0016 0x0414 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:17:34.0032 0x0414 RasAcd - ok
21:17:34.0037 0x0414 [ 3EE5097945A7F680E320953271EB2D4F, 0B9F2B458177A654F65C5E862B7C55B35E20271B76D5E20A20F30D3223A1216F ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:17:34.0060 0x0414 RasAgileVpn - ok
21:17:34.0065 0x0414 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
21:17:34.0077 0x0414 RasAuto - ok
21:17:34.0084 0x0414 [ 1BD3022FD6E450B00DE560265638FD2A, 3878B443053DFFED62641BE8736891F426C7121EB8C4DB38FF0F218697133A6D ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:17:34.0103 0x0414 Rasl2tp - ok
21:17:34.0118 0x0414 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
21:17:34.0144 0x0414 RasMan - ok
21:17:34.0150 0x0414 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:17:34.0162 0x0414 RasPppoe - ok
21:17:34.0168 0x0414 [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:17:34.0186 0x0414 RasSstp - ok
21:17:34.0199 0x0414 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:17:34.0217 0x0414 rdbss - ok
21:17:34.0222 0x0414 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
21:17:34.0232 0x0414 rdpbus - ok
21:17:34.0240 0x0414 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:17:34.0258 0x0414 RDPDR - ok
21:17:34.0265 0x0414 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:17:34.0274 0x0414 RdpVideoMiniport - ok
21:17:34.0283 0x0414 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:17:34.0297 0x0414 rdyboost - ok
21:17:34.0319 0x0414 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
21:17:34.0351 0x0414 ReFS - ok
21:17:34.0360 0x0414 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:17:34.0375 0x0414 RemoteAccess - ok
21:17:34.0383 0x0414 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:17:34.0399 0x0414 RemoteRegistry - ok
21:17:34.0407 0x0414 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
21:17:34.0430 0x0414 RFCOMM - ok
21:17:34.0442 0x0414 [ F15FB6917435F714F31604FAE64BF254, DE917BCDA6DE8636A6652148647C9CCDC8D5EF31F222A9FD1CD1FAF5EDED3B0F ] RMSvc C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
21:17:34.0458 0x0414 RMSvc - ok
21:17:34.0463 0x0414 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:17:34.0474 0x0414 RpcEptMapper - ok
21:17:34.0478 0x0414 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
21:17:34.0493 0x0414 RpcLocator - ok
21:17:34.0512 0x0414 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
21:17:34.0537 0x0414 RpcSs - ok
21:17:34.0543 0x0414 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:17:34.0556 0x0414 rspndr - ok
21:17:34.0566 0x0414 [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
21:17:34.0580 0x0414 RSUSBVSTOR - ok
21:17:34.0601 0x0414 [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
21:17:34.0628 0x0414 RTL8168 - ok
21:17:34.0633 0x0414 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
21:17:34.0642 0x0414 s3cap - ok
21:17:34.0647 0x0414 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
21:17:34.0655 0x0414 SamSs - ok
21:17:34.0658 0x0414 SANDRA - ok
21:17:34.0665 0x0414 [ D2FA15AED5CEB66259F24B656A76B663, 009D273CFA4B2D7BBBFB69C7F722DC5F7AB3AA2562A66695ECAE6D30D5B997CD ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
21:17:34.0692 0x0414 SbieDrv - ok
21:17:34.0698 0x0414 [ B93AC7F63D395F19B3C77680FD84833D, BBCC7BA27A305E4E07F82AF11FF8A0E258DDB67E36BE5E74389A27A7D2DD5A05 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
21:17:34.0707 0x0414 SbieSvc - ok
21:17:34.0714 0x0414 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:17:34.0726 0x0414 sbp2port - ok
21:17:34.0734 0x0414 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:17:34.0748 0x0414 SCardSvr - ok
21:17:34.0754 0x0414 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
21:17:34.0769 0x0414 ScDeviceEnum - ok
21:17:34.0773 0x0414 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:17:34.0791 0x0414 scfilter - ok
21:17:34.0820 0x0414 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
21:17:34.0861 0x0414 Schedule - ok
21:17:34.0869 0x0414 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:17:34.0881 0x0414 SCPolicySvc - ok
21:17:34.0891 0x0414 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
21:17:34.0908 0x0414 sdbus - ok
21:17:34.0913 0x0414 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
21:17:34.0924 0x0414 sdstor - ok
21:17:34.0929 0x0414 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:17:34.0942 0x0414 secdrv - ok
21:17:34.0946 0x0414 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
21:17:34.0959 0x0414 seclogon - ok
21:17:34.0965 0x0414 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
21:17:34.0976 0x0414 SENS - ok
21:17:34.0985 0x0414 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:17:35.0005 0x0414 SensrSvc - ok
21:17:35.0010 0x0414 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
21:17:35.0020 0x0414 SerCx - ok
21:17:35.0027 0x0414 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
21:17:35.0039 0x0414 SerCx2 - ok
21:17:35.0043 0x0414 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
21:17:35.0052 0x0414 Serenum - ok
21:17:35.0058 0x0414 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
21:17:35.0072 0x0414 Serial - ok
21:17:35.0076 0x0414 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
21:17:35.0092 0x0414 sermouse - ok
21:17:35.0107 0x0414 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
21:17:35.0128 0x0414 SessionEnv - ok
21:17:35.0132 0x0414 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
21:17:35.0141 0x0414 sfloppy - ok
21:17:35.0154 0x0414 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:17:35.0173 0x0414 SharedAccess - ok
21:17:35.0190 0x0414 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:17:35.0218 0x0414 ShellHWDetection - ok
21:17:35.0223 0x0414 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:17:35.0233 0x0414 SiSRaid2 - ok
21:17:35.0238 0x0414 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:17:35.0249 0x0414 SiSRaid4 - ok
21:17:35.0253 0x0414 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
21:17:35.0262 0x0414 smphost - ok
21:17:35.0271 0x0414 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:17:35.0281 0x0414 SNMPTRAP - ok
21:17:35.0296 0x0414 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
21:17:35.0319 0x0414 spaceport - ok
21:17:35.0323 0x0414 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
21:17:35.0334 0x0414 SpbCx - ok
21:17:35.0354 0x0414 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\Windows\System32\spoolsv.exe
21:17:35.0389 0x0414 Spooler - ok
21:17:35.0513 0x0414 [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc C:\Windows\system32\sppsvc.exe
21:17:35.0690 0x0414 sppsvc - ok
21:17:35.0708 0x0414 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:17:35.0740 0x0414 srv - ok
21:17:35.0756 0x0414 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:17:35.0794 0x0414 srv2 - ok
21:17:35.0803 0x0414 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:17:35.0827 0x0414 srvnet - ok
21:17:35.0836 0x0414 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:17:35.0851 0x0414 SSDPSRV - ok
21:17:35.0858 0x0414 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:17:35.0870 0x0414 SstpSvc - ok
21:17:35.0874 0x0414 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:17:35.0884 0x0414 stexstor - ok
21:17:35.0902 0x0414 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
21:17:35.0931 0x0414 stisvc - ok
21:17:35.0937 0x0414 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
21:17:35.0948 0x0414 storahci - ok
21:17:35.0953 0x0414 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:17:35.0963 0x0414 storflt - ok
21:17:35.0968 0x0414 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
21:17:35.0977 0x0414 stornvme - ok
21:17:35.0982 0x0414 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
21:17:35.0995 0x0414 StorSvc - ok
21:17:36.0000 0x0414 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:17:36.0009 0x0414 storvsc - ok
21:17:36.0014 0x0414 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
21:17:36.0029 0x0414 svsvc - ok
21:17:36.0033 0x0414 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
21:17:36.0041 0x0414 swenum - ok
21:17:36.0059 0x0414 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
21:17:36.0086 0x0414 swprv - ok
21:17:36.0091 0x0414 [ B5E2DD0C1EEB5A6089F846E714283610, C3135E4587BD17B8371C9DFF1803BA8774549C5F02C9399EC1D49BC1853BEED0 ] SynRMIHID C:\Windows\system32\DRIVERS\SynRMIHID.sys
21:17:36.0109 0x0414 SynRMIHID - ok
21:17:36.0136 0x0414 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
21:17:36.0176 0x0414 SysMain - ok
21:17:36.0187 0x0414 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:17:36.0208 0x0414 SystemEventsBroker - ok
21:17:36.0215 0x0414 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:17:36.0231 0x0414 TabletInputService - ok
21:17:36.0242 0x0414 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
21:17:36.0268 0x0414 TapiSrv - ok
21:17:36.0316 0x0414 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:17:36.0384 0x0414 Tcpip - ok
21:17:36.0434 0x0414 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:17:36.0498 0x0414 TCPIP6 - ok
21:17:36.0506 0x0414 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:17:36.0515 0x0414 tcpipreg - ok
21:17:36.0522 0x0414 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:17:36.0541 0x0414 tdx - ok
21:17:36.0668 0x0414 [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
21:17:37.0104 0x0414 TeamViewer - ok
21:17:37.0116 0x0414 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
21:17:37.0124 0x0414 terminpt - ok
21:17:37.0154 0x0414 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
21:17:37.0189 0x0414 TermService - ok
21:17:37.0195 0x0414 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
21:17:37.0206 0x0414 Themes - ok
21:17:37.0211 0x0414 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
21:17:37.0221 0x0414 THREADORDER - ok
21:17:37.0230 0x0414 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
21:17:37.0254 0x0414 TimeBroker - ok
21:17:37.0262 0x0414 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
21:17:37.0275 0x0414 TPM - ok
21:17:37.0281 0x0414 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
21:17:37.0294 0x0414 TrkWks - ok
21:17:37.0299 0x0414 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:17:37.0316 0x0414 TrustedInstaller - ok
21:17:37.0323 0x0414 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:17:37.0338 0x0414 TsUsbFlt - ok
21:17:37.0343 0x0414 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
21:17:37.0363 0x0414 TsUsbGD - ok
21:17:37.0370 0x0414 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:17:37.0390 0x0414 tunnel - ok
21:17:37.0395 0x0414 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:17:37.0407 0x0414 uagp35 - ok
21:17:37.0412 0x0414 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
21:17:37.0422 0x0414 UASPStor - ok
21:17:37.0431 0x0414 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
21:17:37.0445 0x0414 UCX01000 - ok
21:17:37.0456 0x0414 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:17:37.0483 0x0414 udfs - ok
21:17:37.0488 0x0414 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
21:17:37.0496 0x0414 UEFI - ok
21:17:37.0503 0x0414 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:17:37.0519 0x0414 UI0Detect - ok
21:17:37.0525 0x0414 [ 6E566C1708DDC93ADF9286E9C714B652, AF179BCA9395D51ACDFB5BACE29388E2B4D5587FCAB53898AAA4F4011851B115 ] UimBus C:\Windows\System32\drivers\UimBus.sys
21:17:37.0549 0x0414 UimBus - ok
21:17:37.0554 0x0414 [ 7DF6A08B0B74C4F9357EFBAE309B87F1, 9A5BB8EA70709519A3599D0818923321AE691CC9EBC1ABC3F5BB008AF18B797B ] Uim_DEVIM C:\Windows\System32\drivers\uim_devim.sys
21:17:37.0572 0x0414 Uim_DEVIM - ok
21:17:37.0590 0x0414 [ 2DDD63E0948474B91046CF1AB7661189, A91A1F1E646B928C95C30DA4D70220262D3A67C1B66E365C981AA23A401624E9 ] Uim_IM C:\Windows\System32\drivers\uim_im.sys
21:17:37.0626 0x0414 Uim_IM - ok
21:17:37.0633 0x0414 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:17:37.0645 0x0414 uliagpkx - ok
21:17:37.0650 0x0414 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
21:17:37.0659 0x0414 umbus - ok
21:17:37.0664 0x0414 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
21:17:37.0673 0x0414 UmPass - ok
21:17:37.0680 0x143c Object required for P2P: [ 6066FDFF6E02A0F1F2584EBC9D4A1E63 ] ePowerSvc
21:17:37.0690 0x0414 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
21:17:37.0712 0x0414 UmRdpService - ok
21:17:37.0725 0x0414 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
21:17:37.0745 0x0414 upnphost - ok
21:17:37.0753 0x0414 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
21:17:37.0769 0x0414 usbccgp - ok
21:17:37.0776 0x0414 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
21:17:37.0798 0x0414 usbcir - ok
21:17:37.0804 0x0414 [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci C:\Windows\System32\drivers\usbehci.sys
21:17:37.0816 0x0414 usbehci - ok
21:17:37.0832 0x0414 [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\Windows\System32\drivers\usbhub.sys
21:17:37.0856 0x0414 usbhub - ok
21:17:37.0872 0x0414 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
21:17:37.0896 0x0414 USBHUB3 - ok
21:17:37.0901 0x0414 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys
21:17:37.0922 0x0414 usbohci - ok
21:17:37.0926 0x0414 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
21:17:37.0940 0x0414 usbprint - ok
21:17:37.0947 0x0414 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
21:17:37.0960 0x0414 USBSTOR - ok
21:17:37.0965 0x0414 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
21:17:37.0985 0x0414 usbuhci - ok
21:17:37.0995 0x0414 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:17:38.0022 0x0414 usbvideo - ok
21:17:38.0035 0x0414 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
21:17:38.0053 0x0414 USBXHCI - ok
21:17:38.0058 0x0414 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
21:17:38.0069 0x0414 VaultSvc - ok
21:17:38.0074 0x0414 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:17:38.0083 0x0414 vdrvroot - ok
21:17:38.0111 0x0414 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
21:17:38.0150 0x0414 vds - ok
21:17:38.0159 0x0414 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
21:17:38.0172 0x0414 VerifierExt - ok
21:17:38.0191 0x0414 [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
21:17:38.0217 0x0414 vhdmp - ok
21:17:38.0222 0x0414 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
21:17:38.0230 0x0414 viaide - ok
21:17:38.0236 0x0414 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:17:38.0248 0x0414 vmbus - ok
21:17:38.0252 0x0414 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
21:17:38.0261 0x0414 VMBusHID - ok
21:17:38.0276 0x0414 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
21:17:38.0296 0x0414 vmicguestinterface - ok
21:17:38.0310 0x0414 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
21:17:38.0330 0x0414 vmicheartbeat - ok
21:17:38.0343 0x0414 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:17:38.0362 0x0414 vmickvpexchange - ok
21:17:38.0376 0x0414 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
21:17:38.0396 0x0414 vmicrdv - ok
21:17:38.0410 0x0414 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
21:17:38.0432 0x0414 vmicshutdown - ok
21:17:38.0445 0x0414 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
21:17:38.0464 0x0414 vmictimesync - ok
21:17:38.0478 0x0414 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
21:17:38.0495 0x0414 vmicvss - ok
21:17:38.0502 0x0414 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:17:38.0513 0x0414 volmgr - ok
21:17:38.0524 0x0414 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:17:38.0546 0x0414 volmgrx - ok
21:17:38.0559 0x0414 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:17:38.0577 0x0414 volsnap - ok
21:17:38.0583 0x0414 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
21:17:38.0592 0x0414 vpci - ok
21:17:38.0600 0x0414 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:17:38.0613 0x0414 vsmraid - ok
21:17:38.0645 0x0414 [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\Windows\system32\vssvc.exe
21:17:38.0691 0x0414 VSS - ok
21:17:38.0702 0x0414 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
21:17:38.0718 0x0414 VSTXRAID - ok
21:17:38.0722 0x0414 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:17:38.0736 0x0414 vwifibus - ok
21:17:38.0741 0x0414 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:17:38.0758 0x0414 vwififlt - ok
21:17:38.0763 0x0414 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:17:38.0772 0x0414 vwifimp - ok
21:17:38.0784 0x0414 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
21:17:38.0807 0x0414 W32Time - ok
21:17:38.0811 0x0414 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
21:17:38.0820 0x0414 WacomPen - ok
21:17:38.0825 0x0414 [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:17:38.0843 0x0414 Wanarp - ok
21:17:38.0847 0x0414 [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:17:38.0856 0x0414 Wanarpv6 - ok
21:17:38.0890 0x0414 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
21:17:38.0936 0x0414 wbengine - ok
21:17:38.0951 0x0414 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:17:38.0976 0x0414 WbioSrvc - ok
21:17:38.0988 0x0414 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
21:17:39.0008 0x0414 Wcmsvc - ok
21:17:39.0021 0x0414 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:17:39.0041 0x0414 wcncsvc - ok
21:17:39.0047 0x0414 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:17:39.0062 0x0414 WcsPlugInService - ok
21:17:39.0067 0x0414 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
21:17:39.0076 0x0414 WdBoot - ok
21:17:39.0098 0x0414 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:17:39.0124 0x0414 Wdf01000 - ok
21:17:39.0133 0x0414 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
21:17:39.0149 0x0414 WdFilter - ok
21:17:39.0155 0x0414 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:17:39.0168 0x0414 WdiServiceHost - ok
21:17:39.0173 0x0414 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:17:39.0185 0x0414 WdiSystemHost - ok
21:17:39.0191 0x0414 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
21:17:39.0203 0x0414 WdNisDrv - ok
21:17:39.0206 0x0414 WdNisSvc - ok
21:17:39.0214 0x0414 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\Windows\System32\webclnt.dll
21:17:39.0233 0x0414 WebClient - ok
21:17:39.0241 0x0414 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:17:39.0258 0x0414 Wecsvc - ok
21:17:39.0263 0x0414 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
21:17:39.0273 0x0414 WEPHOSTSVC - ok
21:17:39.0278 0x0414 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:17:39.0295 0x0414 wercplsupport - ok
21:17:39.0301 0x0414 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
21:17:39.0314 0x0414 WerSvc - ok
21:17:39.0320 0x0414 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
21:17:39.0334 0x0414 WFPLWFS - ok
21:17:39.0339 0x0414 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
21:17:39.0351 0x0414 WiaRpc - ok
21:17:39.0355 0x0414 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:17:39.0365 0x0414 WIMMount - ok
21:17:39.0367 0x0414 WinDefend - ok
21:17:39.0390 0x0414 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:17:39.0418 0x0414 WinHttpAutoProxySvc - ok
21:17:39.0429 0x0414 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:17:39.0447 0x0414 Winmgmt - ok
21:17:39.0501 0x0414 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
21:17:39.0567 0x0414 WinRM - ok
21:17:39.0578 0x0414 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:17:39.0589 0x0414 WinUsb - ok
21:17:39.0622 0x0414 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
21:17:39.0711 0x0414 WlanSvc - ok
21:17:39.0786 0x0414 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
21:17:39.0836 0x0414 wlidsvc - ok
21:17:39.0842 0x0414 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
21:17:39.0850 0x0414 WmiAcpi - ok
21:17:39.0859 0x0414 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:17:39.0874 0x0414 wmiApSrv - ok
21:17:39.0876 0x0414 WMPNetworkSvc - ok
21:17:39.0885 0x0414 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
21:17:39.0897 0x0414 Wof - ok
21:17:39.0943 0x0414 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
21:17:40.0027 0x0414 workfolderssvc - ok
21:17:40.0034 0x0414 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
21:17:40.0049 0x0414 wpcfltr - ok
21:17:40.0054 0x0414 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:17:40.0071 0x0414 WPCSvc - ok
21:17:40.0079 0x0414 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:17:40.0100 0x0414 WPDBusEnum - ok
21:17:40.0106 0x0414 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
21:17:40.0106 0x143c Object send P2P result: true
21:17:40.0126 0x0414 WpdUpFltr - ok
21:17:40.0145 0x0414 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:17:40.0157 0x0414 ws2ifsl - ok
21:17:40.0164 0x0414 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
21:17:40.0182 0x0414 wscsvc - ok
21:17:40.0186 0x0414 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
21:17:40.0197 0x0414 WSDPrintDevice - ok
21:17:40.0201 0x0414 [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
21:17:40.0222 0x0414 WSDScan - ok
21:17:40.0225 0x0414 WSearch - ok
21:17:40.0304 0x0414 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
21:17:40.0405 0x0414 WSService - ok
21:17:40.0477 0x0414 [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv C:\Windows\system32\wuaueng.dll
21:17:40.0565 0x0414 wuauserv - ok
21:17:40.0574 0x0414 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:17:40.0595 0x0414 WudfPf - ok
21:17:40.0604 0x0414 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
21:17:40.0627 0x0414 WUDFRd - ok
21:17:40.0634 0x0414 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:17:40.0646 0x0414 wudfsvc - ok
21:17:40.0654 0x0414 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
21:17:40.0666 0x0414 WUDFWpdFs - ok
21:17:40.0673 0x0414 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
21:17:40.0686 0x0414 WUDFWpdMtp - ok
21:17:40.0701 0x0414 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:17:40.0722 0x0414 WwanSvc - ok
21:17:40.0732 0x0414 ================ Scan global ===============================
21:17:40.0736 0x0414 [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
21:17:40.0745 0x0414 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
21:17:40.0753 0x0414 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
21:17:40.0766 0x0414 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
21:17:40.0774 0x0414 [ Global ] - ok
21:17:40.0774 0x0414 ================ Scan MBR ==================================
21:17:40.0776 0x0414 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:17:40.0923 0x0414 \Device\Harddisk0\DR0 - ok
21:17:40.0928 0x0414 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:17:41.0014 0x0414 \Device\Harddisk1\DR1 - ok
21:17:41.0014 0x0414 ================ Scan VBR ==================================
21:17:41.0016 0x0414 [ 70C2CD98AF8C25D57C1A7B1885E8C277 ] \Device\Harddisk0\DR0\Partition1
21:17:41.0037 0x0414 \Device\Harddisk0\DR0\Partition1 - ok
21:17:41.0041 0x0414 [ 730148D83E41A26D572DE22FEC0AE6F2 ] \Device\Harddisk1\DR1\Partition1
21:17:41.0045 0x0414 \Device\Harddisk1\DR1\Partition1 - ok
21:17:41.0051 0x0414 [ D8E813CD69318F731493472337EAD6FD ] \Device\Harddisk1\DR1\Partition2
21:17:41.0053 0x0414 \Device\Harddisk1\DR1\Partition2 - ok
21:17:41.0058 0x0414 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition3
21:17:41.0059 0x0414 \Device\Harddisk1\DR1\Partition3 - ok
21:17:41.0067 0x0414 [ 88E7BE0C631B9E8554233EC1D3BF00DB ] \Device\Harddisk1\DR1\Partition4
21:17:41.0071 0x0414 \Device\Harddisk1\DR1\Partition4 - ok
21:17:41.0077 0x0414 [ 961E68AC7253C38FCB9170874FE47DCA ] \Device\Harddisk1\DR1\Partition5
21:17:41.0081 0x0414 \Device\Harddisk1\DR1\Partition5 - ok
21:17:41.0082 0x0414 ================ Scan generic autorun ======================
21:17:41.0181 0x0414 [ E14A09758B8709CB4BE4B9BF6D10B6F6, 9F2989005B3654DEEBEDD0006CCEA8C9E77151DBDFD51122F9387F319872F3AD ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:17:41.0276 0x0414 NvBackend - ok
21:17:41.0283 0x0414 [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
21:17:41.0299 0x0414 ShadowPlay - ok
21:17:41.0547 0x0414 [ 007F20806D104508F64645ADF1827A19, 7C43B237645DBA8F2D6F5903E4CCB724A34297669D6B540147BE06D0E0E481C7 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:17:41.0887 0x0414 RTHDVCPL - ok
21:17:41.0927 0x0414 [ EC7059FE43C74A6281ECC08253B6D5DB, AE14E00733C0AC394457BFCD4A5ECD884286038BE2C7AAE34E3D32F3F992F29F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:17:41.0964 0x0414 RtHDVBg_Dolby - ok
21:17:41.0971 0x0414 [ EB40CCCBC292BF50F86E948409701A79, D08FA6CD84352F9E31F7149554CD3FF8365FE059ECB0EB0A11F65E22D342C34D ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
21:17:41.0982 0x0414 Classic Start Menu - detected UnsignedFile.Multi.Generic ( 1 )
21:17:44.0332 0x0414 Detect skipped due to KSN trusted
21:17:44.0332 0x0414 Classic Start Menu - ok
21:17:44.0448 0x0414 [ 235B72AF442823FF17751417DC904D15, 834ACDCCDCA14320BB0AE6A483179DF594F9C2429CF4846E1415BE4EF2C10FB4 ] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
21:17:44.0530 0x0414 Malwarebytes Anti-Exploit - ok
21:17:44.0544 0x0414 [ 247FD3171B3E08CFCC8ACB540818CA15, 7F1195A40187C04CEE532B258421A3422AACA16BE54FD55F12966DC00FDBDCC4 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
21:17:44.0560 0x0414 IJNetworkScannerSelectorEX - ok
21:17:44.0579 0x0414 [ 8559C71A3253D15506A61F8F508219CA, 7126635F6D9295178966949FA1E91E4B6F83040095F5346729EBEF0657FCFED2 ] C:\Program Files\Sandboxie\SbieCtrl.exe
21:17:44.0601 0x0414 SandboxieControl - ok
21:17:44.0602 0x0414 Waiting for KSN requests completion. In queue: 146
21:17:45.0603 0x0414 Waiting for KSN requests completion. In queue: 146
21:17:46.0603 0x0414 Waiting for KSN requests completion. In queue: 146
21:17:47.0633 0x0414 Win FW state via NFP2: enabled ( trusted )
21:17:49.0996 0x0414 ============================================================
21:17:49.0996 0x0414 Scan finished
21:17:49.0996 0x0414 ============================================================
21:17:50.0012 0x1698 Detected object count: 1
21:17:50.0012 0x1698 Actual detected object count: 1
21:18:05.0959 0x1698 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:18:05.0959 0x1698 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
05.02.2016, 18:42
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | laut ISP gehackt Hi, Schritt 1  
Schritt 2 ESET Online Scanner
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
05.02.2016, 20:37
| #5 |
| | laut ISP gehackt So, hier wie gewünscht zweimal Buchstabensuppe: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fea335d06957914d9dca3947b0b89f92
# end=init
# utc_time=2016-02-05 06:33:37
# local_time=2016-02-05 07:33:37 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 27994
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fea335d06957914d9dca3947b0b89f92
# end=updated
# utc_time=2016-02-05 06:36:36
# local_time=2016-02-05 07:36:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=fea335d06957914d9dca3947b0b89f92
# engine=27994
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-02-05 07:31:04
# local_time=2016-02-05 08:31:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 24663 18490234 0 0
# scanned=275324
# found=0
# cleaned=0
# scan_time=3268
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.02.2016 Suchlaufzeit: 19:20 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.02.05.06 Rootkit-Datenbank: v2016.01.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Peter Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 365546 Abgelaufene Zeit: 8 Min., 37 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end)  |
|
06.02.2016, 18:09
| #6 | |
| /// TB-Ausbilder /// Anleitungs-Guru | laut ISP gehacktZitat:
Was genau sagt denn der ISP? Die Scanner und ICH sehen da nämlich nix... 
__________________ --> laut ISP gehackt |
|
07.02.2016, 19:12
| #7 |
| | laut ISP gehackt Hi, war eine telefonische Auskunft. Und nach dem Rat mir als Virenschutz Antivir von Chip herunterzuladen, wollte ich auch nicht mehr genauer nachfragen. Aber hier steht ja auch noch das zweite Laptop herum. Soll ich ein neues Thema starten, oder machen wir hier weiter. Auf jedenfall schonmal schön, das an diesem Läppi nichts ist. Gruß und Dank bis hierhin schonmal !!!  |
|
07.02.2016, 19:22
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | laut ISP gehackt Nö, mach gleich hier weiter.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
07.02.2016, 21:08
| #9 |
| | laut ISP gehackt Also dann: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
durchgeführt von Maus (Administrator) auf MAUS-PC (07-02-2016 19:43:27)
Gestartet von C:\Users\Maus\Desktop
Geladene Profile: Maus (Verfügbare Profile: Maus & Administrator)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [421888 2007-04-16] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [KeNotify] => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [184320 2009-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [cfFncEnabler.exe] => C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe [16384 2009-03-24] (Toshiba Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKU\S-1-5-21-3785533105-1306332049-1912378470-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [634504 2015-10-22] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3785533105-1306332049-1912378470-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [704512 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-06-09]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-06-09]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-06-09]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6F3CEC31-6D3A-44AA-8205-AF2335E9D76B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CB3B1F45-3525-476D-94D0-18CF782EB1BC}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;
HKU\S-1-5-21-3785533105-1306332049-1912378470-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3785533105-1306332049-1912378470-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;
HKU\S-1-5-21-3785533105-1306332049-1912378470-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM -> {220C6C87-A526-41C8-A086-0E1183E15547} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG;
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3785533105-1306332049-1912378470-1000 -> DefaultScope {220C6C87-A526-41C8-A086-0E1183E15547} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3785533105-1306332049-1912378470-1000 -> {220C6C87-A526-41C8-A086-0E1183E15547} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-23] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Maus\AppData\Roaming\Mozilla\Firefox\Profiles\k0stlnt2.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-23] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-23] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-3785533105-1306332049-1912378470-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Extension: Classic Compact Options - C:\Users\Maus\AppData\Roaming\Mozilla\Firefox\Profiles\k0stlnt2.default\extensions\notreal.ccoptions@environmentalchemistry.com.xpi [2015-06-02]
FF Extension: Heart Button - C:\Users\Maus\AppData\Roaming\Mozilla\Firefox\Profiles\k0stlnt2.default\extensions\ffextension@weheartit.com.xpi [2015-11-07]
FF Extension: YouTube Unblocker - C:\Users\Maus\AppData\Roaming\Mozilla\Firefox\Profiles\k0stlnt2.default\Extensions\youtubeunblocker@unblocker.yt [2015-12-03]
FF Extension: Video DownloadHelper - C:\Users\Maus\AppData\Roaming\Mozilla\Firefox\Profiles\k0stlnt2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-31]
FF Extension: Adblock Plus - C:\Users\Maus\AppData\Roaming\Mozilla\Firefox\Profiles\k0stlnt2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF Extension: Classic Compact - C:\Users\Maus\AppData\Roaming\Mozilla\Firefox\Profiles\k0stlnt2.default\Extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}.xpi [2014-03-09] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-03-13] [ist nicht signiert]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Maus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Maus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-25]
CHR Extension: (Google Cast) - C:\Users\Maus\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-05-21]
CHR Extension: (AdBlock) - C:\Users\Maus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-27]
CHR Extension: (Avast Online Security) - C:\Users\Maus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Maus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-23]
CHR Extension: (Google Wallet) - C:\Users\Maus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-21]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 camsvc; C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [20544 2009-04-16] (TOSHIBA)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
S3 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [242424 2009-02-11] (WildTangent, Inc.)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [137352 2015-10-22] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [116104 2009-03-23] (Toshiba Europe GmbH)
R2 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [62776 2009-04-01] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [176128 2009-04-24] (TOSHIBA Corporation) [Datei ist nicht signiert]
R2 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [73728 2009-03-17] (TOSHIBA Corporation) [Datei ist nicht signiert]
R2 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [656752 2009-04-15] (TOSHIBA Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [25896 2008-05-07] (COMPAL ELECTRONIC INC.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2014-03-19] (Logitech, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [130424 2008-08-26] (McAfee, Inc.)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [22272 2009-03-18] (TOSHIBA Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [154272 2008-11-11] (Realtek Semiconductor Corp.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [166024 2015-10-22] (Sandboxie Holdings, LLC)
R2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-03-20] (TOSHIBA Corporation)
S3 eapihdrv; \??\C:\Users\Maus\AppData\Local\Temp\ehdrv.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Datei ist nicht signiert]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-07 19:43 - 2016-02-07 19:44 - 00017211 _____ C:\Users\Maus\Desktop\FRST.txt
2016-02-07 19:42 - 2016-02-07 19:42 - 01721344 _____ (Farbar) C:\Users\Maus\Desktop\FRST.exe
2016-02-02 07:42 - 2016-02-02 07:42 - 01178468 _____ C:\Users\Maus\Desktop\Projektmanagement.pdf
2016-02-02 07:42 - 2016-02-02 07:42 - 00725013 _____ C:\Users\Maus\Desktop\Referate halten.pdf
2016-02-02 07:41 - 2016-02-02 07:41 - 00182244 _____ C:\Users\Maus\Desktop\Brief Einrichtungen.pdf
2016-02-02 07:41 - 2016-02-02 07:41 - 00144450 _____ C:\Users\Maus\Desktop\Einverständnis.pdf
2016-02-01 13:11 - 2016-02-01 13:11 - 00185154 _____ C:\Users\Maus\Desktop\Ü-Bogen Gladbeckdoc10508820160201114508.pdf
2016-01-14 03:07 - 2015-12-05 18:03 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-14 03:07 - 2015-12-05 18:03 - 01567744 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-14 03:07 - 2015-12-05 18:03 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-14 03:07 - 2015-12-05 18:03 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 00650240 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-14 03:07 - 2015-12-05 18:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-14 03:07 - 2015-12-05 18:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-14 03:07 - 2015-12-05 18:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-14 03:07 - 2015-12-05 18:02 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-14 03:07 - 2015-12-05 18:02 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2016-01-14 03:07 - 2015-12-05 18:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-14 03:07 - 2015-12-05 18:02 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-14 03:07 - 2015-12-05 18:02 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-14 03:07 - 2015-12-05 18:02 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL
2016-01-14 03:07 - 2015-12-05 18:02 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-14 03:07 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-14 03:07 - 2015-12-05 18:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-14 03:07 - 2015-12-05 18:02 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-14 03:07 - 2015-12-05 18:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-14 03:07 - 2015-12-05 18:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-14 03:07 - 2015-12-05 18:02 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-14 03:07 - 2015-12-05 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-14 03:07 - 2015-12-05 18:02 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-14 03:07 - 2015-12-05 17:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-14 03:06 - 2015-12-08 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-14 03:06 - 2015-12-05 16:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-14 03:06 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-14 03:06 - 2015-11-13 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-14 03:06 - 2015-11-13 16:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-14 03:01 - 2015-12-05 18:02 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-14 03:00 - 2015-12-30 18:12 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-01-14 03:00 - 2015-12-30 18:12 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 10:56 - 2015-12-15 22:45 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 10:56 - 2015-12-15 22:44 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 10:56 - 2015-12-15 22:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 10:56 - 2015-12-15 22:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-01-13 10:56 - 2015-12-15 22:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-01-13 10:56 - 2015-12-15 22:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-01-13 10:55 - 2015-12-15 22:50 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 10:55 - 2015-12-15 22:49 - 12388864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 10:55 - 2015-12-15 22:47 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 10:55 - 2015-12-15 22:46 - 09753088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 10:55 - 2015-12-15 22:45 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 10:55 - 2015-12-15 22:44 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 10:55 - 2015-12-15 22:44 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 10:55 - 2015-12-15 22:44 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-01-13 10:55 - 2015-12-15 22:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 10:55 - 2015-12-15 22:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 10:55 - 2015-12-15 22:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 10:55 - 2015-12-15 22:43 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 10:55 - 2015-12-15 22:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 10:55 - 2015-12-15 22:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 10:55 - 2015-12-15 22:43 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 10:55 - 2015-12-15 22:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-07 19:43 - 2015-09-30 17:19 - 00000000 ____D C:\FRST
2016-02-07 19:43 - 2014-04-07 23:41 - 00187904 _____ C:\Users\Maus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-07 19:41 - 2015-10-24 19:31 - 00000000 ____D C:\Users\Maus\Desktop\youtubetest
2016-02-07 18:54 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-07 18:54 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-07 18:45 - 2014-03-09 08:57 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-06 12:45 - 2014-03-09 08:57 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-04 22:13 - 2014-03-09 08:57 - 00001940 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-04 21:08 - 2008-01-21 08:16 - 01566088 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-04 21:08 - 2008-01-21 08:15 - 00673934 _____ C:\Windows\system32\perfh007.dat
2016-02-04 21:08 - 2008-01-21 08:15 - 00145914 _____ C:\Windows\system32\perfc007.dat
2016-02-04 21:08 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-02-04 20:55 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-04 20:53 - 2006-11-02 14:01 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-03 03:35 - 2014-03-18 11:08 - 00000000 ____D C:\Users\Maus\AppData\Roaming\vlc
2016-02-03 03:34 - 2014-03-17 21:44 - 00007432 _____ C:\Users\Maus\Desktop\SharePodSettings.xml
2016-01-29 20:46 - 2015-08-29 15:25 - 00000000 ____D C:\Users\Maus\AppData\Local\Flash Card Manager
2016-01-14 03:43 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2016-01-14 03:27 - 2006-11-02 13:47 - 00322992 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 03:24 - 2009-06-09 09:50 - 00000000 ____D C:\Windows\system32\RTCOM
2016-01-14 03:06 - 2014-03-09 02:56 - 00000000 ____D C:\Windows\system32\MRT
2016-01-14 03:01 - 2006-11-02 11:24 - 141317472 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-01-13 23:32 - 2014-12-21 16:44 - 00000000 ____D C:\Users\Maus\.mediathek3
2016-01-11 14:32 - 2016-01-06 22:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-11 14:32 - 2014-03-08 23:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-06-29 03:58 - 2015-12-23 10:14 - 0001356 _____ () C:\Users\Maus\AppData\Local\d3d9caps.dat
2014-04-07 23:41 - 2016-02-07 19:43 - 0187904 _____ () C:\Users\Maus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Einige Dateien in TEMP:
====================
C:\Users\Maus\AppData\Local\Temp\jre-8u66-windows-au.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-04 21:04
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:07-02-2016
durchgeführt von Maus (2016-02-07 19:44:36)
Gestartet von C:\Users\Maus\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2014-03-08 20:36:51)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3785533105-1306332049-1912378470-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3785533105-1306332049-1912378470-501 - Limited - Disabled)
Maus (S-1-5-21-3785533105-1306332049-1912378470-1000 - Administrator - Enabled) => C:\Users\Maus
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.302.105 - ALPS ELECTRIC CO., LTD.)
ATI Catalyst Install Manager (HKLM\...\{4324E4DD-C67C-A413-5C12-5DC694A99AF6}) (Version: 3.0.723.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Kurzwahlprogramm (HKLM\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX720 series Benutzerregistrierung (HKLM\...\Canon MX720 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MX720 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX720_series) (Version: 1.00 - Canon Inc.)
Canon MX720 series On-screen Manual (HKLM\...\Canon MX720 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
ccc-core-static (Version: 2009.0421.2132.36832 - Ihr Firmenname) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
concept/design onlineTV 11 (HKLM\...\{8A4C3184-DA2F-4553-BF61-83F5690C3048}_is1) (Version: 11.3.16.0 - concept/design GmbH)
Flash Card Manager (HKLM\...\{639D7427-AAAD-40E9-BAB9-AC2EC75454B7}) (Version: 3.0.3 - Vendant)
FormatFactory 3.3.3.0 (HKLM\...\FormatFactory) (Version: 3.3.3.0 - Format Factory)
Free YouTube Download version 3.2.49.1111 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.49.1111 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LibreOffice 4.2.4.2 (HKLM\...\{6B4977CB-5B9F-4B24-8310-3BA527A8AF22}) (Version: 4.2.4.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3785533105-1306332049-1912378470-1000\...\MyFreeCodec) (Version: - )
OpenOffice.org 3.1 (HKLM\...\{D765F1CE-5AE5-4C47-B134-AE58AC474740}) (Version: 3.1.9420 - OpenOffice.org)
Panda USB Vaccine 1.0.1.4 (HKLM\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
PlayReady PC runtime (HKLM\...\{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}) (Version: 1 - Microsoft Corporation)
Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0004 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20132 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 5.06 (32-bit) (HKLM\...\Sandboxie) (Version: 5.06 - Sandboxie Holdings, LLC)
Skins (Version: 2009.0421.2132.36832 - ATI) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.10 - TOSHIBA)
TOSHIBA Benutzerhandbücher (HKLM\...\{1C971EE3-B4C4-4367-9676-57549919C6CE}) (Version: 7.40 - TOSHIBA)
TOSHIBA ConfigFree (HKLM\...\{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}) (Version: 7.4.9 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.1.3 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.00.1.04-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.0.3.0 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - Toshiba)
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.0.5.32 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.3C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.0.0.1 - TOSHIBA Corporation)
Toshiba Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.06.0000 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.3.2.0 - TOSHIBA Corporation)
TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.2 - TOSHIBA)
TOSHIBA Recovery Disk Creator Reminder (HKLM\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0017 - TOSHIBA)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.6 - TOSHIBA)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.0.26 - TOSHIBA)
TOSHIBA Supervisorkennwort (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.3C - TOSHIBA CORPORATION)
Toshiba TEMPRO (HKLM\...\{7C30283C-8DC7-4FBB-805E-52BEA5F580E8}) (Version: 2.0 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.8 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.0.1.8 - TOSHIBA Corporation)
TRORDCLauncher (HKLM\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.6 - TOSHIBA)
TRORDCLauncher (Version: 1.0.0.6 - TOSHIBA) Hidden
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Utility Common Driver (Version: 1.0.50.22C - TOSHIBA) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildTangent-Spiele (HKLM\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.71 - WildTangent)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {3DAE2D8E-08CB-4537-BBCE-F35CD0ABEE84} - System32\Tasks\McQcTask => c:\PROGRA~1\mcafee\mqc\QcConsol.exe
Task: {4CFE0C1F-8F66-4C8F-B7DF-14440A48D88C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5AAF3486-373E-4347-A353-944CEC5C3A89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8EA36C49-6C89-4C43-8362-FFDBFEAD6C53} - System32\Tasks\McDefragTask => c:\PROGRA~1\mcafee\mqc\QcConsol.exe
Task: {A1B3DEF1-2C53-4A92-BFAD-36ABAB3E73C3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {D2168CA8-1C36-486F-B1F4-AEA1B9AD0FF3} - System32\Tasks\{83D98103-E381-4600-9DCF-5A7EF8B5AC12} => pcalua.exe -a C:\Users\Maus\Desktop\cdbxp_setup_4.5.3.4643_minimal.exe -d C:\Users\Maus\Desktop
Task: {EFF9AF6E-7AB5-4979-BEE8-4103EA372F20} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\McDefragTask.job => c:\PROGRA~1\mcafee\mqc\QcConsol.exe C:\Windows\system32\defrag.exe
Task: C:\Windows\Tasks\McQcTask.job => c:\PROGRA~1\mcafee\mqc\QcConsol.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-03-08 21:40 - 2009-04-21 22:05 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2009-04-24 11:39 - 2009-04-24 11:39 - 00516096 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3785533105-1306332049-1912378470-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Maus\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NDSTray.exe => "C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe"
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: TOSHIBA Online Product Information => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
MSCONFIG\startupreg: Toshiba TEMPRO => C:\Program Files\Toshiba TEMPRO\TemproTray.exe
MSCONFIG\startupreg: ToshibaServiceStation => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
MSCONFIG\startupreg: TPCHWMsg => %ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TWebCamera => "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{76E16E04-8DFF-4C27-A0BF-03C6BE3E78D2}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{52B18D42-D6CC-4F2C-9AF9-AD65FC67A8D0}] => (Allow) LPort=80
FirewallRules: [{6D3F81AE-FF35-4451-9F2C-B4B560070A72}] => (Allow) LPort=80
FirewallRules: [{41A0C00E-1BA0-45AC-B062-C76D97759ED1}] => (Allow) LPort=80
FirewallRules: [{ED88EE25-4B17-4764-B638-E9358313863A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{F0A0E81F-0DB3-46CB-AD9F-580194FB26B0}C:\program files\libreoffice 4\program\soffice.bin] => (Allow) C:\program files\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{3BB57E83-4DAD-425B-A4B8-E928C8FA60F5}C:\program files\libreoffice 4\program\soffice.bin] => (Allow) C:\program files\libreoffice 4\program\soffice.bin
FirewallRules: [{1DE69476-91F4-4B63-8B78-BE522B29C4C5}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{CDABFC16-A992-4D2A-A066-D15BA0C6E30C}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{CBABADCA-88CE-481B-BD84-D9168C3ED712}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{104CFDB8-D993-41F4-BA1D-51E114435BD5}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{7AE79FF6-82C0-4C46-BFE1-7EBAA33CAB83}C:\program files\libreoffice 4\program\soffice.bin] => (Block) C:\program files\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{58CF5E07-B81F-463A-83F7-5496C01C6A45}C:\program files\libreoffice 4\program\soffice.bin] => (Block) C:\program files\libreoffice 4\program\soffice.bin
FirewallRules: [{1FEC0C96-EB5B-4AD5-BE6A-E8BB0026CC2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{81768BEE-49E1-4753-AE74-5AF40415043B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A9DB5AC2-F84B-4AAF-8BAD-ABF84425F41E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{21944AD6-3ECF-4A6A-8DE9-962F62839536}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{60B69579-6700-4775-9ED8-51EEDC85654C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{F408B9C9-7A9F-4625-913B-C3F8071A8BE0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{40A54A8C-1D24-440C-BF9B-50BD972184EE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4962BB15-092D-4447-92C4-CD871A5737E1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2DEB6113-8CFF-41E3-A7E9-0055792079CF}] => (Allow) C:\Program Files\concept design\onlineTV 11\onlineTV.exe
FirewallRules: [{19513C71-E3B0-4128-A05F-6E02BA0A5968}] => (Allow) C:\Program Files\concept design\onlineTV 11\onlineTV.exe
FirewallRules: [{32B62CA0-766D-4659-B385-123C20A7792A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{2B83FF69-1E5D-4360-AF05-676A5C3ED54C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4DF4EA0E-5270-4345-99BC-EBE3A2865B40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{ADC5D0F0-6230-4D70-890F-7D9EE313723C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F7946960-4996-4072-8DB5-7B201FF5EB24}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
28-01-2016 18:35:06 Windows Update
01-02-2016 11:22:26 Windows Update
04-02-2016 21:45:12 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/04/2016 09:52:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (02/04/2016 09:52:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
Error: (02/04/2016 09:52:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4
Error: (02/04/2016 09:52:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\system32\Secur32.dll4
Error: (02/04/2016 09:52:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll4
Error: (02/04/2016 09:52:46 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (02/04/2016 09:52:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\system32\bitsperf.dll4
Error: (02/04/2016 08:55:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/01/2016 11:46:25 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (02/01/2016 11:46:25 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
Systemfehler:
=============
Error: (02/07/2016 01:16:25 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Error: (02/07/2016 10:54:49 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000TeamViewer
Error: (02/06/2016 12:37:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000TeamViewer
Error: (02/05/2016 09:18:25 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HASENRENNER",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{CB3B1F45-3525-476D-94D0-18CF78-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/04/2016 09:10:32 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 192.168.0.100 für die Netzwerkkarte mit der Netzwerkadresse 001E65A059AA wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (02/04/2016 08:56:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (02/04/2016 08:56:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/04/2016 08:55:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (02/01/2016 11:42:51 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 192.168.0.100 für die Netzwerkkarte mit der Netzwerkadresse 001E65A059AA wurde durch den DHCP-Server 192.168.0.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).
Error: (02/01/2016 08:17:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000TeamViewer
CodeIntegrity:
===================================
Date: 2016-02-07 19:44:05.944
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-07 19:44:05.680
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-07 19:44:05.407
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-07 19:44:05.114
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-07 19:43:58.927
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-07 19:43:58.663
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-07 19:43:58.391
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-07 19:43:57.984
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-18 21:27:22.426
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-18 21:27:22.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Sandboxie\SbieDrv.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 3035.93 MB
Verfügbarer physikalischer RAM: 1343 MB
Summe virtueller Speicher: 6276.11 MB
Verfügbarer virtueller Speicher: 4206.09 MB
==================== Laufwerke ================================
Drive c: (Vista) (Fixed) (Total:116.44 GB) (Free:12.78 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Data) (Fixed) (Total:114.98 GB) (Free:18.13 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 7878FC96)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=115 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
07.02.2016, 21:12
| #10 |
| /// TB-Ausbilder /// Anleitungs-Guru | laut ISP gehackt Sieht für mich total sauber aus... Jetzt bitte Suchscan durchführen: Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
07.02.2016, 22:55
| #11 |
| | laut ISP gehackt Hi, Eset kommt morgen. Ich werde auch nochmal mit meinem Anbieter sprechen. Vielleicht habe ich ja Glück und bekomme eine brauchbare Aussage.  |
|
08.02.2016, 11:24
| #12 |
| /// TB-Ausbilder /// Anleitungs-Guru | laut ISP gehackt OK.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
08.02.2016, 18:10
| #13 |
| | laut ISP gehackt Hi, einmal Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fad3ec109a58e3418958ffbacfd95170
# end=init
# utc_time=2016-02-08 12:38:24
# local_time=2016-02-08 01:38:24 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 28027
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fad3ec109a58e3418958ffbacfd95170
# end=updated
# utc_time=2016-02-08 12:40:40
# local_time=2016-02-08 01:40:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=fad3ec109a58e3418958ffbacfd95170
# engine=28027
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-02-08 02:45:10
# local_time=2016-02-08 03:45:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 4083156 77923104 0 0
# scanned=230571
# found=1
# cleaned=0
# scan_time=7469
sh=18D0182E5D99EAC059E3DF4FDBF347AA78975C45 ft=1 fh=b8e97069d102a0ab vn="Variante von Win32/Bundled.Toolbar.Ask.M potenziell unsichere Anwendung" ac=I fn="C:\Users\Maus\AppData\LocalLow\Sun\Java\jre1.8.0_45\java_sp.dll"
Nicht ich wurde gehackt, sondern mein Account. Alle Online-Passwörter sind bereits komplett geändert, womit sich das Problem ja eigentlich erledigt haben sollte, oder? Grüße |
|
09.02.2016, 11:30
| #14 |
| /// TB-Ausbilder /// Anleitungs-Guru | laut ISP gehackt Ja, es war ein Online-Hack und hatte nichts mit den PCs zu tun.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
09.02.2016, 14:14
| #15 |
| | laut ISP gehackt Hi, na dann ist ja wenigstens hier alles sauber. Dir vielen Dank und für demnächst hoffentlich spannendere Probleme  |
|
| Themen zu laut ISP gehackt |
| avast, canon, computer, converter, cpu, defender, dnsapi.dll, downloader, failed, flash player, helper, homepage, mozilla, panda usb vaccine, performance, prozesse, realtek, registry, rundll, scan, security, services.exe, software, starten, svchost.exe, system, usb, windows |
Linear-Darstellung
