| |
| |||||||
Log-Analyse und Auswertung: Firefox öffnet selbständig Tabs mit Werbung und GewinnspielenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.03.2016, 16:12
| #1 |
 |  Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Seit etwa einer Woche öffnen sich in Mozilla Firefox selbständig neue Tabs mit Werbung oder Gewinnspielen. Ich habe den AdwCleaner benutzt. Leider ohne Erfolg. Das Problem tritt immer noch auf. |
|
08.03.2016, 16:49
| #2 |
| /// TB-Ausbilder   | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Die Logdatei von AdwCleaner mit den Funden bitte posten! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
08.03.2016, 17:37
| #3 |
| | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Hallo Matthias, vielen Dank für Deine Hilfe.
__________________Die LogDatei von AdwCleaner kann ich nicht finden. Hier die LogDatei von TDSS Killer: Code:
ATTFilter 17:02:22.0444 0x0704 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:02:33.0119 0x0704 ============================================================
17:02:33.0119 0x0704 Current date / time: 2016/03/08 17:02:33.0119
17:02:33.0119 0x0704 SystemInfo:
17:02:33.0119 0x0704
17:02:33.0119 0x0704 OS Version: 6.1.7601 ServicePack: 1.0
17:02:33.0119 0x0704 Product type: Workstation
17:02:33.0119 0x0704 ComputerName: NOTEBOOKUWE
17:02:33.0119 0x0704 UserName: acer
17:02:33.0119 0x0704 Windows directory: C:\Windows
17:02:33.0119 0x0704 System windows directory: C:\Windows
17:02:33.0119 0x0704 Running under WOW64
17:02:33.0119 0x0704 Processor architecture: Intel x64
17:02:33.0119 0x0704 Number of processors: 2
17:02:33.0119 0x0704 Page size: 0x1000
17:02:33.0119 0x0704 Boot type: Normal boot
17:02:33.0119 0x0704 ============================================================
17:02:40.0510 0x0704 KLMD registered as C:\Windows\system32\drivers\48393012.sys
17:02:41.0728 0x0704 System UUID: {DFD197CA-53A5-F642-0595-6ABF2586E0B3}
17:02:42.0685 0x0704 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:02:42.0700 0x0704 ============================================================
17:02:42.0700 0x0704 \Device\Harddisk0\DR0:
17:02:42.0709 0x0704 MBR partitions:
17:02:42.0709 0x0704 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:02:42.0709 0x0704 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353800
17:02:42.0709 0x0704 ============================================================
17:02:42.0742 0x0704 C: <-> \Device\Harddisk0\DR0\Partition2
17:02:42.0742 0x0704 ============================================================
17:02:42.0742 0x0704 Initialize success
17:02:42.0742 0x0704 ============================================================
17:02:58.0368 0x11a4 ============================================================
17:02:58.0368 0x11a4 Scan started
17:02:58.0368 0x11a4 Mode: Manual; SigCheck; TDLFS;
17:02:58.0368 0x11a4 ============================================================
17:02:58.0368 0x11a4 KSN ping started
17:03:00.0740 0x11a4 KSN ping finished: true
17:03:01.0883 0x11a4 ================ Scan system memory ========================
17:03:01.0883 0x11a4 System memory - ok
17:03:01.0884 0x11a4 ================ Scan services =============================
17:03:02.0091 0x11a4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:03:02.0161 0x11a4 1394ohci - ok
17:03:02.0217 0x11a4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:03:02.0248 0x11a4 ACPI - ok
17:03:02.0300 0x11a4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:03:02.0337 0x11a4 AcpiPmi - ok
17:03:02.0442 0x11a4 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:03:02.0468 0x11a4 AdobeARMservice - ok
17:03:02.0569 0x11a4 [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:03:02.0595 0x11a4 AdobeFlashPlayerUpdateSvc - ok
17:03:02.0633 0x11a4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:03:02.0655 0x11a4 adp94xx - ok
17:03:02.0691 0x11a4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:03:02.0709 0x11a4 adpahci - ok
17:03:02.0721 0x11a4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:03:02.0736 0x11a4 adpu320 - ok
17:03:02.0774 0x11a4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:03:02.0803 0x11a4 AeLookupSvc - ok
17:03:02.0889 0x11a4 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
17:03:02.0927 0x11a4 AFD - ok
17:03:02.0956 0x11a4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:03:02.0969 0x11a4 agp440 - ok
17:03:02.0991 0x11a4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:03:03.0007 0x11a4 ALG - ok
17:03:03.0044 0x11a4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:03:03.0056 0x11a4 aliide - ok
17:03:03.0071 0x11a4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:03:03.0082 0x11a4 amdide - ok
17:03:03.0111 0x11a4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:03:03.0125 0x11a4 AmdK8 - ok
17:03:03.0143 0x11a4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:03:03.0157 0x11a4 AmdPPM - ok
17:03:03.0196 0x11a4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:03:03.0221 0x11a4 amdsata - ok
17:03:03.0237 0x11a4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:03:03.0253 0x11a4 amdsbs - ok
17:03:03.0269 0x11a4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:03:03.0282 0x11a4 amdxata - ok
17:03:03.0380 0x11a4 [ 37CD9EB03B36D8329F96BA921470DB54, 0CD3BFBA51F84D83E3B208D2BED7CE8E91B447B2037014663EC7CB8E5A925201 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:03:03.0433 0x11a4 AntiVirMailService - ok
17:03:03.0491 0x11a4 [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:03:03.0512 0x11a4 AntiVirSchedulerService - ok
17:03:03.0532 0x11a4 [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:03:03.0553 0x11a4 AntiVirService - ok
17:03:03.0615 0x11a4 [ 1F5CC3C23E10290A3FF9CAA74AA30D07, A4F1F3465A5E0A914EE5A4FEF4A6B639956BA04B7145EF68820BC2A15DEE4162 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:03:03.0660 0x11a4 AntiVirWebService - ok
17:03:03.0721 0x11a4 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
17:03:03.0748 0x11a4 AppID - ok
17:03:03.0763 0x11a4 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:03:03.0775 0x11a4 AppIDSvc - ok
17:03:03.0804 0x11a4 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
17:03:03.0817 0x11a4 Appinfo - ok
17:03:03.0881 0x11a4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
17:03:03.0916 0x11a4 AppMgmt - ok
17:03:03.0942 0x11a4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
17:03:03.0958 0x11a4 arc - ok
17:03:03.0972 0x11a4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:03:03.0988 0x11a4 arcsas - ok
17:03:04.0083 0x11a4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:03:04.0110 0x11a4 aspnet_state - ok
17:03:04.0147 0x11a4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:03:04.0180 0x11a4 AsyncMac - ok
17:03:04.0209 0x11a4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:03:04.0220 0x11a4 atapi - ok
17:03:04.0237 0x11a4 [ 65DD42A358451920A703EEEC1AB4995B, 7690EFB12E928ECF3D3D3155F7D1F7A8FEEE742212ABE5319166EA8DB5601884 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
17:03:04.0250 0x11a4 AthBTPort - ok
17:03:04.0330 0x11a4 [ B68BC92DC0F6484E5862BA1B09EE720C, E15BF19CBF83EC33A3DF9371CCEA9EA9765B17C41B13D4B28635111171D43835 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
17:03:04.0349 0x11a4 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
17:03:06.0343 0x0e20 Object required for P2P: [ 37CD9EB03B36D8329F96BA921470DB54 ] AntiVirMailService
17:03:06.0707 0x11a4 Detect skipped due to KSN trusted
17:03:06.0707 0x11a4 AtherosSvc - ok
17:03:06.0878 0x11a4 [ AE4BC1607214C5B7DA98749AF954B1A5, 412D5C0DB9423B1F4EFFAC4ADD568CAA736554013D24FA51B9CE5C6A5197A653 ] athr C:\Windows\system32\DRIVERS\athrx.sys
17:03:06.0977 0x11a4 athr - ok
17:03:07.0046 0x11a4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:03:07.0080 0x11a4 AudioEndpointBuilder - ok
17:03:07.0098 0x11a4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:03:07.0125 0x11a4 AudioSrv - ok
17:03:07.0167 0x11a4 [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:03:07.0182 0x11a4 avgntflt - ok
17:03:07.0215 0x11a4 [ FBC2483AD62FBC8BD76A4254C50874BA, 04398AB0221535DD5D0A1AF6CA107F815CD607E668E2E7887D061FCED7373728 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:03:07.0229 0x11a4 avipbb - ok
17:03:07.0329 0x11a4 [ 98BB62ABFD17F284C3C5DE40F8266F3C, CD08C737BE9FC32FF98252FCFFCAE779EC6FAB76BF80F0835ACE71F1E155D70D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:03:07.0358 0x11a4 Avira.ServiceHost - ok
17:03:07.0385 0x11a4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:03:07.0397 0x11a4 avkmgr - ok
17:03:07.0427 0x11a4 [ 7FDC860B34BDFFDFCE98622F81F24FA9, 3EF774A7F2EB741633611400161B6D4F642F9357BF6E957E14E70D1645BE6466 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:03:07.0440 0x11a4 avnetflt - ok
17:03:07.0475 0x11a4 [ 99F206C3E9FEEBCA18999B7AE4875C6C, 02CD41449820B507751F36D8EE97EBB2DE700E9556D6B649655A6321931C3E85 ] AX88178 C:\Windows\system32\DRIVERS\ax88178.sys
17:03:07.0489 0x11a4 AX88178 - ok
17:03:07.0549 0x11a4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:03:07.0585 0x11a4 AxInstSV - ok
17:03:07.0639 0x11a4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:03:07.0672 0x11a4 b06bdrv - ok
17:03:07.0719 0x11a4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:03:07.0737 0x11a4 b57nd60a - ok
17:03:07.0770 0x11a4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:03:07.0785 0x11a4 BDESVC - ok
17:03:07.0794 0x11a4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:03:07.0840 0x11a4 Beep - ok
17:03:07.0903 0x11a4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:03:07.0931 0x11a4 BFE - ok
17:03:07.0989 0x11a4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
17:03:08.0082 0x11a4 BITS - ok
17:03:08.0107 0x11a4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:03:08.0121 0x11a4 blbdrive - ok
17:03:08.0152 0x11a4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:03:08.0165 0x11a4 bowser - ok
17:03:08.0192 0x11a4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:03:08.0207 0x11a4 BrFiltLo - ok
17:03:08.0220 0x11a4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:03:08.0234 0x11a4 BrFiltUp - ok
17:03:08.0260 0x11a4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:03:08.0275 0x11a4 Browser - ok
17:03:08.0303 0x11a4 [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
17:03:08.0315 0x11a4 BrSerIb - ok
17:03:08.0349 0x11a4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:03:08.0382 0x11a4 Brserid - ok
17:03:08.0396 0x11a4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:03:08.0411 0x11a4 BrSerWdm - ok
17:03:08.0419 0x11a4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:03:08.0433 0x11a4 BrUsbMdm - ok
17:03:08.0447 0x11a4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:03:08.0459 0x11a4 BrUsbSer - ok
17:03:08.0491 0x11a4 [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
17:03:08.0501 0x11a4 BrUsbSIb - ok
17:03:08.0569 0x11a4 [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
17:03:08.0590 0x11a4 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
17:03:08.0818 0x0e20 Object send P2P result: true
17:03:10.0934 0x11a4 Detect skipped due to KSN trusted
17:03:10.0934 0x11a4 BrYNSvc - ok
17:03:11.0023 0x11a4 [ 84CB2D06BBAD7ADBE28483D38E0388BC, C7D94BA6053DE4719E396AB22300E923297C84D10ECADE1591DC21B3EB1B1716 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
17:03:11.0043 0x11a4 BTATH_A2DP - ok
17:03:11.0069 0x11a4 [ 38383A47A110BDA90839BFA7A5918189, 876647EC7D5B5C02B8BD75A89BCC6174A05C9F26912ABA5116330CB367E7D3E5 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
17:03:11.0083 0x11a4 btath_avdt - ok
17:03:11.0112 0x11a4 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
17:03:11.0125 0x11a4 BTATH_BUS - ok
17:03:11.0137 0x11a4 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
17:03:11.0151 0x11a4 BTATH_HCRP - ok
17:03:11.0198 0x11a4 [ 47197E179FD830B662CDC6E6C247C988, A5163E9BB493E49095A7190B0D1765216CB86884D431D8CB1B40DD9F1715E42A ] BTATH_HID C:\Windows\system32\DRIVERS\btath_hid.sys
17:03:11.0214 0x11a4 BTATH_HID - ok
17:03:11.0242 0x11a4 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
17:03:11.0253 0x11a4 BTATH_LWFLT - ok
17:03:11.0282 0x11a4 [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
17:03:11.0294 0x11a4 BTATH_RCP - ok
17:03:11.0322 0x11a4 [ 9F1F7BD1BC1131820D1BC8EB842E6209, 9F677C125B4C6BE2ED7B20B394448202CECB2428432E3E51C7725F07596DEFDA ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys
17:03:11.0341 0x11a4 BTATH_VDP - ok
17:03:11.0372 0x11a4 [ CFB35D65B55E510E1A94DB6BEC0EA328, 58BA9512A625D9C4ABEE181E4886EAD065DD47AC81357DC1B603F6B52D952819 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
17:03:11.0395 0x11a4 BtFilter - ok
17:03:11.0428 0x11a4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:03:11.0442 0x11a4 BthEnum - ok
17:03:11.0460 0x11a4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:03:11.0476 0x11a4 BTHMODEM - ok
17:03:11.0499 0x11a4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:03:11.0516 0x11a4 BthPan - ok
17:03:11.0561 0x11a4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:03:11.0584 0x11a4 BTHPORT - ok
17:03:11.0617 0x11a4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:03:11.0650 0x11a4 bthserv - ok
17:03:11.0663 0x11a4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:03:11.0677 0x11a4 BTHUSB - ok
17:03:11.0813 0x11a4 [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
17:03:11.0856 0x11a4 c2cautoupdatesvc - ok
17:03:11.0942 0x11a4 [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
17:03:11.0991 0x11a4 c2cpnrsvc - ok
17:03:12.0015 0x11a4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:03:12.0048 0x11a4 cdfs - ok
17:03:12.0088 0x11a4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:03:12.0104 0x11a4 cdrom - ok
17:03:12.0139 0x11a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:03:12.0172 0x11a4 CertPropSvc - ok
17:03:12.0195 0x11a4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
17:03:12.0212 0x11a4 circlass - ok
17:03:12.0251 0x11a4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
17:03:12.0285 0x11a4 CLFS - ok
17:03:12.0348 0x11a4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:03:12.0372 0x11a4 clr_optimization_v2.0.50727_32 - ok
17:03:12.0405 0x11a4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:03:12.0420 0x11a4 clr_optimization_v2.0.50727_64 - ok
17:03:12.0475 0x11a4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:03:12.0504 0x11a4 clr_optimization_v4.0.30319_32 - ok
17:03:12.0523 0x11a4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:03:12.0541 0x11a4 clr_optimization_v4.0.30319_64 - ok
17:03:12.0574 0x11a4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:03:12.0587 0x11a4 CmBatt - ok
17:03:12.0608 0x11a4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:03:12.0619 0x11a4 cmdide - ok
17:03:12.0669 0x11a4 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
17:03:12.0696 0x11a4 CNG - ok
17:03:12.0752 0x11a4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:03:12.0773 0x11a4 Compbatt - ok
17:03:12.0803 0x11a4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:03:12.0819 0x11a4 CompositeBus - ok
17:03:12.0828 0x11a4 COMSysApp - ok
17:03:12.0910 0x11a4 [ C5E6E4E2B5D3EDA3C1FCC1D108681AB4, B79A81E67BC816B01787C54EC9AB2479CF4C2F8F2F3EB220366A80DCC927858D ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:03:12.0943 0x11a4 cphs - ok
17:03:12.0978 0x11a4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:03:12.0990 0x11a4 crcdisk - ok
17:03:13.0046 0x11a4 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:03:13.0074 0x11a4 CryptSvc - ok
17:03:13.0113 0x11a4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
17:03:13.0147 0x11a4 CSC - ok
17:03:13.0204 0x11a4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
17:03:13.0234 0x11a4 CscService - ok
17:03:13.0283 0x11a4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:03:13.0332 0x11a4 DcomLaunch - ok
17:03:13.0365 0x11a4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:03:13.0402 0x11a4 defragsvc - ok
17:03:13.0420 0x11a4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:03:13.0452 0x11a4 DfsC - ok
17:03:13.0498 0x11a4 [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:03:13.0513 0x11a4 dg_ssudbus - ok
17:03:13.0549 0x11a4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:03:13.0581 0x11a4 Dhcp - ok
17:03:13.0714 0x11a4 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
17:03:13.0759 0x11a4 DiagTrack - ok
17:03:13.0796 0x11a4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:03:13.0838 0x11a4 discache - ok
17:03:13.0863 0x11a4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
17:03:13.0876 0x11a4 Disk - ok
17:03:13.0898 0x11a4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:03:13.0913 0x11a4 dmvsc - ok
17:03:13.0939 0x11a4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:03:13.0956 0x11a4 Dnscache - ok
17:03:13.0979 0x11a4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:03:14.0016 0x11a4 dot3svc - ok
17:03:14.0032 0x11a4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:03:14.0065 0x11a4 DPS - ok
17:03:14.0119 0x11a4 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:03:14.0144 0x11a4 drmkaud - ok
17:03:14.0207 0x11a4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:03:14.0250 0x11a4 DXGKrnl - ok
17:03:14.0280 0x11a4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:03:14.0313 0x11a4 EapHost - ok
17:03:14.0418 0x11a4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:03:14.0497 0x11a4 ebdrv - ok
17:03:14.0546 0x11a4 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] EFS C:\Windows\System32\lsass.exe
17:03:14.0573 0x11a4 EFS - ok
17:03:14.0647 0x11a4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:03:14.0691 0x11a4 ehRecvr - ok
17:03:14.0704 0x11a4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:03:14.0719 0x11a4 ehSched - ok
17:03:14.0773 0x11a4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:03:14.0795 0x11a4 elxstor - ok
17:03:14.0809 0x11a4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:03:14.0821 0x11a4 ErrDev - ok
17:03:14.0873 0x11a4 [ 2D055FAB756A79F5221ADF56EAE4CB3B, ED8D2CA2EDBD23C794C1B183DD2622A8273E5767D2417FF923A569D07C85773D ] ETD C:\Windows\system32\DRIVERS\ETD.sys
17:03:14.0907 0x11a4 ETD - ok
17:03:14.0950 0x11a4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:03:14.0990 0x11a4 EventSystem - ok
17:03:15.0021 0x11a4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:03:15.0056 0x11a4 exfat - ok
17:03:15.0081 0x11a4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:03:15.0116 0x11a4 fastfat - ok
17:03:15.0149 0x11a4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:03:15.0176 0x11a4 Fax - ok
17:03:15.0199 0x11a4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
17:03:15.0212 0x11a4 fdc - ok
17:03:15.0236 0x11a4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:03:15.0267 0x11a4 fdPHost - ok
17:03:15.0278 0x11a4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:03:15.0310 0x11a4 FDResPub - ok
17:03:15.0334 0x11a4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:03:15.0347 0x11a4 FileInfo - ok
17:03:15.0364 0x11a4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:03:15.0395 0x11a4 Filetrace - ok
17:03:15.0418 0x11a4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:03:15.0431 0x11a4 flpydisk - ok
17:03:15.0446 0x11a4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:03:15.0462 0x11a4 FltMgr - ok
17:03:15.0542 0x11a4 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
17:03:15.0582 0x11a4 FontCache - ok
17:03:15.0624 0x11a4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:03:15.0635 0x11a4 FontCache3.0.0.0 - ok
17:03:15.0657 0x11a4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:03:15.0669 0x11a4 FsDepends - ok
17:03:15.0684 0x11a4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:03:15.0696 0x11a4 Fs_Rec - ok
17:03:15.0740 0x11a4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:03:15.0775 0x11a4 fvevol - ok
17:03:15.0793 0x11a4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:03:15.0806 0x11a4 gagp30kx - ok
17:03:15.0856 0x11a4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:03:15.0904 0x11a4 gpsvc - ok
17:03:16.0016 0x11a4 [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:03:16.0037 0x11a4 gupdate - ok
17:03:16.0046 0x11a4 [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:03:16.0061 0x11a4 gupdatem - ok
17:03:16.0096 0x11a4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:03:16.0110 0x11a4 hcw85cir - ok
17:03:16.0162 0x11a4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:03:16.0193 0x11a4 HdAudAddService - ok
17:03:16.0217 0x11a4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:03:16.0234 0x11a4 HDAudBus - ok
17:03:16.0244 0x11a4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:03:16.0257 0x11a4 HidBatt - ok
17:03:16.0272 0x11a4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:03:16.0289 0x11a4 HidBth - ok
17:03:16.0301 0x11a4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
17:03:16.0317 0x11a4 HidIr - ok
17:03:16.0349 0x11a4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
17:03:16.0381 0x11a4 hidserv - ok
17:03:16.0441 0x11a4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:03:16.0467 0x11a4 HidUsb - ok
17:03:16.0490 0x11a4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:03:16.0547 0x11a4 hkmsvc - ok
17:03:16.0572 0x11a4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:03:16.0589 0x11a4 HomeGroupListener - ok
17:03:16.0602 0x11a4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:03:16.0619 0x11a4 HomeGroupProvider - ok
17:03:16.0649 0x11a4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:03:16.0662 0x11a4 HpSAMD - ok
17:03:16.0711 0x11a4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:03:16.0739 0x11a4 HTTP - ok
17:03:16.0754 0x11a4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:03:16.0765 0x11a4 hwpolicy - ok
17:03:16.0782 0x11a4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:03:16.0796 0x11a4 i8042prt - ok
17:03:16.0840 0x11a4 [ B9A4003605665D03CFD2AFE8891DD588, 74427B96AE79CE6BD74B7D778FDF903056E717B9FFEB201C5D98D81E0C0FD35E ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
17:03:16.0865 0x11a4 iaStorA - ok
17:03:16.0929 0x11a4 [ 3C62DAD54F3BD296E2D5ADFE6F442EBB, F3960A90AE7FC45ABFD7B5CB3D054D1C30B7C82A5C73F4218FAA57B54C52D96C ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:03:16.0950 0x11a4 IAStorDataMgrSvc - ok
17:03:16.0961 0x11a4 [ D6E38EEC78854C5A07087D004DDBF9D2, 33D2A90830D8E1A2CAF20502BDCCCCE090E2E63627A4315259D98B724073824B ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
17:03:16.0983 0x11a4 iaStorF - ok
17:03:17.0025 0x11a4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:03:17.0053 0x11a4 iaStorV - ok
17:03:17.0131 0x11a4 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
17:03:17.0159 0x11a4 ICCS - ok
17:03:17.0235 0x11a4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:03:17.0269 0x11a4 idsvc - ok
17:03:17.0300 0x11a4 IEEtwCollectorService - ok
17:03:17.0438 0x11a4 [ 6C354589E484B0A9F283ADA08563CD46, 9308A1B3AD6AFD5E4D66A6EB23113216AD388E9B587276B46968D359FEECA3BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:03:17.0553 0x11a4 igfx - ok
17:03:17.0591 0x11a4 [ 491422B36C20E706BCE733D3D0208F80, 3716604700E95EAA314141EE9304AB1CDC70BFA658F3A1D74A717EFD2B7CEC7C ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
17:03:17.0622 0x11a4 igfxCUIService1.0.0.0 - ok
17:03:17.0654 0x11a4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:03:17.0665 0x11a4 iirsp - ok
17:03:17.0713 0x11a4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:03:17.0744 0x11a4 IKEEXT - ok
17:03:17.0904 0x11a4 [ F9A6ACDDD86D3281F765374A0BF37DE0, 988911FC45B14A5E40AD91B49A18DFFF56F81874611ED994624D7200E7FDD834 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:03:17.0995 0x11a4 IntcAzAudAddService - ok
17:03:18.0064 0x11a4 [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:03:18.0089 0x11a4 IntcDAud - ok
17:03:18.0157 0x11a4 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:03:18.0183 0x11a4 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
17:03:20.0528 0x11a4 Detect skipped due to KSN trusted
17:03:20.0528 0x11a4 Intel(R) Capability Licensing Service Interface - ok
17:03:20.0579 0x11a4 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:03:20.0611 0x11a4 Intel(R) Capability Licensing Service TCP IP Interface - ok
17:03:20.0641 0x11a4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:03:20.0652 0x11a4 intelide - ok
17:03:20.0668 0x11a4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:03:20.0682 0x11a4 intelppm - ok
17:03:20.0720 0x11a4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:03:20.0753 0x11a4 IPBusEnum - ok
17:03:20.0771 0x11a4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:03:20.0802 0x11a4 IpFilterDriver - ok
17:03:20.0836 0x11a4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:03:20.0861 0x11a4 iphlpsvc - ok
17:03:20.0871 0x11a4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:03:20.0885 0x11a4 IPMIDRV - ok
17:03:20.0903 0x11a4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:03:20.0936 0x11a4 IPNAT - ok
17:03:20.0963 0x11a4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:03:20.0979 0x11a4 IRENUM - ok
17:03:20.0998 0x11a4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:03:21.0009 0x11a4 isapnp - ok
17:03:21.0046 0x11a4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:03:21.0078 0x11a4 iScsiPrt - ok
17:03:21.0102 0x11a4 [ EB56D7AC688BCB1171812EF6CBB32193, 3423D53842CAB2473EECE6EF90ED25765B3DB9D85EA5D3A4D2C59A947A959F4D ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
17:03:21.0124 0x11a4 iusb3hcs - ok
17:03:21.0152 0x11a4 [ 3DD76F45DA45CEDCDFC7BF7AB93E6216, 11757969FCAA14C1DCD4CF06C11BA9EA528C2CD4C6F0C2F5C4EFFFA82AAA22A6 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
17:03:21.0171 0x11a4 iusb3hub - ok
17:03:21.0202 0x11a4 [ B0342584DAB73797F584CADD41EEC6BD, 517938881A8395B36847838407E1BDE2C0A982AF544CECC44C86BEEA382E9E63 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
17:03:21.0232 0x11a4 iusb3xhc - ok
17:03:21.0289 0x11a4 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:03:21.0303 0x11a4 jhi_service - ok
17:03:21.0328 0x11a4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:03:21.0339 0x11a4 kbdclass - ok
17:03:21.0359 0x11a4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:03:21.0372 0x11a4 kbdhid - ok
17:03:21.0392 0x11a4 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] KeyIso C:\Windows\system32\lsass.exe
17:03:21.0405 0x11a4 KeyIso - ok
17:03:21.0439 0x11a4 [ 7BDDD24C5A148534D3737DBFA96B3E69, 06130316A21B1D67B5885AB7030603097EC96F7104F3766D67793ECFC1143158 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:03:21.0452 0x11a4 KSecDD - ok
17:03:21.0465 0x11a4 [ BA500732D160C61E889E8180EE53C86F, 2E9B9FEF4E2F86DBF6778AD0A581CE2F1CA0AC777440BA05AB36B031CE1E8781 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:03:21.0479 0x11a4 KSecPkg - ok
17:03:21.0508 0x11a4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:03:21.0540 0x11a4 ksthunk - ok
17:03:21.0571 0x11a4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:03:21.0610 0x11a4 KtmRm - ok
17:03:21.0644 0x11a4 [ 7867CACBF7B23AD04F5D18657BF15FA2, 153763A0C4A347526BCC2A502B5B0BC323AEC4035F1D7A8C85479FEDA0AD8A0C ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
17:03:21.0670 0x11a4 L1C - ok
17:03:21.0725 0x11a4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:03:21.0761 0x11a4 LanmanServer - ok
17:03:21.0786 0x11a4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:03:21.0820 0x11a4 LanmanWorkstation - ok
17:03:21.0868 0x11a4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:03:21.0921 0x11a4 lltdio - ok
17:03:21.0945 0x11a4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:03:21.0982 0x11a4 lltdsvc - ok
17:03:21.0995 0x11a4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:03:22.0026 0x11a4 lmhosts - ok
17:03:22.0074 0x11a4 [ 8939CBB2526CB87C476DB9ABBF243AE0, 6D566EDD2DE07A7F7B27A41BBFD05360BF2FBDD5D265D8061E15785A3EBC0C4E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:03:22.0101 0x11a4 LMS - ok
17:03:22.0142 0x11a4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:03:22.0156 0x11a4 LSI_FC - ok
17:03:22.0170 0x11a4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:03:22.0183 0x11a4 LSI_SAS - ok
17:03:22.0196 0x11a4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:03:22.0208 0x11a4 LSI_SAS2 - ok
17:03:22.0221 0x11a4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:03:22.0235 0x11a4 LSI_SCSI - ok
17:03:22.0263 0x11a4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:03:22.0297 0x11a4 luafv - ok
17:03:22.0319 0x11a4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:03:22.0335 0x11a4 Mcx2Svc - ok
17:03:22.0344 0x11a4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
17:03:22.0356 0x11a4 megasas - ok
17:03:22.0374 0x11a4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:03:22.0391 0x11a4 MegaSR - ok
17:03:22.0411 0x11a4 [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
17:03:22.0424 0x11a4 MEIx64 - ok
17:03:22.0448 0x11a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:03:22.0481 0x11a4 MMCSS - ok
17:03:22.0498 0x11a4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:03:22.0528 0x11a4 Modem - ok
17:03:22.0543 0x11a4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:03:22.0558 0x11a4 monitor - ok
17:03:22.0567 0x1238 Object required for P2P: [ 98BB62ABFD17F284C3C5DE40F8266F3C ] Avira.ServiceHost
17:03:22.0576 0x11a4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:03:22.0587 0x11a4 mouclass - ok
17:03:22.0606 0x11a4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:03:22.0619 0x11a4 mouhid - ok
17:03:22.0677 0x11a4 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:03:22.0702 0x11a4 mountmgr - ok
17:03:22.0776 0x11a4 [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:03:22.0804 0x11a4 MozillaMaintenance - ok
17:03:22.0851 0x11a4 [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:03:22.0884 0x11a4 MpFilter - ok
17:03:22.0912 0x11a4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:03:22.0928 0x11a4 mpio - ok
17:03:22.0941 0x11a4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:03:22.0977 0x11a4 mpsdrv - ok
17:03:23.0014 0x11a4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:03:23.0061 0x11a4 MpsSvc - ok
17:03:23.0091 0x11a4 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:03:23.0105 0x11a4 MRxDAV - ok
17:03:23.0140 0x11a4 [ 355DF71D1DD1999E8AEDF986534B233C, 4F5B07A3E9F4C5EE259A72353835364BFEAEC792090C178C4EF91B517B1C49D0 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:03:23.0169 0x11a4 mrxsmb - ok
17:03:23.0221 0x11a4 [ A16FC9323A85CAEA5804D04646A91CF9, ABC9F1BE4B871EBB5FDED9FC248DABEC4004EBCCF53E6C4D1E54AF69653B00E0 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:03:23.0257 0x11a4 mrxsmb10 - ok
17:03:23.0275 0x11a4 [ 2539BE615440BA1EA4CF84A66B6C0AF9, 3369DE38EE49E5507A73036CDF3982AEF2331D61C7EC4F159004EAD14309A933 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:03:23.0290 0x11a4 mrxsmb20 - ok
17:03:23.0309 0x11a4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:03:23.0320 0x11a4 msahci - ok
17:03:23.0357 0x11a4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:03:23.0382 0x11a4 msdsm - ok
17:03:23.0400 0x11a4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:03:23.0416 0x11a4 MSDTC - ok
17:03:23.0441 0x11a4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:03:23.0483 0x11a4 Msfs - ok
17:03:23.0508 0x11a4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:03:23.0539 0x11a4 mshidkmdf - ok
17:03:23.0555 0x11a4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:03:23.0567 0x11a4 msisadrv - ok
17:03:23.0593 0x11a4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:03:23.0628 0x11a4 MSiSCSI - ok
17:03:23.0631 0x11a4 msiserver - ok
17:03:23.0662 0x11a4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:03:23.0694 0x11a4 MSKSSRV - ok
17:03:23.0758 0x11a4 [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:03:23.0782 0x11a4 MsMpSvc - ok
17:03:23.0802 0x11a4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:03:23.0836 0x11a4 MSPCLOCK - ok
17:03:23.0846 0x11a4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:03:23.0878 0x11a4 MSPQM - ok
17:03:23.0899 0x11a4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:03:23.0920 0x11a4 MsRPC - ok
17:03:23.0937 0x11a4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:03:23.0948 0x11a4 mssmbios - ok
17:03:23.0963 0x11a4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:03:23.0994 0x11a4 MSTEE - ok
17:03:24.0009 0x11a4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:03:24.0021 0x11a4 MTConfig - ok
17:03:24.0037 0x11a4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:03:24.0049 0x11a4 Mup - ok
17:03:24.0083 0x11a4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:03:24.0122 0x11a4 napagent - ok
17:03:24.0180 0x11a4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:03:24.0212 0x11a4 NativeWifiP - ok
17:03:24.0348 0x11a4 [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:03:24.0386 0x11a4 NAUpdate - ok
17:03:24.0454 0x11a4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:03:24.0491 0x11a4 NDIS - ok
17:03:24.0509 0x11a4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:03:24.0540 0x11a4 NdisCap - ok
17:03:24.0564 0x11a4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:03:24.0594 0x11a4 NdisTapi - ok
17:03:24.0615 0x11a4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:03:24.0646 0x11a4 Ndisuio - ok
17:03:24.0657 0x11a4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:03:24.0689 0x11a4 NdisWan - ok
17:03:24.0697 0x11a4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:03:24.0729 0x11a4 NDProxy - ok
17:03:24.0743 0x11a4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:03:24.0774 0x11a4 NetBIOS - ok
17:03:24.0790 0x11a4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:03:24.0825 0x11a4 NetBT - ok
17:03:24.0843 0x11a4 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] Netlogon C:\Windows\system32\lsass.exe
17:03:24.0856 0x11a4 Netlogon - ok
17:03:24.0891 0x11a4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:03:24.0931 0x11a4 Netman - ok
17:03:24.0998 0x1238 Object send P2P result: true
17:03:25.0008 0x11a4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:03:25.0034 0x11a4 NetMsmqActivator - ok
17:03:25.0041 0x11a4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:03:25.0055 0x11a4 NetPipeActivator - ok
17:03:25.0069 0x11a4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:03:25.0110 0x11a4 netprofm - ok
17:03:25.0117 0x11a4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:03:25.0131 0x11a4 NetTcpActivator - ok
17:03:25.0137 0x11a4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:03:25.0152 0x11a4 NetTcpPortSharing - ok
17:03:25.0182 0x11a4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:03:25.0194 0x11a4 nfrd960 - ok
17:03:25.0238 0x11a4 [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:03:25.0267 0x11a4 NisDrv - ok
17:03:25.0292 0x11a4 [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:03:25.0313 0x11a4 NisSrv - ok
17:03:25.0353 0x11a4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:03:25.0373 0x11a4 NlaSvc - ok
17:03:25.0411 0x11a4 [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
17:03:25.0435 0x11a4 nmwcd - ok
17:03:25.0475 0x11a4 [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
17:03:25.0498 0x11a4 nmwcdc - ok
17:03:25.0524 0x11a4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:03:25.0557 0x11a4 Npfs - ok
17:03:25.0583 0x11a4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:03:25.0615 0x11a4 nsi - ok
17:03:25.0622 0x11a4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:03:25.0654 0x11a4 nsiproxy - ok
17:03:25.0744 0x11a4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:03:25.0819 0x11a4 Ntfs - ok
17:03:25.0842 0x11a4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:03:25.0873 0x11a4 Null - ok
17:03:25.0890 0x11a4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:03:25.0905 0x11a4 nvraid - ok
17:03:25.0943 0x11a4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:03:25.0957 0x11a4 nvstor - ok
17:03:25.0983 0x11a4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:03:25.0996 0x11a4 nv_agp - ok
17:03:26.0012 0x11a4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:03:26.0026 0x11a4 ohci1394 - ok
17:03:26.0102 0x11a4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:03:26.0126 0x11a4 ose - ok
17:03:26.0327 0x11a4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:03:26.0439 0x11a4 osppsvc - ok
17:03:26.0481 0x11a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:03:26.0500 0x11a4 p2pimsvc - ok
17:03:26.0517 0x11a4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:03:26.0539 0x11a4 p2psvc - ok
17:03:26.0571 0x11a4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
17:03:26.0585 0x11a4 Parport - ok
17:03:26.0611 0x11a4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:03:26.0623 0x11a4 partmgr - ok
17:03:26.0663 0x11a4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:03:26.0696 0x11a4 PcaSvc - ok
17:03:26.0769 0x11a4 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
17:03:26.0792 0x11a4 pccsmcfd - ok
17:03:26.0829 0x11a4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:03:26.0853 0x11a4 pci - ok
17:03:26.0880 0x11a4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:03:26.0891 0x11a4 pciide - ok
17:03:26.0917 0x11a4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:03:26.0938 0x11a4 pcmcia - ok
17:03:26.0954 0x11a4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:03:26.0966 0x11a4 pcw - ok
17:03:27.0010 0x11a4 [ 7CADB4ABAE72390951886CF259791F5F, 9A0F4113F4E09911A44843F31E8C7047EEA39611AB490A4CF16FAE9D95310076 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
17:03:27.0035 0x11a4 PDFProFiltSrvPP - ok
17:03:27.0096 0x11a4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:03:27.0140 0x11a4 PEAUTH - ok
17:03:27.0231 0x11a4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:03:27.0272 0x11a4 PeerDistSvc - ok
17:03:27.0319 0x11a4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:03:27.0344 0x11a4 PerfHost - ok
17:03:27.0403 0x11a4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:03:27.0467 0x11a4 pla - ok
17:03:27.0503 0x11a4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:03:27.0524 0x11a4 PlugPlay - ok
17:03:27.0533 0x11a4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:03:27.0546 0x11a4 PNRPAutoReg - ok
17:03:27.0568 0x11a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:03:27.0587 0x11a4 PNRPsvc - ok
17:03:27.0625 0x11a4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:03:27.0666 0x11a4 PolicyAgent - ok
17:03:27.0693 0x11a4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:03:27.0731 0x11a4 Power - ok
17:03:27.0768 0x11a4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:03:27.0801 0x11a4 PptpMiniport - ok
17:03:27.0830 0x11a4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
17:03:27.0845 0x11a4 Processor - ok
17:03:27.0875 0x11a4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
17:03:27.0893 0x11a4 ProfSvc - ok
17:03:27.0905 0x11a4 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] ProtectedStorage C:\Windows\system32\lsass.exe
17:03:27.0918 0x11a4 ProtectedStorage - ok
17:03:27.0938 0x11a4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:03:27.0973 0x11a4 Psched - ok
17:03:28.0044 0x11a4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:03:28.0087 0x11a4 ql2300 - ok
17:03:28.0109 0x11a4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:03:28.0122 0x11a4 ql40xx - ok
17:03:28.0161 0x11a4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:03:28.0193 0x11a4 QWAVE - ok
17:03:28.0209 0x11a4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:03:28.0226 0x11a4 QWAVEdrv - ok
17:03:28.0247 0x11a4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:03:28.0279 0x11a4 RasAcd - ok
17:03:28.0305 0x11a4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:03:28.0337 0x11a4 RasAgileVpn - ok
17:03:28.0354 0x11a4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:03:28.0387 0x11a4 RasAuto - ok
17:03:28.0400 0x11a4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:03:28.0431 0x11a4 Rasl2tp - ok
17:03:28.0452 0x11a4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:03:28.0489 0x11a4 RasMan - ok
17:03:28.0502 0x11a4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:03:28.0534 0x11a4 RasPppoe - ok
17:03:28.0564 0x11a4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:03:28.0596 0x11a4 RasSstp - ok
17:03:28.0612 0x11a4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:03:28.0648 0x11a4 rdbss - ok
17:03:28.0664 0x11a4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:03:28.0679 0x11a4 rdpbus - ok
17:03:28.0694 0x11a4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:03:28.0725 0x11a4 RDPCDD - ok
17:03:28.0761 0x11a4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:03:28.0777 0x11a4 RDPDR - ok
17:03:28.0787 0x11a4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:03:28.0818 0x11a4 RDPENCDD - ok
17:03:28.0835 0x11a4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:03:28.0866 0x11a4 RDPREFMP - ok
17:03:28.0927 0x11a4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:03:28.0954 0x11a4 RdpVideoMiniport - ok
17:03:28.0992 0x11a4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:03:29.0031 0x11a4 RDPWD - ok
17:03:29.0068 0x11a4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:03:29.0086 0x11a4 rdyboost - ok
17:03:29.0111 0x11a4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:03:29.0151 0x11a4 RemoteAccess - ok
17:03:29.0190 0x11a4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:03:29.0232 0x11a4 RemoteRegistry - ok
17:03:29.0277 0x11a4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:03:29.0296 0x11a4 RFCOMM - ok
17:03:29.0311 0x11a4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:03:29.0346 0x11a4 RpcEptMapper - ok
17:03:29.0364 0x11a4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:03:29.0377 0x11a4 RpcLocator - ok
17:03:29.0410 0x11a4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:03:29.0450 0x11a4 RpcSs - ok
17:03:29.0493 0x11a4 [ D23399622ED6692BF6AA1D30322345FC, 94A1C61159AC745A58E0C9C1D79BFB7E5278E0FED5E710965369C41D30EB51AF ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
17:03:29.0511 0x11a4 RSPCIESTOR - ok
17:03:29.0544 0x11a4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:03:29.0577 0x11a4 rspndr - ok
17:03:29.0601 0x11a4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:03:29.0612 0x11a4 s3cap - ok
17:03:29.0624 0x11a4 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] SamSs C:\Windows\system32\lsass.exe
17:03:29.0637 0x11a4 SamSs - ok
17:03:29.0650 0x11a4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:03:29.0663 0x11a4 sbp2port - ok
17:03:29.0703 0x11a4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:03:29.0740 0x11a4 SCardSvr - ok
17:03:29.0751 0x11a4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:03:29.0782 0x11a4 scfilter - ok
17:03:29.0859 0x11a4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
17:03:29.0896 0x11a4 Schedule - ok
17:03:29.0925 0x11a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:03:29.0956 0x11a4 SCPolicySvc - ok
17:03:29.0988 0x11a4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:03:30.0004 0x11a4 SDRSVC - ok
17:03:30.0029 0x11a4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:03:30.0055 0x11a4 secdrv - ok
17:03:30.0069 0x11a4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:03:30.0100 0x11a4 seclogon - ok
17:03:30.0111 0x11a4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
17:03:30.0144 0x11a4 SENS - ok
17:03:30.0160 0x11a4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:03:30.0173 0x11a4 SensrSvc - ok
17:03:30.0200 0x11a4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:03:30.0214 0x11a4 Serenum - ok
17:03:30.0223 0x11a4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
17:03:30.0237 0x11a4 Serial - ok
17:03:30.0254 0x11a4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:03:30.0268 0x11a4 sermouse - ok
17:03:30.0356 0x11a4 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
17:03:30.0388 0x11a4 ServiceLayer - ok
17:03:30.0416 0x11a4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:03:30.0450 0x11a4 SessionEnv - ok
17:03:30.0465 0x11a4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:03:30.0481 0x11a4 sffdisk - ok
17:03:30.0502 0x11a4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:03:30.0517 0x11a4 sffp_mmc - ok
17:03:30.0529 0x11a4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:03:30.0543 0x11a4 sffp_sd - ok
17:03:30.0566 0x11a4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:03:30.0579 0x11a4 sfloppy - ok
17:03:30.0611 0x11a4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:03:30.0650 0x11a4 SharedAccess - ok
17:03:30.0688 0x11a4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:03:30.0726 0x11a4 ShellHWDetection - ok
17:03:30.0737 0x11a4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:03:30.0748 0x11a4 SiSRaid2 - ok
17:03:30.0768 0x11a4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:03:30.0780 0x11a4 SiSRaid4 - ok
17:03:30.0835 0x11a4 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:03:30.0863 0x11a4 SkypeUpdate - ok
17:03:30.0895 0x11a4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:03:30.0932 0x11a4 Smb - ok
17:03:30.0958 0x11a4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:03:30.0973 0x11a4 SNMPTRAP - ok
17:03:30.0993 0x11a4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:03:31.0004 0x11a4 spldr - ok
17:03:31.0049 0x11a4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
17:03:31.0074 0x11a4 Spooler - ok
17:03:31.0190 0x11a4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:03:31.0295 0x11a4 sppsvc - ok
17:03:31.0318 0x11a4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:03:31.0352 0x11a4 sppuinotify - ok
17:03:31.0382 0x11a4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:03:31.0403 0x11a4 srv - ok
17:03:31.0421 0x11a4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:03:31.0441 0x11a4 srv2 - ok
17:03:31.0452 0x11a4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:03:31.0467 0x11a4 srvnet - ok
17:03:31.0504 0x11a4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:03:31.0540 0x11a4 SSDPSRV - ok
17:03:31.0554 0x11a4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:03:31.0587 0x11a4 SstpSvc - ok
17:03:31.0640 0x11a4 [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:03:31.0666 0x11a4 ssudmdm - ok
17:03:31.0803 0x11a4 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
17:03:31.0836 0x11a4 ss_conn_service - ok
17:03:31.0861 0x11a4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:03:31.0873 0x11a4 stexstor - ok
17:03:31.0917 0x11a4 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:03:31.0933 0x11a4 StillCam - ok
17:03:31.0972 0x11a4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:03:32.0009 0x11a4 stisvc - ok
17:03:32.0045 0x11a4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:03:32.0057 0x11a4 storflt - ok
17:03:32.0080 0x11a4 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
17:03:32.0093 0x11a4 StorSvc - ok
17:03:32.0114 0x11a4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:03:32.0126 0x11a4 storvsc - ok
17:03:32.0149 0x11a4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:03:32.0160 0x11a4 swenum - ok
17:03:32.0190 0x11a4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:03:32.0234 0x11a4 swprv - ok
17:03:32.0334 0x11a4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
17:03:32.0386 0x11a4 SysMain - ok
17:03:32.0426 0x11a4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:03:32.0446 0x11a4 TabletInputService - ok
17:03:32.0468 0x11a4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:03:32.0506 0x11a4 TapiSrv - ok
17:03:32.0554 0x11a4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:03:32.0587 0x11a4 TBS - ok
17:03:32.0691 0x11a4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:03:32.0743 0x11a4 Tcpip - ok
17:03:32.0817 0x11a4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:03:32.0867 0x11a4 TCPIP6 - ok
17:03:32.0906 0x11a4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:03:32.0919 0x11a4 tcpipreg - ok
17:03:32.0946 0x11a4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:03:32.0959 0x11a4 TDPIPE - ok
17:03:32.0989 0x11a4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:03:33.0002 0x11a4 TDTCP - ok
17:03:33.0044 0x11a4 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:03:33.0071 0x11a4 tdx - ok
17:03:33.0086 0x11a4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:03:33.0099 0x11a4 TermDD - ok
17:03:33.0146 0x11a4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
17:03:33.0181 0x11a4 TermService - ok
17:03:33.0233 0x11a4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:03:33.0268 0x11a4 Themes - ok
17:03:33.0289 0x11a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:03:33.0344 0x11a4 THREADORDER - ok
17:03:33.0362 0x11a4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:03:33.0396 0x11a4 TrkWks - ok
17:03:33.0448 0x11a4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:03:33.0503 0x11a4 TrustedInstaller - ok
17:03:33.0538 0x11a4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:03:33.0551 0x11a4 tssecsrv - ok
17:03:33.0589 0x11a4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:03:33.0603 0x11a4 TsUsbFlt - ok
17:03:33.0629 0x11a4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:03:33.0643 0x11a4 TsUsbGD - ok
17:03:33.0681 0x11a4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:03:33.0716 0x11a4 tunnel - ok
17:03:33.0733 0x11a4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:03:33.0746 0x11a4 uagp35 - ok
17:03:33.0766 0x11a4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:03:33.0803 0x11a4 udfs - ok
17:03:33.0824 0x11a4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:03:33.0838 0x11a4 UI0Detect - ok
17:03:33.0856 0x11a4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:03:33.0869 0x11a4 uliagpkx - ok
17:03:33.0888 0x11a4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:03:33.0902 0x11a4 umbus - ok
17:03:33.0925 0x11a4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
17:03:33.0938 0x11a4 UmPass - ok
17:03:33.0965 0x11a4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
17:03:33.0982 0x11a4 UmRdpService - ok
17:03:34.0018 0x11a4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:03:34.0056 0x11a4 upnphost - ok
17:03:34.0104 0x11a4 [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
17:03:34.0127 0x11a4 upperdev - ok
17:03:34.0154 0x11a4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:03:34.0169 0x11a4 usbccgp - ok
17:03:34.0194 0x11a4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:03:34.0209 0x11a4 usbcir - ok
17:03:34.0231 0x11a4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:03:34.0244 0x11a4 usbehci - ok
17:03:34.0267 0x11a4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:03:34.0286 0x11a4 usbhub - ok
17:03:34.0312 0x11a4 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:03:34.0325 0x11a4 usbohci - ok
17:03:34.0346 0x11a4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:03:34.0361 0x11a4 usbprint - ok
17:03:34.0391 0x11a4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:03:34.0416 0x11a4 usbscan - ok
17:03:34.0462 0x11a4 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys
17:03:34.0487 0x11a4 usbser - ok
17:03:34.0524 0x11a4 [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
17:03:34.0566 0x11a4 UsbserFilt - ok
17:03:34.0585 0x11a4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:03:34.0599 0x11a4 USBSTOR - ok
17:03:34.0620 0x11a4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:03:34.0633 0x11a4 usbuhci - ok
17:03:34.0676 0x11a4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:03:34.0693 0x11a4 usbvideo - ok
17:03:34.0710 0x11a4 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
17:03:34.0724 0x11a4 usb_rndisx - ok
17:03:34.0744 0x11a4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:03:34.0779 0x11a4 UxSms - ok
17:03:34.0795 0x11a4 [ 5673794F254FE312AF62D9DA32805A2F, 76400BF26F87303924A4FA9DFE5DD13170D1E4A195CD12548DBAA0E6E8C11B1B ] VaultSvc C:\Windows\system32\lsass.exe
17:03:34.0808 0x11a4 VaultSvc - ok
17:03:34.0847 0x11a4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:03:34.0872 0x11a4 vdrvroot - ok
17:03:34.0906 0x11a4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:03:34.0954 0x11a4 vds - ok
17:03:34.0985 0x11a4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:03:35.0002 0x11a4 vga - ok
17:03:35.0022 0x11a4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:03:35.0056 0x11a4 VgaSave - ok
17:03:35.0078 0x11a4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:03:35.0093 0x11a4 vhdmp - ok
17:03:35.0113 0x11a4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:03:35.0124 0x11a4 viaide - ok
17:03:35.0155 0x11a4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:03:35.0170 0x11a4 vmbus - ok
17:03:35.0188 0x11a4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:03:35.0201 0x11a4 VMBusHID - ok
17:03:35.0224 0x11a4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:03:35.0238 0x11a4 volmgr - ok
17:03:35.0256 0x11a4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:03:35.0276 0x11a4 volmgrx - ok
17:03:35.0293 0x11a4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:03:35.0311 0x11a4 volsnap - ok
17:03:35.0338 0x11a4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:03:35.0352 0x11a4 vsmraid - ok
17:03:35.0420 0x11a4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:03:35.0485 0x11a4 VSS - ok
17:03:35.0496 0x11a4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:03:35.0510 0x11a4 vwifibus - ok
17:03:35.0534 0x11a4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:03:35.0553 0x11a4 vwififlt - ok
17:03:35.0583 0x11a4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:03:35.0600 0x11a4 vwifimp - ok
17:03:35.0633 0x11a4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:03:35.0673 0x11a4 W32Time - ok
17:03:35.0694 0x11a4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:03:35.0707 0x11a4 WacomPen - ok
17:03:35.0740 0x11a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:03:35.0787 0x11a4 WANARP - ok
17:03:35.0804 0x11a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:03:35.0835 0x11a4 Wanarpv6 - ok
17:03:35.0899 0x11a4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:03:35.0936 0x11a4 WatAdminSvc - ok
17:03:35.0994 0x11a4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:03:36.0039 0x11a4 wbengine - ok
17:03:36.0074 0x11a4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:03:36.0096 0x11a4 WbioSrvc - ok
17:03:36.0120 0x11a4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:03:36.0145 0x11a4 wcncsvc - ok
17:03:36.0159 0x11a4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:03:36.0173 0x11a4 WcsPlugInService - ok
17:03:36.0196 0x11a4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
17:03:36.0208 0x11a4 Wd - ok
17:03:36.0253 0x11a4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:03:36.0282 0x11a4 Wdf01000 - ok
17:03:36.0314 0x11a4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:03:36.0330 0x11a4 WdiServiceHost - ok
17:03:36.0335 0x11a4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:03:36.0350 0x11a4 WdiSystemHost - ok
17:03:36.0388 0x11a4 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
17:03:36.0406 0x11a4 WebClient - ok
17:03:36.0428 0x11a4 [ 2CA323CF5C24A7DA9AC0FC374AED50A4, BAAA6BC43D7D50CE5F95BFE0B5E56B1032883F662A000CB54D361AE0913C325F ] Wecsvc C:\Windows\system32\wecsvc.dll
17:03:36.0446 0x11a4 Wecsvc - ok
17:03:36.0474 0x11a4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:03:36.0509 0x11a4 wercplsupport - ok
17:03:36.0534 0x11a4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:03:36.0568 0x11a4 WerSvc - ok
17:03:36.0594 0x11a4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:03:36.0625 0x11a4 WfpLwf - ok
17:03:36.0638 0x11a4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:03:36.0650 0x11a4 WIMMount - ok
17:03:36.0671 0x11a4 WinDefend - ok
17:03:36.0686 0x11a4 WinHttpAutoProxySvc - ok
17:03:36.0740 0x11a4 [ 5247036CD851AD73B5FC8E546DF78D4D, 5FC56B1CA516ED9D477AEAC5D06B2F59DF7FA9AFA207616C2E648C8348203F62 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:03:36.0767 0x11a4 Winmgmt - ok
17:03:36.0875 0x11a4 [ 2639C57F43CDB6B36593083CF3DF92F4, 64EE18B8C344EA67406B51724AC962934275B1769B42A03ECE56895CE8CEF05D ] WinRM C:\Windows\system32\WsmSvc.dll
17:03:36.0941 0x11a4 WinRM - ok
17:03:36.0992 0x11a4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:03:37.0008 0x11a4 WinUsb - ok
17:03:37.0051 0x11a4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:03:37.0088 0x11a4 Wlansvc - ok
17:03:37.0111 0x11a4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:03:37.0123 0x11a4 WmiAcpi - ok
17:03:37.0146 0x11a4 [ 43FA348D871923CC7FD28F82797AC04D, FDC8BD0732C0B11B11A19E16F75F91D09691AA8D28FB928A7918D2B080DF881A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:03:37.0162 0x11a4 wmiApSrv - ok
17:03:37.0190 0x11a4 WMPNetworkSvc - ok
17:03:37.0221 0x11a4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:03:37.0245 0x11a4 WPCSvc - ok
17:03:37.0263 0x11a4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:03:37.0283 0x11a4 WPDBusEnum - ok
17:03:37.0307 0x11a4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:03:37.0337 0x11a4 ws2ifsl - ok
17:03:37.0350 0x11a4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
17:03:37.0370 0x11a4 wscsvc - ok
17:03:37.0406 0x11a4 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:03:37.0421 0x11a4 WSDPrintDevice - ok
17:03:37.0450 0x11a4 WsDrvInst - ok
17:03:37.0470 0x11a4 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
17:03:37.0490 0x11a4 WSDScan - ok
17:03:37.0495 0x11a4 WSearch - ok
17:03:37.0631 0x11a4 [ 3D4032E6A5885C007AEF4BA816AB4032, 21EB2B5B5A64EED44B5B7743820842205175F52A6F5525BD0F95DCB2733F449C ] wuauserv C:\Windows\system32\wuaueng.dll
17:03:37.0698 0x11a4 wuauserv - ok
17:03:37.0734 0x11a4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:03:37.0749 0x11a4 WudfPf - ok
17:03:37.0791 0x11a4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:03:37.0820 0x11a4 WUDFRd - ok
17:03:37.0837 0x11a4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:03:37.0853 0x11a4 wudfsvc - ok
17:03:37.0893 0x11a4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:03:37.0911 0x11a4 WwanSvc - ok
17:03:37.0949 0x11a4 ================ Scan global ===============================
17:03:37.0983 0x11a4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
17:03:38.0023 0x11a4 [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\Windows\system32\winsrv.dll
17:03:38.0038 0x11a4 [ 96AEEE466EA56AF34AE4AD5E55DAD164, 467DA5C29E04E02520974163AEBF7FAA3DED8212A765616C0D877E4F36AD173C ] C:\Windows\system32\winsrv.dll
17:03:38.0076 0x11a4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:03:38.0124 0x11a4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:03:38.0138 0x11a4 [ Global ] - ok
17:03:38.0138 0x11a4 ================ Scan MBR ==================================
17:03:38.0152 0x11a4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:03:38.0644 0x11a4 \Device\Harddisk0\DR0 - ok
17:03:38.0646 0x11a4 ================ Scan VBR ==================================
17:03:38.0661 0x11a4 [ 5EA190CCE011C197A0618D27957754EB ] \Device\Harddisk0\DR0\Partition1
17:03:38.0664 0x11a4 \Device\Harddisk0\DR0\Partition1 - ok
17:03:38.0666 0x11a4 [ D7E2E3B928893E30BF33B0F566D4BC10 ] \Device\Harddisk0\DR0\Partition2
17:03:38.0668 0x11a4 \Device\Harddisk0\DR0\Partition2 - ok
17:03:38.0668 0x11a4 ================ Scan generic autorun ======================
17:03:38.0668 0x11a4 ETDCtrl - ok
17:03:39.0084 0x11a4 [ 78D93C04E892F50D6264A05F4EBCE150, F24D26CAF44B81725AAE9FE84F24DB848BAA7857C89DC34C2E258617E886EE5B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:03:39.0522 0x11a4 RTHDVCPL - ok
17:03:39.0581 0x11a4 [ 8A36EF96859FFF42F408A2BDCA2D2CB5, 25CCEA451E03EB8AB9D3266758FB6A1D2230673B72D5D261980A664D3A0B6F37 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:03:39.0632 0x11a4 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
17:03:41.0972 0x11a4 Detect skipped due to KSN trusted
17:03:41.0972 0x11a4 IAStorIcon - ok
17:03:42.0132 0x11a4 [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] c:\Program Files\Microsoft Security Client\msseces.exe
17:03:42.0203 0x11a4 MSC - ok
17:03:42.0275 0x11a4 [ 9166C1276B296BC78FA816CD8448CD32, 1D2BF20F9EA7665281E5F9FFE50A8127E4618CB76C6A47A27E7ACA196327C395 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
17:03:42.0307 0x11a4 USB3MON - ok
17:03:42.0365 0x11a4 [ 685C4C92EB9C9385416453BD338ABF44, 65325490A119FC860DFC2F0C4EE5BC1AF390B001C2ED190EEABB3D144E71FB6E ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
17:03:42.0392 0x11a4 IMSS - ok
17:03:42.0430 0x11a4 [ 799312CDAA79E65DB21AA9F56D0BE1C7, FCB2D5F213F82BAB4C320EFF3BF988B7609A7E8EBAF85DAAF63F1A92826323CA ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
17:03:42.0444 0x11a4 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
17:03:44.0604 0x07e0 Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
17:03:44.0799 0x11a4 Detect skipped due to KSN trusted
17:03:44.0799 0x11a4 ControlCenter4 - ok
17:03:45.0035 0x11a4 [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
17:03:45.0148 0x11a4 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
17:03:47.0064 0x07e0 Object send P2P result: true
17:03:47.0068 0x07e0 Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
17:03:47.0492 0x11a4 Detect skipped due to KSN trusted
17:03:47.0493 0x11a4 BrStsMon00 - ok
17:03:47.0662 0x11a4 [ 0C0DD390CF53D506414AC2CAA68E7F34, C64A9BAF0FDA5161B9361FC454CA36E7595E6BC969A6FA03993C5949373D8A00 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
17:03:47.0708 0x11a4 BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
17:03:49.0532 0x07e0 Object send P2P result: true
17:03:50.0058 0x11a4 Detect skipped due to KSN trusted
17:03:50.0058 0x11a4 BrHelp - ok
17:03:50.0241 0x11a4 [ 1CE11C53E562D5F7EAFCF47E0E696516, 4E8264DB3CA9B2344905BC2CAE6A9E73190A3CCF3D154B3CBDAF4F73F8FCD64B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:03:50.0279 0x11a4 avgnt - ok
17:03:50.0334 0x11a4 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:03:50.0345 0x11a4 APSDaemon - ok
17:03:50.0386 0x11a4 [ 32AC3889C598A7314954CF515E716BDE, DE843C6B523C60776401F799C01948DDC383442B2CEAC2002A867DC860949AFE ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
17:03:50.0406 0x11a4 IndexSearch - ok
17:03:50.0422 0x11a4 [ 7D46CE32283158EB7F1D0C8E02D8DDD1, DF68039E55E90EFAB90E5FC8DE79E66CEDECB99EB353C4F349375732AAEF1BE1 ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
17:03:50.0433 0x11a4 PaperPort PTD - ok
17:03:50.0473 0x11a4 [ 9F0ACAA725CF5A391AF7E2067AE45746, CA7F3C2C9D4DCB135ECBFFEB3448D272552B5DB720E0A526B4AC07B1F5E8BC9E ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
17:03:50.0497 0x11a4 PDFHook - ok
17:03:50.0520 0x11a4 [ 154420A93E4F676AA33A055A116255D9, DF76577C22EBB439DF2B72D1B6B7A465F067CCEC886FC7A7FB337865DA1DB914 ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
17:03:50.0530 0x11a4 PDF5 Registry Controller - ok
17:03:50.0584 0x11a4 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
17:03:50.0603 0x11a4 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
17:03:52.0949 0x11a4 Detect skipped due to KSN trusted
17:03:52.0949 0x11a4 QuickTime Task - ok
17:03:53.0045 0x11a4 [ 86069F4F421FB355C41FD734500E477F, CB4CE22C3298280B033105875079A373D7E1ADEA15F0F71A2095CCA50CF7E5A5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
17:03:53.0069 0x11a4 Avira SystrayStartTrigger - ok
17:03:53.0180 0x11a4 [ D192592FD0A99D9F360906D3F6DFBFF1, E0ED95A8AB4D26A40BF95B8DB2D968AD1FDB36B8C4DF2990185E0458B3948CA3 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
17:03:53.0231 0x11a4 Wondershare Helper Compact.exe - ok
17:03:53.0291 0x11a4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:03:53.0384 0x11a4 Sidebar - ok
17:03:53.0413 0x11a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:03:53.0433 0x11a4 mctadmin - ok
17:03:53.0479 0x11a4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:03:53.0515 0x11a4 Sidebar - ok
17:03:53.0521 0x11a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:03:53.0539 0x11a4 mctadmin - ok
17:03:53.0602 0x11a4 [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
17:03:53.0627 0x11a4 ISUSPM - ok
17:03:53.0749 0x11a4 [ 4FF9A9F17E5722357EA1F614155F7BCB, 6E43F9269383FEDDE31CC1D3F7268DB2910079550CC2CA440ABB8C3A1E31F2A0 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
17:03:53.0799 0x11a4 MyDriveConnect.exe - ok
17:03:53.0801 0x11a4 Waiting for KSN requests completion. In queue: 14
17:03:54.0801 0x11a4 Waiting for KSN requests completion. In queue: 14
17:03:55.0801 0x11a4 Waiting for KSN requests completion. In queue: 14
17:03:56.0144 0x1450 Object required for P2P: [ 4FF9A9F17E5722357EA1F614155F7BCB ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
17:03:56.0802 0x11a4 Waiting for KSN requests completion. In queue: 1
17:03:57.0802 0x11a4 Waiting for KSN requests completion. In queue: 1
17:03:58.0612 0x1450 Object send P2P result: true
17:03:58.0880 0x11a4 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated )
17:03:58.0881 0x11a4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
17:03:58.0884 0x11a4 Win FW state via NFP2: enabled ( trusted )
17:04:01.0293 0x11a4 ============================================================
17:04:01.0293 0x11a4 Scan finished
17:04:01.0293 0x11a4 ============================================================
17:04:01.0307 0x187c Detected object count: 0
17:04:01.0307 0x187c Actual detected object count: 0
|
|
08.03.2016, 17:38
| #4 |
| | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Jetzt die LogDateien von FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von acer (Administrator) auf NOTEBOOKUWE (08-03-2016 15:37:41)
Gestartet von C:\Users\acer\Desktop
Geladene Profile: acer (Verfügbare Profile: acer)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-12-18] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-12-10] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKU\S-1-5-21-1895174854-802145440-553866228-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1895174854-802145440-553866228-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
HKU\S-1-5-21-1895174854-802145440-553866228-1000\...\Run: [] => [X]
HKU\S-1-5-21-1895174854-802145440-553866228-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{05D3EE09-2F4A-4381-8B9B-AC034CC933CC}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2592A080-B184-4618-B611-8394E0F4B176}: [DhcpNameServer] 192.168.1.251
Tcpip\..\Interfaces\{EBBB1086-A930-489B-BD26-56CA9BB9E5EF}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1895174854-802145440-553866228-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://yahoo.de/
URLSearchHook: HKU\S-1-5-21-1895174854-802145440-553866228-1000 - (Kein Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default
FF Homepage: hxxps://login.yahoo.com/config/login_verify2?.intl=de&.src=ym
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: SmashDasboard - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default\Extensions\@smashdashboard.xpi [2016-02-21]
FF Extension: Avira Browser Safety - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default\Extensions\abs@avira.com [2016-02-19]
FF Extension: Adblock Plus - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-29]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2013-12-18] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-02-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-08] (Avira Operations GmbH & Co. KG)
S3 AX88178; C:\Windows\System32\DRIVERS\ax88178.sys [64000 2013-07-12] (ASIX Electronics Corp.)
R3 BTATH_HID; C:\Windows\System32\DRIVERS\btath_hid.sys [222952 2012-12-21] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [428008 2012-12-21] (Qualcomm Atheros)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-12-18] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-08 15:37 - 2016-03-08 15:38 - 00019295 _____ C:\Users\acer\Desktop\FRST.txt
2016-03-08 15:37 - 2016-03-08 15:37 - 00000000 ____D C:\FRST
2016-03-08 15:35 - 2016-03-08 15:35 - 02374144 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe
2016-03-08 15:06 - 2016-03-08 15:06 - 00000000 ___RD C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-03-08 14:56 - 2016-03-08 15:12 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-08 14:56 - 2016-03-08 14:56 - 01524224 _____ C:\Users\acer\Desktop\AdwCleaner_5.101.exe
2016-03-08 14:42 - 2016-03-08 14:42 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-08 14:36 - 2016-03-08 14:37 - 00000000 ____D C:\Users\acer\Documents\Treiber und Tools
2016-03-06 18:34 - 2016-03-06 18:34 - 00000494 _____ C:\Users\acer\Downloads\activate-72413001-production.lus
2016-03-05 08:36 - 2016-03-05 08:36 - 00000000 ____D C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-05 08:36 - 2016-03-05 08:36 - 00000000 ____D C:\Users\acer\AppData\Local\Avira-Scout
2016-03-05 08:35 - 2016-03-05 08:35 - 00000000 ____D C:\Users\acer\AppData\Local\Package Cache
2016-02-13 09:59 - 2016-03-08 14:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-10 20:04 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 20:04 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 20:04 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 20:04 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 20:04 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 20:04 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 20:04 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-10 20:04 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-10 20:04 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-10 20:04 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-10 20:04 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 20:04 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 20:04 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 20:04 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-10 20:04 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 20:04 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-10 20:04 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 20:04 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 20:04 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 20:04 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 20:04 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 20:04 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 20:04 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 20:04 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 20:04 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 20:04 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 20:04 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 20:04 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 20:04 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 20:04 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 20:04 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 20:04 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 20:04 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 20:04 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 20:04 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-10 20:04 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 20:04 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-10 20:04 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-10 20:04 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-10 20:04 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 20:04 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-10 20:04 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-10 20:04 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-10 20:04 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-10 20:04 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-10 20:04 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 20:04 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 20:04 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 20:04 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 20:04 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 20:04 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-10 20:04 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-10 20:04 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-10 20:04 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-10 20:04 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-10 20:04 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-10 20:04 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-10 20:04 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-10 20:04 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 20:04 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-10 20:04 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-10 20:04 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-10 20:04 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-10 20:04 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 20:04 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-10 20:04 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-10 20:04 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 20:04 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 20:04 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 20:04 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 20:04 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 20:04 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 20:04 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 20:04 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 20:04 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 20:04 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-10 20:03 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 20:03 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-10 20:03 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 20:03 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 20:03 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 20:03 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 20:03 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-10 20:03 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 20:03 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 20:03 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 20:03 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 20:03 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 20:03 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 20:03 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 20:03 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-10 20:03 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-10 20:03 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-10 20:03 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-10 20:03 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 20:03 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 20:03 - 2015-12-20 19:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 20:03 - 2015-12-20 19:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 20:03 - 2015-12-20 15:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 20:02 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 20:02 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 20:02 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 20:02 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 20:02 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 20:02 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-10 20:02 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-10 20:02 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 20:02 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 20:02 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 20:02 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 20:02 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 20:02 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 20:02 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-10 20:02 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 20:02 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 20:02 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 20:02 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 20:02 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 20:02 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 20:02 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-10 20:02 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 20:02 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 20:02 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 20:02 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 20:02 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 20:02 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 20:02 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 20:02 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 20:02 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 20:02 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 20:02 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-10 20:02 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-10 20:02 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 20:02 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 20:02 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 20:02 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-10 20:02 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-10 20:02 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 20:02 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-10 20:02 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-10 20:02 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-10 20:02 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-10 20:02 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-10 20:02 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-10 20:02 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-10 20:02 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-10 20:02 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-10 20:02 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-10 20:02 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 20:02 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-10 20:02 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-10 20:02 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 20:02 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-10 20:02 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 20:02 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-10 20:02 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 20:02 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 20:02 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-10 20:02 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 20:02 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-10 20:02 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 20:02 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 20:02 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 20:02 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 20:02 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 20:02 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 20:02 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-10 20:02 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-10 20:02 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-10 20:02 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-10 20:02 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-10 20:02 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 20:02 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-08 15:38 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-08 15:38 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-08 15:28 - 2014-07-11 19:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-08 15:19 - 2014-07-12 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-08 15:17 - 2014-07-12 10:45 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-03-08 15:17 - 2014-07-12 10:45 - 00133168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-03-08 15:17 - 2014-07-12 10:45 - 00069888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-03-08 15:08 - 2014-07-11 18:33 - 00023504 _____ C:\Windows\BRRBCOM.INI
2016-03-08 15:07 - 2015-08-16 08:39 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-08 15:06 - 2015-12-15 21:31 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-03-08 15:05 - 2015-08-16 08:39 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-08 15:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-08 14:42 - 2014-07-12 00:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-06 18:36 - 2010-11-21 07:50 - 00700380 _____ C:\Windows\system32\perfh007.dat
2016-03-06 18:36 - 2010-11-21 07:50 - 00149986 _____ C:\Windows\system32\perfc007.dat
2016-03-06 18:36 - 2009-07-14 06:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-06 18:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-06 15:39 - 2014-07-12 19:10 - 00000000 ____D C:\Users\acer\AppData\Local\CrashDumps
2016-03-05 17:23 - 2014-07-12 21:47 - 00000000 ____D C:\Users\acer\Documents\Schule
2016-03-05 08:35 - 2014-07-12 10:49 - 00000000 ____D C:\Users\acer\AppData\Roaming\Avira
2016-03-01 19:51 - 2014-07-12 10:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-29 22:57 - 2015-04-04 09:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-29 22:57 - 2015-04-04 09:38 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-29 22:57 - 2014-03-19 14:43 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-29 22:57 - 2014-03-19 14:43 - 00001912 _____ C:\Windows\epplauncher.mif
2016-02-29 22:56 - 2014-03-19 14:43 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-29 22:56 - 2014-03-19 14:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-02-16 17:04 - 2015-05-03 20:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-15 17:56 - 2014-03-19 14:50 - 00000000 ____D C:\Users\acer\AppData\Roaming\Atheros
2016-02-13 11:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-13 09:26 - 2009-07-14 05:45 - 00409208 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-13 09:24 - 2014-12-11 18:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-13 09:24 - 2014-07-12 00:57 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-13 09:24 - 2010-11-21 08:01 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 21:06 - 2014-07-12 10:47 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 21:00 - 2014-07-12 10:47 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 20:58 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2016-02-10 18:28 - 2014-07-11 19:57 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 18:28 - 2014-07-11 19:57 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-10 18:28 - 2014-07-11 19:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 18:07 - 2014-07-12 21:48 - 00000000 ____D C:\Users\acer\Documents\Privat
2016-02-10 15:04 - 2014-09-27 07:11 - 00000000 ____D C:\ProgramData\Oracle
2016-02-10 14:41 - 2014-10-18 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-10 14:41 - 2014-10-18 21:08 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-10 14:40 - 2015-08-31 20:24 - 00000000 ____D C:\Users\acer\.oracle_jre_usage
2016-02-10 14:39 - 2014-10-18 21:09 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-09 13:46 - 2014-07-12 21:48 - 00000000 ____D C:\Users\acer\Documents\Unterricht
2016-02-09 11:45 - 2015-11-22 18:39 - 00000000 ____D C:\Users\acer\Documents\SelfMV
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-07-13 13:00 - 2014-07-13 13:01 - 33811080 _____ () C:\Program Files (x86)\Nero_CoverDesigner_12.0.0.01500.zip
2014-03-19 13:30 - 2014-03-19 13:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\acer\AppData\Local\Temp\avgnt.exe
C:\Users\acer\AppData\Local\Temp\Execute2App.exe
C:\Users\acer\AppData\Local\Temp\javagiac0.2430728431142546.dll
C:\Users\acer\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\acer\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\acer\AppData\Local\Temp\msvcp90.dll
C:\Users\acer\AppData\Local\Temp\msvcr90.dll
C:\Users\acer\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-01 18:22
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von acer (2016-03-08 15:38:29)
Gestartet von C:\Users\acer\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-03-19 19:09:55)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
acer (S-1-5-21-1895174854-802145440-553866228-1000 - Administrator - Enabled) => C:\Users\acer
Administrator (S-1-5-21-1895174854-802145440-553866228-500 - Administrator - Disabled)
Gast (S-1-5-21-1895174854-802145440-553866228-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1895174854-802145440-553866228-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Avira Scout (HKU\S-1-5-21-1895174854-802145440-553866228-1000\...\{3cc6cc67-d693-4af9-9320-241d34083394}) (Version: 16.2.15.170 - Avira Operations GmbH & Co. KG)
AviraScoutMsi (x32 Version: 16.02.15.00170 - Avira Operations GmbH & Co. KG) Hidden
Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
ETDWare PS/2-X64 11.6.4.001_WHQL (HKLM\...\Elantech) (Version: 11.6.4.001 - ELAN Microelectronic Corp.)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.193.0 - International GeoGebra Institute)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3431 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.11.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Nero CoverDesigner (HKLM-x32\...\{3143E3EB-17A5-48F9-90FC-D7CA556CA210}) (Version: 12.0.01500 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Rossmann Fotowelt Software (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 5.0.1 - ORWO Net)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (HKLM-x32\...\{41BB84BA-5CE5-403D-9650-990299509F14}) (Version: 13.0.4.705 - SAP)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15113.12 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15113.12 - Samsung Electronics Co., Ltd.) Hidden
Untis 2014 (HKLM-x32\...\Untis 2014) (Version: 2014 - Gruber&Petters)
Untis 2015 (HKLM-x32\...\Untis 2015) (Version: 2015 - Gruber&Petters)
Untis 2016 (HKLM-x32\...\Untis 2016) (Version: 2016 - Gruber&Petters)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1895174854-802145440-553866228-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {16E01E94-693C-42EF-8895-3AF941E83626} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {2A85E375-D7BB-4ECA-A056-878D73ADE986} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {7AC0C293-1E06-4D41-8AEC-103B9E7C9E0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-16] (Google Inc.)
Task: {B3C1E12D-20C4-4C8D-B0BE-80CBB29A961D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-16] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-07-13 10:27 - 2005-04-22 05:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2014-09-11 16:06 - 2014-09-11 16:06 - 00878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll
2014-09-11 16:05 - 2014-09-11 16:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll
2014-09-11 16:05 - 2014-09-11 16:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll
2014-09-11 16:05 - 2014-09-11 16:05 - 00204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll
2014-09-11 16:08 - 2014-09-11 16:08 - 00015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll
2014-09-11 16:14 - 2014-09-11 16:14 - 00015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll
2014-09-11 16:15 - 2014-09-11 16:15 - 00307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll
2014-09-11 16:15 - 2014-09-11 16:15 - 00014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll
2014-09-11 16:15 - 2014-09-11 16:15 - 00252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll
2014-09-11 16:05 - 2014-09-11 16:05 - 00036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
2014-09-11 16:06 - 2014-09-11 16:06 - 00038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2014-11-11 09:21 - 2014-11-11 09:21 - 00392552 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2014-11-11 09:21 - 2014-11-11 09:21 - 00059752 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2014-11-19 11:47 - 2014-11-19 11:47 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2014-11-19 11:46 - 2014-11-19 11:46 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2014-11-19 11:48 - 2014-11-19 11:48 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2014-07-11 19:11 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-11-22 18:14 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-11-22 18:14 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-03-19 14:26 - 2013-12-10 14:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-02-10 18:28 - 2016-02-10 18:28 - 17891008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1895174854-802145440-553866228-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\acer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{02757F6E-F0DC-438E-8EF7-B97284692736}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{01ABEA63-E8FB-41A0-BD16-9EAC51494FDC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{0F3F0040-ABBA-468B-914D-5887BFF1C73B}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{FC7C4BAD-FE41-4292-B935-3597AC81D24C}] => (Allow) LPort=54925
FirewallRules: [{02A1FD45-21B0-42CF-95B7-FBC8DFF54BDB}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{C084A696-76B4-49CB-8015-27F98EB481C4}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{39F77CFA-77AD-4262-8840-607915AF27F8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5E879978-B1B4-4D54-8472-A7CAA9215455}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{2372D20E-6C2B-41D7-BD0A-DC3E56F9A897}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{E8E39636-A508-4BCF-AFE4-E06604092751}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{BC7637AB-B804-4CF7-81AA-F98430C6838A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A5D8D640-8F9D-404B-BCF0-D2828CAC1781}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
04-03-2016 16:10:24 Windows Update
08-03-2016 07:38:09 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/08/2016 03:06:05 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/08/2016 01:08:09 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/08/2016 07:28:35 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/06/2016 03:39:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 44.0.2.5884, Zeitstempel: 0x56bbf417
Name des fehlerhaften Moduls: mozglue.dll, Version: 44.0.2.5884, Zeitstempel: 0x56bbe58e
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed3b
ID des fehlerhaften Prozesses: 0x1720
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (03/06/2016 03:37:37 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/06/2016 07:44:26 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/04/2016 03:59:50 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/02/2016 01:40:35 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/01/2016 05:39:42 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (02/29/2016 07:48:08 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Systemfehler:
=============
Error: (03/08/2016 03:03:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ServiceLayer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2016 03:03:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2016 03:03:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Gatewaydienst auf Anwendungsebene" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8074.36 MB
Verfügbarer physikalischer RAM: 5562.32 MB
Summe virtueller Speicher: 16146.92 MB
Verfügbarer virtueller Speicher: 13236.67 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:377.09 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B3337D35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
09.03.2016, 07:03
| #5 |
| /// TB-Ausbilder | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Servus, Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
09.03.2016, 07:30
| #6 |
| | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Guten Morgen, zunächst die LogDatei von AdwCleaner. Diese stammt von gestern. Heute habe ich nach Deinen Anweisungen nochmals AdwCleaner ausgeführt. Die "C" Datei wurde allerdings nicht überschrieben. Code:
ATTFilter # AdwCleaner v5.101 - Bericht erstellt am 08/03/2016 um 15:03:12
# Aktualisiert am 07/03/2016 von Xplode
# Datenbank : 2016-03-08.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : acer - NOTEBOOKUWE
# Gestartet von : C:\Users\acer\Desktop\AdwCleaner_5.101.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Users\acer\AppData\Roaming\Easeware
[-] Ordner Gelöscht : C:\Users\acer\AppData\Roaming\OpenCandy
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Geplante Aufgabe Gelöscht : DriverEasy Scheduled Scan
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\datamngrCoordinator.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Driver-Soft
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\chatango.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\st.chatango.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
***** [ Internetbrowser ] *****
[-] [C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.adapters", "{\"de-mg42.mail.yahoo.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":2,\"AdapterKey\":\"default_adapter\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":[...]
[-] [C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"//i.imitinjs.info/imitin/javascript.js\",\"querySt[...]
[-] [C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default\prefs.js] [Preference] Gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [3214 Bytes] - [08/03/2016 15:03:12]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [3201 Bytes] - [08/03/2016 14:56:39]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [3400 Bytes] ##########
|
|
09.03.2016, 14:15
| #7 |
| /// TB-Ausbilder | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Servus, weiter mit den anderen Schritten bitte. |
|
09.03.2016, 16:07
| #8 |
| | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Hallo Matthias, nach getaner Arbeit geht es nun weiter mit der mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 09.03.2016 Suchlaufzeit: 15:10 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.03.09.03 Rootkit-Datenbank: v2016.02.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: acer Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 356720 Abgelaufene Zeit: 19 Min., 41 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 2 PUP.Optional.Iminent, HKU\S-1-5-21-1895174854-802145440-553866228-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, In Quarantäne, [d9de5d280d8cb482eb93655156ac7090], PUP.Optional.Iminent, HKU\S-1-5-21-1895174854-802145440-553866228-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, In Quarantäne, [d9de5d280d8cb482eb93655156ac7090], Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
09.03.2016, 16:08
| #9 |
| /// TB-Ausbilder | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Immer weiter...  |
|
09.03.2016, 16:14
| #10 |
| | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Jetzt die JRT Datei: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 7 Professional x64
Ran by acer (Administrator) on 09.03.2016 at 16:09:12,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 34
Successfully deleted: C:\ProgramData\drivergenius (Folder)
Successfully deleted: C:\Program Files (x86)\driver-soft (Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NJBMNDP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZW8V946 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\909ZUASN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AEJAFJX2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AXBR9O00 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOF8M3F1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HP1DJLS7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX18KYO1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K90K57Z8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MEICUHMH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VCJUUCCZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMM6EEX8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NJBMNDP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZW8V946 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\909ZUASN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AEJAFJX2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AXBR9O00 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOF8M3F1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HP1DJLS7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX18KYO1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K90K57Z8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MEICUHMH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VCJUUCCZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMM6EEX8 (Temporary Internet Files Folder)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.03.2016 at 16:11:45,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
09.03.2016, 16:17
| #11 |
| /// TB-Ausbilder | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Und noch zweimal FRST... |
|
09.03.2016, 16:18
| #12 |
| | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Nun die FRST.txt Datei: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von acer (Administrator) auf NOTEBOOKUWE (09-03-2016 16:15:25)
Gestartet von C:\Users\acer\Desktop
Geladene Profile: acer (Verfügbare Profile: acer)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-12-18] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-12-10] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKU\S-1-5-21-1895174854-802145440-553866228-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1895174854-802145440-553866228-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
HKU\S-1-5-21-1895174854-802145440-553866228-1000\...\Run: [] => [X]
HKU\S-1-5-21-1895174854-802145440-553866228-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{05D3EE09-2F4A-4381-8B9B-AC034CC933CC}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2592A080-B184-4618-B611-8394E0F4B176}: [DhcpNameServer] 192.168.1.251
Tcpip\..\Interfaces\{EBBB1086-A930-489B-BD26-56CA9BB9E5EF}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1895174854-802145440-553866228-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://yahoo.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default
FF Homepage: hxxps://login.yahoo.com/config/login_verify2?.intl=de&.src=ym
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: SmashDasboard - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default\Extensions\@smashdashboard.xpi [2016-02-21]
FF Extension: Avira Browser Safety - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default\Extensions\abs@avira.com [2016-02-19]
FF Extension: Adblock Plus - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\snjvhyub.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-29]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-08] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2013-12-18] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-02-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-08] (Avira Operations GmbH & Co. KG)
S3 AX88178; C:\Windows\System32\DRIVERS\ax88178.sys [64000 2013-07-12] (ASIX Electronics Corp.)
R3 BTATH_HID; C:\Windows\System32\DRIVERS\btath_hid.sys [222952 2012-12-21] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [428008 2012-12-21] (Qualcomm Atheros)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-12-18] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-09 16:11 - 2016-03-09 16:11 - 00006191 _____ C:\Users\acer\Desktop\JRT.txt
2016-03-09 16:08 - 2016-03-09 16:08 - 01609216 _____ (Malwarebytes) C:\Users\acer\Desktop\JRT.exe
2016-03-09 16:03 - 2016-03-09 16:03 - 00001604 _____ C:\Users\acer\Desktop\mbam.txt
2016-03-09 15:57 - 2016-03-09 15:57 - 00000000 ___RD C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-03-09 15:09 - 2016-03-09 16:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-09 15:08 - 2016-03-09 15:08 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-09 15:08 - 2016-03-09 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-03-09 15:08 - 2016-03-09 15:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-09 15:08 - 2016-03-09 15:08 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-03-09 15:08 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-09 15:08 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-09 15:08 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-09 15:07 - 2016-03-09 15:07 - 22908888 _____ (Malwarebytes ) C:\Users\acer\Downloads\mbam-setup-2.2.0.1024.exe
2016-03-09 07:53 - 2016-02-12 19:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 07:53 - 2016-02-12 19:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 07:53 - 2016-02-12 19:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 07:53 - 2016-02-12 19:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 07:53 - 2016-02-12 19:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 07:53 - 2016-02-12 19:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 07:53 - 2016-02-12 19:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 07:53 - 2016-02-12 19:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 07:53 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 07:53 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 07:53 - 2016-02-12 19:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 07:53 - 2016-02-12 19:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 07:53 - 2016-02-12 19:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 07:53 - 2016-02-12 19:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 07:53 - 2016-02-12 19:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 07:53 - 2016-02-12 19:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 07:53 - 2016-02-09 07:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 07:53 - 2016-02-09 07:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 07:53 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 07:53 - 2016-02-08 21:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 07:53 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 07:53 - 2016-02-08 21:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 07:53 - 2016-02-08 21:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 07:53 - 2016-02-08 21:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 07:53 - 2016-02-08 21:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 07:53 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 07:53 - 2016-02-08 21:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 07:53 - 2016-02-08 21:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 07:53 - 2016-02-08 21:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 07:53 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 07:53 - 2016-02-08 21:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 07:53 - 2016-02-08 21:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 07:53 - 2016-02-08 21:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 07:53 - 2016-02-08 21:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 07:53 - 2016-02-08 21:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 07:53 - 2016-02-08 21:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 07:53 - 2016-02-08 21:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 07:53 - 2016-02-08 21:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 07:53 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 07:53 - 2016-02-08 21:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 07:53 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 07:53 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 07:53 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 07:53 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 07:53 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 07:53 - 2016-02-08 21:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 07:53 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 07:53 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 07:53 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 07:53 - 2016-02-08 19:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 07:53 - 2016-02-08 19:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 07:53 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 07:53 - 2016-02-08 19:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 07:53 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 07:53 - 2016-02-08 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 07:53 - 2016-02-08 19:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 07:53 - 2016-02-08 19:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 07:53 - 2016-02-08 19:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 07:53 - 2016-02-08 19:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 07:53 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 07:53 - 2016-02-08 19:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 07:53 - 2016-02-08 19:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 07:53 - 2016-02-08 19:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 07:53 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 07:53 - 2016-02-08 19:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 07:53 - 2016-02-08 19:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 07:53 - 2016-02-08 19:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 07:53 - 2016-02-08 18:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 07:53 - 2016-02-08 18:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 07:53 - 2016-02-08 18:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 07:53 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 07:53 - 2016-02-08 18:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 07:53 - 2016-02-08 18:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 07:53 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 07:53 - 2016-02-08 18:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 07:53 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 07:53 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 07:53 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 07:53 - 2016-02-08 18:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 07:53 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 07:53 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 07:53 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 07:53 - 2016-02-04 18:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 07:53 - 2016-02-03 19:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 07:53 - 2016-02-03 19:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 07:53 - 2016-02-03 19:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 07:53 - 2016-02-03 19:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 07:53 - 2016-02-03 19:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 07:53 - 2016-01-11 20:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 07:53 - 2015-11-19 15:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 07:53 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 07:52 - 2016-02-19 20:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 07:52 - 2016-02-19 19:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 07:52 - 2016-02-19 15:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 07:52 - 2016-02-11 19:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 07:52 - 2016-02-11 19:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 07:52 - 2016-02-11 19:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 07:52 - 2016-02-11 19:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 07:52 - 2016-02-11 19:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 07:52 - 2016-02-11 19:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 07:52 - 2016-02-11 19:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 07:52 - 2016-02-11 19:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 07:52 - 2016-02-11 19:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 07:52 - 2016-02-11 19:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 07:52 - 2016-02-11 19:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 07:52 - 2016-02-11 19:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 07:52 - 2016-02-11 19:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 07:52 - 2016-02-11 19:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 07:52 - 2016-02-11 19:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 07:52 - 2016-02-11 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 07:52 - 2016-02-11 19:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 07:52 - 2016-02-11 19:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 07:52 - 2016-02-11 19:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 07:52 - 2016-02-11 19:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 07:52 - 2016-02-11 19:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 07:52 - 2016-02-11 19:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 07:52 - 2016-02-11 19:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 07:52 - 2016-02-11 19:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 07:52 - 2016-02-11 19:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 07:52 - 2016-02-11 19:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 07:52 - 2016-02-11 19:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 07:52 - 2016-02-11 19:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 07:52 - 2016-02-11 19:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 07:52 - 2016-02-11 19:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 07:52 - 2016-02-11 19:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 07:52 - 2016-02-11 19:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 07:52 - 2016-02-11 19:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 07:52 - 2016-02-11 19:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 07:52 - 2016-02-11 19:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 07:52 - 2016-02-11 19:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 07:52 - 2016-02-11 19:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 07:52 - 2016-02-11 19:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 07:52 - 2016-02-11 19:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 07:52 - 2016-02-11 19:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 07:52 - 2016-02-11 19:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 07:52 - 2016-02-11 19:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 07:52 - 2016-02-11 19:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 07:52 - 2016-02-11 19:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 07:52 - 2016-02-11 19:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 07:52 - 2016-02-11 19:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 18:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 07:52 - 2016-02-11 18:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 07:52 - 2016-02-11 18:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 07:52 - 2016-02-11 18:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 07:52 - 2016-02-11 18:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 07:52 - 2016-02-11 18:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 07:52 - 2016-02-11 18:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 07:52 - 2016-02-11 18:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 07:52 - 2016-02-11 18:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 07:52 - 2016-02-11 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 07:52 - 2016-02-11 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 07:52 - 2016-02-11 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 07:52 - 2016-02-11 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 07:52 - 2016-02-11 18:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 07:52 - 2016-02-11 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 07:52 - 2016-02-11 15:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 07:52 - 2016-02-09 10:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 07:52 - 2016-02-09 10:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 07:52 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 07:52 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 07:52 - 2016-02-09 10:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 07:52 - 2016-02-09 10:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 07:52 - 2016-02-09 10:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 07:52 - 2016-02-09 10:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 07:52 - 2016-02-09 10:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 07:52 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 07:52 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 07:52 - 2016-02-05 19:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 07:52 - 2016-02-05 19:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 07:52 - 2016-02-05 19:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 07:52 - 2016-02-05 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 07:52 - 2016-02-05 19:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 07:52 - 2016-02-05 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 07:52 - 2016-02-05 19:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 07:52 - 2016-02-05 18:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 07:52 - 2016-02-05 18:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 07:52 - 2016-02-05 18:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 07:52 - 2016-02-05 15:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 07:52 - 2016-02-05 15:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 07:52 - 2016-02-05 15:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 07:52 - 2016-02-05 02:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 07:52 - 2016-02-04 19:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-08 17:02 - 2016-03-08 17:04 - 00230508 _____ C:\TDSSKiller.3.1.0.9_08.03.2016_17.02.22_log.txt
2016-03-08 17:01 - 2016-03-08 17:01 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\acer\Desktop\tdsskiller.exe
2016-03-08 15:38 - 2016-03-08 15:39 - 00030585 _____ C:\Users\acer\Desktop\Addition.txt
2016-03-08 15:37 - 2016-03-09 16:15 - 00018114 _____ C:\Users\acer\Desktop\FRST.txt
2016-03-08 15:37 - 2016-03-09 16:15 - 00000000 ____D C:\FRST
2016-03-08 15:35 - 2016-03-08 15:35 - 02374144 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe
2016-03-08 14:56 - 2016-03-09 07:23 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-08 14:56 - 2016-03-08 14:56 - 01524224 _____ C:\Users\acer\Desktop\AdwCleaner_5.101.exe
2016-03-08 14:42 - 2016-03-08 14:42 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-08 14:36 - 2016-03-08 14:37 - 00000000 ____D C:\Users\acer\Documents\Treiber und Tools
2016-03-06 18:34 - 2016-03-06 18:34 - 00000494 _____ C:\Users\acer\Downloads\activate-72413001-production.lus
2016-03-05 08:36 - 2016-03-05 08:36 - 00000000 ____D C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-05 08:36 - 2016-03-05 08:36 - 00000000 ____D C:\Users\acer\AppData\Local\Avira-Scout
2016-03-05 08:35 - 2016-03-05 08:35 - 00000000 ____D C:\Users\acer\AppData\Local\Package Cache
2016-02-13 09:59 - 2016-03-08 14:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-10 20:04 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 20:04 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 20:04 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-10 20:03 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 20:03 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-10 20:03 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 20:03 - 2015-12-20 19:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-10 20:03 - 2015-12-20 19:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 20:03 - 2015-12-20 15:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-10 20:02 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 20:02 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 20:02 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 20:02 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 20:02 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 20:02 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 20:02 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-10 20:02 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-10 20:02 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-10 20:02 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-10 20:02 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-10 20:02 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-10 20:02 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-10 20:02 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 20:02 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-09 16:07 - 2015-08-16 08:39 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-09 16:03 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-09 16:03 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-09 16:01 - 2010-11-21 07:50 - 00700380 _____ C:\Windows\system32\perfh007.dat
2016-03-09 16:01 - 2010-11-21 07:50 - 00149986 _____ C:\Windows\system32\perfc007.dat
2016-03-09 16:01 - 2009-07-14 06:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-09 16:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-09 15:56 - 2015-08-16 08:39 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-09 15:55 - 2015-12-15 21:31 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-03-09 15:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-09 15:54 - 2009-07-14 05:45 - 00409208 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-09 15:40 - 2014-07-12 10:47 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 15:34 - 2014-07-12 10:47 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-09 15:33 - 2014-12-11 18:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-09 15:28 - 2014-07-11 19:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-08 16:28 - 2014-07-11 18:33 - 00023504 _____ C:\Windows\BRRBCOM.INI
2016-03-08 15:19 - 2014-07-12 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-08 15:17 - 2014-07-12 10:45 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-03-08 15:17 - 2014-07-12 10:45 - 00133168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-03-08 15:17 - 2014-07-12 10:45 - 00069888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-03-08 14:42 - 2014-07-12 00:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-06 15:39 - 2014-07-12 19:10 - 00000000 ____D C:\Users\acer\AppData\Local\CrashDumps
2016-03-05 17:23 - 2014-07-12 21:47 - 00000000 ____D C:\Users\acer\Documents\Schule
2016-03-05 08:35 - 2014-07-12 10:49 - 00000000 ____D C:\Users\acer\AppData\Roaming\Avira
2016-03-01 19:51 - 2014-07-12 10:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-29 22:57 - 2015-04-04 09:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-29 22:57 - 2015-04-04 09:38 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-29 22:57 - 2014-03-19 14:43 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-29 22:57 - 2014-03-19 14:43 - 00001912 _____ C:\Windows\epplauncher.mif
2016-02-29 22:56 - 2014-03-19 14:43 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-29 22:56 - 2014-03-19 14:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-02-16 17:04 - 2015-05-03 20:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-15 17:56 - 2014-03-19 14:50 - 00000000 ____D C:\Users\acer\AppData\Roaming\Atheros
2016-02-13 11:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-13 09:24 - 2014-07-12 00:57 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-13 09:24 - 2010-11-21 08:01 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 20:58 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2016-02-10 18:28 - 2014-07-11 19:57 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 18:28 - 2014-07-11 19:57 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-10 18:28 - 2014-07-11 19:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 18:07 - 2014-07-12 21:48 - 00000000 ____D C:\Users\acer\Documents\Privat
2016-02-10 15:04 - 2014-09-27 07:11 - 00000000 ____D C:\ProgramData\Oracle
2016-02-10 14:41 - 2014-10-18 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-10 14:41 - 2014-10-18 21:08 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-10 14:40 - 2015-08-31 20:24 - 00000000 ____D C:\Users\acer\.oracle_jre_usage
2016-02-10 14:39 - 2014-10-18 21:09 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-09 13:46 - 2014-07-12 21:48 - 00000000 ____D C:\Users\acer\Documents\Unterricht
2016-02-09 11:45 - 2015-11-22 18:39 - 00000000 ____D C:\Users\acer\Documents\SelfMV
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-07-13 13:00 - 2014-07-13 13:01 - 33811080 _____ () C:\Program Files (x86)\Nero_CoverDesigner_12.0.0.01500.zip
2014-03-19 13:30 - 2014-03-19 13:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\acer\AppData\Local\Temp\avgnt.exe
C:\Users\acer\AppData\Local\Temp\Execute2App.exe
C:\Users\acer\AppData\Local\Temp\javagiac0.2430728431142546.dll
C:\Users\acer\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\acer\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\acer\AppData\Local\Temp\msvcp90.dll
C:\Users\acer\AppData\Local\Temp\msvcr90.dll
C:\Users\acer\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-09 08:13
==================== Ende von FRST.txt ============================
|
|
09.03.2016, 16:22
| #13 |
| /// TB-Ausbilder | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Servus, fehlt noch die Addition.txt. Kommen die Tabs mit Werbung immer noch in Firefox? |
|
09.03.2016, 16:23
| #14 |
| | Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen Beim Neustart des Computers nach Durchführung von Schritt 2 haben sich Windows-Updates installiert. Hier die Addition.txt Datei: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von acer (2016-03-09 16:16:18)
Gestartet von C:\Users\acer\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-03-19 19:09:55)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
acer (S-1-5-21-1895174854-802145440-553866228-1000 - Administrator - Enabled) => C:\Users\acer
Administrator (S-1-5-21-1895174854-802145440-553866228-500 - Administrator - Disabled)
Gast (S-1-5-21-1895174854-802145440-553866228-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1895174854-802145440-553866228-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Avira Scout (HKU\S-1-5-21-1895174854-802145440-553866228-1000\...\{3cc6cc67-d693-4af9-9320-241d34083394}) (Version: 16.2.15.170 - Avira Operations GmbH & Co. KG)
AviraScoutMsi (x32 Version: 16.02.15.00170 - Avira Operations GmbH & Co. KG) Hidden
Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
ETDWare PS/2-X64 11.6.4.001_WHQL (HKLM\...\Elantech) (Version: 11.6.4.001 - ELAN Microelectronic Corp.)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.193.0 - International GeoGebra Institute)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3431 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.11.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Nero CoverDesigner (HKLM-x32\...\{3143E3EB-17A5-48F9-90FC-D7CA556CA210}) (Version: 12.0.01500 - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Rossmann Fotowelt Software (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 5.0.1 - ORWO Net)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (HKLM-x32\...\{41BB84BA-5CE5-403D-9650-990299509F14}) (Version: 13.0.4.705 - SAP)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15113.12 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15113.12 - Samsung Electronics Co., Ltd.) Hidden
Untis 2014 (HKLM-x32\...\Untis 2014) (Version: 2014 - Gruber&Petters)
Untis 2015 (HKLM-x32\...\Untis 2015) (Version: 2015 - Gruber&Petters)
Untis 2016 (HKLM-x32\...\Untis 2016) (Version: 2016 - Gruber&Petters)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1895174854-802145440-553866228-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {16E01E94-693C-42EF-8895-3AF941E83626} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {2A85E375-D7BB-4ECA-A056-878D73ADE986} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {7AC0C293-1E06-4D41-8AEC-103B9E7C9E0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-16] (Google Inc.)
Task: {B3C1E12D-20C4-4C8D-B0BE-80CBB29A961D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-16] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-07-13 10:27 - 2005-04-22 05:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2014-07-11 19:11 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-03-19 14:26 - 2013-12-10 14:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-02-10 18:28 - 2016-02-10 18:28 - 17891008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1895174854-802145440-553866228-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\acer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{02757F6E-F0DC-438E-8EF7-B97284692736}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{01ABEA63-E8FB-41A0-BD16-9EAC51494FDC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{0F3F0040-ABBA-468B-914D-5887BFF1C73B}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{FC7C4BAD-FE41-4292-B935-3597AC81D24C}] => (Allow) LPort=54925
FirewallRules: [{02A1FD45-21B0-42CF-95B7-FBC8DFF54BDB}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{C084A696-76B4-49CB-8015-27F98EB481C4}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{39F77CFA-77AD-4262-8840-607915AF27F8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5E879978-B1B4-4D54-8472-A7CAA9215455}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{2372D20E-6C2B-41D7-BD0A-DC3E56F9A897}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{E8E39636-A508-4BCF-AFE4-E06604092751}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{BC7637AB-B804-4CF7-81AA-F98430C6838A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A5D8D640-8F9D-404B-BCF0-D2828CAC1781}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
04-03-2016 16:10:24 Windows Update
08-03-2016 07:38:09 Windows Update
09-03-2016 15:33:19 Windows Update
09-03-2016 16:09:16 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/09/2016 03:55:15 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/09/2016 03:51:24 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/09/2016 07:15:05 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/08/2016 03:06:05 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/08/2016 01:08:09 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/08/2016 07:28:35 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/06/2016 03:39:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 44.0.2.5884, Zeitstempel: 0x56bbf417
Name des fehlerhaften Moduls: mozglue.dll, Version: 44.0.2.5884, Zeitstempel: 0x56bbe58e
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed3b
ID des fehlerhaften Prozesses: 0x1720
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (03/06/2016 03:37:37 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/06/2016 07:44:26 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (03/04/2016 03:59:50 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Systemfehler:
=============
Error: (03/09/2016 03:33:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (03/08/2016 03:03:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ServiceLayer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2016 03:03:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2016 03:03:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8074.36 MB
Verfügbarer physikalischer RAM: 5645.89 MB
Summe virtueller Speicher: 16146.92 MB
Verfügbarer virtueller Speicher: 13451.47 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:374.89 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B3337D35)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
10.03.2016, 06:34
| #15 | |
| /// TB-Ausbilder | Firefox öffnet selbständig Tabs mit Werbung und GewinnspielenZitat:
 |
|
| Themen zu Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen |
| adwcleaner, firefox, mozilla, mozilla firefox, neue, neue tabs, neue tabs mit werbung, problem, selbständig, spiele, spielen, tab öffnet selbstständig, tabs mit werbung, tritt, werbung, woche, öffnen, öffnet |
Linear-Darstellung
