| |
| |||||||
Log-Analyse und Auswertung: versteckte Treiber entdeckt-PC teilweise stark verlangsamtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
26.03.2016, 01:25
| #1 |
 |  versteckte Treiber entdeckt-PC teilweise stark verlangsamt Guten Abend, heute morgen hat mir AVG Antivirus (free) angezeigt, dass eine Bedrohung nicht entfernt werden kann. Die Bedrohung war als "versteckter Treiber" angezeigt und im Dateipfad: C:\Windows\System32\Drivers. Durch ein paar Klicks in AVG und einen Neustart wurde die Bedrohung (angeblich) entfernt. Mir ist heute aber leider aufgefallen, dass der PC immer wieder kleine Hänger von wenigen Sekunden hat (hauptsächlich im Windows-Explorer). Da die Hardware relativ potent (i5 4690k, SSD, 8gb RAM) ist und die Probleme erst seit heute da sind (oder auffallen) bitte ich um Hilfe bei der Analyse meines Systems. OS: Win 8.1 Pro CPU: i5 4690k RAM: 2x4gb @1600Mhz GPU: HIS R9 280 / ehemals HD 7950 NT: Antec True Power Classic 450W SSD: Crucial MX100 256gb MfG Bull |
|
26.03.2016, 04:27
| #2 |
| /// Malwareteam   |  versteckte Treiber entdeckt-PC teilweise stark verlangsamt Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Schritt: 1 Bitte poste den genauen Log bzw. einen Screenshot von dem Fund von AVG, so dass ich die Details erkennen kann. Schritt: 2 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt: 3 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
26.03.2016, 13:07
| #3 |
| | versteckte Treiber entdeckt-PC teilweise stark verlangsamt Hallo Rafael und vielen Dank
__________________ !1. Sowas ? Ich hab das Gefühl AVG gibt nicht gern Infos raus^^ Code:
ATTFilter "Geplanter Scan"
"Hoher Schweregrad";"1";"1";"0"
"Gescannt:";"Gesamten Computer scannen"
"Gestartet:";"25.03.2016, 12:53:45"
"Beendet:";"25.03.2016, 13:59:04"
"Anzahl der Elemente:";"261511"
"Gestartet von:";"SYSTEM"
"Name";"Beschreibung";"Status";"Status";"Priorität"
"C:\WINDOWS\System32\drivers\";"Versteckter Treiber";"Gesichert";"Geheilt";"Hoch"
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Michael (Administrator) auf DER-BOSS (26-03-2016 12:37:05)
Gestartet von C:\Users\Michael\Desktop\PC Bereinigung
Geladene Profile: Michael (Verfügbare Profile: Michael)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2014-09-08] (Realtek Semiconductor)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [246784 2013-03-12] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-03-22] (LogMeIn Inc.)
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\Run: [Spotify Web Helper] => C:\Users\Michael\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-13] (Spotify Ltd)
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\MountPoints2: {7892395f-3b3a-11e4-be81-d050992aab1a} - "D:\pushinst.exe"
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\MountPoints2: {bc9c932c-2fa1-11e4-be66-806e6f6e6963} - "D:\ASRSetup.exe"
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Bildschirmschoner\matrix.scr [92214 2007-07-20] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{025F1B6B-5D51-485F-95DE-F9524C3060B7}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-04] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-08] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-04] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Extension: WhatsApp Panel - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default\extensions\whatsapppanel@alejandrobrizuela.com.ar.xpi [2016-01-07]
FF Extension: Tab Mix Plus - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-03-07]
FF Extension: FlashGot - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-03-17]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default\Extensions\langpack-de@Waterfox.mozilla.org.xpi [2014-08-29] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-24] [ist nicht signiert]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-09-15] (AOMEI Tech Co., Ltd.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-03-22] (LogMeIn, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-04] (Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2014-09-08] (Realtek Semiconductor)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-11-18] (IObit)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-09-29] (Intel(R) Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-02-26] () [Datei ist nicht signiert]
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [151480 2015-02-26] () [Datei ist nicht signiert]
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [17848 2015-02-26] () [Datei ist nicht signiert]
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
S3 cmnxusbser; C:\Windows\system32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
S3 cpuz138; C:\Users\Michael\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-02-24] (CPUID)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-02-03] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-03-22] (LogMeIn Inc.)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [125952 2014-06-16] (Intel Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2016-02-01] (Macrovision Europe Ltd) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 AsrSetupDrv; \??\C:\WINDOWS\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S4 RAMDiskVE; \SystemRoot\System32\Drivers\RAMDiskVE.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-26 12:36 - 2016-03-26 12:37 - 00000000 ____D C:\Users\Michael\Desktop\PC Bereinigung
2016-03-26 12:36 - 2016-03-26 12:37 - 00000000 ____D C:\FRST
2016-03-25 16:56 - 2016-03-25 16:56 - 00001009 _____ C:\Users\Michael\Desktop\Texmaker.lnk
2016-03-25 16:56 - 2016-03-25 16:56 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2016-03-25 16:56 - 2016-03-25 16:56 - 00000000 ____D C:\Program Files (x86)\Texmaker
2016-03-25 16:51 - 2016-03-25 16:51 - 00000073 _____ C:\Users\Michael\Documents\text.tex
2016-03-25 16:27 - 2016-03-25 16:30 - 00002231 _____ C:\Users\Michael\Documents\Lebenslauf.pdf
2016-03-25 16:19 - 2016-03-25 16:27 - 00001305 _____ C:\Users\Michael\Documents\Lebenslauf.bib
2016-03-25 14:41 - 2016-03-26 01:33 - 00000000 ___RD C:\Users\Michael\Documents\Bewerbungen
2016-03-25 14:02 - 2016-03-25 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-03-25 14:02 - 2016-03-25 14:02 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-03-24 17:23 - 2016-03-24 17:23 - 00001276 _____ C:\Users\Michael\Documents\test.pdf
2016-03-24 17:22 - 2016-03-24 17:30 - 00001276 _____ C:\Users\Michael\Documents\test.tex
2016-03-24 17:17 - 2016-03-24 17:17 - 00001276 _____ C:\Users\Michael\Documents\Lebenslauf2.tex
2016-03-24 17:11 - 2016-03-24 17:11 - 00000000 ____D C:\Users\Michael\AppData\Roaming\xm1
2016-03-24 16:52 - 2016-03-24 16:52 - 00000000 ____D C:\Users\Michael\AppData\Roaming\MiKTeX
2016-03-24 16:52 - 2016-03-24 16:52 - 00000000 ____D C:\Users\Michael\AppData\Local\MiKTeX
2016-03-24 16:52 - 2016-03-24 16:52 - 00000000 ____D C:\ProgramData\MiKTeX
2016-03-24 16:52 - 2016-03-24 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2016-03-24 16:51 - 2016-03-24 16:51 - 00000000 ____D C:\Program Files\MiKTeX 2.9
2016-03-24 16:36 - 2016-03-24 16:51 - 188503304 _____ (MiKTeX.org) C:\Users\Michael\Downloads\basic-miktex-2.9.5721-x64.exe
2016-03-24 16:31 - 2016-03-25 17:04 - 00001305 _____ C:\Users\Michael\Documents\Lebenslauf.tex
2016-03-24 16:22 - 2016-03-24 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2016-03-24 15:55 - 2016-03-24 16:05 - 59590516 _____ C:\Users\Michael\Downloads\texmakerwin3245_install.exe
2016-03-24 15:42 - 2016-03-24 15:43 - 00249197 _____ C:\Users\Michael\Documents\Deckblatt2.pdf
2016-03-24 15:41 - 2016-03-24 15:41 - 00249197 _____ C:\Users\Michael\Documents\Deckblatt.pdf
2016-03-24 15:15 - 2016-03-24 15:15 - 00000000 ____D C:\Users\Michael\AppData\Local\_3_
2016-03-24 15:15 - 2016-03-24 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator
2016-03-24 15:15 - 2016-03-24 15:15 - 00000000 ____D C:\Program Files (x86)\Passbild-Generator
2016-03-24 15:14 - 2016-03-24 15:14 - 03670848 _____ (Passbild-Generator ) C:\Users\Michael\Downloads\Setup4-Passbild-Generator.exe
2016-03-24 01:28 - 2016-03-24 01:28 - 00001496 _____ C:\Users\Michael\AppData\Local\recently-used.xbel
2016-03-23 00:21 - 2016-03-23 00:21 - 00009216 ___SH C:\Users\Michael\Downloads\Thumbs.db
2016-03-22 16:16 - 2016-03-22 16:16 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2016-03-11 23:50 - 2016-03-11 23:50 - 00025401 _____ C:\Users\Michael\Documents\Babas stutzen.odt
2016-03-10 15:06 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-10 15:06 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-10 15:06 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-10 15:06 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-10 15:06 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-10 15:06 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-03-10 15:06 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-10 15:06 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-03-10 15:06 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-10 15:06 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-03-10 15:06 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-03-10 15:06 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-10 15:06 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-03-10 15:06 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-10 15:06 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-03-10 15:06 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-10 15:06 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-03-10 15:06 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-03-10 15:06 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-10 15:06 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-10 15:06 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-03-10 15:06 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-10 15:06 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-03-10 15:06 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-10 15:06 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-03-10 15:06 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-03-10 15:06 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-03-10 15:06 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-03-10 15:06 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-03-10 15:06 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-03-10 15:06 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-10 15:06 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-03-10 15:06 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-10 15:06 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-03-10 15:06 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-10 15:06 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-03-10 15:06 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-03-10 15:06 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-03-10 15:06 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-10 15:05 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-03-10 15:05 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-10 15:05 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-03-10 15:05 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-03-10 15:05 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-03-10 15:05 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-03-10 15:05 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-03-10 15:05 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-03-10 15:05 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-03-10 15:05 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-03-10 15:05 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-03-10 15:05 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-03-10 15:05 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-03-10 15:05 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-03-10 15:05 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-03-10 15:05 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-03-10 15:05 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-10 15:05 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-03-10 15:05 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-03-10 15:05 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-03-10 15:05 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-03-10 15:05 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-10 15:05 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-10 15:05 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-10 15:05 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-10 15:05 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-03-10 15:05 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-03-10 15:05 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-10 15:05 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-10 15:05 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-10 15:05 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-10 15:05 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-10 15:05 - 2016-01-31 20:16 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-10 15:05 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-03-10 15:05 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-03-10 15:05 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-03-10 15:05 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-03-10 15:05 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-03-10 15:05 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-03-10 15:05 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-03-10 15:05 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-03-10 15:05 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-03-10 15:05 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2016-03-10 15:05 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-03-10 15:05 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-03-10 15:05 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-03-10 15:05 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2016-03-10 15:05 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2016-03-10 15:05 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2016-03-10 15:04 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-03-10 15:04 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-10 15:04 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-10 15:04 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-10 15:04 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-10 15:04 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-10 15:04 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-10 15:04 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-03-10 15:04 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-03-10 15:04 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-03-10 15:04 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-10 15:04 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2016-03-10 15:04 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-07 10:30 - 2016-03-07 10:30 - 00016333 _____ C:\Users\Michael\Documents\Die Stämme.odt
2016-03-02 10:21 - 2016-03-02 10:21 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-26 12:11 - 2014-03-18 11:04 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-26 12:11 - 2014-03-18 10:25 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-26 12:11 - 2014-03-18 10:25 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-26 12:11 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-03-26 12:10 - 2014-08-29 20:43 - 00000000 ____D C:\ProgramData\MFAData
2016-03-26 12:10 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-26 12:08 - 2014-08-30 22:26 - 00000000 ____D C:\Users\Michael\AppData\Local\LogMeIn Hamachi
2016-03-26 12:07 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-26 01:33 - 2014-08-29 21:05 - 00000000 _____ C:\Users\Michael\AppData\LocalLow\ChangeTaskbarRect
2016-03-25 21:29 - 2014-12-30 23:25 - 00000000 ____D C:\Users\Michael\AppData\Roaming\TS3Client
2016-03-25 20:43 - 2015-09-19 13:36 - 00000000 ____D C:\Users\Michael\AppData\Local\Origin
2016-03-25 20:43 - 2015-09-19 12:43 - 00000000 ____D C:\ProgramData\Origin
2016-03-25 17:26 - 2014-08-29 18:36 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3802420466-2463483923-4168562675-1001
2016-03-25 17:01 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-25 16:45 - 2016-01-13 23:36 - 00013237 _____ C:\Users\Michael\Documents\Training.odt
2016-03-25 16:36 - 2015-12-24 23:30 - 00000000 ____D C:\Users\Michael\AppData\Local\Warframe
2016-03-25 16:36 - 2014-08-30 09:36 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-25 01:58 - 2015-09-12 17:28 - 00000000 ____D C:\Users\Michael\.gimp-2.8
2016-03-24 21:23 - 2015-11-04 15:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-24 07:45 - 2015-04-04 09:01 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-03-24 07:45 - 2015-04-04 09:01 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-03-24 07:45 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-24 01:28 - 2015-09-12 17:30 - 00000000 ____D C:\Users\Michael\AppData\Local\gtk-2.0
2016-03-18 22:07 - 2014-09-05 12:41 - 00000000 ____D C:\Users\Michael\Documents\DCS
2016-03-11 22:54 - 2015-10-23 23:44 - 00000952 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-03-11 22:54 - 2014-08-29 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-11 21:03 - 2014-11-02 17:34 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-03-11 12:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-03-11 10:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-11 00:19 - 2013-08-22 15:44 - 00362848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-10 23:41 - 2015-04-15 22:51 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-10 20:14 - 2014-08-29 20:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-10 20:13 - 2014-08-29 20:34 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 07:19 - 2015-10-13 21:56 - 00000000 ____D C:\Users\Michael\AppData\Roaming\vlc
2016-03-08 08:00 - 2013-08-22 16:38 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-03 11:19 - 2015-04-02 21:04 - 00000000 ____D C:\Users\Michael\AppData\Local\ElevatedDiagnostics
2016-02-26 20:35 - 2015-05-17 16:46 - 00048640 ___SH C:\Users\Michael\Desktop\Thumbs.db
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-09-07 16:36 - 2016-01-30 22:08 - 1065984 _____ () C:\Users\Michael\AppData\Local\file__0.localstorage
2016-03-24 01:28 - 2016-03-24 01:28 - 0001496 _____ () C:\Users\Michael\AppData\Local\recently-used.xbel
2014-10-28 00:29 - 2015-10-16 19:42 - 0007602 _____ () C:\Users\Michael\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\avguirn_08199000839.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-17 09:35
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Michael (2016-03-26 12:37:20)
Gestartet von C:\Users\Michael\Desktop\PC Bereinigung
Windows 8.1 Pro (X64) (2014-08-29 19:19:21)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3802420466-2463483923-4168562675-500 - Administrator - Disabled)
Gast (S-1-5-21-3802420466-2463483923-4168562675-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3802420466-2463483923-4168562675-1005 - Limited - Enabled)
Michael (S-1-5-21-3802420466-2463483923-4168562675-1001 - Administrator - Enabled) => C:\Users\Michael
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
AVG (Version: 16.51.7497 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4545 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.51.7497 - AVG Technologies)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.10.150607 - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5767 - CDBurnerXP)
Cities XL 2011 (HKLM-x32\...\Cities XL 2011) (Version: 1.0.0 - Focus Home Interactive)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DCS World (HKLM\...\DCS World_is1) (Version: 1.2.10.30996 - )
Drakonia Configurator (HKLM-x32\...\{A7B243AA-6D4C-4575-A873-6F01A1EFC5E2}}_is1) (Version: - )
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel Extreme Tuning Utility (HKLM-x32\...\{ffa8daa3-4912-4a4a-aac4-a0549064268b}) (Version: 5.1.1.25 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 5.1.1.25 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.420 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.420 - LogMeIn, Inc.) Hidden
Magic Duels (HKLM-x32\...\Steam App 316010) (Version: - Stainless Games Ltd.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 45.0.1 (x64 de) (HKLM\...\Mozilla Firefox 45.0.1 (x64 de)) (Version: 45.0.1 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\MyFreeCodec) (Version: - )
NetWorx 5.3.3 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Passbild-Generator v4.0a (HKLM-x32\...\Passbild-Generator_is1) (Version: - Passbild-Generator)
RAMDisk (HKLM-x32\...\{0FEB4B92-FA19-4417-B7A2-092D1F85A2FA}) (Version: 4.4.0.32 - Dataram, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16021.15 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16021.15 - Samsung Electronics Co., Ltd.) Hidden
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2529.2 - Hi-Rez Studios)
Sniper Elite 3 (HKLM-x32\...\Steam App 238090) (Version: - Rebellion)
Spotify (HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.6.0.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
TSDoctor (HKLM-x32\...\{849CD068-032E-4BB8-8FD1-BEE8557E908B}) (Version: 1.2.171 - Cypheros)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XMedia Recode Version 3.2.6.3 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.6.3 - XMedia Recode)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3802420466-2463483923-4168562675-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3802420466-2463483923-4168562675-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {159F560F-AF11-46BF-B914-5157B2EF165C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1C3DEE30-F409-43BA-9B5D-0DA34A356B32} - System32\Tasks\{745A9BCA-DD5A-4C59-A336-E1893ADA19B7} => pcalua.exe -a "E:\Flight Simulator 9\FS9.EXE" -d "E:\Flight Simulator 9"
Task: {2248812E-75B6-485F-B753-88E305906C2F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {25FA4403-0479-4722-BE0B-4E40E2096DE5} - System32\Tasks\1215avUpdateInfo => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe
Task: {74645B20-F443-4609-995A-D03285341F4C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-10] (Microsoft Corporation)
Task: {7D332E11-8D84-470C-92E2-AC120480B5E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {F52996CE-7877-4A31-A847-0B4E2E9D67D4} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-11-18] (IObit)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\1215avUpdateInfo.job => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-01-08 20:19 - 2016-01-08 20:19 - 24609984 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00306904 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00241368 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00290520 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00122584 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00347864 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00028376 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00483032 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00069336 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00691928 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00077528 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00962264 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00118488 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00155352 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2015-11-07 01:42 - 2015-02-26 00:00 - 02403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00253656 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00175832 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2014-08-29 20:52 - 2014-11-18 15:29 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-08-29 20:52 - 2014-11-18 15:29 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-08-29 20:52 - 2014-11-18 15:29 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-08-29 20:52 - 2014-11-18 15:30 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2015-10-23 23:38 - 2015-10-23 23:36 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2014-03-20 10:43 - 2014-03-20 10:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "NetWorx"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "GamingMouse"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3AB353E4-728E-4A78-9707-A8EDA6793495}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0AD4CB10-A4F5-452A-BC57-2FA478CEE014}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{05566540-1D9A-4622-A05F-90AB4E2CF648}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{3DC644F2-A726-4DC2-848B-4C4DA9FA4529}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{5BFE1203-5D6C-49D8-A100-C7D34B27F0C5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7EDB6832-E0A4-4813-A329-9316491AC950}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{77B773B1-5B5E-4A44-9738-FC0E6D53BE15}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2C3E0EFA-0855-4F7E-89B8-AEA7A54B7D5E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{F9E7057C-CD99-4901-9D25-E42994690C11}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB66CCC6-DDD9-4A3E-85D4-C22BC40A132F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5FE74CA8-F730-44E1-82AF-7303F25CD5D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A682C9B7-DFC9-4912-8BD5-9011C4080FA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{E421870B-BB34-4AF1-871C-18670EEB7FE9}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [UDP Query User{6C88B5A4-15BB-43FB-ABAF-A2DCD39452DF}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{D717D874-3D4F-468D-8B1E-AB57B79818FE}] => (Block) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{57E51E03-162B-4555-9EA0-A45029863997}] => (Block) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{827EC70D-647C-448E-887B-6DB9A214BFA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{7544E5B5-7F31-489D-8757-83B676A143D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{50CBC9BE-52C9-45EC-9E60-DB819B555170}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{483CD674-25A3-465A-AA93-464FD871061E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{8D236652-DBCB-40D9-B2F9-1955C2B2BF20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{92DAB45C-3C1E-44EA-B154-C24DDE8BB651}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{771B6CB7-5F37-4E61-A409-35C7544A2BBA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{4E77C06E-DD70-4866-8A4D-0D75107A785F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{BF5A9928-574C-40E7-9178-5D06BCC8C862}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{C5129DE5-766F-4ECF-8096-49776A972B81}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [TCP Query User{8D467CC9-D77C-4E27-8126-0D224A4A37C5}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [UDP Query User{76B3CFE1-1930-4492-BD96-B7BDF5218461}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [{6C9F77FC-4AE3-4415-A255-B722E8A6B49C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{3CF8E8D6-7798-4105-BB8E-A13CCF913FAB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{76F2E3CF-2189-4385-A488-3216E1CF6FD4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{F3E03BC8-C6BD-4F25-ACB8-CB6BE9771602}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{2AA22A90-5300-4DF3-82FA-EC90538CA3E0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{BF3B9D8C-12E3-4B4A-BCB6-0F3F650CB6B0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{0C7C2AAE-A444-46E2-9B3F-01B978848623}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{CC92848B-63DB-461C-BA47-89FDB533A4B3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{7ABCEB2E-2E33-4E19-A7E2-632E551DF586}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{0843EC5B-9130-4CA1-B8B8-BB386A086B54}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{692C6AB0-365C-4F25-8C18-5F6779FF0FBD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{55D7405B-9594-4641-AAE4-70DF09291C52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{394C78E9-32B6-4B91-B3FA-789251423922}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{1311C908-31F3-4C28-BD64-AE9DE9F145E3}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{D13DE7B0-5ADD-417E-B78E-25AFC1F37F8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{F5D99429-5A41-482E-8720-BFB1047A477D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{0AC5315A-BEFE-433A-8D8A-33AE81F5BE65}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{F42F2B6E-678F-48F8-8842-086C999DE067}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{DBCA4BE4-8294-43E8-9F98-A06C640341D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F87A1885-E6C2-4DCC-9DB8-78C588B3D0E0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{9DE3D22F-5E79-4B5B-8321-B54EC63C2588}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7E5A4E95-F341-4A47-9EEF-2CA48C1F71CF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7B15199F-78E9-417E-93FC-50DE36177355}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{75CF9D74-3F47-4D5B-9D6B-17ABAF5F75DC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B92D0F12-C8ED-4290-9462-98A5C2F6182B}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{7B30483B-BEA5-4D82-BCD6-46023AC83E42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{4D46FF85-934E-47D1-AD86-96ED938B01A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{9BE7E490-B996-44AE-9CE1-5B22568E538D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{62835FE5-9F56-4043-8E17-5DC2424CD60F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{9C0C5278-F7F4-4A30-8603-C35CE8B4EA21}C:\program files\cyberfox\cyberfox.exe] => (Block) C:\program files\cyberfox\cyberfox.exe
FirewallRules: [UDP Query User{1D842E54-20D4-45A9-A211-FB1C9208183D}C:\program files\cyberfox\cyberfox.exe] => (Block) C:\program files\cyberfox\cyberfox.exe
FirewallRules: [{E151F977-0384-4D65-88BD-FE384232E7F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{7448E7A8-AE61-49F0-8DFE-E7EA10930F5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [TCP Query User{3A6D30C7-74AF-4B3D-8472-37130FC9A435}C:\program files (x86)\soundwire server\soundwireserver.exe] => (Allow) C:\program files (x86)\soundwire server\soundwireserver.exe
FirewallRules: [UDP Query User{990E3AD5-B440-481B-ADD6-DDE1F6A5A66E}C:\program files (x86)\soundwire server\soundwireserver.exe] => (Allow) C:\program files (x86)\soundwire server\soundwireserver.exe
FirewallRules: [{BEED0C56-6FAC-4B7F-A8ED-678CD85881E5}] => (Block) C:\program files (x86)\soundwire server\soundwireserver.exe
FirewallRules: [{AA636880-F34D-4105-9E92-B95252EDC1C7}] => (Block) C:\program files (x86)\soundwire server\soundwireserver.exe
FirewallRules: [{30AE1ED9-B5E5-454C-B298-D0F47655021A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{627FA8A5-556E-4CC9-8EB3-4B30923D1163}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [TCP Query User{53016D7E-5F85-4208-92E8-B08E84E887FB}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{417AC56C-FFA1-41A8-B7B5-2FF44E7E14D1}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{71B54BB6-4966-4DDE-B8DC-92231DF0A47D}] => (Block) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{CC070EFB-FD03-4E69-8B8C-F4FD4ADE99D0}] => (Block) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4505DCDF-6616-4A6C-B58E-7798589A3AB9}C:\users\michael\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\michael\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6AB2D853-0D24-42EF-8100-77A5DA46F1C8}C:\users\michael\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\michael\appdata\roaming\spotify\spotify.exe
FirewallRules: [{23B1DEE7-24DD-4696-BE2C-7EE0832F398D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{EA703D83-48F4-4AE2-ACFF-D6DACA74FF0C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{790C92C6-741B-4D7F-BD8C-06EA0F1FB0E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{F39AB2B4-99B3-4C81-B204-C6AB4966D5AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{32FF8F68-8775-4034-8232-23457BA165F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{5F281C9C-23C2-4764-B16E-18DA0D7C5F0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{BD3CC288-C44A-4AFD-9F76-DB14ADA2C3A5}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{E01C903B-6E0D-4832-AF77-98BD41918A5C}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{73EEEC50-F2E9-40AF-90B2-347D2EF94B70}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{3A3256FC-D120-4B34-9C97-F09870E319E4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{13E9FF3B-0BA2-4BAC-9A9C-57AD52CE71BD}] => (Allow) C:\Program Files (x86)\Cypheros\TSDoctor\TSDoctor.exe
FirewallRules: [{F8FCF9FB-8266-4709-9D2A-E02D79B78059}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{342EED8C-DB72-48B1-964D-CF19E7789E69}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9F4F4401-2485-4948-B487-1600EE1F260B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{28FCD26E-262F-47F2-BED7-28A815FA871F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{4874DED0-38D8-41EE-B890-64423E2D281D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8A5A4938-4C4E-4133-B76E-E8B4144A4349}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{AD19A88B-3102-4652-AF71-A65AEEA22F17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{11A970CC-90F0-4291-8EA9-2DDD853C7F5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3532EA98-1A27-4029-BD8C-1B3F696C104D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{61D9CC84-E410-4D5A-8CD7-9DC17AD867E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{E911B7D7-5E7E-4CBD-A940-06C6F16425E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{2089F01F-946C-4690-BFB4-1723CF648BBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{4C94E88E-60E1-4645-8FF3-643D68FA44B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{DE26E5F8-B8E6-4CA3-A9FF-5A04541C38A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{BB94BC68-1078-4C5C-B8EC-E9E85F496C84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{48E6F1CF-FD79-47C4-8FEB-EFBF0914663A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{A4D21D1E-24E5-44A8-AB09-09BF41068FC8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DF654F67-4D5C-4041-B0D7-BEE9DDB744ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{901EADB5-3F10-4B55-B430-A9DDD855C518}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1AEECEE9-F22D-4241-84D1-6541ECC59E15}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FD6D2E71-5E02-4A89-8230-38A5E269CBFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{85D24835-56E6-4B39-A446-70FF4F69C623}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2E87D614-7D76-4131-A148-6187F176EF6C}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{A480AC7A-D36E-4713-A0C2-8364DA34C367}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{CA9765D2-8693-430F-83C4-33E601133ACD}] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{90F2E2BF-B1F8-43FA-86E1-E333D1A8F81E}] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{2715D736-1B1E-4BF3-9A9E-99244E8C0952}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{E1DFBC74-7A10-429C-8CA0-A2912918D223}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{08784086-33C0-470E-8225-1AAD158B923D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{4032A4D6-9634-4A18-884F-00FB217F4CAB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{0B89EDCE-D5D6-41E6-85DB-507D5F7C0644}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{D69BC4B0-21CB-448D-9BC7-D7EE5CC10799}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{237D3116-F82A-4709-A0DD-555A7A0DC40C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{45BAD807-0CFE-411D-9860-348EEFE55578}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
==================== Wiederherstellungspunkte =========================
10-03-2016 20:11:25 Windows Update
19-03-2016 16:18:44 Geplanter Prüfpunkt
24-03-2016 07:45:31 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/26/2016 12:08:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5f0
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (03/25/2016 09:30:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm game.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 165c
Startzeit: 01d186cf50642db3
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\game.exe
Berichts-ID: 67c3fef5-f2c8-11e5-822c-d050992aab1a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/25/2016 08:47:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm game.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f00
Startzeit: 01d186ceca5ac40f
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\game.exe
Berichts-ID: 74e17ec7-f2c2-11e5-822c-d050992aab1a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/25/2016 05:02:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5cc
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (03/25/2016 03:58:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 954
Startzeit: 01d186964f6267bd
Endzeit: 0
Anwendungspfad: C:\WINDOWS\Explorer.EXE
Berichts-ID: ee36783e-f299-11e5-822b-d050992aab1a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/25/2016 02:01:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5e8
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (03/24/2016 07:45:32 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/20/2016 09:08:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5f0
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (03/19/2016 08:43:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5e4
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (03/19/2016 04:18:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (03/26/2016 12:08:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%2147500037
Error: (03/26/2016 01:33:34 AM) (Source: DCOM) (EventID: 10010) (User: Der-Boss)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (03/26/2016 01:33:34 AM) (Source: DCOM) (EventID: 10010) (User: Der-Boss)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (03/25/2016 06:30:33 PM) (Source: DCOM) (EventID: 10010) (User: Der-Boss)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/25/2016 06:30:03 PM) (Source: DCOM) (EventID: 10010) (User: Der-Boss)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/25/2016 06:05:08 PM) (Source: DCOM) (EventID: 10010) (User: Der-Boss)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/25/2016 06:04:38 PM) (Source: DCOM) (EventID: 10010) (User: Der-Boss)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/25/2016 05:03:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Hi-Rez Studios Authenticate and Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/25/2016 05:02:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%2147500037
Error: (03/25/2016 05:02:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde nicht richtig gestartet.
CodeIntegrity:
===================================
Date: 2016-03-26 12:10:53.890
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:53.739
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:51.162
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:50.098
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:49.950
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:49.801
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:49.647
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:07:47.665
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:07:47.493
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:07:47.290
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8142.66 MB
Verfügbarer physikalischer RAM: 4764.34 MB
Summe virtueller Speicher: 9422.66 MB
Verfügbarer virtueller Speicher: 5509.18 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:238.13 GB) (Free:27.71 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 77B15244)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
26.03.2016, 13:08
| #4 |
| | versteckte Treiber entdeckt-PC teilweise stark verlangsamt 3. Code:
ATTFilter 12:44:46.0902 0x09fc TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
12:44:50.0030 0x09fc ============================================================
12:44:50.0030 0x09fc Current date / time: 2016/03/26 12:44:50.0030
12:44:50.0030 0x09fc SystemInfo:
12:44:50.0030 0x09fc
12:44:50.0030 0x09fc OS Version: 6.3.9600 ServicePack: 0.0
12:44:50.0030 0x09fc Product type: Workstation
12:44:50.0030 0x09fc ComputerName: DER-BOSS
12:44:50.0030 0x09fc UserName: Michael
12:44:50.0030 0x09fc Windows directory: C:\WINDOWS
12:44:50.0030 0x09fc System windows directory: C:\WINDOWS
12:44:50.0030 0x09fc Running under WOW64
12:44:50.0030 0x09fc Processor architecture: Intel x64
12:44:50.0030 0x09fc Number of processors: 4
12:44:50.0030 0x09fc Page size: 0x1000
12:44:50.0030 0x09fc Boot type: Normal boot
12:44:50.0030 0x09fc ============================================================
12:44:50.0149 0x09fc KLMD registered as C:\WINDOWS\system32\drivers\54516197.sys
12:44:50.0341 0x09fc System UUID: {CA3993F2-60AA-38C5-0975-64506BE27B39}
12:44:50.0542 0x09fc Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:44:50.0543 0x09fc ============================================================
12:44:50.0543 0x09fc \Device\Harddisk0\DR0:
12:44:50.0543 0x09fc MBR partitions:
12:44:50.0543 0x09fc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEFFF
12:44:50.0543 0x09fc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1DC42AB0
12:44:50.0543 0x09fc ============================================================
12:44:50.0544 0x09fc C: <-> \Device\Harddisk0\DR0\Partition2
12:44:50.0544 0x09fc ============================================================
12:44:50.0544 0x09fc Initialize success
12:44:50.0544 0x09fc ============================================================
12:45:24.0661 0x1680 ============================================================
12:45:24.0661 0x1680 Scan started
12:45:24.0661 0x1680 Mode: Manual; SigCheck; TDLFS;
12:45:24.0661 0x1680 ============================================================
12:45:24.0661 0x1680 KSN ping started
12:45:28.0302 0x1680 KSN ping finished: true
12:45:28.0829 0x1680 ================ Scan system memory ========================
12:45:28.0829 0x1680 System memory - ok
12:45:28.0829 0x1680 ================ Scan services =============================
12:45:28.0874 0x1680 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
12:45:28.0893 0x1680 1394ohci - ok
12:45:28.0899 0x1680 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
12:45:28.0905 0x1680 3ware - ok
12:45:28.0923 0x1680 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
12:45:28.0937 0x1680 ACPI - ok
12:45:28.0940 0x1680 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
12:45:28.0946 0x1680 acpiex - ok
12:45:28.0949 0x1680 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
12:45:28.0955 0x1680 acpipagr - ok
12:45:28.0957 0x1680 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
12:45:28.0963 0x1680 AcpiPmi - ok
12:45:28.0965 0x1680 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
12:45:28.0971 0x1680 acpitime - ok
12:45:28.0984 0x1680 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:45:29.0001 0x1680 ADP80XX - ok
12:45:29.0007 0x1680 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
12:45:29.0017 0x1680 AeLookupSvc - ok
12:45:29.0026 0x1680 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
12:45:29.0040 0x1680 AFD - ok
12:45:29.0044 0x1680 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
12:45:29.0050 0x1680 agp440 - ok
12:45:29.0053 0x1680 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:45:29.0060 0x1680 ahcache - ok
12:45:29.0064 0x1680 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
12:45:29.0071 0x1680 ALG - ok
12:45:29.0073 0x1680 [ E019017558B28A707119F8545AD1A1C0, 7A080DB2BDD1AE7E849EE79BF42B737D78A4F6EA6D07F61D6E994D7A383E9551 ] ambakdrv C:\WINDOWS\system32\ambakdrv.sys
12:45:29.0088 0x1680 ambakdrv - detected UnsignedFile.Multi.Generic ( 1 )
12:45:32.0126 0x1680 Detect skipped due to KSN trusted
12:45:32.0126 0x1680 ambakdrv - ok
12:45:32.0146 0x1680 [ 1988ACBAB87EF67E63EC2D00A0CF5B26, 7B2C20E9E25289FE54D393F04C540C43C75AEEB11B4FFA31866FF7B23F8AFF66 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
12:45:32.0174 0x1680 AMD External Events Utility - ok
12:45:32.0183 0x1680 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
12:45:32.0190 0x1680 AmdK8 - ok
12:45:32.0192 0x1680 [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
12:45:32.0196 0x1680 amdkmafd - ok
12:45:32.0199 0x1680 amdkmdag - ok
12:45:32.0210 0x1680 [ 1E2E0FD45B2F9ADD2E5A5125D44F9BCE, B4D65566D15A26865A1506B5BE0E5E0CFBCCB655A2AD358314628FA37169EB6B ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
12:45:32.0227 0x1680 amdkmdap - ok
12:45:32.0231 0x1680 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
12:45:32.0239 0x1680 AmdPPM - ok
12:45:32.0242 0x1680 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
12:45:32.0248 0x1680 amdsata - ok
12:45:32.0254 0x1680 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
12:45:32.0263 0x1680 amdsbs - ok
12:45:32.0266 0x1680 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
12:45:32.0271 0x1680 amdxata - ok
12:45:32.0276 0x1680 [ 46014EDFDC8AF8733E14947448D122C5, 8CE2BD29CF7230A624745334A76F5F8C2E5C01EEDB2B803F9468771BC9DCBC4D ] ammntdrv C:\WINDOWS\system32\ammntdrv.sys
12:45:32.0281 0x1680 ammntdrv - detected UnsignedFile.Multi.Generic ( 1 )
12:45:35.0204 0x1680 Detect skipped due to KSN trusted
12:45:35.0204 0x1680 ammntdrv - ok
12:45:35.0213 0x1680 [ 7CD08E63219E00BB206077F5BA708677, E8F4031E5E524C60D5853B5DE3AC37E45F28B490665F0CD2016754EDCFA4B2F2 ] amwrtdrv C:\WINDOWS\system32\amwrtdrv.sys
12:45:35.0225 0x1680 amwrtdrv - detected UnsignedFile.Multi.Generic ( 1 )
12:45:38.0159 0x1680 Detect skipped due to KSN trusted
12:45:38.0159 0x1680 amwrtdrv - ok
12:45:38.0171 0x1680 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
12:45:38.0195 0x1680 AppID - ok
12:45:38.0202 0x1680 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
12:45:38.0215 0x1680 AppIDSvc - ok
12:45:38.0220 0x1680 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
12:45:38.0230 0x1680 Appinfo - ok
12:45:38.0235 0x1680 [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
12:45:38.0245 0x1680 AppMgmt - ok
12:45:38.0255 0x1680 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
12:45:38.0269 0x1680 AppReadiness - ok
12:45:38.0290 0x1680 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
12:45:38.0313 0x1680 AppXSvc - ok
12:45:38.0318 0x1680 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
12:45:38.0325 0x1680 arcsas - ok
12:45:38.0351 0x1680 AsrSetupDrv - ok
12:45:38.0353 0x1680 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
12:45:38.0359 0x1680 atapi - ok
12:45:38.0364 0x1680 [ AF6DD5993D46AF2492C19E1FF6D9A04C, 720F27791FF5D486AD07A447A4BC44D137AA245B91CE1D624E40B1DA78B6CACF ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys
12:45:38.0371 0x1680 AtiHDAudioService - ok
12:45:38.0376 0x1680 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:45:38.0385 0x1680 AudioEndpointBuilder - ok
12:45:38.0399 0x1680 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
12:45:38.0417 0x1680 Audiosrv - ok
12:45:38.0431 0x1680 [ 55D62DD579231402745ECCDD1E55C6CC, 29030EDEDDB40F6D78DD52353CB1FFF292A2CD25EF603225FD0A506868915781 ] AvgAMPS C:\Program Files (x86)\AVG\Av\avgamps.exe
12:45:38.0445 0x1680 AvgAMPS - ok
12:45:38.0448 0x1680 [ 344B89E8D91B1F25239310DCC7337ED0, CF57BD6AAA2A1527957DA4BA4FFC8072D4BE071C95A8741690CA051727B4E30C ] Avgboota C:\WINDOWS\system32\DRIVERS\avgboota.sys
12:45:38.0455 0x1680 Avgboota - ok
12:45:38.0460 0x1680 [ FF641C4AD6F27902A7D3CA57BEAA8E80, D5CC8F8BFAE3FFAF9E6FB8130337BACCCC2DB9AE04C8D01A3B7F9037EE3A0ED2 ] Avgdiska C:\WINDOWS\system32\DRIVERS\avgdiska.sys
12:45:38.0467 0x1680 Avgdiska - ok
12:45:38.0522 0x1680 [ F5EB38E929945BB7B476924F4D61DB4F, B28CA18B80D038627A03E9EB176808ABB1CFB3DDE4D00A1CC3D90175169BA35B ] AVGIDSAgent C:\Program Files (x86)\AVG\Av\avgidsagent.exe
12:45:38.0582 0x1680 AVGIDSAgent - ok
12:45:38.0591 0x1680 [ 9A809D3EA1569177B1CFA2A20E334C9D, DFC92C31D37EC49D2972712085E109E4D54C5F475D829F29884B51A523171AFC ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys
12:45:38.0600 0x1680 AVGIDSDriver - ok
12:45:38.0606 0x1680 [ D54A730B8DA065C33901737446D7C006, 5054DE9BD322D8D794AC69A8F2FA91C6FA0D82CB67047796114DB958AB7A9771 ] AVGIDSHA C:\WINDOWS\system32\DRIVERS\avgidsha.sys
12:45:38.0614 0x1680 AVGIDSHA - ok
12:45:38.0621 0x1680 [ D2E83AA008426FC9408272035E50D40B, 6F3B3385C5E1BDBF29343737C5A72A3C8B671016BC805EC51B4C0728807726E3 ] Avgldx64 C:\WINDOWS\system32\DRIVERS\avgldx64.sys
12:45:38.0629 0x1680 Avgldx64 - ok
12:45:38.0637 0x1680 [ 1B77FEC764628B1555086F749D911859, 0A0DA2FBB6472694A4E20E64F381AB99F7FE702E928C5FD2F7C6F353EC029F9B ] Avgloga C:\WINDOWS\system32\DRIVERS\avgloga.sys
12:45:38.0646 0x1680 Avgloga - ok
12:45:38.0652 0x1680 [ 2A9380C58B7CD687EB9709086614820D, 7AB787135E96790740EE6A6A8046F2880B90ECF717359EEA579D2A149B953056 ] Avgmfx64 C:\WINDOWS\system32\DRIVERS\avgmfx64.sys
12:45:38.0660 0x1680 Avgmfx64 - ok
12:45:38.0663 0x1680 [ 392339315A0738429B3C9E92A0F8F995, 3B101C2316DE151D39D88B33B382451C5C05C13FA5A52C4B00C5B7853931680A ] Avgrkx64 C:\WINDOWS\system32\DRIVERS\avgrkx64.sys
12:45:38.0669 0x1680 Avgrkx64 - ok
12:45:38.0685 0x1680 [ 04D3CB2E6E66B36B1BACC186E8C2AC2B, E2B235CA49ADD10737A5067654D02543364630715B73BDBB265E82653239B369 ] avgsvc C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
12:45:38.0703 0x1680 avgsvc - ok
12:45:38.0706 0x1680 [ EADED7133726FEEC05C3A7CF0F661590, 2B8A912B77E3A78D44BA0689BDB75DF7838AC18EF153191229019C4DAED93B7B ] Avguniva C:\WINDOWS\system32\DRIVERS\avguniva.sys
12:45:38.0711 0x1680 Avguniva - ok
12:45:38.0720 0x1680 [ 501D3FE6D8A15FB182983E4EA0C6386B, 15B000CA8757B9D91695465D5D842F441FD2FCF0DD1064FF52D04020E5830D8E ] avgwd C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
12:45:38.0733 0x1680 avgwd - ok
12:45:38.0740 0x1680 [ E1280D6DE33584FF88B128C9A6773719, 0161DD5736BCB0D4DBCEA8FF576E25CB860C5432B330DCD8412CF3BEC64A3C5E ] Avgwfpa C:\WINDOWS\system32\DRIVERS\avgwfpa.sys
12:45:38.0749 0x1680 Avgwfpa - ok
12:45:38.0753 0x1680 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
12:45:38.0760 0x1680 AxInstSV - ok
12:45:38.0770 0x1680 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
12:45:38.0784 0x1680 b06bdrv - ok
12:45:38.0787 0x1680 [ 7228CA6320ABA120DAAA69C740B73943, 852D7A095BF0393338AC5480EF84B9E8FA3D03340390869686F74B301744D4F5 ] Backupper Service C:\Program Files (x86)\AOMEI Backupper\ABService.exe
12:45:38.0790 0x1680 Backupper Service - ok
12:45:38.0793 0x1680 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:45:38.0799 0x1680 BasicDisplay - ok
12:45:38.0802 0x1680 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
12:45:38.0808 0x1680 BasicRender - ok
12:45:38.0811 0x1680 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
12:45:38.0816 0x1680 bcmfn2 - ok
12:45:38.0822 0x1680 [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
12:45:38.0832 0x1680 BDESVC - ok
12:45:38.0835 0x1680 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:45:38.0842 0x1680 Beep - ok
12:45:38.0856 0x1680 [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\WINDOWS\System32\bfe.dll
12:45:38.0873 0x1680 BFE - ok
12:45:38.0888 0x1680 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
12:45:38.0907 0x1680 BITS - ok
12:45:38.0912 0x1680 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
12:45:38.0918 0x1680 bowser - ok
12:45:38.0923 0x1680 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:45:38.0933 0x1680 BrokerInfrastructure - ok
12:45:38.0937 0x1680 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
12:45:38.0944 0x1680 Browser - ok
12:45:38.0947 0x1680 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:45:38.0953 0x1680 BthAvrcpTg - ok
12:45:38.0956 0x1680 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
12:45:38.0962 0x1680 BthHFEnum - ok
12:45:38.0965 0x1680 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
12:45:38.0971 0x1680 bthhfhid - ok
12:45:38.0979 0x1680 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
12:45:38.0989 0x1680 BthHFSrv - ok
12:45:38.0993 0x1680 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
12:45:38.0999 0x1680 BTHMODEM - ok
12:45:39.0003 0x1680 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
12:45:39.0010 0x1680 bthserv - ok
12:45:39.0013 0x1680 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:45:39.0020 0x1680 cdfs - ok
12:45:39.0025 0x1680 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
12:45:39.0033 0x1680 cdrom - ok
12:45:39.0037 0x1680 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
12:45:39.0045 0x1680 CertPropSvc - ok
12:45:39.0048 0x1680 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
12:45:39.0054 0x1680 circlass - ok
12:45:39.0061 0x1680 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
12:45:39.0072 0x1680 CLFS - ok
12:45:39.0078 0x1680 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
12:45:39.0084 0x1680 CmBatt - ok
12:45:39.0088 0x1680 [ 08F7D17CF46AD963B3604405082DF706, 95C9B9E6136C53CEB01FE2F8D359CAAF20E63A7F6F5592E8A400FF4B66B5AFFB ] cmnxusbser C:\WINDOWS\system32\DRIVERS\cmnxusbser.sys
12:45:39.0110 0x1680 cmnxusbser - ok
12:45:39.0120 0x1680 [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\WINDOWS\system32\Drivers\cng.sys
12:45:39.0136 0x1680 CNG - ok
12:45:39.0139 0x1680 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
12:45:39.0146 0x1680 CompositeBus - ok
12:45:39.0148 0x1680 COMSysApp - ok
12:45:39.0150 0x1680 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
12:45:39.0157 0x1680 condrv - ok
12:45:39.0187 0x1680 [ 5E0493ED36092F22C6E189ADA4DD3199, BAD7CEB3DFA4C54F0E8AB76805B7D7AF9C06DDEC7ACFA73E4EBF8EA3E3D578ED ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:45:39.0196 0x1680 cphs - ok
12:45:39.0202 0x1680 [ 8741E6DF191C805028B92CEC44B1BA88, 8CF0CBBDC43F9B977F0FB79E0A0DD0E1ADABE08A67D0F40D727C717C747DE775 ] cpuz138 C:\Users\Michael\AppData\Local\Temp\cpuz138\cpuz138_x64.sys
12:45:39.0206 0x1680 cpuz138 - ok
12:45:39.0217 0x1680 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
12:45:39.0225 0x1680 CryptSvc - ok
12:45:39.0235 0x1680 [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\WINDOWS\system32\drivers\csc.sys
12:45:39.0247 0x1680 CSC - ok
12:45:39.0262 0x1680 [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\WINDOWS\System32\cscsvc.dll
12:45:39.0278 0x1680 CscService - ok
12:45:39.0282 0x1680 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\WINDOWS\system32\drivers\dam.sys
12:45:39.0288 0x1680 dam - ok
12:45:39.0302 0x1680 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:45:39.0319 0x1680 DcomLaunch - ok
12:45:39.0329 0x1680 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
12:45:39.0342 0x1680 defragsvc - ok
12:45:39.0351 0x1680 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:45:39.0362 0x1680 DeviceAssociationService - ok
12:45:39.0367 0x1680 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
12:45:39.0375 0x1680 DeviceInstall - ok
12:45:39.0379 0x1680 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
12:45:39.0387 0x1680 Dfsc - ok
12:45:39.0391 0x1680 [ BC319C065335B10A5AA5938A677A60D5, 6F32AF2A440E763DC2ADD06F3422DCF3285BDFA9E69E5C3CD67A10F039B2830F ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:45:39.0397 0x1680 dg_ssudbus - ok
12:45:39.0403 0x1680 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
12:45:39.0414 0x1680 Dhcp - ok
12:45:39.0438 0x1680 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
12:45:39.0466 0x1680 DiagTrack - ok
12:45:39.0472 0x1680 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
12:45:39.0478 0x1680 disk - ok
12:45:39.0481 0x1680 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
12:45:39.0487 0x1680 dmvsc - ok
12:45:39.0492 0x1680 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:45:39.0502 0x1680 Dnscache - ok
12:45:39.0508 0x1680 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
12:45:39.0518 0x1680 dot3svc - ok
12:45:39.0522 0x1680 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
12:45:39.0531 0x1680 DPS - ok
12:45:39.0534 0x1680 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:45:39.0539 0x1680 drmkaud - ok
12:45:39.0545 0x1680 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
12:45:39.0553 0x1680 DsmSvc - ok
12:45:39.0577 0x1680 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:45:39.0605 0x1680 DXGKrnl - ok
12:45:39.0614 0x1680 [ 51C35A56D695AB804BFA380C9B35966D, B376D77B616E0D61753A05C6442AA0688A68E2F08D06AE6FAEB5025000AF60D0 ] e1dexpress C:\WINDOWS\system32\DRIVERS\e1d64x64.sys
12:45:39.0624 0x1680 e1dexpress - ok
12:45:39.0628 0x1680 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
12:45:39.0635 0x1680 Eaphost - ok
12:45:39.0684 0x1680 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
12:45:39.0744 0x1680 ebdrv - ok
12:45:39.0749 0x1680 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
12:45:39.0756 0x1680 EFS - ok
12:45:39.0759 0x1680 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
12:45:39.0766 0x1680 EhStorClass - ok
12:45:39.0771 0x1680 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:45:39.0777 0x1680 EhStorTcgDrv - ok
12:45:39.0780 0x1680 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
12:45:39.0786 0x1680 ErrDev - ok
12:45:39.0796 0x1680 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
12:45:39.0810 0x1680 EventSystem - ok
12:45:39.0815 0x1680 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
12:45:39.0826 0x1680 exfat - ok
12:45:39.0831 0x1680 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
12:45:39.0839 0x1680 fastfat - ok
12:45:39.0850 0x1680 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
12:45:39.0865 0x1680 Fax - ok
12:45:39.0868 0x1680 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
12:45:39.0874 0x1680 fdc - ok
12:45:39.0877 0x1680 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
12:45:39.0882 0x1680 fdPHost - ok
12:45:39.0885 0x1680 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
12:45:39.0892 0x1680 FDResPub - ok
12:45:39.0896 0x1680 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
12:45:39.0903 0x1680 fhsvc - ok
12:45:39.0907 0x1680 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
12:45:39.0913 0x1680 FileInfo - ok
12:45:39.0915 0x1680 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
12:45:39.0925 0x1680 Filetrace - ok
12:45:39.0927 0x1680 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
12:45:39.0933 0x1680 flpydisk - ok
12:45:39.0940 0x1680 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:45:39.0951 0x1680 FltMgr - ok
12:45:39.0972 0x1680 [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\WINDOWS\system32\FntCache.dll
12:45:39.0996 0x1680 FontCache - ok
12:45:40.0000 0x1680 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:45:40.0006 0x1680 FontCache3.0.0.0 - ok
12:45:40.0009 0x1680 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
12:45:40.0015 0x1680 FsDepends - ok
12:45:40.0018 0x1680 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:45:40.0024 0x1680 Fs_Rec - ok
12:45:40.0033 0x1680 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:45:40.0047 0x1680 fvevol - ok
12:45:40.0051 0x1680 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
12:45:40.0057 0x1680 FxPPM - ok
12:45:40.0060 0x1680 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
12:45:40.0066 0x1680 gagp30kx - ok
12:45:40.0068 0x1680 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
12:45:40.0074 0x1680 gencounter - ok
12:45:40.0078 0x1680 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:45:40.0085 0x1680 GPIOClx0101 - ok
12:45:40.0106 0x1680 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
12:45:40.0130 0x1680 gpsvc - ok
12:45:40.0134 0x1680 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
12:45:40.0140 0x1680 Hamachi - ok
12:45:40.0178 0x1680 [ FC6224B8BADB3ECC0D2A652C54A3C5A2, C719CE87D603847962C5D1555576569AB91E331320B832F96E316372B07AD0CF ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:45:40.0213 0x1680 Hamachi2Svc - ok
12:45:40.0224 0x1680 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
12:45:40.0236 0x1680 HdAudAddService - ok
12:45:40.0240 0x1680 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
12:45:40.0247 0x1680 HDAudBus - ok
12:45:40.0249 0x1680 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
12:45:40.0256 0x1680 HidBatt - ok
12:45:40.0260 0x1680 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
12:45:40.0267 0x1680 HidBth - ok
12:45:40.0270 0x1680 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
12:45:40.0276 0x1680 hidi2c - ok
12:45:40.0278 0x1680 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
12:45:40.0285 0x1680 HidIr - ok
12:45:40.0288 0x1680 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
12:45:40.0294 0x1680 hidserv - ok
12:45:40.0297 0x1680 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
12:45:40.0303 0x1680 HidUsb - ok
12:45:40.0306 0x1680 [ 4343D5B36197A06AC42145BA305D054A, A8CF2586943489561E0AE6B6EB2D9ECFBAC1E4E28A5F660CBB557DEB52B64FA7 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
12:45:40.0308 0x1680 HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
12:45:43.0115 0x1680 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
12:45:45.0774 0x09d8 Object required for P2P: [ 55D62DD579231402745ECCDD1E55C6CC ] AvgAMPS
12:45:46.0299 0x1680 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
12:45:46.0323 0x1680 hkmsvc - ok
12:45:46.0341 0x1680 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:45:46.0364 0x1680 HomeGroupListener - ok
12:45:46.0378 0x1680 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:45:46.0395 0x1680 HomeGroupProvider - ok
12:45:46.0400 0x1680 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
12:45:46.0406 0x1680 HpSAMD - ok
12:45:46.0421 0x1680 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
12:45:46.0441 0x1680 HTTP - ok
12:45:46.0445 0x1680 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
12:45:46.0451 0x1680 hwpolicy - ok
12:45:46.0453 0x1680 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
12:45:46.0458 0x1680 hyperkbd - ok
12:45:46.0461 0x1680 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:45:46.0466 0x1680 HyperVideo - ok
12:45:46.0470 0x1680 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
12:45:46.0477 0x1680 i8042prt - ok
12:45:46.0480 0x1680 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:45:46.0484 0x1680 iaLPSSi_GPIO - ok
12:45:46.0487 0x1680 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:45:46.0492 0x1680 iaLPSSi_I2C - ok
12:45:46.0503 0x1680 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
12:45:46.0516 0x1680 iaStorAV - ok
12:45:46.0524 0x1680 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
12:45:46.0535 0x1680 iaStorV - ok
12:45:46.0539 0x1680 [ 8F5031663CBB1A9922074E8E23151FFA, EF69CD92096291F5FC18550B2B6DBD4F61058603691F4BD3E61DEC97FD15E5FE ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
12:45:46.0545 0x1680 ICCS - ok
12:45:46.0548 0x1680 [ B9187F0E4F990357B9A5372066A40B57, BF9535335DAD8E26A3841FA07CFA937F9645AE4B1914C08C8029EDB020E8C694 ] ICCWDT C:\WINDOWS\System32\drivers\ICCWDT.sys
12:45:46.0552 0x1680 ICCWDT - ok
12:45:46.0554 0x1680 IEEtwCollectorService - ok
12:45:46.0620 0x1680 [ 3DA2B5AC772F03E408E2372E17ADC3A6, 89BB9C5EA79F311359AF678791ABD8F41155F5292D34BF55E26E37CDF32D2085 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:45:46.0695 0x1680 igfx - ok
12:45:46.0705 0x1680 [ 33FA2ECC88E5BCFAC7C8407D2573CDA1, E053680F9DA91BF0F785AEB4B07BC7F9E041646E5B7C104DB441E041175617BA ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
12:45:46.0713 0x1680 igfxCUIService1.0.0.0 - ok
12:45:46.0729 0x1680 [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\WINDOWS\System32\ikeext.dll
12:45:46.0748 0x1680 IKEEXT - ok
12:45:46.0752 0x1680 [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
12:45:46.0757 0x1680 intaud_WaveExtensible - ok
12:45:46.0807 0x1680 [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:45:46.0856 0x1680 IntcAzAudAddService - ok
12:45:46.0873 0x1680 [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:45:46.0888 0x1680 Intel(R) Capability Licensing Service TCP IP Interface - ok
12:45:46.0892 0x1680 [ 9417DBC88A3A80F6177BCA204B16A016, A1CAEEDB634C5858D6C448F38BB1464F555D9AC1EC4340DFD0E10E69B4F3CF07 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
12:45:46.0897 0x1680 Intel(R) ME Service - ok
12:45:46.0902 0x1680 [ DD73746062EAF2767EC84D995B50C977, FC06F843A400CDBC64ED2DC73A15DF4348D52D8D058A490E07363A8F4E9F6F7C ] Intel(R) PROSet Monitoring Service C:\WINDOWS\system32\IProsetMonitor.exe
12:45:46.0910 0x1680 Intel(R) PROSet Monitoring Service - ok
12:45:46.0912 0x1680 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
12:45:46.0917 0x1680 intelide - ok
12:45:46.0920 0x1680 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
12:45:46.0926 0x1680 intelpep - ok
12:45:46.0930 0x1680 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
12:45:46.0936 0x1680 intelppm - ok
12:45:46.0939 0x1680 [ 6D71CC813AC0963C5C78C19EC656048A, E6D7AA29A5860C7FB8AA76A47BF64C12D7E68CF98EABB7A3F9D9F3A918155FA7 ] iocbios2 C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
12:45:46.0943 0x1680 iocbios2 - ok
12:45:46.0946 0x1680 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:45:46.0954 0x1680 IpFilterDriver - ok
12:45:46.0969 0x1680 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
12:45:46.0986 0x1680 iphlpsvc - ok
12:45:46.0990 0x1680 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:45:46.0996 0x1680 IPMIDRV - ok
12:45:47.0000 0x1680 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
12:45:47.0007 0x1680 IPNAT - ok
12:45:47.0010 0x1680 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
12:45:47.0016 0x1680 IRENUM - ok
12:45:47.0019 0x1680 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
12:45:47.0025 0x1680 isapnp - ok
12:45:47.0032 0x1680 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
12:45:47.0041 0x1680 iScsiPrt - ok
12:45:47.0046 0x1680 [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
12:45:47.0054 0x1680 iumsvc - ok
12:45:47.0057 0x1680 [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
12:45:47.0062 0x1680 iwdbus - ok
12:45:47.0066 0x1680 [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:45:47.0072 0x1680 jhi_service - ok
12:45:47.0075 0x1680 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
12:45:47.0082 0x1680 kbdclass - ok
12:45:47.0085 0x1680 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
12:45:47.0091 0x1680 kbdhid - ok
12:45:47.0093 0x1680 [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
12:45:47.0099 0x1680 kbldfltr - ok
12:45:47.0101 0x1680 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:45:47.0107 0x1680 kdnic - ok
12:45:47.0109 0x1680 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
12:45:47.0116 0x1680 KeyIso - ok
12:45:47.0119 0x1680 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
12:45:47.0126 0x1680 KSecDD - ok
12:45:47.0131 0x1680 [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:45:47.0139 0x1680 KSecPkg - ok
12:45:47.0141 0x1680 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
12:45:47.0147 0x1680 ksthunk - ok
12:45:47.0154 0x1680 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
12:45:47.0165 0x1680 KtmRm - ok
12:45:47.0172 0x1680 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
12:45:47.0182 0x1680 LanmanServer - ok
12:45:47.0188 0x1680 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:45:47.0197 0x1680 LanmanWorkstation - ok
12:45:47.0207 0x1680 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
12:45:47.0220 0x1680 lfsvc - ok
12:45:47.0223 0x1680 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:45:47.0231 0x1680 lltdio - ok
12:45:47.0236 0x1680 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
12:45:47.0245 0x1680 lltdsvc - ok
12:45:47.0248 0x1680 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
12:45:47.0254 0x1680 lmhosts - ok
12:45:47.0262 0x1680 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:45:47.0271 0x1680 LMIGuardianSvc - ok
12:45:47.0277 0x1680 [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:45:47.0286 0x1680 LMS - ok
12:45:47.0291 0x1680 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
12:45:47.0297 0x1680 LSI_SAS - ok
12:45:47.0301 0x1680 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:45:47.0307 0x1680 LSI_SAS2 - ok
12:45:47.0310 0x1680 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
12:45:47.0317 0x1680 LSI_SAS3 - ok
12:45:47.0319 0x1680 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
12:45:47.0325 0x1680 LSI_SSS - ok
12:45:47.0338 0x1680 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
12:45:47.0354 0x1680 LSM - ok
12:45:47.0358 0x1680 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
12:45:47.0365 0x1680 luafv - ok
12:45:47.0368 0x1680 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
12:45:47.0374 0x1680 megasas - ok
12:45:47.0383 0x1680 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
12:45:47.0398 0x1680 megasr - ok
12:45:47.0402 0x1680 [ 9042E630FE102F1A2436EE05857CD139, 96C855824E46E2863EBC4A70FC195A14BD9FDD35107358B83D6C3CD01C522F3C ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
12:45:47.0407 0x1680 MEIx64 - ok
12:45:47.0410 0x1680 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
12:45:47.0417 0x1680 MMCSS - ok
12:45:47.0419 0x1680 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
12:45:47.0427 0x1680 Modem - ok
12:45:47.0429 0x1680 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
12:45:47.0435 0x1680 monitor - ok
12:45:47.0438 0x1680 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
12:45:47.0443 0x1680 mouclass - ok
12:45:47.0446 0x1680 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
12:45:47.0452 0x1680 mouhid - ok
12:45:47.0455 0x1680 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
12:45:47.0462 0x1680 mountmgr - ok
12:45:47.0465 0x1680 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
12:45:47.0471 0x1680 mpsdrv - ok
12:45:47.0485 0x1680 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
12:45:47.0502 0x1680 MpsSvc - ok
12:45:47.0506 0x1680 [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
12:45:47.0514 0x1680 MRxDAV - ok
12:45:47.0521 0x1680 [ 61000E7155E92342D0D5338CE05D102A, BCFA1A82B9727040C496A84F42D4613B96EC445018BDFBF2E180889B1B561559 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:45:47.0531 0x1680 mrxsmb - ok
12:45:47.0537 0x1680 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:45:47.0547 0x1680 mrxsmb10 - ok
12:45:47.0552 0x1680 [ B0A106352DEF6D52332EA39E00462EA7, 274422C1E172B673130944F2FF2A2D9A9A364CFFC02FD04DD7D6D45B34C5022A ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:45:47.0559 0x1680 mrxsmb20 - ok
12:45:47.0563 0x1680 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
12:45:47.0569 0x1680 MsBridge - ok
12:45:47.0574 0x1680 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
12:45:47.0581 0x1680 MSDTC - ok
12:45:47.0585 0x1680 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:45:47.0592 0x1680 Msfs - ok
12:45:47.0595 0x1680 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:45:47.0600 0x1680 msgpiowin32 - ok
12:45:47.0602 0x1680 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:45:47.0608 0x1680 mshidkmdf - ok
12:45:47.0610 0x1680 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
12:45:47.0615 0x1680 mshidumdf - ok
12:45:47.0618 0x1680 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
12:45:47.0623 0x1680 msisadrv - ok
12:45:47.0627 0x1680 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
12:45:47.0635 0x1680 MSiSCSI - ok
12:45:47.0636 0x1680 msiserver - ok
12:45:47.0639 0x1680 [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
12:45:47.0646 0x1680 MsKeyboardFilter - ok
12:45:47.0648 0x1680 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:45:47.0654 0x1680 MSKSSRV - ok
12:45:47.0657 0x1680 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
12:45:47.0662 0x1680 MsLldp - ok
12:45:47.0665 0x1680 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:45:47.0670 0x1680 MSPCLOCK - ok
12:45:47.0673 0x1680 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:45:47.0678 0x1680 MSPQM - ok
12:45:47.0685 0x1680 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
12:45:47.0696 0x1680 MsRPC - ok
12:45:47.0700 0x1680 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
12:45:47.0706 0x1680 mssmbios - ok
12:45:47.0708 0x1680 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:45:47.0714 0x1680 MSTEE - ok
12:45:47.0716 0x1680 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
12:45:47.0722 0x1680 MTConfig - ok
12:45:47.0725 0x1680 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
12:45:47.0731 0x1680 Mup - ok
12:45:47.0734 0x1680 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
12:45:47.0740 0x1680 mvumis - ok
12:45:47.0747 0x1680 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
12:45:47.0759 0x1680 napagent - ok
12:45:47.0767 0x1680 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:45:47.0778 0x1680 NativeWifiP - ok
12:45:47.0783 0x1680 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
12:45:47.0791 0x1680 NcaSvc - ok
12:45:47.0795 0x1680 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
12:45:47.0803 0x1680 NcbService - ok
12:45:47.0806 0x1680 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
12:45:47.0813 0x1680 NcdAutoSetup - ok
12:45:47.0830 0x1680 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
12:45:47.0854 0x1680 NDIS - ok
12:45:47.0857 0x1680 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:45:47.0863 0x1680 NdisCap - ok
12:45:47.0867 0x1680 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:45:47.0874 0x1680 NdisImPlatform - ok
12:45:47.0876 0x1680 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:45:47.0881 0x1680 NdisTapi - ok
12:45:47.0884 0x1680 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:45:47.0890 0x1680 Ndisuio - ok
12:45:47.0893 0x1680 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:45:47.0899 0x1680 NdisVirtualBus - ok
12:45:47.0904 0x1680 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:45:47.0914 0x1680 NdisWan - ok
12:45:47.0918 0x1680 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:45:47.0927 0x1680 NdisWanLegacy - ok
12:45:47.0931 0x1680 [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1, 913AEC8A5F735C2EFDCB417E4077AB5A15457C601E6E88A1F4FA52C91E6E0BBF ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:45:47.0936 0x1680 NDProxy - ok
12:45:47.0940 0x1680 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
12:45:47.0946 0x1680 Ndu - ok
12:45:47.0949 0x1680 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:45:47.0955 0x1680 NetBIOS - ok
12:45:47.0960 0x1680 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:45:47.0969 0x1680 NetBT - ok
12:45:47.0972 0x1680 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
12:45:47.0978 0x1680 Netlogon - ok
12:45:47.0984 0x1680 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
12:45:47.0993 0x1680 Netman - ok
12:45:48.0003 0x1680 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
12:45:48.0016 0x1680 netprofm - ok
12:45:48.0023 0x1680 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:45:48.0030 0x1680 NetTcpPortSharing - ok
12:45:48.0034 0x1680 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
12:45:48.0040 0x1680 netvsc - ok
12:45:48.0043 0x1680 [ 1D0FA98056D436B14C2BBBF450B59866, 51B796C9AE64079A9F07FD0645488043B942A141CB2FFAB3D36010FFF4BA770F ] networx C:\WINDOWS\system32\drivers\networx.sys
12:45:48.0048 0x1680 networx - ok
12:45:48.0056 0x1680 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
12:45:48.0067 0x1680 NlaSvc - ok
12:45:48.0070 0x1680 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:45:48.0078 0x1680 Npfs - ok
12:45:48.0081 0x1680 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
12:45:48.0086 0x1680 npsvctrig - ok
12:45:48.0089 0x1680 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
12:45:48.0096 0x1680 nsi - ok
12:45:48.0098 0x1680 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
12:45:48.0105 0x1680 nsiproxy - ok
12:45:48.0135 0x1680 [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:45:48.0173 0x1680 Ntfs - ok
12:45:48.0176 0x1680 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
12:45:48.0182 0x1680 Null - ok
12:45:48.0187 0x1680 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
12:45:48.0194 0x1680 nvraid - ok
12:45:48.0199 0x1680 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
12:45:48.0207 0x1680 nvstor - ok
12:45:48.0211 0x1680 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
12:45:48.0218 0x1680 nv_agp - ok
12:45:48.0249 0x1680 [ A309633A4BA2DE3FC30468C3103E0BA5, 530C707A4FCD36A45E9D370D20105356C8019DE41EF1C1F1A728A523D5FBEE25 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
12:45:48.0281 0x1680 Origin Client Service - ok
12:45:48.0290 0x1680 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
12:45:48.0301 0x1680 p2pimsvc - ok
12:45:48.0311 0x1680 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
12:45:48.0323 0x1680 p2psvc - ok
12:45:48.0326 0x1680 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
12:45:48.0333 0x1680 Parport - ok
12:45:48.0338 0x1680 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
12:45:48.0344 0x1680 partmgr - ok
12:45:48.0352 0x1680 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
12:45:48.0365 0x1680 PcaSvc - ok
12:45:48.0373 0x1680 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
12:45:48.0383 0x1680 pci - ok
12:45:48.0386 0x1680 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
12:45:48.0392 0x1680 pciide - ok
12:45:48.0395 0x1680 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
12:45:48.0402 0x1680 pcmcia - ok
12:45:48.0405 0x1680 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
12:45:48.0411 0x1680 pcw - ok
12:45:48.0415 0x1680 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
12:45:48.0421 0x1680 pdc - ok
12:45:48.0433 0x1680 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
12:45:48.0447 0x1680 PEAUTH - ok
12:45:48.0480 0x1680 [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
12:45:48.0516 0x1680 PeerDistSvc - ok
12:45:48.0544 0x1680 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
12:45:48.0550 0x1680 PerfHost - ok
12:45:48.0576 0x1680 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
12:45:48.0604 0x1680 pla - ok
12:45:48.0609 0x1680 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
12:45:48.0617 0x1680 PlugPlay - ok
12:45:48.0620 0x1680 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
12:45:48.0627 0x1680 PNRPAutoReg - ok
12:45:48.0633 0x1680 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
12:45:48.0645 0x1680 PNRPsvc - ok
12:45:48.0652 0x1680 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
12:45:48.0664 0x1680 PolicyAgent - ok
12:45:48.0669 0x1680 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
12:45:48.0677 0x1680 Power - ok
12:45:48.0722 0x1680 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:45:48.0768 0x1680 PrintNotify - ok
12:45:48.0774 0x1680 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
12:45:48.0781 0x1680 Processor - ok
12:45:48.0787 0x1680 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
12:45:48.0796 0x1680 ProfSvc - ok
12:45:48.0800 0x1680 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
12:45:48.0808 0x1680 Psched - ok
12:45:48.0815 0x1680 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
12:45:48.0825 0x1680 QWAVE - ok
12:45:48.0828 0x1680 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
12:45:48.0834 0x1680 QWAVEdrv - ok
12:45:48.0835 0x09d8 Object send P2P result: true
12:45:48.0835 0x09d8 Object required for P2P: [ F5EB38E929945BB7B476924F4D61DB4F ] AVGIDSAgent
12:45:48.0837 0x1680 RAMDiskVE - ok
12:45:48.0839 0x1680 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:45:48.0846 0x1680 RasAcd - ok
12:45:48.0850 0x1680 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:45:48.0857 0x1680 RasAuto - ok
12:45:48.0867 0x1680 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:45:48.0880 0x1680 RasMan - ok
12:45:48.0885 0x1680 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:45:48.0893 0x1680 RasPppoe - ok
12:45:48.0900 0x1680 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:45:48.0911 0x1680 rdbss - ok
12:45:48.0915 0x1680 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
12:45:48.0921 0x1680 rdpbus - ok
12:45:48.0925 0x1680 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
12:45:48.0933 0x1680 RDPDR - ok
12:45:48.0937 0x1680 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:45:48.0943 0x1680 RdpVideoMiniport - ok
12:45:48.0948 0x1680 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
12:45:48.0958 0x1680 rdyboost - ok
12:45:48.0973 0x1680 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
12:45:48.0995 0x1680 ReFS - ok
12:45:49.0002 0x1680 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:45:49.0011 0x1680 RemoteAccess - ok
12:45:49.0015 0x1680 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:45:49.0023 0x1680 RemoteRegistry - ok
12:45:49.0027 0x1680 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
12:45:49.0035 0x1680 RpcEptMapper - ok
12:45:49.0037 0x1680 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
12:45:49.0043 0x1680 RpcLocator - ok
12:45:49.0057 0x1680 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:45:49.0075 0x1680 RpcSs - ok
12:45:49.0078 0x1680 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:45:49.0086 0x1680 rspndr - ok
12:45:49.0093 0x1680 [ DDF3EFB4AD226C61D0ADA6E779E3D968, 5B14B35321F10D974B9F47D60C9DAA527A2C907029C242A6F4214E6012A046DA ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
12:45:49.0100 0x1680 RtkAudioService - ok
12:45:49.0102 0x1680 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
12:45:49.0108 0x1680 s3cap - ok
12:45:49.0111 0x1680 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
12:45:49.0117 0x1680 SamSs - ok
12:45:49.0122 0x1680 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
12:45:49.0129 0x1680 sbp2port - ok
12:45:49.0134 0x1680 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
12:45:49.0143 0x1680 SCardSvr - ok
12:45:49.0147 0x1680 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
12:45:49.0155 0x1680 ScDeviceEnum - ok
12:45:49.0158 0x1680 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:45:49.0164 0x1680 scfilter - ok
12:45:49.0183 0x1680 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:45:49.0206 0x1680 Schedule - ok
12:45:49.0211 0x1680 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
12:45:49.0220 0x1680 SCPolicySvc - ok
12:45:49.0226 0x1680 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
12:45:49.0235 0x1680 sdbus - ok
12:45:49.0239 0x1680 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
12:45:49.0245 0x1680 sdstor - ok
12:45:49.0248 0x1680 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
12:45:49.0254 0x1680 secdrv - ok
12:45:49.0256 0x1680 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\WINDOWS\system32\seclogon.dll
12:45:49.0263 0x1680 seclogon - ok
12:45:49.0267 0x1680 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
12:45:49.0274 0x1680 SENS - ok
12:45:49.0279 0x1680 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
12:45:49.0288 0x1680 SensrSvc - ok
12:45:49.0291 0x1680 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
12:45:49.0297 0x1680 SerCx - ok
12:45:49.0301 0x1680 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
12:45:49.0308 0x1680 SerCx2 - ok
12:45:49.0310 0x1680 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
12:45:49.0316 0x1680 Serenum - ok
12:45:49.0320 0x1680 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
12:45:49.0327 0x1680 Serial - ok
12:45:49.0330 0x1680 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
12:45:49.0337 0x1680 sermouse - ok
12:45:49.0347 0x1680 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
12:45:49.0359 0x1680 SessionEnv - ok
12:45:49.0361 0x1680 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
12:45:49.0369 0x1680 sfloppy - ok
12:45:49.0377 0x1680 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:45:49.0390 0x1680 SharedAccess - ok
12:45:49.0402 0x1680 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:45:49.0418 0x1680 ShellHWDetection - ok
12:45:49.0421 0x1680 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:45:49.0427 0x1680 SiSRaid2 - ok
12:45:49.0431 0x1680 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
12:45:49.0437 0x1680 SiSRaid4 - ok
12:45:49.0440 0x1680 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
12:45:49.0446 0x1680 smphost - ok
12:45:49.0450 0x1680 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:45:49.0457 0x1680 SNMPTRAP - ok
12:45:49.0465 0x1680 [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
12:45:49.0477 0x1680 spaceport - ok
12:45:49.0480 0x1680 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
12:45:49.0487 0x1680 SpbCx - ok
12:45:49.0500 0x1680 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\WINDOWS\System32\spoolsv.exe
12:45:49.0519 0x1680 Spooler - ok
12:45:49.0608 0x1680 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
12:45:49.0715 0x1680 sppsvc - ok
12:45:49.0727 0x1680 [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:45:49.0737 0x1680 srv - ok
12:45:49.0748 0x1680 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
12:45:49.0763 0x1680 srv2 - ok
12:45:49.0769 0x1680 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:45:49.0777 0x1680 srvnet - ok
12:45:49.0782 0x1680 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:45:49.0792 0x1680 SSDPSRV - ok
12:45:49.0796 0x1680 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
12:45:49.0804 0x1680 SstpSvc - ok
12:45:49.0809 0x1680 [ 37680AECA1BF2D430719A297F68ECD49, 64E6A2C077316CE4807F2F480324F4011003686F698CCB0AA93C659DAAE1FAB5 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:45:49.0816 0x1680 ssudmdm - ok
12:45:49.0829 0x1680 [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
12:45:49.0843 0x1680 ss_conn_service - ok
12:45:49.0846 0x1680 [ BD6EE4D9F3C2333A48F86BC135BE1F63, 55940DAA9A81016BB1E23C14C776F0BA4794915E7409F794E1164966CB7752EA ] StartMenuService C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
12:45:49.0851 0x1680 StartMenuService - ok
12:45:49.0864 0x1680 [ 81433E112B6BD31B59519BA31EF927DB, DD1776E5729F22C58A4969132E0C105B0E48672ADC4E8FD958A8D5A627596BBA ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:45:49.0878 0x1680 Steam Client Service - ok
12:45:49.0881 0x1680 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
12:45:49.0887 0x1680 stexstor - ok
12:45:49.0899 0x1680 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
12:45:49.0914 0x1680 stisvc - ok
12:45:49.0919 0x1680 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
12:45:49.0926 0x1680 storahci - ok
12:45:49.0928 0x1680 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
12:45:49.0934 0x1680 storflt - ok
12:45:49.0942 0x1680 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
12:45:49.0948 0x1680 stornvme - ok
12:45:49.0952 0x1680 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
12:45:49.0958 0x1680 StorSvc - ok
12:45:49.0961 0x1680 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
12:45:49.0967 0x1680 storvsc - ok
12:45:49.0970 0x1680 [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
12:45:49.0976 0x1680 storvsp - ok
12:45:49.0978 0x1680 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
12:45:49.0985 0x1680 svsvc - ok
12:45:49.0987 0x1680 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
12:45:49.0992 0x1680 swenum - ok
12:45:50.0005 0x1680 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
12:45:50.0021 0x1680 swprv - ok
12:45:50.0041 0x1680 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
12:45:50.0062 0x1680 SysMain - ok
12:45:50.0069 0x1680 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:45:50.0079 0x1680 SystemEventsBroker - ok
12:45:50.0086 0x1680 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:45:50.0094 0x1680 TabletInputService - ok
12:45:50.0101 0x1680 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:45:50.0112 0x1680 TapiSrv - ok
12:45:50.0162 0x1680 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
12:45:50.0205 0x1680 Tcpip - ok
12:45:50.0242 0x1680 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:45:50.0286 0x1680 TCPIP6 - ok
12:45:50.0291 0x1680 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
12:45:50.0297 0x1680 tcpipreg - ok
12:45:50.0302 0x1680 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
12:45:50.0309 0x1680 tdx - ok
12:45:50.0405 0x1680 [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
12:45:50.0496 0x1680 TeamViewer - ok
12:45:50.0503 0x1680 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
12:45:50.0509 0x1680 terminpt - ok
12:45:50.0527 0x1680 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
12:45:50.0547 0x1680 TermService - ok
12:45:50.0551 0x1680 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
12:45:50.0558 0x1680 Themes - ok
12:45:50.0561 0x1680 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
12:45:50.0567 0x1680 THREADORDER - ok
12:45:50.0573 0x1680 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
12:45:50.0582 0x1680 TimeBroker - ok
12:45:50.0587 0x1680 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
12:45:50.0595 0x1680 TPM - ok
12:45:50.0598 0x1680 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
12:45:50.0605 0x1680 TrkWks - ok
12:45:50.0609 0x1680 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:45:50.0617 0x1680 TrustedInstaller - ok
12:45:50.0621 0x1680 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
12:45:50.0627 0x1680 TsUsbFlt - ok
12:45:50.0630 0x1680 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:45:50.0636 0x1680 TsUsbGD - ok
12:45:50.0640 0x1680 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:45:50.0647 0x1680 tunnel - ok
12:45:50.0650 0x1680 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
12:45:50.0656 0x1680 uagp35 - ok
12:45:50.0659 0x1680 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
12:45:50.0665 0x1680 UASPStor - ok
12:45:50.0671 0x1680 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
12:45:50.0678 0x1680 UCX01000 - ok
12:45:50.0685 0x1680 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
12:45:50.0694 0x1680 udfs - ok
12:45:50.0697 0x1680 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
12:45:50.0702 0x1680 UEFI - ok
12:45:50.0706 0x1680 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
12:45:50.0713 0x1680 UI0Detect - ok
12:45:50.0715 0x1680 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
12:45:50.0721 0x1680 uliagpkx - ok
12:45:50.0724 0x1680 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
12:45:50.0731 0x1680 umbus - ok
12:45:50.0733 0x1680 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
12:45:50.0739 0x1680 UmPass - ok
12:45:50.0744 0x1680 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
12:45:50.0754 0x1680 UmRdpService - ok
12:45:50.0763 0x1680 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:45:50.0775 0x1680 upnphost - ok
12:45:50.0780 0x1680 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
12:45:50.0787 0x1680 usbccgp - ok
12:45:50.0791 0x1680 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
12:45:50.0798 0x1680 usbcir - ok
12:45:50.0802 0x1680 [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
12:45:50.0809 0x1680 usbehci - ok
12:45:50.0819 0x1680 [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
12:45:50.0832 0x1680 usbhub - ok
12:45:50.0849 0x1680 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
12:45:50.0862 0x1680 USBHUB3 - ok
12:45:50.0865 0x1680 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
12:45:50.0871 0x1680 usbohci - ok
12:45:50.0874 0x1680 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
12:45:50.0880 0x1680 usbprint - ok
12:45:50.0884 0x1680 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:45:50.0892 0x1680 USBSTOR - ok
12:45:50.0895 0x1680 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
12:45:50.0901 0x1680 usbuhci - ok
12:45:50.0908 0x1680 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:45:50.0919 0x1680 USBXHCI - ok
12:45:50.0922 0x1680 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
12:45:50.0929 0x1680 VaultSvc - ok
12:45:50.0933 0x1680 [ 8CD776EB77695524CCE594AAC3A71569, AEF6F9B0E5F67E87819EB0E9FA5220EEF247A160A2BF8511CEDC8D12A9D4D941 ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
12:45:50.0939 0x1680 VBoxNetAdp - ok
12:45:50.0944 0x1680 [ 39D80811EB7E87CD7F682A3124693CBA, C90A08CCE322FB01F5D8E7CE269CFC5B91E7A30FC4BCCEE047C636D651E5A59A ] VBoxNetFlt C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
12:45:50.0951 0x1680 VBoxNetFlt - ok
12:45:50.0954 0x1680 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
12:45:50.0959 0x1680 vdrvroot - ok
12:45:50.0980 0x1680 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
12:45:51.0006 0x1680 vds - ok
12:45:51.0012 0x1680 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
12:45:51.0021 0x1680 VerifierExt - ok
12:45:51.0033 0x1680 [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
12:45:51.0050 0x1680 vhdmp - ok
12:45:51.0054 0x1680 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
12:45:51.0060 0x1680 viaide - ok
12:45:51.0066 0x1680 [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\WINDOWS\System32\drivers\Vid.sys
12:45:51.0074 0x1680 Vid - ok
12:45:51.0079 0x1680 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
12:45:51.0085 0x1680 vmbus - ok
12:45:51.0088 0x1680 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
12:45:51.0094 0x1680 VMBusHID - ok
12:45:51.0099 0x1680 [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
12:45:51.0107 0x1680 vmbusr - ok
12:45:51.0115 0x1680 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:45:51.0129 0x1680 vmicguestinterface - ok
12:45:51.0138 0x1680 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
12:45:51.0151 0x1680 vmicheartbeat - ok
12:45:51.0161 0x1680 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:45:51.0174 0x1680 vmickvpexchange - ok
12:45:51.0183 0x1680 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
12:45:51.0196 0x1680 vmicrdv - ok
12:45:51.0205 0x1680 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
12:45:51.0218 0x1680 vmicshutdown - ok
12:45:51.0227 0x1680 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
12:45:51.0239 0x1680 vmictimesync - ok
12:45:51.0249 0x1680 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
12:45:51.0262 0x1680 vmicvss - ok
12:45:51.0266 0x1680 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
12:45:51.0272 0x1680 volmgr - ok
12:45:51.0280 0x1680 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
12:45:51.0291 0x1680 volmgrx - ok
12:45:51.0299 0x1680 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
12:45:51.0306 0x09d8 Object send P2P result: true
12:45:51.0307 0x09d8 Object required for P2P: [ 2A9380C58B7CD687EB9709086614820D ] Avgmfx64
12:45:51.0309 0x1680 volsnap - ok
12:45:51.0312 0x1680 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
12:45:51.0318 0x1680 vpci - ok
12:45:51.0321 0x1680 [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
12:45:51.0327 0x1680 vpcivsp - ok
12:45:51.0331 0x1680 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
12:45:51.0339 0x1680 vsmraid - ok
12:45:51.0360 0x1680 [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\WINDOWS\system32\vssvc.exe
12:45:51.0385 0x1680 VSS - ok
12:45:51.0393 0x1680 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
12:45:51.0403 0x1680 VSTXRAID - ok
12:45:51.0406 0x1680 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
12:45:51.0411 0x1680 vwifibus - ok
12:45:51.0419 0x1680 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
12:45:51.0432 0x1680 W32Time - ok
12:45:51.0436 0x1680 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
12:45:51.0442 0x1680 WacomPen - ok
12:45:51.0466 0x1680 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
12:45:51.0493 0x1680 wbengine - ok
12:45:51.0503 0x1680 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
12:45:51.0515 0x1680 WbioSrvc - ok
12:45:51.0523 0x1680 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
12:45:51.0534 0x1680 Wcmsvc - ok
12:45:51.0543 0x1680 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
12:45:51.0555 0x1680 wcncsvc - ok
12:45:51.0558 0x1680 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:45:51.0565 0x1680 WcsPlugInService - ok
12:45:51.0568 0x1680 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
12:45:51.0574 0x1680 WdBoot - ok
12:45:51.0588 0x1680 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
12:45:51.0605 0x1680 Wdf01000 - ok
12:45:51.0610 0x1680 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
12:45:51.0619 0x1680 WdFilter - ok
12:45:51.0623 0x1680 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
12:45:51.0632 0x1680 WdiServiceHost - ok
12:45:51.0634 0x1680 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
12:45:51.0642 0x1680 WdiSystemHost - ok
12:45:51.0645 0x1680 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:45:51.0652 0x1680 WdNisDrv - ok
12:45:51.0654 0x1680 WdNisSvc - ok
12:45:51.0659 0x1680 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll
12:45:51.0668 0x1680 WebClient - ok
12:45:51.0673 0x1680 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
12:45:51.0684 0x1680 Wecsvc - ok
12:45:51.0687 0x1680 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
12:45:51.0694 0x1680 WEPHOSTSVC - ok
12:45:51.0696 0x1680 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
12:45:51.0705 0x1680 wercplsupport - ok
12:45:51.0708 0x1680 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
12:45:51.0717 0x1680 WerSvc - ok
12:45:51.0721 0x1680 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:45:51.0728 0x1680 WFPLWFS - ok
12:45:51.0732 0x1680 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
12:45:51.0739 0x1680 WiaRpc - ok
12:45:51.0741 0x1680 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
12:45:51.0747 0x1680 WIMMount - ok
12:45:51.0748 0x1680 WinDefend - ok
12:45:51.0763 0x1680 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:45:51.0779 0x1680 WinHttpAutoProxySvc - ok
12:45:51.0788 0x1680 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:45:51.0796 0x1680 Winmgmt - ok
12:45:51.0833 0x1680 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
12:45:51.0875 0x1680 WinRM - ok
12:45:51.0882 0x1680 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
12:45:51.0888 0x1680 WinUsb - ok
12:45:51.0911 0x1680 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
12:45:51.0938 0x1680 WlanSvc - ok
12:45:51.0964 0x1680 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
12:45:51.0991 0x1680 wlidsvc - ok
12:45:51.0995 0x1680 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
12:45:52.0000 0x1680 WmiAcpi - ok
12:45:52.0006 0x1680 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:45:52.0014 0x1680 wmiApSrv - ok
12:45:52.0015 0x1680 WMPNetworkSvc - ok
12:45:52.0019 0x1680 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
12:45:52.0026 0x1680 Wof - ok
12:45:52.0053 0x1680 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
12:45:52.0080 0x1680 workfolderssvc - ok
12:45:52.0083 0x1680 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:45:52.0090 0x1680 wpcfltr - ok
12:45:52.0094 0x1680 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
12:45:52.0099 0x1680 WPCSvc - ok
12:45:52.0102 0x1680 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
12:45:52.0109 0x1680 WPDBusEnum - ok
12:45:52.0112 0x1680 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:45:52.0117 0x1680 WpdUpFltr - ok
12:45:52.0120 0x1680 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:45:52.0127 0x1680 ws2ifsl - ok
12:45:52.0131 0x1680 [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\WINDOWS\System32\wscsvc.dll
12:45:52.0139 0x1680 wscsvc - ok
12:45:52.0141 0x1680 WSearch - ok
12:45:52.0191 0x1680 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
12:45:52.0254 0x1680 WSService - ok
12:45:52.0309 0x1680 [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv C:\WINDOWS\system32\wuaueng.dll
12:45:52.0361 0x1680 wuauserv - ok
12:45:52.0367 0x1680 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
12:45:52.0374 0x1680 WudfPf - ok
12:45:52.0379 0x1680 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
12:45:52.0387 0x1680 WUDFRd - ok
12:45:52.0390 0x1680 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
12:45:52.0398 0x1680 wudfsvc - ok
12:45:52.0403 0x1680 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
12:45:52.0411 0x1680 WUDFWpdFs - ok
12:45:52.0415 0x1680 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
12:45:52.0423 0x1680 WUDFWpdMtp - ok
12:45:52.0432 0x1680 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
12:45:52.0445 0x1680 WwanSvc - ok
12:45:52.0449 0x1680 [ D31088A8A99556B89A6BAE9482861981, B1157DA31A8B4B477C119AEE79102F9A3927C10BE4B72013D9B92B70224CAE0C ] XTU3SERVICE C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
12:45:52.0453 0x1680 XTU3SERVICE - ok
12:45:52.0456 0x1680 ================ Scan global ===============================
12:45:52.0459 0x1680 [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
12:45:52.0464 0x1680 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
12:45:52.0470 0x1680 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
12:45:52.0478 0x1680 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
12:45:52.0483 0x1680 [ Global ] - ok
12:45:52.0483 0x1680 ================ Scan MBR ==================================
12:45:52.0484 0x1680 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:45:52.0560 0x1680 \Device\Harddisk0\DR0 - ok
12:45:52.0560 0x1680 ================ Scan VBR ==================================
12:45:52.0561 0x1680 [ 8A0F1BEEAD8B1D90B6956FD63DA39D2A ] \Device\Harddisk0\DR0\Partition1
12:45:52.0562 0x1680 \Device\Harddisk0\DR0\Partition1 - ok
12:45:52.0563 0x1680 [ EA247324B9470F7FD287063037F7615C ] \Device\Harddisk0\DR0\Partition2
12:45:52.0564 0x1680 \Device\Harddisk0\DR0\Partition2 - ok
12:45:52.0564 0x1680 ================ Scan generic autorun ======================
12:45:52.0756 0x1680 [ 324B8DDDF70D28B7A767E0608256DF36, 2FA4AA3F5E6D9C16A50F986027708AF657ADE9AE2A286E4F7686A1DF510FC2C1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:45:52.0968 0x1680 RtHDVCpl - ok
12:45:53.0064 0x1680 [ D56A00F9BA547A10EB8F827DC2243E4B, AA41F0CC4D32134939637F38A87FF2302F219073CE5D605CDED6433F6E7BC995 ] C:\Program Files\NetWorx\networx.exe
12:45:53.0162 0x1680 NetWorx - ok
12:45:53.0232 0x1680 [ 6C1D16D4275DBC2B4D05377BF9408319, 38443F6EDB2E4C0210BC8A157C0699E63450ED4F1CE5C2A8D45ACC7A6BB67314 ] C:\Program Files\AMD\CNext\CNext\cnext.exe
12:45:53.0307 0x1680 StartCN - ok
12:45:53.0313 0x1680 [ D912BEAF43ED95F3038102968D5955D9, 4C2BE7C25E969E51A7A007B297A078BE36CEEAA6A994EF9FBFA6881E7F812584 ] C:\Program Files (x86)\AVG\Av\avuirunnerx.exe
12:45:53.0318 0x1680 AVG_UI - ok
12:45:53.0323 0x1680 [ 5AFEC06F084C782E71AECA038939E57E, E2ADA01793D93D3860192C4029FC26F1DF2C6DBA51897E613C2CC059FC4511F7 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
12:45:53.0328 0x1680 GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
12:45:53.0767 0x09d8 Object send P2P result: true
12:45:53.0767 0x09d8 Object required for P2P: [ 501D3FE6D8A15FB182983E4EA0C6386B ] avgwd
12:45:55.0786 0x1680 GamingMouse ( UnsignedFile.Multi.Generic ) - warning
12:45:56.0230 0x09d8 Object send P2P result: true
12:45:56.0249 0x09d8 Object required for P2P: [ FC6224B8BADB3ECC0D2A652C54A3C5A2 ] Hamachi2Svc
12:45:58.0174 0x1680 [ 90F3260640FA377A2208AE5BA2701A67, 323A52508ACD92D11FA66467C54A2F319F0D57C82E48E49CF9CCA74FEA835288 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
12:45:58.0200 0x1680 KiesTrayAgent - ok
12:45:58.0207 0x1680 [ 845C94C35431FD2CD8DA3D770DE8E35B, 194D63D88235443FB99414C0D5BB265CEA14DEA812BC468010FA138B4548D474 ] C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe
12:45:58.0219 0x1680 AvgUi - ok
12:45:58.0229 0x1680 [ 4BEE9F6A75933E49BB13834E66C8B36E, 246B1A4CE045A8415C02F6CB7E6181EFE73133217A94C20675AB97FA6B94BA59 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:45:58.0243 0x1680 SunJavaUpdateSched - ok
12:45:58.0322 0x1680 [ 7798D121C40F5F30D2E70784AA0CAA8C, 660C218330D87479A6C9BDB8523785D780F6CE13134AB90F1B99BCF1E1B34BE2 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
12:45:58.0405 0x1680 LogMeIn Hamachi Ui - ok
12:45:58.0497 0x1680 [ C1C1DC114D1CF460FD1F04DD6A8999D9, FD4C01DDEA011A73F731645D208CD800896BA2DFE7C3D0A204120BBCF8733AFF ] C:\Program Files\CCleaner\CCleaner64.exe
12:45:58.0595 0x1680 CCleaner Monitoring - ok
12:45:58.0629 0x1680 [ 005B2B63719E6B3E8E2E1446A9278F8E, 0A34046B0205A2FEEE5E2867765D171D7BA420A1527E49472A35B484219BD377 ] C:\Users\Michael\AppData\Roaming\Spotify\SpotifyWebHelper.exe
12:45:58.0661 0x1680 Spotify Web Helper - ok
12:45:58.0663 0x1680 Waiting for KSN requests completion. In queue: 39
12:45:58.0730 0x09d8 Object send P2P result: true
12:45:59.0664 0x1680 Waiting for KSN requests completion. In queue: 6
12:46:00.0664 0x1680 Waiting for KSN requests completion. In queue: 6
12:46:01.0673 0x1680 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
12:46:01.0675 0x1680 AV detected via SS2: AVG AntiVirus Free Edition, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.51.0.7497 ), 0x41000 ( enabled : updated )
12:46:01.0681 0x1680 Win FW state via NFP2: enabled ( trusted )
12:46:04.0044 0x1680 ============================================================
12:46:04.0044 0x1680 Scan finished
12:46:04.0044 0x1680 ============================================================
12:46:04.0064 0x0b14 Detected object count: 2
12:46:04.0064 0x0b14 Actual detected object count: 2
12:48:56.0938 0x0b14 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
12:48:56.0938 0x0b14 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:48:56.0938 0x0b14 GamingMouse ( UnsignedFile.Multi.Generic ) - skipped by user
12:48:56.0938 0x0b14 GamingMouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:51:49.0898 0x0654 Deinitialize success
MfG Michael |
|
26.03.2016, 14:29
| #5 |
| /// Malwareteam | versteckte Treiber entdeckt-PC teilweise stark verlangsamt Hast du einen Fund in der Quarantäne von AVG? Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
26.03.2016, 15:00
| #6 |
| | versteckte Treiber entdeckt-PC teilweise stark verlangsamt Ja, aber es ist die .exe eines Spiels von Steam und noch vom 3.10.14. -> ziemlich unwahrscheinlich, dass die ein Problem ist. Könnte es nicht auch sein, dass AVG mir einen relaventen Treiber gelöscht hat ? Logfile von AdwCleaner: Code:
ATTFilter # AdwCleaner v5.105 - Bericht erstellt am 26/03/2016 um 14:42:06
# Aktualisiert am 21/03/2016 von Xplode
# Datenbank : 2016-03-25.2 [Server]
# Betriebssystem : Windows 8.1 Pro (x64)
# Benutzername : Michael - DER-BOSS
# Gestartet von : C:\Users\Michael\Desktop\PC Bereinigung\AdwCleaner\AdwCleaner_5.105.exe
# Option : Löschen
# Unterstützung : http://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec
[-] Ordner Gelöscht : C:\ProgramData\Avg_Update_0814av
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel Gelöscht : HKCU\Software\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\AVG Web TuneUp
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1566 Bytes] - [26/03/2016 14:42:06]
C:\AdwCleaner\AdwCleaner[S1].txt - [1955 Bytes] - [26/03/2016 14:40:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1712 Bytes] ##########
Logfile von Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 26.03.2016 Suchlaufzeit: 14:52 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.03.26.03 Rootkit-Datenbank: v2016.03.12.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Michael Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 385629 Abgelaufene Zeit: 4 Min., 9 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Michael (Administrator) auf DER-BOSS (26-03-2016 14:57:55)
Gestartet von C:\Users\Michael\Desktop\PC Bereinigung
Geladene Profile: Michael (Verfügbare Profile: Michael)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2014-09-08] (Realtek Semiconductor)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [6589136 2014-09-30] (SoftPerfect Research)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [246784 2013-03-12] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-03-22] (LogMeIn Inc.)
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\Run: [Spotify Web Helper] => C:\Users\Michael\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-13] (Spotify Ltd)
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\MountPoints2: {7892395f-3b3a-11e4-be81-d050992aab1a} - "D:\pushinst.exe"
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\MountPoints2: {bc9c932c-2fa1-11e4-be66-806e6f6e6963} - "D:\ASRSetup.exe"
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Bildschirmschoner\matrix.scr [92214 2007-07-20] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{025F1B6B-5D51-485F-95DE-F9524C3060B7}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-04] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-08] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-04] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Extension: WhatsApp Panel - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default\extensions\whatsapppanel@alejandrobrizuela.com.ar.xpi [2016-01-07]
FF Extension: Tab Mix Plus - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-03-07]
FF Extension: FlashGot - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-03-17]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default\Extensions\langpack-de@Waterfox.mozilla.org.xpi [2014-08-29] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\w02eyui9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-24] [ist nicht signiert]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-09-15] (AOMEI Tech Co., Ltd.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-03-22] (LogMeIn, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-04] (Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2014-09-08] (Realtek Semiconductor)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-11-18] (IObit)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-09-29] (Intel(R) Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-02-26] () [Datei ist nicht signiert]
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [151480 2015-02-26] () [Datei ist nicht signiert]
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [17848 2015-02-26] () [Datei ist nicht signiert]
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
S3 cmnxusbser; C:\Windows\system32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
S3 cpuz138; C:\Users\Michael\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-02-24] (CPUID)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-02-03] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-03-22] (LogMeIn Inc.)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [125952 2014-06-16] (Intel Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [60408 2014-08-01] (NetFilterSDK.com)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2016-02-01] (Macrovision Europe Ltd) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 AsrSetupDrv; \??\C:\WINDOWS\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S4 RAMDiskVE; \SystemRoot\System32\Drivers\RAMDiskVE.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-26 14:50 - 2016-03-26 14:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-26 14:50 - 2016-03-26 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-03-26 14:50 - 2016-03-26 14:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-26 14:50 - 2016-03-26 14:50 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-03-26 14:50 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-03-26 14:50 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-26 14:50 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-03-26 14:40 - 2016-03-26 14:42 - 00000000 ____D C:\AdwCleaner
2016-03-26 12:44 - 2016-03-26 12:51 - 00226522 _____ C:\TDSSKiller.3.1.0.9_26.03.2016_12.44.46_log.txt
2016-03-26 12:36 - 2016-03-26 14:57 - 00000000 ____D C:\Users\Michael\Desktop\PC Bereinigung
2016-03-26 12:36 - 2016-03-26 14:57 - 00000000 ____D C:\FRST
2016-03-25 16:56 - 2016-03-25 16:56 - 00001009 _____ C:\Users\Michael\Desktop\Texmaker.lnk
2016-03-25 16:56 - 2016-03-25 16:56 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2016-03-25 16:56 - 2016-03-25 16:56 - 00000000 ____D C:\Program Files (x86)\Texmaker
2016-03-25 16:51 - 2016-03-25 16:51 - 00000073 _____ C:\Users\Michael\Documents\text.tex
2016-03-25 16:27 - 2016-03-25 16:30 - 00002231 _____ C:\Users\Michael\Documents\Lebenslauf.pdf
2016-03-25 16:19 - 2016-03-25 16:27 - 00001305 _____ C:\Users\Michael\Documents\Lebenslauf.bib
2016-03-25 14:41 - 2016-03-26 14:39 - 00000000 ___RD C:\Users\Michael\Documents\Bewerbungen
2016-03-25 14:02 - 2016-03-25 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-03-25 14:02 - 2016-03-25 14:02 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-03-24 17:23 - 2016-03-24 17:23 - 00001276 _____ C:\Users\Michael\Documents\test.pdf
2016-03-24 17:22 - 2016-03-24 17:30 - 00001276 _____ C:\Users\Michael\Documents\test.tex
2016-03-24 17:17 - 2016-03-24 17:17 - 00001276 _____ C:\Users\Michael\Documents\Lebenslauf2.tex
2016-03-24 17:11 - 2016-03-24 17:11 - 00000000 ____D C:\Users\Michael\AppData\Roaming\xm1
2016-03-24 16:52 - 2016-03-24 16:52 - 00000000 ____D C:\Users\Michael\AppData\Roaming\MiKTeX
2016-03-24 16:52 - 2016-03-24 16:52 - 00000000 ____D C:\Users\Michael\AppData\Local\MiKTeX
2016-03-24 16:52 - 2016-03-24 16:52 - 00000000 ____D C:\ProgramData\MiKTeX
2016-03-24 16:52 - 2016-03-24 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2016-03-24 16:51 - 2016-03-24 16:51 - 00000000 ____D C:\Program Files\MiKTeX 2.9
2016-03-24 16:36 - 2016-03-24 16:51 - 188503304 _____ (MiKTeX.org) C:\Users\Michael\Downloads\basic-miktex-2.9.5721-x64.exe
2016-03-24 16:31 - 2016-03-25 17:04 - 00001305 _____ C:\Users\Michael\Documents\Lebenslauf.tex
2016-03-24 16:22 - 2016-03-24 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2016-03-24 15:55 - 2016-03-24 16:05 - 59590516 _____ C:\Users\Michael\Downloads\texmakerwin3245_install.exe
2016-03-24 15:42 - 2016-03-24 15:43 - 00249197 _____ C:\Users\Michael\Documents\Deckblatt2.pdf
2016-03-24 15:41 - 2016-03-24 15:41 - 00249197 _____ C:\Users\Michael\Documents\Deckblatt.pdf
2016-03-24 15:15 - 2016-03-24 15:15 - 00000000 ____D C:\Users\Michael\AppData\Local\_3_
2016-03-24 15:15 - 2016-03-24 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator
2016-03-24 15:15 - 2016-03-24 15:15 - 00000000 ____D C:\Program Files (x86)\Passbild-Generator
2016-03-24 15:14 - 2016-03-24 15:14 - 03670848 _____ (Passbild-Generator ) C:\Users\Michael\Downloads\Setup4-Passbild-Generator.exe
2016-03-24 01:28 - 2016-03-24 01:28 - 00001496 _____ C:\Users\Michael\AppData\Local\recently-used.xbel
2016-03-23 00:21 - 2016-03-23 00:21 - 00009216 ___SH C:\Users\Michael\Downloads\Thumbs.db
2016-03-22 16:16 - 2016-03-22 16:16 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2016-03-11 23:50 - 2016-03-11 23:50 - 00025401 _____ C:\Users\Michael\Documents\Babas stutzen.odt
2016-03-10 15:06 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-10 15:06 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-10 15:06 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-10 15:06 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-10 15:06 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-10 15:06 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-03-10 15:06 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-10 15:06 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-03-10 15:06 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-10 15:06 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-03-10 15:06 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-03-10 15:06 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-10 15:06 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-03-10 15:06 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-10 15:06 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-03-10 15:06 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-10 15:06 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-03-10 15:06 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-03-10 15:06 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-10 15:06 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-10 15:06 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-03-10 15:06 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-10 15:06 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-03-10 15:06 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-10 15:06 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-03-10 15:06 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-03-10 15:06 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-03-10 15:06 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-03-10 15:06 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-03-10 15:06 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-03-10 15:06 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-10 15:06 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-03-10 15:06 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-10 15:06 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-03-10 15:06 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-10 15:06 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-03-10 15:06 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-03-10 15:06 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-03-10 15:06 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-10 15:05 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-03-10 15:05 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-10 15:05 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-03-10 15:05 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-03-10 15:05 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-03-10 15:05 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-03-10 15:05 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-03-10 15:05 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-03-10 15:05 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-03-10 15:05 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-03-10 15:05 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-03-10 15:05 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-03-10 15:05 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-03-10 15:05 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-03-10 15:05 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-03-10 15:05 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-03-10 15:05 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-10 15:05 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-03-10 15:05 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-03-10 15:05 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-03-10 15:05 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-03-10 15:05 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-10 15:05 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-10 15:05 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-10 15:05 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-10 15:05 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-03-10 15:05 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-03-10 15:05 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-10 15:05 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-10 15:05 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-10 15:05 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-10 15:05 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-10 15:05 - 2016-01-31 20:16 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-10 15:05 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-03-10 15:05 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-03-10 15:05 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-03-10 15:05 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-03-10 15:05 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-03-10 15:05 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-03-10 15:05 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-03-10 15:05 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-03-10 15:05 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-03-10 15:05 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2016-03-10 15:05 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-03-10 15:05 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-03-10 15:05 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-03-10 15:05 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2016-03-10 15:05 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2016-03-10 15:05 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2016-03-10 15:04 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-03-10 15:04 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-10 15:04 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-10 15:04 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-10 15:04 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-10 15:04 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-10 15:04 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-10 15:04 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-03-10 15:04 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-03-10 15:04 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-03-10 15:04 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-10 15:04 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2016-03-10 15:04 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-07 10:30 - 2016-03-07 10:30 - 00016333 _____ C:\Users\Michael\Documents\Die Stämme.odt
2016-03-02 10:21 - 2016-03-02 10:21 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-26 14:47 - 2014-03-18 11:04 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-26 14:47 - 2014-03-18 10:25 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-26 14:47 - 2014-03-18 10:25 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-26 14:47 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-03-26 14:43 - 2014-08-30 22:26 - 00000000 ____D C:\Users\Michael\AppData\Local\LogMeIn Hamachi
2016-03-26 14:42 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-26 12:10 - 2014-08-29 20:43 - 00000000 ____D C:\ProgramData\MFAData
2016-03-26 12:10 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-26 01:33 - 2014-08-29 21:05 - 00000000 _____ C:\Users\Michael\AppData\LocalLow\ChangeTaskbarRect
2016-03-25 21:29 - 2014-12-30 23:25 - 00000000 ____D C:\Users\Michael\AppData\Roaming\TS3Client
2016-03-25 20:43 - 2015-09-19 13:36 - 00000000 ____D C:\Users\Michael\AppData\Local\Origin
2016-03-25 20:43 - 2015-09-19 12:43 - 00000000 ____D C:\ProgramData\Origin
2016-03-25 17:26 - 2014-08-29 18:36 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3802420466-2463483923-4168562675-1001
2016-03-25 17:01 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-25 16:45 - 2016-01-13 23:36 - 00013237 _____ C:\Users\Michael\Documents\Training.odt
2016-03-25 16:36 - 2015-12-24 23:30 - 00000000 ____D C:\Users\Michael\AppData\Local\Warframe
2016-03-25 16:36 - 2014-08-30 09:36 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-25 01:58 - 2015-09-12 17:28 - 00000000 ____D C:\Users\Michael\.gimp-2.8
2016-03-24 21:23 - 2015-11-04 15:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-24 07:45 - 2015-04-04 09:01 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-03-24 07:45 - 2015-04-04 09:01 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-03-24 07:45 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-24 01:28 - 2015-09-12 17:30 - 00000000 ____D C:\Users\Michael\AppData\Local\gtk-2.0
2016-03-18 22:07 - 2014-09-05 12:41 - 00000000 ____D C:\Users\Michael\Documents\DCS
2016-03-11 22:54 - 2015-10-23 23:44 - 00000952 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-03-11 22:54 - 2014-08-29 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-11 21:03 - 2014-11-02 17:34 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-03-11 12:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-03-11 10:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-11 00:19 - 2013-08-22 15:44 - 00362848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-10 23:41 - 2015-04-15 22:51 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-10 20:14 - 2014-08-29 20:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-10 20:13 - 2014-08-29 20:34 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 07:19 - 2015-10-13 21:56 - 00000000 ____D C:\Users\Michael\AppData\Roaming\vlc
2016-03-08 08:00 - 2013-08-22 16:38 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-03 11:19 - 2015-04-02 21:04 - 00000000 ____D C:\Users\Michael\AppData\Local\ElevatedDiagnostics
2016-02-26 20:35 - 2015-05-17 16:46 - 00048640 ___SH C:\Users\Michael\Desktop\Thumbs.db
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-09-07 16:36 - 2016-01-30 22:08 - 1065984 _____ () C:\Users\Michael\AppData\Local\file__0.localstorage
2016-03-24 01:28 - 2016-03-24 01:28 - 0001496 _____ () C:\Users\Michael\AppData\Local\recently-used.xbel
2014-10-28 00:29 - 2015-10-16 19:42 - 0007602 _____ () C:\Users\Michael\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\avguirn_08199000839.exe
C:\Users\Michael\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-17 09:35
==================== Ende von FRST.txt ============================
Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Michael (2016-03-26 14:58:09)
Gestartet von C:\Users\Michael\Desktop\PC Bereinigung
Windows 8.1 Pro (X64) (2014-08-29 19:19:21)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3802420466-2463483923-4168562675-500 - Administrator - Disabled)
Gast (S-1-5-21-3802420466-2463483923-4168562675-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3802420466-2463483923-4168562675-1005 - Limited - Enabled)
Michael (S-1-5-21-3802420466-2463483923-4168562675-1001 - Administrator - Enabled) => C:\Users\Michael
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
AVG (Version: 16.51.7497 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4545 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.51.7497 - AVG Technologies)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.10.150607 - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5767 - CDBurnerXP)
Cities XL 2011 (HKLM-x32\...\Cities XL 2011) (Version: 1.0.0 - Focus Home Interactive)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DCS World (HKLM\...\DCS World_is1) (Version: 1.2.10.30996 - )
Drakonia Configurator (HKLM-x32\...\{A7B243AA-6D4C-4575-A873-6F01A1EFC5E2}}_is1) (Version: - )
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel Extreme Tuning Utility (HKLM-x32\...\{ffa8daa3-4912-4a4a-aac4-a0549064268b}) (Version: 5.1.1.25 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 5.1.1.25 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.420 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.420 - LogMeIn, Inc.) Hidden
Magic Duels (HKLM-x32\...\Steam App 316010) (Version: - Stainless Games Ltd.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 45.0.1 (x64 de) (HKLM\...\Mozilla Firefox 45.0.1 (x64 de)) (Version: 45.0.1 - Mozilla)
NetWorx 5.3.3 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Passbild-Generator v4.0a (HKLM-x32\...\Passbild-Generator_is1) (Version: - Passbild-Generator)
RAMDisk (HKLM-x32\...\{0FEB4B92-FA19-4417-B7A2-092D1F85A2FA}) (Version: 4.4.0.32 - Dataram, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16021.15 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16021.15 - Samsung Electronics Co., Ltd.) Hidden
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2529.2 - Hi-Rez Studios)
Sniper Elite 3 (HKLM-x32\...\Steam App 238090) (Version: - Rebellion)
Spotify (HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.6.0.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
TSDoctor (HKLM-x32\...\{849CD068-032E-4BB8-8FD1-BEE8557E908B}) (Version: 1.2.171 - Cypheros)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XMedia Recode Version 3.2.6.3 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.6.3 - XMedia Recode)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3802420466-2463483923-4168562675-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3802420466-2463483923-4168562675-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {159F560F-AF11-46BF-B914-5157B2EF165C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1C3DEE30-F409-43BA-9B5D-0DA34A356B32} - System32\Tasks\{745A9BCA-DD5A-4C59-A336-E1893ADA19B7} => pcalua.exe -a "E:\Flight Simulator 9\FS9.EXE" -d "E:\Flight Simulator 9"
Task: {2248812E-75B6-485F-B753-88E305906C2F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {25FA4403-0479-4722-BE0B-4E40E2096DE5} - System32\Tasks\1215avUpdateInfo => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe
Task: {74645B20-F443-4609-995A-D03285341F4C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-10] (Microsoft Corporation)
Task: {7D332E11-8D84-470C-92E2-AC120480B5E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {F52996CE-7877-4A31-A847-0B4E2E9D67D4} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-11-18] (IObit)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\1215avUpdateInfo.job => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00306904 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00241368 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00290520 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00122584 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00347864 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00028376 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00483032 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00069336 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00691928 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00077528 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00962264 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00282328 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00118488 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00155352 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2015-11-07 01:42 - 2015-02-26 00:00 - 02403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00253656 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2015-11-07 01:42 - 2015-09-15 17:56 - 00175832 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2014-08-29 20:52 - 2014-11-18 15:29 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-08-29 20:52 - 2014-11-18 15:29 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-08-29 20:52 - 2014-11-18 15:29 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-08-29 20:52 - 2014-11-18 15:30 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2015-10-23 23:38 - 2015-10-23 23:36 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2014-03-20 10:43 - 2014-03-20 10:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "NetWorx"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "GamingMouse"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3802420466-2463483923-4168562675-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3AB353E4-728E-4A78-9707-A8EDA6793495}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0AD4CB10-A4F5-452A-BC57-2FA478CEE014}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{05566540-1D9A-4622-A05F-90AB4E2CF648}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{3DC644F2-A726-4DC2-848B-4C4DA9FA4529}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{5BFE1203-5D6C-49D8-A100-C7D34B27F0C5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7EDB6832-E0A4-4813-A329-9316491AC950}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{77B773B1-5B5E-4A44-9738-FC0E6D53BE15}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2C3E0EFA-0855-4F7E-89B8-AEA7A54B7D5E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{F9E7057C-CD99-4901-9D25-E42994690C11}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB66CCC6-DDD9-4A3E-85D4-C22BC40A132F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5FE74CA8-F730-44E1-82AF-7303F25CD5D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A682C9B7-DFC9-4912-8BD5-9011C4080FA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{E421870B-BB34-4AF1-871C-18670EEB7FE9}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [UDP Query User{6C88B5A4-15BB-43FB-ABAF-A2DCD39452DF}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{D717D874-3D4F-468D-8B1E-AB57B79818FE}] => (Block) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{57E51E03-162B-4555-9EA0-A45029863997}] => (Block) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{827EC70D-647C-448E-887B-6DB9A214BFA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{7544E5B5-7F31-489D-8757-83B676A143D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{50CBC9BE-52C9-45EC-9E60-DB819B555170}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{483CD674-25A3-465A-AA93-464FD871061E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{8D236652-DBCB-40D9-B2F9-1955C2B2BF20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{92DAB45C-3C1E-44EA-B154-C24DDE8BB651}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{771B6CB7-5F37-4E61-A409-35C7544A2BBA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{4E77C06E-DD70-4866-8A4D-0D75107A785F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{BF5A9928-574C-40E7-9178-5D06BCC8C862}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{C5129DE5-766F-4ECF-8096-49776A972B81}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [TCP Query User{8D467CC9-D77C-4E27-8126-0D224A4A37C5}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [UDP Query User{76B3CFE1-1930-4492-BD96-B7BDF5218461}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [{6C9F77FC-4AE3-4415-A255-B722E8A6B49C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{3CF8E8D6-7798-4105-BB8E-A13CCF913FAB}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{76F2E3CF-2189-4385-A488-3216E1CF6FD4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{F3E03BC8-C6BD-4F25-ACB8-CB6BE9771602}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{2AA22A90-5300-4DF3-82FA-EC90538CA3E0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{BF3B9D8C-12E3-4B4A-BCB6-0F3F650CB6B0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{0C7C2AAE-A444-46E2-9B3F-01B978848623}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{CC92848B-63DB-461C-BA47-89FDB533A4B3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{7ABCEB2E-2E33-4E19-A7E2-632E551DF586}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{0843EC5B-9130-4CA1-B8B8-BB386A086B54}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{692C6AB0-365C-4F25-8C18-5F6779FF0FBD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{55D7405B-9594-4641-AAE4-70DF09291C52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{394C78E9-32B6-4B91-B3FA-789251423922}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{1311C908-31F3-4C28-BD64-AE9DE9F145E3}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [{D13DE7B0-5ADD-417E-B78E-25AFC1F37F8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{F5D99429-5A41-482E-8720-BFB1047A477D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{0AC5315A-BEFE-433A-8D8A-33AE81F5BE65}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{F42F2B6E-678F-48F8-8842-086C999DE067}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{DBCA4BE4-8294-43E8-9F98-A06C640341D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F87A1885-E6C2-4DCC-9DB8-78C588B3D0E0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{9DE3D22F-5E79-4B5B-8321-B54EC63C2588}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7E5A4E95-F341-4A47-9EEF-2CA48C1F71CF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7B15199F-78E9-417E-93FC-50DE36177355}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{75CF9D74-3F47-4D5B-9D6B-17ABAF5F75DC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B92D0F12-C8ED-4290-9462-98A5C2F6182B}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{7B30483B-BEA5-4D82-BCD6-46023AC83E42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{4D46FF85-934E-47D1-AD86-96ED938B01A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{9BE7E490-B996-44AE-9CE1-5B22568E538D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{62835FE5-9F56-4043-8E17-5DC2424CD60F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{9C0C5278-F7F4-4A30-8603-C35CE8B4EA21}C:\program files\cyberfox\cyberfox.exe] => (Block) C:\program files\cyberfox\cyberfox.exe
FirewallRules: [UDP Query User{1D842E54-20D4-45A9-A211-FB1C9208183D}C:\program files\cyberfox\cyberfox.exe] => (Block) C:\program files\cyberfox\cyberfox.exe
FirewallRules: [{E151F977-0384-4D65-88BD-FE384232E7F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{7448E7A8-AE61-49F0-8DFE-E7EA10930F5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [TCP Query User{3A6D30C7-74AF-4B3D-8472-37130FC9A435}C:\program files (x86)\soundwire server\soundwireserver.exe] => (Allow) C:\program files (x86)\soundwire server\soundwireserver.exe
FirewallRules: [UDP Query User{990E3AD5-B440-481B-ADD6-DDE1F6A5A66E}C:\program files (x86)\soundwire server\soundwireserver.exe] => (Allow) C:\program files (x86)\soundwire server\soundwireserver.exe
FirewallRules: [{BEED0C56-6FAC-4B7F-A8ED-678CD85881E5}] => (Block) C:\program files (x86)\soundwire server\soundwireserver.exe
FirewallRules: [{AA636880-F34D-4105-9E92-B95252EDC1C7}] => (Block) C:\program files (x86)\soundwire server\soundwireserver.exe
FirewallRules: [{30AE1ED9-B5E5-454C-B298-D0F47655021A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{627FA8A5-556E-4CC9-8EB3-4B30923D1163}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [TCP Query User{53016D7E-5F85-4208-92E8-B08E84E887FB}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{417AC56C-FFA1-41A8-B7B5-2FF44E7E14D1}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{71B54BB6-4966-4DDE-B8DC-92231DF0A47D}] => (Block) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{CC070EFB-FD03-4E69-8B8C-F4FD4ADE99D0}] => (Block) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4505DCDF-6616-4A6C-B58E-7798589A3AB9}C:\users\michael\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\michael\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6AB2D853-0D24-42EF-8100-77A5DA46F1C8}C:\users\michael\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\michael\appdata\roaming\spotify\spotify.exe
FirewallRules: [{23B1DEE7-24DD-4696-BE2C-7EE0832F398D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{EA703D83-48F4-4AE2-ACFF-D6DACA74FF0C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{790C92C6-741B-4D7F-BD8C-06EA0F1FB0E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{F39AB2B4-99B3-4C81-B204-C6AB4966D5AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{32FF8F68-8775-4034-8232-23457BA165F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{5F281C9C-23C2-4764-B16E-18DA0D7C5F0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{BD3CC288-C44A-4AFD-9F76-DB14ADA2C3A5}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{E01C903B-6E0D-4832-AF77-98BD41918A5C}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{73EEEC50-F2E9-40AF-90B2-347D2EF94B70}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{3A3256FC-D120-4B34-9C97-F09870E319E4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{13E9FF3B-0BA2-4BAC-9A9C-57AD52CE71BD}] => (Allow) C:\Program Files (x86)\Cypheros\TSDoctor\TSDoctor.exe
FirewallRules: [{F8FCF9FB-8266-4709-9D2A-E02D79B78059}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{342EED8C-DB72-48B1-964D-CF19E7789E69}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9F4F4401-2485-4948-B487-1600EE1F260B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{28FCD26E-262F-47F2-BED7-28A815FA871F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{4874DED0-38D8-41EE-B890-64423E2D281D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8A5A4938-4C4E-4133-B76E-E8B4144A4349}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{AD19A88B-3102-4652-AF71-A65AEEA22F17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{11A970CC-90F0-4291-8EA9-2DDD853C7F5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3532EA98-1A27-4029-BD8C-1B3F696C104D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{61D9CC84-E410-4D5A-8CD7-9DC17AD867E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{E911B7D7-5E7E-4CBD-A940-06C6F16425E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{2089F01F-946C-4690-BFB4-1723CF648BBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{4C94E88E-60E1-4645-8FF3-643D68FA44B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{DE26E5F8-B8E6-4CA3-A9FF-5A04541C38A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{BB94BC68-1078-4C5C-B8EC-E9E85F496C84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{48E6F1CF-FD79-47C4-8FEB-EFBF0914663A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{A4D21D1E-24E5-44A8-AB09-09BF41068FC8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DF654F67-4D5C-4041-B0D7-BEE9DDB744ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{901EADB5-3F10-4B55-B430-A9DDD855C518}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1AEECEE9-F22D-4241-84D1-6541ECC59E15}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FD6D2E71-5E02-4A89-8230-38A5E269CBFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{85D24835-56E6-4B39-A446-70FF4F69C623}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2E87D614-7D76-4131-A148-6187F176EF6C}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{A480AC7A-D36E-4713-A0C2-8364DA34C367}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{CA9765D2-8693-430F-83C4-33E601133ACD}] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{90F2E2BF-B1F8-43FA-86E1-E333D1A8F81E}] => (Block) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{2715D736-1B1E-4BF3-9A9E-99244E8C0952}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{E1DFBC74-7A10-429C-8CA0-A2912918D223}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{08784086-33C0-470E-8225-1AAD158B923D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{4032A4D6-9634-4A18-884F-00FB217F4CAB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{0B89EDCE-D5D6-41E6-85DB-507D5F7C0644}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{D69BC4B0-21CB-448D-9BC7-D7EE5CC10799}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{237D3116-F82A-4709-A0DD-555A7A0DC40C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{45BAD807-0CFE-411D-9860-348EEFE55578}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
==================== Wiederherstellungspunkte =========================
10-03-2016 20:11:25 Windows Update
19-03-2016 16:18:44 Geplanter Prüfpunkt
24-03-2016 07:45:31 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/26/2016 02:43:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5ec
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (03/26/2016 12:08:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5f0
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (03/25/2016 09:30:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm game.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 165c
Startzeit: 01d186cf50642db3
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\game.exe
Berichts-ID: 67c3fef5-f2c8-11e5-822c-d050992aab1a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/25/2016 08:47:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm game.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f00
Startzeit: 01d186ceca5ac40f
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\game.exe
Berichts-ID: 74e17ec7-f2c2-11e5-822c-d050992aab1a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/25/2016 05:02:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5cc
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (03/25/2016 03:58:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 954
Startzeit: 01d186964f6267bd
Endzeit: 0
Anwendungspfad: C:\WINDOWS\Explorer.EXE
Berichts-ID: ee36783e-f299-11e5-822b-d050992aab1a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/25/2016 02:01:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5e8
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (03/24/2016 07:45:32 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/20/2016 09:08:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5f0
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (03/19/2016 08:43:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3907, Zeitstempel: 0x53e0fb5e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000172b9
ID des fehlerhaften Prozesses: 0x5e4
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Systemfehler:
=============
Error: (03/26/2016 02:43:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%2147500037
Error: (03/26/2016 02:42:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (03/26/2016 02:42:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/26/2016 02:42:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Integrated Clock Controller Service - Intel(R) ICCS" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/26/2016 02:42:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Extreme Tuning Utility Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/26/2016 02:42:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/26/2016 02:42:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel® ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/26/2016 02:42:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/26/2016 02:42:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/26/2016 02:42:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-03-26 14:43:02.822
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 14:43:02.666
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 14:43:02.463
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 14:42:38.405
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:53.890
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:53.739
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:51.162
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:50.098
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:49.950
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-26 12:10:49.801
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8142.66 MB
Verfügbarer physikalischer RAM: 5865.68 MB
Summe virtueller Speicher: 9422.66 MB
Verfügbarer virtueller Speicher: 6302.96 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:238.13 GB) (Free:27.6 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 77B15244)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
26.03.2016, 21:08
| #7 |
| /// Malwareteam | versteckte Treiber entdeckt-PC teilweise stark verlangsamtESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
27.03.2016, 12:20
| #8 |
| | versteckte Treiber entdeckt-PC teilweise stark verlangsamtCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e1ddc9c1b270e3408dcb8acb124cec95
# end=init
# utc_time=2016-03-27 10:39:04
# local_time=2016-03-27 12:39:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 28772
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e1ddc9c1b270e3408dcb8acb124cec95
# end=updated
# utc_time=2016-03-27 10:44:36
# local_time=2016-03-27 12:44:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=e1ddc9c1b270e3408dcb8acb124cec95
# engine=28772
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-03-27 11:14:49
# local_time=2016-03-27 01:14:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 19568384 50484667 0 0
# scanned=308005
# found=2
# cleaned=0
# scan_time=1813
sh=1E1FCD6CFB2CB8758ABB930E26A270C22B9E6666 ft=1 fh=6f0e1c2c7239cffc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\Audiograbber - CHIP-Installer.exe"
sh=0F1A977C003F505F4E079F13842CE5454ECB6B39 ft=1 fh=b4a412ddf4cf1e55 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Michael\Downloads\SoundWire - CHIP-Installer.exe"
|
|
28.03.2016, 01:01
| #9 |
| /// Malwareteam | versteckte Treiber entdeckt-PC teilweise stark verlangsamt Bitte pass auf, wenn du von Chip oder anderen Portalen Software laden möchtest:  Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
28.03.2016, 15:20
| #10 |
| | versteckte Treiber entdeckt-PC teilweise stark verlangsamt Bisher nicht nochmal vielen Dank ! Ja ich installiere nach Möglichkeit manuell, früher war Chip mal seriös -.- Hatte ich jetzt eig. Malware im System ? |
|
29.03.2016, 02:21
| #11 |
| /// Malwareteam | versteckte Treiber entdeckt-PC teilweise stark verlangsamt Also während wir hier bereinigt haben, haben wir keine Malware entfernt. Was dein AV da genau gemacht hat bzw. wie gefährlich das war, kann ich nicht beurteilen. Diese Kategorie von Funden ist aber tendenziell schwerwiegend, wenn es wirklich etwas war. Um 100% sicher zu gehen, könntest/solltest du wie unten erwähnt deine sicherheitsrelevanten Passwörter ändern - ich persönlich habe keine aktiven Anzeichen von gefährlicher Schadsoftware auf deinem PC gesehen, das war aber ja auch nach der Aktion durch deinen AV. Die Logs von deinem Rechner sehen jetzt für mich sauber aus: Herzlichen Glückwunsch - du bist Clean  Zum Schluss müssen wir noch etwas aufräumen und ich gebe dir ein paar Hinweise mit auf den Weg: Wichtig: Entfernen der verwendeten Tools Die Reihenfolge ist hier entscheidend.
Malwarebytes Anti-Malware und  ESET kannst du als Ergänzung zu deiner bestehenden Antivirus-Lösung auf dem Computer belassen und deinen Computer damit regelmäßig scannen. Persönliche Empfehlungen Das wichtigste zu erst:
Schutz vor unerwünschter Software Adware ist zu einer Art permanenten Bedrohung geworden, weil immer mehr Programme versuchen, einem beim Installieren noch was anderes unterzujubeln - und wie schnell hat man da ein Häkchen übersehen? Darum: pass auf, wenn du dir Software aus dem Internet herunterlädst! Viele Portale im Internet wie Chip, Softonic und Sourceforge versuchen häufig, dir Adware oder sonstige Downloader mit unerwünschten Programmen unterzujubeln. Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal, wie von FilePony.de. Lese dir dazu auch folgenden Artikel durch: CHIP-Installer - was ist das? - Anleitungen Selbst wenn du ein Programm von einer seriösen Quelle heruntergeladen hast, ist das keine Garantie, dass dein Programm nicht doch versucht, unerwünschte Änderungen an deinem Computer vorzunehmen. So versuchen immer mehr Programme, durch modifizierte Installationsroutinen unerwünschte Programme mit auf deinen PC zu schleusen. Das klappt leider auch häufig, weil viele Anwender nicht lesen, was auf dem Bildschirm steht und stattdessen schnell durchklicken. Deshalb: Wenn du ein Programm installierst, wähle immer die benutzerdefinierte Installation und schaue, was du da gerade eigentlich alles mit einem Klick auf "Ok" oder "Weiter" abnickst - entferne entsprechend die Haken bei Dingen, die du nicht möchtest. Wer lesen kann, ist klar im Vorteil! Benutze keine Optimizer, Cleaner oder sonstige SpeedUp Wunder, da diese Tools fast nie einen auch nur messbaren Performancegewinn bringen. Du kannst jedoch regelmäßig auf deinem PC die Datenträgerbereinigung ausführen, so gewinnst du belegten Speicherplatz zurück. Aktiviere in deiner Virenschutzlösungen den "Schutz vor potentiell unerwünschter Software", um dich bestmöglich zu schützen. Guter Trick: Wenn du den kostenlosen Windows Defender benutzt (ab Windows 8), kannst du einen vergleichbaren Schutz durch einen kleinen Trick auch nutzen! Lese dazu folgenden Artikel um dich mehr zu informieren: Windows mit verstecktem Adware-Killer Zum aktivieren dieses "Tricks" lade einfach nur diese Datei und führe sie aus: MpEnablePlus.reg Tipps, um dein System sicherer zu machen Halte immer deine Plug-ins und Software, insbesondere deinen Browser aktuell. Deinstalliere wenn möglich Java und den Adobe Flashplayer von deinem Computer. Neuerdings benötigt man sie fast nie mehr und stellen darum nur mehr eine unnötige Sicherheitslücke auf deinem Computer dar. Wenn du sie doch unbedingt benötigst, halte sie aber unbedingt aktuell. Weiters kannst du dir  Malwarebytes Anti-Exploit installieren. Es schützt gegen viele aktuelle Sicherheitslücken und erhöht so deine Sicherheit. Passwörter Ändere regelmäßig deine Passwörter! Zudem musst du sichere Passwörter benutzen, das bedeutet: mindestens 8 Zeichen, Groß- und Kleinbuchstaben und Sonderzeichen. Ganz wichtig: benutze pro Account ein anderes Passwort! Tipp: Benutze einen Spruch, den du dir leicht merken kannst, als Hilfe für ein Passwort! Zum Beispiel: Der Himmel ist blau und wenn es regnet?-grau ==> DHibuwer?-grau Unterstütze uns und empfiehl uns weiter Du kennst Freunde und Bekannte, die Probleme mit ihrem Computer haben? Schick sie doch zu uns auf das Trojaner Board, wir helfen gerne Wenn du uns mit einer Spende unterstützen möchtest, freuen wir uns sehr und dies kannst du hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html Herzlichen Dank dafür  Wir machen diese Tätigkeit hier freiwillig, darum freue ich mich besonders über ein kurzes Danke, wenn du mit mir zufrieden warest oder sonst über Verbesserungsvorschläge - das kannst du gerne hier machen Besuche und like unsere Facebook-Seite!  Danke für deine Mitarbeit und alles Gute! Bitte gib mir Bescheid, wenn du das alles gelesen hast und du keine weiteren Fragen mehr hast.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
30.03.2016, 21:19
| #12 |
| | versteckte Treiber entdeckt-PC teilweise stark verlangsamt Erstmal Entschuldigung, dass ich mich jetzt erst melde. Dann waren die Störungen im Explorer wohl eher Zufall, naja sie sind weg also ist es mir egal  Ist der Win Defender besser als AVG ?? Zu den vorgeschlagenen Scannern: Emsisoft Internet Security -> permanenter Kauf ESET -> Key für 1 Jahr Stimmt das so ? Wie unterscheiden sich die Programme (Vor-/Nachteile) ? AVG wird glaube vorgeworfen, mein Surfverhalten zu spähen...das relativiert sich spätestens wenn ich Win10 installiere^^. Gilt die Cleaner-Warnung auch für den guten, alten CCleaner ? Mit dem mach ich manchmal den Chache leer (von der Registry halte ich mich lieber fern )Nochmal vielen Dank! |
|
30.03.2016, 21:59
| #13 | ||
| /// Malwareteam | versteckte Treiber entdeckt-PC teilweise stark verlangsamt Defender ist nicht "besser" - nur spähen sie nicht dein Browserverhalten aus, wie du selber erwähnt hast. Per se sicher kein schlechter AV. Zitat:
Dass AVG mit Windows 10 gleichzusetzen ist, beantworte ich jetzt mal nicht ^^ Wie sich die AVs unterschieden auch nicht, wenn du magst kannst du im entsprechenden Bereich vom Forum ein Topic erstellen, wo du dann einen Glaubenskrieg entfachen kannst Nur soviel, Eset, Emsisoft und dergleichen kann ich mit bestem Gewissen empfehlen. Zitat:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
30.03.2016, 22:33
| #14 |
| | versteckte Treiber entdeckt-PC teilweise stark verlangsamt Bei ESET bezahle ich und bekomme für 1 Jahr ein AV. Meine Frage ist, ob ich mei Emisisoft länger (als ein Jahr) was von meinem Geld habe. War Schüler und bald bin ich Student -> chronisch Pleite^^. Nicht dass dich AVG oder MS noch verklagt  Wollte damit nur ausdrücken, dass es mir egal sein kann wer meine Daten verkauft (ist allgemeiner ) |
|
30.03.2016, 22:50
| #15 |
| /// Malwareteam | versteckte Treiber entdeckt-PC teilweise stark verlangsamt Ich persönlich glaube nicht, dass Microsoft personenbezogene Daten verkauft, is aber auch alles eine Frage der Definition.  Dass Daten in irgendeiner Art zur Optimierung genutzt werden, muss man ja auch teilweise als Entwickler... Als armer Schüler würde ich mich mit dem Defender begnügen Hat auch die wenigsten nervigen Popups  Lies dir meinen Teil in den Tips zum Defender durch, durch den aktivierten PUP Schutz hast du ein absolut vollwertiges und ausreichendes Produkt
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu versteckte Treiber entdeckt-PC teilweise stark verlangsamt |
| analyse, angeblich, angezeigt, antivirus, avg, c:\windows, classic, entdeck, entfernt, free, guten, hardware, kleine, morgen, neustart, power, probleme, ram, relativ, sekunden, system, system32, treiber, versteckte, windows |
Defender zu benutzen. Solltest du noch Windows 7 verwenden, verwende als kostenlose Lösung die 
Microsoft Security Essentials. 
Linear-Darstellung
