| |
| |||||||
Log-Analyse und Auswertung: STarke Verlangsamung seit den letzten WochenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
15.04.2016, 15:17
| #1 |
 |  STarke Verlangsamung seit den letzten Wochen Servus liebe Trojaner-Board-Community, ich wende mich an euch, da ich in letzter Zeit mit meinem sehr langsamen Notebook zu kämpfen habe. Ich brauche diesen PC für die Schule momentan sehr oft und es ist wirklich der Horror geworde. Vor ein paar Wochen hatte ich solche Probleme noch nicht- Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Marvin (Administrator) auf MARVIN-PC (15-04-2016 16:05:36)
Gestartet von C:\Users\Marvin\Downloads
Geladene Profile: Marvin (Verfügbare Profile: Marvin & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Spotify Ltd) C:\Users\Marvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIKE.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...\Run: [Spotify Web Helper] => C:\Users\Marvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-03-30] (Spotify Ltd)
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...0c966feabec1\InprocServer32: [Default-shell32] <==== ACHTUNG
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...A8F59079A8D5}\localserver32: <==== ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2A94E516-2DE9-4155-BD74-533A45A480A3}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{917C8FB1-DBBD-4071-BBA1-49971A587E96}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000 -> {15C7BFC0-F1C1-47CC-8919-40ADF62BC32A} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000 -> {20895885-F6C2-4F7C-8CC8-D479174AF432} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000 -> {7362F9F6-8A85-40E9-9B9A-D19771FEE9C8} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000 -> {75139871-6B72-40A6-BCD2-F2E1BBEFBC2D} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-14] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-14] (Oracle Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\pj1kto0f.default-1435725644758
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-08-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-08-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2012-07-06] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-26] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2545573064-1671415295-1629012448-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marvin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2545573064-1671415295-1629012448-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marvin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2545573064-1671415295-1629012448-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marvin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-08-20] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-06-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-06-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-06-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-06-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-06-11] (Apple Inc.)
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-04-30] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-02]
CHR Extension: (Google Docs) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-02]
CHR Extension: (Google Drive) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Adblock Plus) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-12]
CHR Extension: (Google-Suche) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Tabellen) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-02]
CHR Extension: (Google Docs Offline) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Skype) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-26]
CHR Extension: (Ghostery) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (ScriptSafe) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2015-07-05]
CHR Extension: (Google Mail) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-02]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
StartMenuInternet: Google Chrome.IAXQ5T3223REKSPIGQKFT7RRYQ - C:\Users\Marvin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S4 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-05-29] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-07] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [43664 2015-05-17] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [Datei ist nicht signiert]
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-10-21] (Windows (R) 2003 DDK 3790 provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S0 giix; System32\drivers\yixph.sys [X]
U2 V2iMount; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-15 16:05 - 2016-04-15 16:06 - 00022843 _____ C:\Users\Marvin\Downloads\FRST.txt
2016-04-15 16:05 - 2016-04-15 16:05 - 02375168 _____ (Farbar) C:\Users\Marvin\Downloads\FRST64.exe
2016-04-15 16:05 - 2016-04-15 16:05 - 00000000 ____D C:\FRST
2016-04-13 17:22 - 2016-04-14 14:36 - 00672256 _____ C:\Users\Marvin\Desktop\Naturraumanalyse -Russland2.ppt
2016-04-13 16:55 - 2016-04-15 00:07 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Diercke Weltatlas digital
2016-04-13 16:55 - 2016-04-13 16:55 - 00000000 ____D C:\Users\Marvin\Documents\Diercke Weltatlas digital
2016-04-13 16:25 - 2016-04-13 16:25 - 00002107 _____ C:\Users\Public\Desktop\Diercke Weltatlas digital.lnk
2016-04-13 16:25 - 2016-04-13 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diercke Weltatlas digital
2016-04-13 16:24 - 2016-04-13 16:25 - 00000000 ____D C:\Program Files (x86)\Diercke Weltatlas digital
2016-04-13 16:24 - 2016-04-13 16:24 - 00000000 ____D C:\Users\Public\Documents\Diercke Weltatlas digital
2016-04-13 16:13 - 2016-04-13 21:02 - 00000000 _____ C:\Users\Marvin\Documents\dgo_debug.txt
2016-04-13 16:13 - 2016-04-13 16:25 - 00000000 ____D C:\Users\Marvin\Documents\Diercke Globus Online
2016-04-13 16:12 - 2016-04-13 16:25 - 00002017 _____ C:\Users\Public\Desktop\Diercke Globus Online.lnk
2016-04-13 16:12 - 2016-04-13 16:25 - 00001141 _____ C:\Users\Public\Desktop\Diercke Globus Online - Whiteboard.lnk
2016-04-13 16:12 - 2016-04-13 16:25 - 00000000 ____D C:\Program Files (x86)\ImagonShared
2016-04-13 16:12 - 2016-04-13 16:25 - 00000000 ____D C:\Program Files (x86)\Diercke Globus Online
2016-04-13 16:12 - 2016-04-13 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diercke Globus Online
2016-04-13 11:06 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-04-13 11:06 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-04-13 11:06 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-04-13 11:06 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-13 11:06 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-04-13 11:06 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-13 11:06 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-04-13 11:06 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-04-13 11:06 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-04-13 11:06 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-04-13 11:06 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-04-13 11:06 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-04-13 11:06 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-04-13 11:06 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-04-13 11:06 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-04-13 11:06 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-04-13 11:06 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-04-13 11:06 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-13 11:06 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-04-13 11:06 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-04-13 11:06 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-04-13 11:06 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-04-13 11:06 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-04-13 11:06 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-13 11:06 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-04-13 11:06 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-04-13 11:06 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-04-13 11:06 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-04-13 11:06 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-04-13 11:06 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-04-13 11:06 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-04-13 11:06 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-13 11:06 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-04-13 11:06 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-04-13 11:06 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-04-13 11:06 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-04-13 11:06 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-04-13 11:06 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-04-13 11:06 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-04-13 11:06 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-04-13 11:06 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-13 11:06 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-04-13 11:06 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-04-13 11:06 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-04-13 11:06 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-04-13 11:06 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-04-13 11:06 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 11:06 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-04-13 11:06 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-04-13 11:06 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-04-13 11:06 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-04-13 11:06 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-04-13 11:06 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-04-13 11:06 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-04-13 11:06 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-13 11:06 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-13 11:06 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-13 11:06 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-04-13 11:06 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-04-13 11:06 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-04-13 11:06 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-04-13 11:06 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-04-13 11:06 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-04-13 11:06 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-04-13 11:06 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 11:06 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 11:06 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 11:06 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 11:06 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-04-13 11:06 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-04-13 11:06 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-04-13 11:06 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-04-13 11:06 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-13 11:06 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-13 11:06 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-13 11:06 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-04-13 11:06 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-04-13 11:06 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-04-13 11:06 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-04-13 11:06 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-04-13 11:06 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-13 11:06 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-13 11:06 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-13 11:06 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-13 11:06 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2016-04-13 11:06 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-04-13 11:06 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2016-04-13 11:06 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-04-13 11:06 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-04-13 11:06 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-04-11 21:46 - 2016-04-11 21:46 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2016-04-07 22:26 - 2016-04-07 22:26 - 05934784 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2016-03-26 11:09 - 2016-03-26 11:09 - 00000000 ____D C:\Users\Marvin\AppData\Local\SSScan
2016-03-23 13:13 - 2016-03-23 13:34 - 00000000 ____D C:\Kontakte
2016-03-23 12:51 - 2016-03-23 12:51 - 00000000 ____D C:\Program Files (x86)\MSECache
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-15 16:03 - 2011-07-21 21:18 - 00765838 _____ C:\windows\system32\perfh007.dat
2016-04-15 16:03 - 2011-07-21 21:18 - 00175036 _____ C:\windows\system32\perfc007.dat
2016-04-15 16:03 - 2009-07-14 07:13 - 01807338 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-15 16:03 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-04-15 16:02 - 2016-02-26 21:03 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-15 16:02 - 2012-03-29 16:21 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-15 07:33 - 2009-07-14 06:45 - 00028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-15 07:33 - 2009-07-14 06:45 - 00028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-15 07:27 - 2016-02-26 21:03 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-15 07:04 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-14 14:18 - 2011-12-31 01:17 - 00000000 ____D C:\Users\Marvin\Desktop\Sonstiges
2016-04-14 13:08 - 2012-01-15 13:41 - 00000000 ____D C:\windows\System32\Tasks\Games
2016-04-14 04:43 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-04-14 03:42 - 2015-05-15 20:03 - 05043400 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-14 03:39 - 2014-12-13 19:23 - 00000000 ____D C:\windows\system32\appraiser
2016-04-14 03:19 - 2013-07-25 14:56 - 00000000 ____D C:\windows\system32\MRT
2016-04-14 03:06 - 2011-12-25 11:53 - 135176864 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-04-14 01:45 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-04-13 21:11 - 2015-07-03 23:16 - 00000000 ____D C:\Users\Marvin\AppData\Local\CrashDumps
2016-04-13 17:19 - 2015-05-18 20:36 - 00000000 ____D C:\Users\Marvin\AppData\Local\Spotify
2016-04-13 17:13 - 2014-05-04 14:06 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Spotify
2016-04-13 17:08 - 2015-07-25 23:38 - 00000000 ____D C:\Users\Marvin\Documents\Outlook-Dateien
2016-04-13 17:07 - 2016-02-26 20:37 - 00000000 ____D C:\Users\Marvin\AppData\Local\9345BA89-20BA-4AE0-89F3-CC622066C156.aplzod
2016-04-13 16:50 - 2011-12-24 20:18 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple Computer
2016-04-13 16:34 - 2015-12-24 20:16 - 00000000 ____D C:\Program Files\iTunes
2016-04-11 22:10 - 2016-02-26 21:05 - 00002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-11 22:10 - 2016-02-26 21:05 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 21:46 - 2015-10-17 19:49 - 00001213 _____ C:\Users\Marvin\Desktop\iPhone Backup Extractor.lnk
2016-04-07 22:26 - 2012-03-29 16:21 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 22:26 - 2012-03-29 16:21 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 22:26 - 2011-12-25 01:01 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-27 04:00 - 2015-04-05 00:46 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-03-27 04:00 - 2015-04-05 00:46 - 00000000 ___SD C:\windows\system32\GWX
2016-03-26 11:06 - 2014-03-07 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-03-26 11:06 - 2014-03-07 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-03-26 10:57 - 2013-09-18 13:42 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Epson
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-01-23 15:58 - 2012-01-29 18:26 - 0000600 _____ () C:\Users\Marvin\AppData\Roaming\winscp.rnd
2015-07-26 12:57 - 2015-07-26 12:57 - 0000854 _____ () C:\Users\Marvin\AppData\Local\recently-used.xbel
2015-08-26 10:54 - 2015-08-26 10:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2011-12-26 01:52 - 2011-12-26 01:52 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-09-17 18:04 - 2012-12-05 19:42 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2012-09-17 18:04 - 2012-12-05 19:44 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2012-09-17 18:03 - 2012-09-17 18:12 - 0000000 ____H () C:\ProgramData\PKP_DLeu.DAT
2012-09-17 18:04 - 2012-12-05 19:44 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
2011-07-21 06:19 - 2011-07-21 06:20 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-07-21 06:11 - 2011-07-21 06:12 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-07-21 06:16 - 2011-07-21 06:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-07-21 06:12 - 2011-07-21 06:16 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-07-21 06:17 - 2011-07-21 06:19 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Einige Dateien in TEMP:
====================
C:\Users\Marvin\AppData\Local\Temp\drfone_full1284.exe
C:\Users\Marvin\AppData\Local\Temp\RegAsm.exe
C:\Users\Marvin\AppData\Local\Temp\UpdaterCopy.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-08 00:47
==================== Ende von FRST.txt ============================
|
|
15.04.2016, 15:19
| #2 |
| | STarke Verlangsamung seit den letzten Wochen Hier der Rest, da ich die maximale Zeichenlänge knapp überschritten habe
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Marvin (2016-04-15 16:07:10)
Gestartet von C:\Users\Marvin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-25 00:03:38)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2545573064-1671415295-1629012448-500 - Administrator - Disabled)
Gast (S-1-5-21-2545573064-1671415295-1629012448-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2545573064-1671415295-1629012448-1002 - Limited - Enabled)
Marvin (S-1-5-21-2545573064-1671415295-1629012448-1000 - Administrator - Enabled) => C:\Users\Marvin
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Disabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Disabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AVG 2013 (Version: 13.0.2641 - AVG Technologies) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Diercke Globus Online (HKLM-x32\...\Diercke Globus Online) (Version: 3.1.1 - Imagon GmbH)
Diercke Weltatlas digital (HKLM-x32\...\Diercke Weltatlas digital) (Version: 1.0.676.21279 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Download Navigator (HKLM-x32\...\{04A86A16-2082-46EE-8AD2-9A6FDC96DD27}) (Version: 3.3.0 - SEIKO EPSON CORPORATION)
Elements 9 Organizer (x32 Version: 9.0 - Ihr Firmenname) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson E-Web Print (HKLM-x32\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-302 303 305 306 Series Printer Uninstall (HKLM\...\EPSON XP-302 303 305 306 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GDR 5520 für SQL Server 2008 (KB 2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 für SQL Server 2008 (KB 3045305) (64-bit) (HKLM\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
iBackupBot 5.3.7 (HKLM-x32\...\iBackupBot) (Version: 5.3.7 - VOWSoft, Ltd.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
iPhone Backup Extractor (HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...\iPhone Backup Extractor) (Version: 6.0.7.832 - Reincubate Ltd)
iPhone Backup Extractor (x32 Version: 6.0.7.832 - Reincubate Ltd) Hidden
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
jahPlayer (HKLM-x32\...\jahPlayer) (Version: - )
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
K-Lite Codec Pack 5.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.2.0 - )
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{F43ADE73-2880-4A95-B995-4FE386ECF667}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
msxml4 (HKLM-x32\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.1 - )
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...\CopyTrans Suite) (Version: 4.004 - WindSolutions)
OpenLibraries (HKLM-x32\...\OpenLibraries) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Samsung Control Center (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.3 - Samsung)
Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...\Spotify) (Version: 1.0.25.127.g58007b4c - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
TuneUp Companion 2.2.7 (HKLM-x32\...\TuneUpMedia) (Version: 2.2.7 - TuneUp Media, Inc.)
TuneUp Utilities Language Pack (en-US) (x32 Version: 13.0.2013.194 - TuneUp Software) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wisdom-soft AutoScreenRecorder 3.1 Free (HKLM-x32\...\Wisdom-soft AutoScreenRecorder 3.1 Free) (Version: - Wisdom Software Inc.)
Wondershare Dr.Fone für iOS(Build 6.7.1.21) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 6.7.1.21 - Wondershare Software Co.,Ltd.)
WordCaptureX Pro (HKLM-x32\...\{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}) (Version: 4.0.0 - Deskperience)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{0037AC54-E32B-4ACA-9864-09F869AA82FE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{05589F80-C356-11CE-BF01-00AA0055595A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{060AF76C-68DD-11D0-8FC1-00C04FD9189D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{0bf754aa-c967-445c-ab3d-d8fda9bae7ef}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{12594540-9B58-4FE9-A7EA-8A10F641B049}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{1643E180-90F5-11CE-97D5-00AA0055595A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{17CCA71B-ECD7-11D0-B908-00A0C9223196}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{1A8766A0-62CE-11CF-A5D6-28DB04C10000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{1E651CC0-B199-11D0-8212-00C04FC32C45}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{247161C5-995C-4097-9FF4-655DC6D12DB5}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{33156164-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{33156168-81D6-11D3-8006-00C04FA30A73}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{33D9A762-90C8-11D0-BD43-00A0C911CE86}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{447AC255-CE81-43AD-9827-AFDDB1561B07}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{505C2E67-8615-4CA9-9B57-48CF6EE696FD}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{5908297F-1B90-4C81-8B9D-CAFB1808C432}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{5BB4BE4A-09B3-4689-BB4B-6F33E1E82797}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{632B606A-BBC6-11D2-A329-006097C4E476}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{637E3E39-462F-477E-9DAF-F07B9B1C00D2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{6A2E0670-28E4-11D0-A18C-00A0C9118956}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{6BC1CFFA-8FC1-4261-AC22-CFB4CC38DB50}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{70E102B0-5556-11CE-97C0-00AA0055595A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{720D4AC0-7533-11D0-A5D6-28DB04C10000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{7B4A83B6-F704-4B77-8E3D-C6087E3A21D2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{7D8AA343-6E63-4663-BE90-6B80F66540A3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{7E320092-596A-41B2-BBEB-175D10504EB6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{877E4351-6FEA-11D0-B863-00AA00A216A1}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{89798CA1-701C-4633-B553-AC73E3424520}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{8D52AA2E-40BE-46D7-8F36-DB7B0F636824}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{8E849609-C7E8-4EC7-8BD3-D55E871A340D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{91A52FB4-15AF-43A7-90C9-3A72DF68A01A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{91A52FB8-15AF-43A7-90C9-3A72DF68A01A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{94E15FA1-68AF-4281-A67C-7D5A086169F2}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{99D54F63-1A69-41AE-AA4D-C976EB3F0713}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{A5AC04E7-3E13-48CE-A43F-9FBA59DB1544}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{A9B377B6-7D6F-4F37-B208-2AF6DC85E608}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{AB37E6C0-194D-4C33-A924-5178414DEB98}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{AB406AAC-2B2B-11D3-B36B-00C04F6108FF}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{AF02484C-A0A9-4669-9051-058AB12B9195}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{BF87B6E1-8C27-11D0-B3F0-00AA003761C5}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{C1AB3D89-6973-45A6-AA44-09CEBBF872E5}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{C6E13343-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{C6E13344-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{C6E13350-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{C6E13360-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{C6E13370-30AC-11D0-A18C-00A0C9118956}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{C7657C4A-9F68-40FA-A4DF-96BC08EB3551}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{CC58E280-8AA1-11D1-B3F1-00AA003761C5}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{CDA42200-BD88-11D0-BD4E-00A0C911CE86}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{CFC399AF-D876-11D0-9C10-00C04FC99C8E}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{D23B90D0-144F-46BD-841D-59E4EB19DC59}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{D5DC4B7F-786B-42B7-B83B-FE1B5FC15E2C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{DF0AD8E0-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{DF0AD8E1-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{DF0AD8E3-F91C-4109-AE46-1EAA5CD8AB08}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{E05592E4-C0B5-11D0-A439-00A0C9223196}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{E297AB5E-40B0-41BD-9E06-E4144084EE5F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{E30629D2-27E5-11CE-875D-00608CB78066}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{E3DC6D1E-50E6-469D-818E-CD3FE8E24CF6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{E436EBB1-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{E436EBB3-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{F7FFE0A0-A4F5-44B5-949E-15ED2BC66F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{FCC970B8-86D5-4A30-AC33-B76679BDF970}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000_Classes\CLSID\{FF8F1D65-AD2B-47F1-9E71-66B7D35E3852}\InprocServer32 -> kein Dateipfad
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {11EE5FD4-E46E-4D3E-BE64-5D42B308EC2F} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-01-12] (Samsung Electronics)
Task: {146831AB-977B-4466-A37C-8132E2964E9C} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Samsung Control Center\EBM\EasyBatteryMgr4.exe [2011-05-09] (SAMSUNG Electronics co., LTD.)
Task: {197AB0E6-09EB-48CA-A83F-35DD5C94EC16} - System32\Tasks\{C183DF6C-42C2-44E2-AB22-AD47C67E1724} => C:\Program Files (x86)\iPhoneBrowser\iPhoneBrowser.exe
Task: {24B9B3AC-9A92-4DC7-BDBC-2BE32EE60A00} - System32\Tasks\{66D3EC76-D9DC-48A8-9D96-C7630F815A91} => C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
Task: {3B6F8322-2B61-43CA-A4BE-906F1A4DF823} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {4E481420-08F6-4F19-AB66-A4BA5205FFDC} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {61C77078-5BCC-4AB5-B4D0-9AAC76E33582} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2545573064-1671415295-1629012448-1000
Task: {625FC2BF-0D97-426D-8747-CF662B90D1D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-26] (Google Inc.)
Task: {73AA9B64-FF9E-4B7C-805F-EFCF590D45AD} - System32\Tasks\{CE526F6F-E8DC-40A6-8703-6D10C232F564} => C:\Program Files (x86)\iPhoneBrowser\iPhoneBrowser.exe
Task: {7558D982-20FC-4565-AD2D-34F983BA56A1} - System32\Tasks\AdobeAAMUpdater-1.0-Marvin-PC-Marvin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {7B719969-F143-4B5D-A94D-F10D79BDA580} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {81B46C8D-F2F6-43A2-A560-F23BA244C322} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-03-29] (SEC)
Task: {8A273E5B-B2D4-4392-BEAB-70A0364E2107} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8DE93BA1-ECE0-4A07-BD4B-7B4F402F782E} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe [2011-06-15] (Samsung Electronics Co., Ltd.)
Task: {91F305C2-7AAC-4AD1-A2D7-18F2778CAE0E} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe [2011-02-16] (Samsung Electronics Co., Ltd.)
Task: {97224D5F-7F24-4EBC-8CC1-E4D7DA323A62} - System32\Tasks\{DA8BD37B-D4DB-4009-930E-D3328DF2D69A} => C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
Task: {9E69DAE8-AC47-478E-8BAC-0EA28B695205} - System32\Tasks\{555A58B4-EE2D-4E5F-A488-58366B1C4CC3} => C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
Task: {C2C98F00-AD81-4AF6-A160-D1ECA910D769} - System32\Tasks\{28680E42-0417-4147-8F36-E0B29C155489} => C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
Task: {C5F246C3-01C1-4425-9059-361BB99B99F1} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe [2011-06-04] (Samsung Electronics Co., Ltd.)
Task: {CE561253-E65B-4601-8363-2BE5F3BA00F1} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe
Task: {D01A72E6-4909-4893-ACB5-1B4D037E2F0A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {D625583E-4F39-42A9-847A-C12E40A23386} - System32\Tasks\{CE73ADFF-0AD8-4D35-846A-846F72E35E02} => C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
Task: {DC4097BB-80E7-4AA8-8677-2016C868A029} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Samsung Control Center\SCCSpeedBoot.exe [2011-05-18] (Samsung Electronics Co., Ltd.)
Task: {E17E0554-C5C1-4C6E-A08B-3BFD458C5EE1} - System32\Tasks\Google Updater and Installer => C:\Users\Marvin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {E27DDC66-A027-42CE-8B02-C022B9AB37C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-26] (Google Inc.)
Task: {E69545C2-A3B7-4E78-8563-A33D8EB77554} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe [2011-06-15] (Samsung Electronics Co., Ltd.)
Task: {EA9AD490-377C-4893-990C-B638421AF152} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-04-14] (CyberLink)
Task: {FAC99DC5-D88D-42BE-83F9-866CE977D2BA} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-07-21 20:58 - 2008-06-05 01:53 - 00027648 _____ () C:\windows\System32\spd__l.dll
2013-03-28 22:31 - 2013-03-28 22:31 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 13:53 - 2012-09-23 13:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 13:53 - 2012-09-23 13:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-03-28 22:30 - 2013-03-28 22:30 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-24 18:51 - 2014-05-29 16:48 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-17 19:39 - 2015-12-17 19:39 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-07-21 06:21 - 2011-02-16 18:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Samsung Control Center\WinCRT.dll
2011-07-21 06:21 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Samsung Control Center\HookDllPS2.dll
2016-04-11 22:10 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 22:10 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\Software\Classes\.exe: => <===== ACHTUNG
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\Software\Classes\exefile: <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-06-29 21:21 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Samsung UPD Service => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ApowersoftScreenRecorder => C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe /autoStart
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Marvin\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Marvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: tvncontrol => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B533BEAD-760B-4082-9DA0-54BF2F0D93C5}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{76536418-9980-4136-A940-01AC3FDA8068}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{5DE60AAD-259B-4A32-997B-29A78B957E08}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{33D218BC-2254-4513-8885-4EF0CBA07F96}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{752DF0A3-F849-4572-8243-3EA33FA265B2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CE794129-3BA4-4148-A605-5F5B1C8EC197}] => (Allow) LPort=2869
FirewallRules: [{70925FC6-7C9E-49DF-916D-4B49F27C6092}] => (Allow) LPort=1900
FirewallRules: [{090304E7-4608-4716-AFFB-13236A9BEBE9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{311EA05E-61F9-4D51-B362-3C0A7F8B5F98}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [UDP Query User{7A5FC880-C91E-4783-91EE-668D73EE285A}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [{64204237-5179-4897-9C62-A6C190C39DA8}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{0F6B505D-6288-4150-8B1A-CBCDA16F29E0}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [TCP Query User{DAC72453-0B67-463A-A625-49C699FD1E88}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [UDP Query User{04A2CDF2-379E-47AD-9A66-EC56940C5960}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [TCP Query User{A8726F37-409A-4859-BA0E-84C5DC5757C4}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{4E7A4E00-4DB8-48C9-BBD3-44FDE2BF2FCE}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{33A47B9A-18C7-4298-AF7F-DB7E2CFDFBB8}] => (Allow) %ProgramFiles% (x86)\Java\jre7\bin\javaw.exe
FirewallRules: [{3C235533-BA45-4310-B379-7AB6359C9057}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A3F4F4CF-321B-492C-9759-8D76033C0FE8}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A013F280-B5D8-4F2D-9B37-BDC102B4C941}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5207462-1BE0-4F9A-A07C-86DA37CD3283}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D8A731BE-EDCF-420D-A0E6-533363A7D61D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{596F2A3F-A471-46E0-B473-44FF05F785DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BB95D659-AAF1-4497-950B-8738E2C588A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{07DCCCA0-50F8-4CD3-AB06-EADC885321FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{207283C6-2643-4BF5-8E6B-627A25FFDFB7}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{E2ADDE8C-F09C-4465-9B7B-709258F715C8}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{216C37FA-CEA0-4C06-85B6-F6D33947CE92}C:\users\marvin\desktop\sonstiges\nazi_zombies\nazi zombies\codwaw.exe] => (Allow) C:\users\marvin\desktop\sonstiges\nazi_zombies\nazi zombies\codwaw.exe
FirewallRules: [UDP Query User{4F5595A1-D40C-4701-95CF-12AB17D92CBF}C:\users\marvin\desktop\sonstiges\nazi_zombies\nazi zombies\codwaw.exe] => (Allow) C:\users\marvin\desktop\sonstiges\nazi_zombies\nazi zombies\codwaw.exe
FirewallRules: [TCP Query User{73434ACF-7C3F-4F19-B789-E3E06A5390AB}C:\users\marvin\desktop\sonstiges\nazi_zombies\nazi zombies\codwaw.exe] => (Allow) C:\users\marvin\desktop\sonstiges\nazi_zombies\nazi zombies\codwaw.exe
FirewallRules: [UDP Query User{1FC8939C-0094-41DA-BD96-CB6530E6B27C}C:\users\marvin\desktop\sonstiges\nazi_zombies\nazi zombies\codwaw.exe] => (Allow) C:\users\marvin\desktop\sonstiges\nazi_zombies\nazi zombies\codwaw.exe
FirewallRules: [{86983096-69A5-4B3E-8A42-8E22DD308E51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{A6B95520-617C-4E87-90F3-5B5CCE18B990}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{ED6E9610-CEEB-488A-9CA1-7C751A8BF5B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FE8CEFA3-27C6-4D21-8579-B4AD4E9BB2B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{B56A0034-A2DF-4C5C-85F7-ACD4A30D86DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{04D5B1A0-41E6-4EC0-AEB8-3414CCCAC4BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CF2B409A-C062-4BCF-A3C5-FEBA0538B698}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4C03FCE1-D5AC-41DA-8A60-14F0A58ABD9F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C7208592-41A2-4CDE-8B2A-3C7134200749}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{980F6C00-8469-4844-B056-F29BA37B8067}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{C51DD5C0-01E8-4E01-9011-D9F331655B1C}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{B214461C-9B7E-4F6F-80DF-AE78621D8239}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{E9C9C8FE-5C70-45FF-990A-D7C259D97F21}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{50CD923A-CC65-428F-9792-3E9FA6EEB094}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{2DAF7A75-5A30-4150-A6BA-88B22E4591DB}C:\users\marvin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marvin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{31D60B47-97BE-4EFE-8E7A-AEF129E8169E}C:\users\marvin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marvin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BF6CE0CC-365D-48F1-8D3F-569347A8B55E}] => (Block) C:\users\marvin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C46CC1FD-B110-4AF8-B834-7AB26F5BD313}] => (Block) C:\users\marvin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EEC9249E-D2F2-4C4F-B6D9-A6242B4C9ECD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C5DE302A-04E1-4A0B-957C-DC44B34C99D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{728286ED-FCAD-49D6-BC6D-EC7B5912A7A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9AFE2C43-788F-4F47-B694-7031E2CD1FE7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{451184ED-707F-49BD-943B-31F0BCFE9FED}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{A9BC098D-A9F9-401C-8830-F6545E90B399}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw.exe
FirewallRules: [{40E30453-F4E3-4AFD-9778-5E3C7C2C7D46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A16FE5EA-2645-459B-91E5-09B435885D1C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{19030F3C-F544-4BF5-AC76-F02ABFA7429C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E9AE5F1F-5B26-4310-A0E2-A64BF65F8F12}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EC7F58DF-EFB3-419D-BE0E-DDB64669840C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BC25A17F-7D11-492B-A40D-9017620462D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{732C12CA-3C33-40D2-8645-6F2404B4EB85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7E169775-2731-474B-A93E-CAFB5AFB4145}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C22D71D-5E0F-447C-AC49-E4FF33E51EC9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BE0BA93A-1337-46F8-81B9-FF20F8C9729B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{86E5A4C7-22E2-40D2-ADFC-14A3FA992429}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{29F3C7CC-9229-420A-98DD-2BE7E24E5B7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{34883D9C-27A9-4D6F-ABFE-A917AD59225A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D44736FC-D10A-4DCA-90E0-114489A96E63}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E4137C7E-3111-45C8-967B-56FA0694E82C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
07-04-2016 20:30:48 Windows Update
11-04-2016 01:46:23 Windows Update
14-04-2016 03:00:21 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/14/2016 03:51:44 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002
Error: (04/14/2016 03:51:43 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002
Error: (04/13/2016 09:11:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DierckeWeltatlasDigital.exe, Version: 1.0.676.21279, Zeitstempel: 0x039e93d0
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.4.0.0, Zeitstempel: 0x777a675f
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000e0b1
ID des fehlerhaften Prozesses: 0x5f60
Startzeit der fehlerhaften Anwendung: 0xDierckeWeltatlasDigital.exe0
Pfad der fehlerhaften Anwendung: DierckeWeltatlasDigital.exe1
Pfad des fehlerhaften Moduls: DierckeWeltatlasDigital.exe2
Berichtskennung: DierckeWeltatlasDigital.exe3
Error: (04/13/2016 09:11:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DierckeWeltatlasDigital.exe, Version: 1.0.676.21279, Zeitstempel: 0x039e93d0
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.4.0.0, Zeitstempel: 0x777a675f
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000e0b1
ID des fehlerhaften Prozesses: 0x5558
Startzeit der fehlerhaften Anwendung: 0xDierckeWeltatlasDigital.exe0
Pfad der fehlerhaften Anwendung: DierckeWeltatlasDigital.exe1
Pfad des fehlerhaften Moduls: DierckeWeltatlasDigital.exe2
Berichtskennung: DierckeWeltatlasDigital.exe3
Error: (04/13/2016 09:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DierckeWeltatlasDigital.exe, Version: 1.0.676.21279, Zeitstempel: 0x039e93d0
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.4.0.0, Zeitstempel: 0x777a675f
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000e0b1
ID des fehlerhaften Prozesses: 0x48a8
Startzeit der fehlerhaften Anwendung: 0xDierckeWeltatlasDigital.exe0
Pfad der fehlerhaften Anwendung: DierckeWeltatlasDigital.exe1
Pfad des fehlerhaften Moduls: DierckeWeltatlasDigital.exe2
Berichtskennung: DierckeWeltatlasDigital.exe3
Error: (03/31/2016 02:43:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2254121
Error: (03/31/2016 02:43:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2254121
Error: (03/31/2016 02:43:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/31/2016 02:06:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3994
Error: (03/31/2016 02:06:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3994
Systemfehler:
=============
Error: (04/15/2016 07:05:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
giix
Error: (04/15/2016 01:11:53 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (04/14/2016 09:18:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
giix
Error: (04/14/2016 09:18:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wondershare Application Framework Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/14/2016 09:18:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Wondershare Application Framework Service erreicht.
Error: (04/14/2016 02:38:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (04/14/2016 11:29:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wondershare Application Framework Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (04/14/2016 11:29:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wondershare Application Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/14/2016 03:48:37 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (04/14/2016 03:43:46 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
giix
CodeIntegrity:
===================================
Date: 2015-08-12 10:11:01.340
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-12 10:11:01.246
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-12 10:11:01.106
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-12 10:11:00.934
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-06-29 21:18:51.887
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-06-29 21:18:51.794
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-17 18:58:14.829
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-17 18:58:14.735
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-17 18:58:05.102
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-17 18:58:05.008
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: AMD A6-3410MX APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 5611.75 MB
Verfügbarer physikalischer RAM: 3733.97 MB
Summe virtueller Speicher: 11221.68 MB
Verfügbarer virtueller Speicher: 8959.27 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:230 GB) (Free:24.55 GB) NTFS
Drive d: () (Fixed) (Total:342.9 GB) (Free:69.16 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: C469F6B2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=342.9 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23.2 GB) - (Type=27)
==================== Ende von Addition.txt ============================
|
|
16.04.2016, 08:01
| #3 |
| /// Selecta Jahrusso   | STarke Verlangsamung seit den letzten Wochen Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
16.04.2016, 09:41
| #4 |
| | STarke Verlangsamung seit den letzten Wochen Guten Morgen und Danke für die Annahme meines Problems Code:
ATTFilter 10:37:47.0032 0x0688 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
10:37:52.0488 0x0688 ============================================================
10:37:52.0488 0x0688 Current date / time: 2016/04/16 10:37:52.0488
10:37:52.0488 0x0688 SystemInfo:
10:37:52.0488 0x0688
10:37:52.0488 0x0688 OS Version: 6.1.7601 ServicePack: 1.0
10:37:52.0488 0x0688 Product type: Workstation
10:37:52.0488 0x0688 ComputerName: MARVIN-PC
10:37:52.0488 0x0688 UserName: Marvin
10:37:52.0488 0x0688 Windows directory: C:\windows
10:37:52.0488 0x0688 System windows directory: C:\windows
10:37:52.0488 0x0688 Running under WOW64
10:37:52.0488 0x0688 Processor architecture: Intel x64
10:37:52.0488 0x0688 Number of processors: 4
10:37:52.0488 0x0688 Page size: 0x1000
10:37:52.0488 0x0688 Boot type: Normal boot
10:37:52.0488 0x0688 ============================================================
10:37:52.0800 0x0688 KLMD registered as C:\windows\system32\drivers\72278850.sys
10:37:53.0159 0x0688 System UUID: {04BC9994-7AC8-1D8A-AC77-D5159D9E20F4}
10:37:53.0693 0x0688 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:37:53.0703 0x0688 ============================================================
10:37:53.0703 0x0688 \Device\Harddisk0\DR0:
10:37:53.0704 0x0688 MBR partitions:
10:37:53.0704 0x0688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:37:53.0704 0x0688 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1CC00000
10:37:53.0722 0x0688 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1CC33000, BlocksNum 0x2ADCC800
10:37:53.0722 0x0688 ============================================================
10:37:53.0769 0x0688 C: <-> \Device\Harddisk0\DR0\Partition2
10:37:53.0800 0x0688 D: <-> \Device\Harddisk0\DR0\Partition3
10:37:53.0800 0x0688 ============================================================
10:37:53.0816 0x0688 Initialize success
10:37:53.0816 0x0688 ============================================================
10:38:36.0414 0x1174 ============================================================
10:38:36.0414 0x1174 Scan started
10:38:36.0414 0x1174 Mode: Manual; SigCheck; TDLFS;
10:38:36.0414 0x1174 ============================================================
10:38:36.0414 0x1174 KSN ping started
10:38:39.0744 0x1174 KSN ping finished: true
10:38:40.0618 0x1174 ================ Scan system memory ========================
10:38:40.0618 0x1174 System memory - ok
10:38:40.0618 0x1174 ================ Scan services =============================
10:38:40.0821 0x1174 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
10:38:40.0930 0x1174 1394ohci - ok
10:38:40.0961 0x1174 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
10:38:40.0977 0x1174 ACPI - ok
10:38:41.0008 0x1174 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
10:38:41.0024 0x1174 AcpiPmi - ok
10:38:41.0133 0x1174 [ C004F38974F4D321B4C20A240E1175C0, FCCABDF4397AC56D5AE794584384039BAFD3B67FD47C56F4F9491C9175C60763 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
10:38:41.0164 0x1174 AdobeActiveFileMonitor9.0 - ok
10:38:41.0242 0x1174 [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:38:41.0273 0x1174 AdobeARMservice - ok
10:38:41.0429 0x1174 [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:38:41.0445 0x1174 AdobeFlashPlayerUpdateSvc - ok
10:38:41.0507 0x1174 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
10:38:41.0523 0x1174 adp94xx - ok
10:38:41.0570 0x1174 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
10:38:41.0585 0x1174 adpahci - ok
10:38:41.0601 0x1174 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
10:38:41.0616 0x1174 adpu320 - ok
10:38:41.0663 0x1174 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\windows\System32\aelupsvc.dll
10:38:41.0694 0x1174 AeLookupSvc - ok
10:38:41.0757 0x1174 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\windows\system32\drivers\afd.sys
10:38:41.0788 0x1174 AFD - ok
10:38:41.0819 0x1174 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
10:38:41.0835 0x1174 agp440 - ok
10:38:41.0850 0x1174 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
10:38:41.0866 0x1174 ALG - ok
10:38:41.0897 0x1174 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
10:38:41.0913 0x1174 aliide - ok
10:38:41.0944 0x1174 [ 310F86335B0505DDC6D2DD48E66EF06B, 936273CA046B3AE0944E6C1557CECB2A0C61D034977BBB9FACBE062617CF3A2C ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
10:38:41.0975 0x1174 AMD External Events Utility - ok
10:38:42.0022 0x1174 AMD FUEL Service - ok
10:38:42.0038 0x1174 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
10:38:42.0053 0x1174 amdide - ok
10:38:42.0069 0x1174 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
10:38:42.0084 0x1174 AmdK8 - ok
10:38:42.0864 0x1174 [ 79CC9BE187E3144E1B58A54B842475E7, 89DD3177B5CE649AC0093603CE13FBFD93AC24F8E16C52672549110141106F4A ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
10:38:43.0208 0x1174 amdkmdag - ok
10:38:43.0332 0x1174 [ 07561D3B7FD99F6E186C49C2D0628E38, D2D72EB45EAD29A3099C040E99A4F1F4902D3BDC0466800C63ECD33343DC1224 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
10:38:43.0364 0x1174 amdkmdap - ok
10:38:43.0379 0x1174 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
10:38:43.0395 0x1174 AmdPPM - ok
10:38:43.0442 0x1174 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
10:38:43.0473 0x1174 amdsata - ok
10:38:43.0504 0x1174 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
10:38:43.0535 0x1174 amdsbs - ok
10:38:43.0551 0x1174 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
10:38:43.0551 0x1174 amdxata - ok
10:38:43.0582 0x1174 [ 2FBB00A7616106B95104574C6CD640C2, 06DE79B42EBBBBA01DAB289D4280E131D780066CD7E4499229CD5EB1E597A017 ] amd_sata C:\windows\system32\DRIVERS\amd_sata.sys
10:38:43.0613 0x1174 amd_sata - ok
10:38:43.0644 0x1174 [ 87D0D7645CB0D53220649BD5FE15D93E, 195B25BC640BE5D802F530FAA68D3325A6C076DE8A7E56833372C3B2B53B673B ] amd_xata C:\windows\system32\DRIVERS\amd_xata.sys
10:38:43.0660 0x1174 amd_xata - ok
10:38:43.0676 0x1174 [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:38:43.0676 0x1174 AODDriver4.2 - ok
10:38:43.0707 0x1174 [ 4542CC17440E85D2D2D73A7D40FAED0A, F157F9A137DEACFC5A1A982265F5CE05A79C0CF8F13291773E2351BEFCB94E08 ] Apowersoft_AudioDevice C:\windows\system32\drivers\Apowersoft_AudioDevice.sys
10:38:43.0722 0x1174 Apowersoft_AudioDevice - ok
10:38:43.0769 0x1174 [ A9FB80B0BBA6F765F4E691B7AD4963A7, 06BC740AF47ACECEE3707C433357F872EA0D9F2CA1B9FC2489FA3B421A262EF0 ] AppID C:\windows\system32\drivers\appid.sys
10:38:43.0785 0x1174 AppID - ok
10:38:43.0832 0x1174 [ C47B6624AF9AEE4146743DCB133A159D, 10D1E6C9F972C3A8CC304F38B0A52818A78D70B4AF71F6E22CE1773397FC2AB4 ] AppIDSvc C:\windows\System32\appidsvc.dll
10:38:43.0847 0x1174 AppIDSvc - ok
10:38:43.0894 0x1174 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\windows\System32\appinfo.dll
10:38:43.0925 0x1174 Appinfo - ok
10:38:44.0003 0x1174 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:38:44.0034 0x1174 Apple Mobile Device Service - ok
10:38:44.0066 0x1174 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
10:38:44.0081 0x1174 arc - ok
10:38:44.0097 0x1174 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
10:38:44.0112 0x1174 arcsas - ok
10:38:44.0222 0x1174 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:38:44.0253 0x1174 aspnet_state - ok
10:38:44.0268 0x1174 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
10:38:44.0315 0x1174 AsyncMac - ok
10:38:44.0331 0x1174 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
10:38:44.0346 0x1174 atapi - ok
10:38:44.0456 0x1174 [ 3D68A1EEF77307142636AF5127990BCB, 30926B2E1371287FF39C69C363BE4FAC67C558867D903C555A12316D303A43E8 ] athr C:\windows\system32\DRIVERS\athrx.sys
10:38:44.0549 0x1174 athr - ok
10:38:44.0580 0x1174 [ ED3A041014FBBFDC23D6C04F9C7A5D79, A039D8F4C0EA2101898A253E13DFED5FA8500C412ACC47835415E27C9BD068FF ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
10:38:44.0596 0x1174 AtiHDAudioService - ok
10:38:44.0674 0x1174 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
10:38:44.0705 0x1174 AudioEndpointBuilder - ok
10:38:44.0721 0x1174 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
10:38:44.0752 0x1174 AudioSrv - ok
10:38:44.0783 0x1174 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
10:38:44.0814 0x1174 AxInstSV - ok
10:38:44.0846 0x1174 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
10:38:44.0877 0x1174 b06bdrv - ok
10:38:44.0908 0x1174 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
10:38:44.0939 0x1174 b57nd60a - ok
10:38:44.0939 0x1174 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
10:38:44.0955 0x1174 BDESVC - ok
10:38:44.0991 0x1174 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
10:38:45.0034 0x1174 Beep - ok
10:38:45.0081 0x1174 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
10:38:45.0109 0x1174 BFE - ok
10:38:45.0187 0x1174 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
10:38:45.0254 0x1174 BITS - ok
10:38:45.0268 0x1174 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
10:38:45.0284 0x1174 blbdrive - ok
10:38:45.0346 0x1174 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:38:45.0377 0x1174 Bonjour Service - ok
10:38:45.0409 0x1174 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
10:38:45.0428 0x1174 bowser - ok
10:38:45.0465 0x1174 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
10:38:45.0482 0x1174 BrFiltLo - ok
10:38:45.0495 0x1174 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
10:38:45.0512 0x1174 BrFiltUp - ok
10:38:45.0551 0x1174 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
10:38:45.0598 0x1174 BridgeMP - ok
10:38:45.0629 0x1174 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
10:38:45.0645 0x1174 Browser - ok
10:38:45.0676 0x1174 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
10:38:45.0692 0x1174 Brserid - ok
10:38:45.0707 0x1174 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
10:38:45.0723 0x1174 BrSerWdm - ok
10:38:45.0758 0x1174 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
10:38:45.0767 0x1174 BrUsbMdm - ok
10:38:45.0799 0x1174 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
10:38:45.0799 0x1174 BrUsbSer - ok
10:38:45.0908 0x1174 [ 910B5BF2353D5D982D2F6B8F6454A00A, E27A0E9EDF50A935E83F4D5BD86C9B9B297F1B8193AFB7C28313B28B5A4B27A5 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
10:38:45.0939 0x1174 BstHdAndroidSvc - ok
10:38:45.0986 0x1174 [ 6A4D927BDEE8D9944FAA0012AF7AD232, F0B8642FB02628899CCE526A59A18E0A89456AA2385E82CD97B25CFC64C0E92E ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
10:38:46.0024 0x1174 BstHdDrv - ok
10:38:46.0071 0x1174 [ 95B960980034877821E7FB5BFE25136E, 64EA26E9E94767C9EBEEF26FEEAA3176BB7787785F5F20CB8BBB4C75F45AAAA1 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
10:38:46.0086 0x1174 BstHdLogRotatorSvc - ok
10:38:46.0149 0x1174 [ 5EBFF8D302047F4709F3A4F1231236E9, 84010BB25C4C029C03C98853E8AC75F103D1F34922B0643ECD758CE21E7DE4A6 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
10:38:46.0196 0x1174 BstHdUpdaterSvc - ok
10:38:46.0227 0x1174 [ 9D95F74875491CECBF9E10A5936A570E, 55BDA43FB0C0623CFB7899D0A42BA6696A0A314F9DB5D0EC27A606C2AD9AF34C ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
10:38:46.0258 0x1174 BtFilter - detected UnsignedFile.Multi.Generic ( 1 )
10:38:48.0895 0x1174 Detect skipped due to KSN trusted
10:38:48.0895 0x1174 BtFilter - ok
10:38:48.0958 0x1174 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
10:38:49.0036 0x1174 BthEnum - ok
10:38:49.0051 0x1174 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
10:38:49.0083 0x1174 BTHMODEM - ok
10:38:49.0114 0x1174 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
10:38:49.0129 0x1174 BthPan - ok
10:38:49.0161 0x1174 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
10:38:49.0192 0x1174 BTHPORT - ok
10:38:49.0239 0x1174 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
10:38:49.0301 0x1174 bthserv - ok
10:38:49.0363 0x1174 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
10:38:49.0395 0x1174 BTHUSB - ok
10:38:49.0535 0x1174 [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
10:38:49.0597 0x1174 c2cautoupdatesvc - ok
10:38:49.0707 0x1174 [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
10:38:49.0769 0x1174 c2cpnrsvc - ok
10:38:49.0800 0x1174 catchme - ok
10:38:49.0831 0x1174 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
10:38:49.0878 0x1174 cdfs - ok
10:38:49.0894 0x1174 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
10:38:49.0909 0x1174 cdrom - ok
10:38:49.0956 0x1174 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
10:38:50.0003 0x1174 CertPropSvc - ok
10:38:50.0019 0x1174 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
10:38:50.0050 0x1174 circlass - ok
10:38:50.0097 0x1174 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\windows\system32\CLFS.sys
10:38:50.0143 0x1174 CLFS - ok
10:38:50.0221 0x1174 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:38:50.0253 0x1174 clr_optimization_v2.0.50727_32 - ok
10:38:50.0299 0x1174 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:38:50.0315 0x1174 clr_optimization_v2.0.50727_64 - ok
10:38:50.0409 0x1174 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:38:50.0455 0x1174 clr_optimization_v4.0.30319_32 - ok
10:38:50.0471 0x1174 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:38:50.0518 0x1174 clr_optimization_v4.0.30319_64 - ok
10:38:50.0549 0x1174 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
10:38:50.0549 0x1174 clwvd - ok
10:38:50.0565 0x1174 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
10:38:50.0580 0x1174 CmBatt - ok
10:38:50.0611 0x1174 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
10:38:50.0627 0x1174 cmdide - ok
10:38:50.0705 0x1174 [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\windows\system32\Drivers\cng.sys
10:38:50.0767 0x1174 CNG - ok
10:38:50.0783 0x1174 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
10:38:50.0799 0x1174 Compbatt - ok
10:38:50.0814 0x1174 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
10:38:50.0845 0x1174 CompositeBus - ok
10:38:50.0845 0x1174 COMSysApp - ok
10:38:50.0861 0x1174 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
10:38:50.0877 0x1174 crcdisk - ok
10:38:50.0908 0x1174 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\windows\system32\cryptsvc.dll
10:38:50.0939 0x1174 CryptSvc - ok
10:38:51.0001 0x1174 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\windows\system32\rpcss.dll
10:38:51.0033 0x1174 DcomLaunch - ok
10:38:51.0064 0x1174 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
10:38:51.0111 0x1174 defragsvc - ok
10:38:51.0142 0x1174 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
10:38:51.0173 0x1174 DfsC - ok
10:38:51.0189 0x1174 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
10:38:51.0220 0x1174 Dhcp - ok
10:38:51.0329 0x1174 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\windows\system32\diagtrack.dll
10:38:51.0407 0x1174 DiagTrack - ok
10:38:51.0423 0x1174 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
10:38:51.0454 0x1174 discache - ok
10:38:51.0485 0x1174 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\windows\system32\drivers\disk.sys
10:38:51.0501 0x1174 Disk - ok
10:38:51.0532 0x1174 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
10:38:51.0547 0x1174 Dnscache - ok
10:38:51.0594 0x1174 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
10:38:51.0657 0x1174 dot3svc - ok
10:38:51.0672 0x1174 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
10:38:51.0719 0x1174 DPS - ok
10:38:51.0735 0x1174 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
10:38:51.0750 0x1174 drmkaud - ok
10:38:51.0797 0x1174 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
10:38:51.0813 0x1174 dtsoftbus01 - ok
10:38:51.0875 0x1174 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
10:38:51.0922 0x1174 DXGKrnl - ok
10:38:51.0937 0x1174 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
10:38:51.0984 0x1174 EapHost - ok
10:38:52.0156 0x1174 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
10:38:52.0374 0x1174 ebdrv - ok
10:38:52.0405 0x1174 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] EFS C:\windows\System32\lsass.exe
10:38:52.0421 0x1174 EFS - ok
10:38:52.0506 0x1174 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
10:38:52.0543 0x1174 ehRecvr - ok
10:38:52.0559 0x1174 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
10:38:52.0578 0x1174 ehSched - ok
10:38:52.0623 0x1174 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
10:38:52.0656 0x1174 elxstor - ok
10:38:52.0684 0x1174 [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc C:\windows\system32\EscSvc64.exe
10:38:52.0700 0x1174 EpsonScanSvc - ok
10:38:52.0731 0x1174 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
10:38:52.0746 0x1174 ErrDev - ok
10:38:52.0794 0x1174 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
10:38:52.0841 0x1174 EventSystem - ok
10:38:52.0872 0x1174 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
10:38:52.0921 0x1174 exfat - ok
10:38:52.0937 0x1174 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
10:38:52.0983 0x1174 fastfat - ok
10:38:53.0030 0x1174 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
10:38:53.0061 0x1174 Fax - ok
10:38:53.0098 0x1174 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
10:38:53.0113 0x1174 fdc - ok
10:38:53.0127 0x1174 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
10:38:53.0170 0x1174 fdPHost - ok
10:38:53.0184 0x1174 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
10:38:53.0217 0x1174 FDResPub - ok
10:38:53.0233 0x1174 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
10:38:53.0248 0x1174 FileInfo - ok
10:38:53.0264 0x1174 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
10:38:53.0311 0x1174 Filetrace - ok
10:38:53.0342 0x1174 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
10:38:53.0358 0x1174 flpydisk - ok
10:38:53.0389 0x1174 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
10:38:53.0404 0x1174 FltMgr - ok
10:38:53.0516 0x1174 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\windows\system32\FntCache.dll
10:38:53.0609 0x1174 FontCache - ok
10:38:53.0656 0x1174 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:38:53.0672 0x1174 FontCache3.0.0.0 - ok
10:38:53.0687 0x1174 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
10:38:53.0703 0x1174 FsDepends - ok
10:38:53.0718 0x1174 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
10:38:53.0734 0x1174 Fs_Rec - ok
10:38:53.0765 0x1174 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
10:38:53.0781 0x1174 fvevol - ok
10:38:53.0828 0x1174 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
10:38:53.0843 0x1174 gagp30kx - ok
10:38:53.0859 0x1174 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
10:38:53.0874 0x1174 GEARAspiWDM - ok
10:38:53.0906 0x1174 [ 022807B149127B8FAA3DBEB13A7D9B41, 0D871B7AC3FB37BB5664C0DFE3D4084FB1457BF4FD9E1C338F3CB2F0801EEBD2 ] GenericMount C:\windows\system32\DRIVERS\GenericMount.sys
10:38:53.0922 0x1174 GenericMount - ok
10:38:53.0953 0x1174 giix - ok
10:38:54.0000 0x1174 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
10:38:54.0063 0x1174 gpsvc - ok
10:38:54.0173 0x1174 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:38:54.0204 0x1174 gupdate - ok
10:38:54.0235 0x1174 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:38:54.0251 0x1174 gupdatem - ok
10:38:54.0282 0x1174 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
10:38:54.0298 0x1174 hamachi - ok
10:38:54.0313 0x1174 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
10:38:54.0329 0x1174 hcw85cir - ok
10:38:54.0360 0x1174 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
10:38:54.0391 0x1174 HdAudAddService - ok
10:38:54.0407 0x1174 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
10:38:54.0422 0x1174 HDAudBus - ok
10:38:54.0438 0x1174 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
10:38:54.0454 0x1174 HidBatt - ok
10:38:54.0485 0x1174 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
10:38:54.0500 0x1174 HidBth - ok
10:38:54.0516 0x1174 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
10:38:54.0532 0x1174 HidIr - ok
10:38:54.0563 0x1174 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll
10:38:54.0610 0x1174 hidserv - ok
10:38:54.0641 0x1174 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
10:38:54.0656 0x1174 HidUsb - ok
10:38:54.0703 0x1174 [ 258DE302160DEEAFAB4453BB292CCF8F, A4333211D7B7FF8FAA630F5BA409564DC5C94E700E2AF59401D7E5BDE6B839EC ] hitmanpro37 C:\windows\system32\drivers\hitmanpro37.sys
10:38:54.0719 0x1174 hitmanpro37 - ok
10:38:54.0734 0x1174 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
10:38:54.0781 0x1174 hkmsvc - ok
10:38:54.0797 0x1174 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
10:38:54.0828 0x1174 HomeGroupListener - ok
10:38:54.0859 0x1174 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
10:38:54.0875 0x1174 HomeGroupProvider - ok
10:38:54.0890 0x1174 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
10:38:54.0922 0x1174 HpSAMD - ok
10:38:54.0968 0x1174 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
10:38:55.0015 0x1174 HTTP - ok
10:38:55.0015 0x1174 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
10:38:55.0031 0x1174 hwpolicy - ok
10:38:55.0062 0x1174 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
10:38:55.0078 0x1174 i8042prt - ok
10:38:55.0109 0x1174 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
10:38:55.0140 0x1174 iaStorV - ok
10:38:55.0218 0x1174 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:38:55.0218 0x1174 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
10:38:58.0356 0x1174 Detect skipped due to KSN trusted
10:38:58.0356 0x1174 IDriverT - ok
10:38:58.0480 0x1174 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:38:58.0527 0x1174 idsvc - ok
10:38:58.0794 0x1174 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
10:38:59.0060 0x1174 igfx - ok
10:38:59.0169 0x1174 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
10:38:59.0200 0x1174 iirsp - ok
10:38:59.0278 0x1174 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
10:38:59.0325 0x1174 IKEEXT - ok
10:38:59.0512 0x1174 [ 3A2D6740F51BE48C0FD01AD907329DEE, 4FD899CD6E3B3D5C9803E52CB72F002B6CFC144D524FAF6845CF6D115EC6E059 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
10:38:59.0701 0x1174 IntcAzAudAddService - ok
10:38:59.0748 0x1174 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
10:38:59.0748 0x1174 intelide - ok
10:38:59.0779 0x1174 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\drivers\intelppm.sys
10:38:59.0795 0x1174 intelppm - ok
10:38:59.0826 0x1174 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
10:38:59.0857 0x1174 IPBusEnum - ok
10:38:59.0888 0x1174 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
10:38:59.0920 0x1174 IpFilterDriver - ok
10:38:59.0966 0x1174 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
10:38:59.0998 0x1174 iphlpsvc - ok
10:39:00.0029 0x1174 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
10:39:00.0044 0x1174 IPMIDRV - ok
10:39:00.0060 0x1174 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
10:39:00.0091 0x1174 IPNAT - ok
10:39:00.0154 0x1174 [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:39:00.0185 0x1174 iPod Service - ok
10:39:00.0200 0x1174 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
10:39:00.0216 0x1174 IRENUM - ok
10:39:00.0232 0x1174 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
10:39:00.0247 0x1174 isapnp - ok
10:39:00.0278 0x1174 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
10:39:00.0310 0x1174 iScsiPrt - ok
10:39:00.0325 0x1174 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
10:39:00.0341 0x1174 kbdclass - ok
10:39:00.0356 0x1174 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
10:39:00.0372 0x1174 kbdhid - ok
10:39:00.0388 0x1174 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] KeyIso C:\windows\system32\lsass.exe
10:39:00.0403 0x1174 KeyIso - ok
10:39:00.0434 0x1174 [ B6C2FA7F5E5BC1A488A57C6344D29D64, 857245D664CF9ED8121E2087D73F85DA3FED721484DDC6B51AF6A344EC29A27F ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
10:39:00.0481 0x1174 KSecDD - ok
10:39:00.0497 0x1174 [ FB4397DDCC732DB6A7B33B747C7EB708, AD8B9500AAE12C1507B982B74B86731BE75AFAC7F64538332A380AC43EDEC271 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
10:39:00.0512 0x1174 KSecPkg - ok
10:39:00.0544 0x1174 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
10:39:00.0575 0x1174 ksthunk - ok
10:39:00.0622 0x1174 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
10:39:00.0668 0x1174 KtmRm - ok
10:39:00.0731 0x1174 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll
10:39:00.0778 0x1174 LanmanServer - ok
10:39:00.0809 0x1174 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
10:39:00.0856 0x1174 LanmanWorkstation - ok
10:39:00.0871 0x1174 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
10:39:00.0918 0x1174 lltdio - ok
10:39:00.0949 0x1174 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
10:39:00.0996 0x1174 lltdsvc - ok
10:39:01.0012 0x1174 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
10:39:01.0043 0x1174 lmhosts - ok
10:39:01.0074 0x1174 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
10:39:01.0090 0x1174 LSI_FC - ok
10:39:01.0121 0x1174 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
10:39:01.0136 0x1174 LSI_SAS - ok
10:39:01.0152 0x1174 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
10:39:01.0168 0x1174 LSI_SAS2 - ok
10:39:01.0183 0x1174 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
10:39:01.0199 0x1174 LSI_SCSI - ok
10:39:01.0214 0x1174 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
10:39:01.0261 0x1174 luafv - ok
10:39:01.0339 0x1174 [ C06234DCDB1BFC0CF7E25CFAC5B7F5FE, 149A3880E1D58CC0768A174DF4E884F3A4432F935D134B5AE536B7020788F5D5 ] ManyCam C:\windows\system32\DRIVERS\mcvidrv.sys
10:39:01.0355 0x1174 ManyCam - ok
10:39:01.0402 0x1174 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\windows\system32\drivers\mbam.sys
10:39:01.0417 0x1174 MBAMProtector - ok
10:39:01.0526 0x1174 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
10:39:01.0604 0x1174 MBAMService - ok
10:39:01.0620 0x1174 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
10:39:01.0636 0x1174 MBAMWebAccessControl - ok
10:39:01.0682 0x1174 [ 88B3BADFB02BE4471655EAF88DDC7EBD, F38D69B80A7670F85A9692A01D2D71A54BB413346C3523726E59D1282D349B83 ] mcaudrv_simple C:\windows\system32\drivers\mcaudrv_x64.sys
10:39:01.0714 0x1174 mcaudrv_simple - ok
10:39:01.0729 0x1174 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
10:39:01.0745 0x1174 Mcx2Svc - ok
10:39:01.0776 0x1174 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
10:39:01.0792 0x1174 megasas - ok
10:39:01.0807 0x1174 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
10:39:01.0838 0x1174 MegaSR - ok
10:39:01.0901 0x1174 Microsoft SharePoint Workspace Audit Service - ok
10:39:01.0932 0x1174 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
10:39:01.0963 0x1174 MMCSS - ok
10:39:01.0994 0x1174 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
10:39:02.0026 0x1174 Modem - ok
10:39:02.0041 0x1174 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
10:39:02.0057 0x1174 monitor - ok
10:39:02.0088 0x1174 [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\windows\system32\DRIVERS\MijXfilt.sys
10:39:02.0104 0x1174 MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
10:39:05.0319 0x1174 Detect skipped due to KSN trusted
10:39:05.0319 0x1174 MotioninJoyXFilter - ok
10:39:05.0366 0x1174 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
10:39:05.0397 0x1174 mouclass - ok
10:39:05.0413 0x1174 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
10:39:05.0428 0x1174 mouhid - ok
10:39:05.0475 0x1174 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
10:39:05.0491 0x1174 mountmgr - ok
10:39:05.0553 0x1174 [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:39:05.0584 0x1174 MozillaMaintenance - ok
10:39:05.0631 0x1174 [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
10:39:05.0662 0x1174 MpFilter - ok
10:39:05.0678 0x1174 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
10:39:05.0694 0x1174 mpio - ok
10:39:05.0725 0x1174 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
10:39:05.0756 0x1174 mpsdrv - ok
10:39:05.0818 0x1174 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
10:39:05.0881 0x1174 MpsSvc - ok
10:39:05.0928 0x1174 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
10:39:05.0943 0x1174 MRxDAV - ok
10:39:05.0990 0x1174 [ ACEC16415275E1AD6F7983EF472810E3, E5017E157954F6C21AA66233FF2C1A6B1FF3E4685F26648A8A21F2B9718DD97C ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
10:39:06.0006 0x1174 mrxsmb - ok
10:39:06.0052 0x1174 [ 0F276F2F2018296FABC7BD2BCCAAB40B, 378A36F7282EE9FFEC8A1D5783ECD0A428E0215B1774AAA166C5AA09B3C636F7 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
10:39:06.0084 0x1174 mrxsmb10 - ok
10:39:06.0115 0x1174 [ 1D4B7972375052F5B7877A6FD9BE33A0, B3FD235F6FE975F1869436ED1215913F0E8EB1123BB252FD221C35AB1121C3F5 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
10:39:06.0130 0x1174 mrxsmb20 - ok
10:39:06.0177 0x1174 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
10:39:06.0208 0x1174 msahci - ok
10:39:06.0240 0x1174 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
10:39:06.0255 0x1174 msdsm - ok
10:39:06.0271 0x1174 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
10:39:06.0286 0x1174 MSDTC - ok
10:39:06.0318 0x1174 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
10:39:06.0349 0x1174 Msfs - ok
10:39:06.0380 0x1174 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
10:39:06.0411 0x1174 mshidkmdf - ok
10:39:06.0427 0x1174 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
10:39:06.0442 0x1174 msisadrv - ok
10:39:06.0458 0x1174 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
10:39:06.0505 0x1174 MSiSCSI - ok
10:39:06.0520 0x1174 msiserver - ok
10:39:06.0520 0x1174 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
10:39:06.0567 0x1174 MSKSSRV - ok
10:39:06.0614 0x1174 [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:39:06.0630 0x1174 MsMpSvc - ok
10:39:06.0661 0x1174 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
10:39:06.0692 0x1174 MSPCLOCK - ok
10:39:06.0708 0x1174 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
10:39:06.0739 0x1174 MSPQM - ok
10:39:06.0770 0x1174 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
10:39:06.0801 0x1174 MsRPC - ok
10:39:06.0817 0x1174 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
10:39:06.0817 0x1174 mssmbios - ok
10:39:06.0910 0x1174 MSSQL$SQLEXPRESS - ok
10:39:06.0973 0x1174 [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
10:39:07.0004 0x1174 MSSQLServerADHelper100 - ok
10:39:07.0020 0x1174 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
10:39:07.0098 0x1174 MSTEE - ok
10:39:07.0098 0x1174 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
10:39:07.0113 0x1174 MTConfig - ok
10:39:07.0129 0x1174 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
10:39:07.0144 0x1174 Mup - ok
10:39:07.0191 0x1174 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
10:39:07.0238 0x1174 napagent - ok
10:39:07.0269 0x1174 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
10:39:07.0300 0x1174 NativeWifiP - ok
10:39:07.0410 0x1174 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\windows\system32\drivers\ndis.sys
10:39:07.0456 0x1174 NDIS - ok
10:39:07.0472 0x1174 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
10:39:07.0503 0x1174 NdisCap - ok
10:39:07.0519 0x1174 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
10:39:07.0566 0x1174 NdisTapi - ok
10:39:07.0581 0x1174 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
10:39:07.0612 0x1174 Ndisuio - ok
10:39:07.0644 0x1174 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
10:39:07.0706 0x1174 NdisWan - ok
10:39:07.0722 0x1174 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
10:39:07.0753 0x1174 NDProxy - ok
10:39:07.0784 0x1174 [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\windows\system32\DRIVERS\netaapl64.sys
10:39:07.0784 0x1174 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
10:39:08.0580 0x1028 Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
10:39:11.0200 0x1174 Detect skipped due to KSN trusted
10:39:11.0200 0x1174 Netaapl - ok
10:39:11.0263 0x1174 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
10:39:11.0325 0x1174 NetBIOS - ok
10:39:11.0341 0x1174 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
10:39:11.0388 0x1174 NetBT - ok
10:39:11.0403 0x1174 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] Netlogon C:\windows\system32\lsass.exe
10:39:11.0419 0x1174 Netlogon - ok
10:39:11.0450 0x1174 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
10:39:11.0512 0x1174 Netman - ok
10:39:11.0528 0x1174 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:11.0559 0x1174 NetMsmqActivator - ok
10:39:11.0559 0x1174 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:11.0575 0x1174 NetPipeActivator - ok
10:39:11.0622 0x1174 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
10:39:11.0668 0x1174 netprofm - ok
10:39:11.0684 0x1174 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:11.0700 0x1174 NetTcpActivator - ok
10:39:11.0700 0x1174 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:11.0731 0x1174 NetTcpPortSharing - ok
10:39:11.0746 0x1174 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
10:39:11.0762 0x1174 nfrd960 - ok
10:39:11.0793 0x1174 [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
10:39:11.0809 0x1174 NisDrv - ok
10:39:11.0871 0x1174 [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:39:11.0902 0x1174 NisSrv - ok
10:39:11.0965 0x1174 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
10:39:11.0996 0x1174 NlaSvc - ok
10:39:12.0012 0x1174 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
10:39:12.0058 0x1174 Npfs - ok
10:39:12.0058 0x1174 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
10:39:12.0105 0x1174 nsi - ok
10:39:12.0121 0x1028 Object send P2P result: true
10:39:12.0121 0x1174 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
10:39:12.0168 0x1174 nsiproxy - ok
10:39:12.0277 0x1174 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
10:39:12.0402 0x1174 Ntfs - ok
10:39:12.0417 0x1174 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
10:39:12.0448 0x1174 Null - ok
10:39:12.0480 0x1174 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
10:39:12.0495 0x1174 nvraid - ok
10:39:12.0526 0x1174 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
10:39:12.0542 0x1174 nvstor - ok
10:39:12.0573 0x1174 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
10:39:12.0589 0x1174 nv_agp - ok
10:39:12.0604 0x1174 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
10:39:12.0620 0x1174 ohci1394 - ok
10:39:12.0682 0x1174 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:39:12.0698 0x1174 ose - ok
10:39:12.0948 0x1174 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:39:13.0228 0x1174 osppsvc - ok
10:39:13.0353 0x1174 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
10:39:13.0384 0x1174 p2pimsvc - ok
10:39:13.0431 0x1174 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
10:39:13.0462 0x1174 p2psvc - ok
10:39:13.0494 0x1174 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
10:39:13.0525 0x1174 Parport - ok
10:39:13.0572 0x1174 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
10:39:13.0587 0x1174 partmgr - ok
10:39:13.0618 0x1174 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
10:39:13.0650 0x1174 PcaSvc - ok
10:39:13.0665 0x1174 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
10:39:13.0681 0x1174 pci - ok
10:39:13.0712 0x1174 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
10:39:13.0728 0x1174 pciide - ok
10:39:13.0743 0x1174 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
10:39:13.0774 0x1174 pcmcia - ok
10:39:13.0790 0x1174 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
10:39:13.0806 0x1174 pcw - ok
10:39:13.0837 0x1174 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
10:39:13.0868 0x1174 PEAUTH - ok
10:39:13.0993 0x1174 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
10:39:14.0024 0x1174 PerfHost - ok
10:39:14.0102 0x1174 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
10:39:14.0133 0x03ec Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
10:39:14.0227 0x1174 pla - ok
10:39:14.0305 0x1174 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
10:39:14.0336 0x1174 PlugPlay - ok
10:39:14.0352 0x1174 PnkBstrA - ok
10:39:14.0367 0x1174 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
10:39:14.0383 0x1174 PNRPAutoReg - ok
10:39:14.0398 0x1174 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
10:39:14.0430 0x1174 PNRPsvc - ok
10:39:14.0476 0x1174 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
10:39:14.0523 0x1174 PolicyAgent - ok
10:39:14.0554 0x1174 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
10:39:14.0601 0x1174 Power - ok
10:39:14.0632 0x1174 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
10:39:14.0664 0x1174 PptpMiniport - ok
10:39:14.0679 0x1174 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
10:39:14.0695 0x1174 Processor - ok
10:39:14.0726 0x1174 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
10:39:14.0757 0x1174 ProfSvc - ok
10:39:14.0773 0x1174 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] ProtectedStorage C:\windows\system32\lsass.exe
10:39:14.0773 0x1174 ProtectedStorage - ok
10:39:14.0804 0x1174 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
10:39:14.0835 0x1174 Psched - ok
10:39:14.0929 0x1174 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
10:39:15.0007 0x1174 ql2300 - ok
10:39:15.0038 0x1174 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
10:39:15.0054 0x1174 ql40xx - ok
10:39:15.0085 0x1174 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
10:39:15.0116 0x1174 QWAVE - ok
10:39:15.0132 0x1174 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
10:39:15.0147 0x1174 QWAVEdrv - ok
10:39:15.0178 0x1174 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
10:39:15.0210 0x1174 RasAcd - ok
10:39:15.0241 0x1174 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
10:39:15.0288 0x1174 RasAgileVpn - ok
10:39:15.0303 0x1174 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
10:39:15.0334 0x1174 RasAuto - ok
10:39:15.0366 0x1174 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
10:39:15.0397 0x1174 Rasl2tp - ok
10:39:15.0428 0x1174 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
10:39:15.0475 0x1174 RasMan - ok
10:39:15.0490 0x1174 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
10:39:15.0537 0x1174 RasPppoe - ok
10:39:15.0553 0x1174 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
10:39:15.0584 0x1174 RasSstp - ok
10:39:15.0615 0x1174 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
10:39:15.0662 0x1174 rdbss - ok
10:39:15.0678 0x1174 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
10:39:15.0693 0x1174 rdpbus - ok
10:39:15.0709 0x1174 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
10:39:15.0740 0x1174 RDPCDD - ok
10:39:15.0756 0x1174 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
10:39:15.0787 0x1174 RDPENCDD - ok
10:39:15.0802 0x1174 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
10:39:15.0834 0x1174 RDPREFMP - ok
10:39:15.0880 0x1174 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
10:39:15.0912 0x1174 RdpVideoMiniport - ok
10:39:15.0958 0x1174 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
10:39:15.0990 0x1174 RDPWD - ok
10:39:16.0021 0x1174 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
10:39:16.0036 0x1174 rdyboost - ok
10:39:16.0068 0x1174 [ 84C83C7577407C4FF6AB1379EE944610, 497695C775D193357996BE6009247026596907B5568BDD32DA8677042F9BA302 ] regi C:\windows\system32\drivers\regi.sys
10:39:16.0083 0x1174 regi - ok
10:39:16.0114 0x1174 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
10:39:16.0161 0x1174 RemoteAccess - ok
10:39:16.0208 0x1174 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
10:39:16.0255 0x1174 RemoteRegistry - ok
10:39:16.0302 0x1174 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
10:39:16.0317 0x1174 RFCOMM - ok
10:39:16.0348 0x1174 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
10:39:16.0380 0x1174 RpcEptMapper - ok
10:39:16.0411 0x1174 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
10:39:16.0426 0x1174 RpcLocator - ok
10:39:16.0489 0x1174 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\windows\system32\rpcss.dll
10:39:16.0520 0x1174 RpcSs - ok
10:39:16.0582 0x1174 [ C9FE05A63C500ABE3AFA5786504C4D36, F076B57B9EF6A179A37D5E00E1891236025D451CF067D2F1A1CBA2113218FEB6 ] RsFx0105 C:\windows\system32\DRIVERS\RsFx0105.sys
10:39:16.0614 0x1174 RsFx0105 - ok
10:39:16.0629 0x1174 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
10:39:16.0676 0x1174 rspndr - ok
10:39:16.0723 0x1174 [ E50CFB92986DCAB49DE93788FD695813, EAE103008B967B0F064EDDA551AA553EE7C22D39D14FA0BBFEF41C4D1B6C99E5 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
10:39:16.0754 0x1174 RTL8167 - ok
10:39:16.0801 0x1174 [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport C:\windows\SysWOW64\drivers\rtport.sys
10:39:16.0832 0x1174 rtport - ok
10:39:16.0863 0x1174 [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI C:\windows\system32\Drivers\SABI.sys
10:39:16.0879 0x1174 SABI - ok
10:39:16.0894 0x1174 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] SamSs C:\windows\system32\lsass.exe
10:39:16.0926 0x1174 SamSs - ok
10:39:16.0941 0x1174 [ D641337B75B9A9D5AE10687AA1097755, 1495654D9090FDE04EF8605D1C8A4B0ACA1A50A4E0A992DE2F049CB8413E860C ] Samsung UPD Service C:\windows\System32\SUPDSvc.exe
10:39:16.0941 0x03ec Object send P2P result: true
10:39:16.0957 0x1174 Samsung UPD Service - ok
10:39:16.0988 0x1174 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
10:39:17.0004 0x1174 sbp2port - ok
10:39:17.0050 0x1174 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
10:39:17.0082 0x1174 SCardSvr - ok
10:39:17.0097 0x1174 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
10:39:17.0144 0x1174 scfilter - ok
10:39:17.0222 0x1174 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\windows\system32\schedsvc.dll
10:39:17.0284 0x1174 Schedule - ok
10:39:17.0331 0x1174 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
10:39:17.0362 0x1174 SCPolicySvc - ok
10:39:17.0394 0x1174 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
10:39:17.0425 0x1174 sdbus - ok
10:39:17.0440 0x1174 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
10:39:17.0456 0x1174 SDRSVC - ok
10:39:17.0487 0x1174 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
10:39:17.0487 0x1174 secdrv - ok
10:39:17.0534 0x1174 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\windows\system32\seclogon.dll
10:39:17.0534 0x1174 seclogon - ok
10:39:17.0565 0x1174 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\system32\sens.dll
10:39:17.0596 0x1174 SENS - ok
10:39:17.0612 0x1174 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
10:39:17.0628 0x1174 SensrSvc - ok
10:39:17.0659 0x1174 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
10:39:17.0674 0x1174 Serenum - ok
10:39:17.0690 0x1174 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
10:39:17.0706 0x1174 Serial - ok
10:39:17.0737 0x1174 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
10:39:17.0752 0x1174 sermouse - ok
10:39:17.0784 0x1174 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
10:39:17.0815 0x1174 SessionEnv - ok
10:39:17.0846 0x1174 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
10:39:17.0862 0x1174 sffdisk - ok
10:39:17.0877 0x1174 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
10:39:17.0893 0x1174 sffp_mmc - ok
10:39:17.0955 0x1174 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
10:39:17.0986 0x1174 sffp_sd - ok
10:39:18.0002 0x1174 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
10:39:18.0018 0x1174 sfloppy - ok
10:39:18.0064 0x1174 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
10:39:18.0111 0x1174 SharedAccess - ok
10:39:18.0142 0x1174 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
10:39:18.0189 0x1174 ShellHWDetection - ok
10:39:18.0220 0x1174 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
10:39:18.0236 0x1174 SiSRaid2 - ok
10:39:18.0252 0x1174 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
10:39:18.0267 0x1174 SiSRaid4 - ok
10:39:18.0345 0x1174 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:39:18.0376 0x1174 SkypeUpdate - ok
10:39:18.0408 0x1174 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
10:39:18.0439 0x1174 Smb - ok
10:39:18.0486 0x1174 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
10:39:18.0501 0x1174 SNMPTRAP - ok
10:39:18.0517 0x1174 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\windows\SysWOW64\speedfan.sys
10:39:18.0532 0x1174 speedfan - ok
10:39:18.0579 0x1174 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
10:39:18.0595 0x1174 spldr - ok
10:39:18.0626 0x1174 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
10:39:18.0657 0x1174 Spooler - ok
10:39:18.0813 0x1174 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
10:39:19.0047 0x1174 sppsvc - ok
10:39:19.0078 0x1174 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
10:39:19.0125 0x1174 sppuinotify - ok
10:39:19.0250 0x1174 [ 24472B9863BB99B61A2C4C1DF3F5D121, 09C714F465EB7642D5484041B252998532B7EF556111AC11E0FBFF1259C4465A ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
10:39:19.0297 0x1174 SQLAgent$SQLEXPRESS - ok
10:39:19.0390 0x1174 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:39:19.0406 0x1174 SQLBrowser - ok
10:39:19.0484 0x1174 [ F92E5F93BE572B512DA3C016B675EDE0, 3BBE8B952A329E4BCD6F0C8D6225F809B99217A196301B6FE543B26C3689A37B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:39:19.0515 0x1174 SQLWriter - ok
10:39:19.0578 0x1174 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
10:39:19.0609 0x1174 srv - ok
10:39:19.0624 0x1174 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
10:39:19.0656 0x1174 srv2 - ok
10:39:19.0671 0x1174 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
10:39:19.0687 0x1174 srvnet - ok
10:39:19.0734 0x1174 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
10:39:19.0796 0x1174 SSDPSRV - ok
10:39:19.0812 0x1174 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
10:39:19.0843 0x1174 SstpSvc - ok
10:39:19.0874 0x1174 [ EF806D212D34B0E173BAEB3564D53E37, 6EF229A7B7AFF0268CDF47B77F961BD44335C3B35499BB00CBA494A22B2BA39E ] ss_bbus C:\windows\system32\DRIVERS\ss_bbus.sys
10:39:19.0890 0x1174 ss_bbus - ok
10:39:19.0921 0x1174 [ 08B1B34ABEBEB6AC2DEA06900C56411E, 928EF9B9F194DB07049BA2D7127756B021C2729F562E54F7FECD0F2B2FF5A209 ] ss_bmdfl C:\windows\system32\DRIVERS\ss_bmdfl.sys
10:39:19.0936 0x1174 ss_bmdfl - ok
10:39:19.0968 0x1174 [ 71A9DA6BEAA4CB54DFB827FB78600A5D, 6393CA17CF6A6F30447FF599B2D27CAB44BA1A709D986AC5E14463303094BE5F ] ss_bmdm C:\windows\system32\DRIVERS\ss_bmdm.sys
10:39:19.0983 0x1174 ss_bmdm - ok
10:39:20.0014 0x1174 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
10:39:20.0030 0x1174 stexstor - ok
10:39:20.0046 0x1174 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
10:39:20.0061 0x1174 StillCam - ok
10:39:20.0108 0x1174 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
10:39:20.0155 0x1174 stisvc - ok
10:39:20.0170 0x1174 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys
10:39:20.0170 0x1174 swenum - ok
10:39:20.0217 0x1174 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
10:39:20.0280 0x1174 swprv - ok
10:39:20.0389 0x1174 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\windows\system32\sysmain.dll
10:39:20.0514 0x1174 SysMain - ok
10:39:20.0529 0x1174 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
10:39:20.0545 0x1174 TabletInputService - ok
10:39:20.0592 0x1174 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
10:39:20.0638 0x1174 TapiSrv - ok
10:39:20.0748 0x1174 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
10:39:20.0872 0x1174 Tcpip - ok
10:39:20.0935 0x1174 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
10:39:20.0997 0x1174 TCPIP6 - ok
10:39:21.0044 0x1174 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
10:39:21.0062 0x1174 tcpipreg - ok
10:39:21.0093 0x1174 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
10:39:21.0108 0x1174 TDPIPE - ok
10:39:21.0140 0x1174 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
10:39:21.0155 0x1174 TDTCP - ok
10:39:21.0202 0x1174 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\windows\system32\DRIVERS\tdx.sys
10:39:21.0218 0x1174 tdx - ok
10:39:21.0233 0x1174 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys
10:39:21.0249 0x1174 TermDD - ok
10:39:21.0327 0x1174 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
10:39:21.0358 0x1174 TermService - ok
10:39:21.0374 0x1174 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
10:39:21.0405 0x1174 Themes - ok
10:39:21.0436 0x1174 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
10:39:21.0467 0x1174 THREADORDER - ok
10:39:21.0514 0x1174 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
10:39:21.0561 0x1174 TrkWks - ok
10:39:21.0623 0x1174 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
10:39:21.0670 0x1174 TrustedInstaller - ok
10:39:21.0701 0x1174 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
10:39:21.0717 0x1174 tssecsrv - ok
10:39:21.0748 0x1174 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
10:39:21.0764 0x1174 TsUsbFlt - ok
10:39:21.0810 0x1174 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
10:39:21.0842 0x1174 TsUsbGD - ok
10:39:21.0873 0x1174 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
10:39:21.0920 0x1174 tunnel - ok
10:39:21.0935 0x1174 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
10:39:21.0951 0x1174 uagp35 - ok
10:39:21.0982 0x1174 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
10:39:22.0029 0x1174 udfs - ok
10:39:22.0060 0x1174 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
10:39:22.0076 0x1174 UI0Detect - ok
10:39:22.0107 0x1174 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
10:39:22.0122 0x1174 uliagpkx - ok
10:39:22.0138 0x1174 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
10:39:22.0154 0x1174 umbus - ok
10:39:22.0185 0x1174 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
10:39:22.0200 0x1174 UmPass - ok
10:39:22.0232 0x1174 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
10:39:22.0278 0x1174 upnphost - ok
10:39:22.0310 0x1174 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
10:39:22.0325 0x1174 USBAAPL64 - ok
10:39:22.0388 0x1174 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
10:39:22.0403 0x1174 usbaudio - ok
10:39:22.0450 0x1174 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
10:39:22.0466 0x1174 usbccgp - ok
10:39:22.0497 0x1174 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
10:39:22.0512 0x1174 usbcir - ok
10:39:22.0559 0x1174 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
10:39:22.0575 0x1174 usbehci - ok
10:39:22.0606 0x1174 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
10:39:22.0637 0x1174 usbhub - ok
10:39:22.0637 0x1174 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
10:39:22.0653 0x1174 usbohci - ok
10:39:22.0684 0x1174 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
10:39:22.0700 0x1174 usbprint - ok
10:39:22.0762 0x1174 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
10:39:22.0778 0x1174 usbscan - ok
10:39:22.0824 0x1174 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
10:39:22.0840 0x1174 USBSTOR - ok
10:39:22.0887 0x1174 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
10:39:22.0918 0x1174 usbuhci - ok
10:39:22.0934 0x1174 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
10:39:22.0949 0x1174 usbvideo - ok
10:39:22.0980 0x1174 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
10:39:23.0027 0x1174 UxSms - ok
10:39:23.0058 0x1174 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] VaultSvc C:\windows\system32\lsass.exe
10:39:23.0074 0x1174 VaultSvc - ok
10:39:23.0121 0x1174 [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone C:\windows\system32\DRIVERS\VClone.sys
10:39:23.0136 0x1174 VClone - ok
10:39:23.0168 0x1174 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
10:39:23.0183 0x1174 vdrvroot - ok
10:39:23.0214 0x1174 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
10:39:23.0277 0x1174 vds - ok
10:39:23.0292 0x1174 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
10:39:23.0324 0x1174 vga - ok
10:39:23.0339 0x1174 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
10:39:23.0370 0x1174 VgaSave - ok
10:39:23.0402 0x1174 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
10:39:23.0417 0x1174 vhdmp - ok
10:39:23.0448 0x1174 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
10:39:23.0464 0x1174 viaide - ok
10:39:23.0495 0x1174 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
10:39:23.0511 0x1174 volmgr - ok
10:39:23.0526 0x1174 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
10:39:23.0558 0x1174 volmgrx - ok
10:39:23.0573 0x1174 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
10:39:23.0589 0x1174 volsnap - ok
10:39:23.0620 0x1174 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
10:39:23.0636 0x1174 vsmraid - ok
10:39:23.0714 0x1174 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
10:39:23.0854 0x1174 VSS - ok
10:39:23.0870 0x1174 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
10:39:23.0885 0x1174 vwifibus - ok
10:39:23.0916 0x1174 [ 13A0DECD1794DE60A8427862C8669D27, 4024AF9F2F052BC80C85F5B9A671499C20AF38838206CC649E6EFE37C380D3BF ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
10:39:23.0932 0x1174 vwififlt - ok
10:39:23.0963 0x1174 [ 49003B357D101CDC474937437ECF5ABC, D3EC570D616DC39FE6BF02DA1CD6C30CD07C27CC5B4B6FD6DACB5D8A4F1596A6 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
10:39:23.0979 0x1174 vwifimp - ok
10:39:24.0010 0x1174 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
10:39:24.0057 0x1174 W32Time - ok
10:39:24.0088 0x1174 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
10:39:24.0104 0x1174 WacomPen - ok
10:39:24.0135 0x1174 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
10:39:24.0166 0x1174 WANARP - ok
10:39:24.0182 0x1174 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
10:39:24.0213 0x1174 Wanarpv6 - ok
10:39:24.0338 0x1174 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
10:39:24.0400 0x1174 WatAdminSvc - ok
10:39:24.0494 0x1174 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
10:39:24.0572 0x1174 wbengine - ok
10:39:24.0587 0x1174 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
10:39:24.0618 0x1174 WbioSrvc - ok
10:39:24.0634 0x1174 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
10:39:24.0665 0x1174 wcncsvc - ok
10:39:24.0681 0x1174 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
10:39:24.0696 0x1174 WcsPlugInService - ok
10:39:24.0743 0x1174 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
10:39:24.0774 0x1174 Wd - ok
10:39:24.0868 0x1174 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
10:39:24.0915 0x1174 Wdf01000 - ok
10:39:24.0946 0x1174 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
10:39:24.0962 0x1174 WdiServiceHost - ok
10:39:24.0962 0x1174 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
10:39:24.0977 0x1174 WdiSystemHost - ok
10:39:25.0008 0x1174 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\windows\System32\webclnt.dll
10:39:25.0040 0x1174 WebClient - ok
10:39:25.0055 0x1174 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
10:39:25.0102 0x1174 Wecsvc - ok
10:39:25.0133 0x1174 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
10:39:25.0164 0x1174 wercplsupport - ok
10:39:25.0180 0x1174 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
10:39:25.0227 0x1174 WerSvc - ok
10:39:25.0242 0x1174 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
10:39:25.0274 0x1174 WfpLwf - ok
10:39:25.0305 0x1174 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
10:39:25.0320 0x1174 WIMMount - ok
10:39:25.0336 0x1174 WinDefend - ok
10:39:25.0352 0x1174 WinHttpAutoProxySvc - ok
10:39:25.0445 0x1174 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
10:39:25.0508 0x1174 Winmgmt - ok
10:39:25.0648 0x1174 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
10:39:25.0757 0x1174 WinRM - ok
10:39:25.0820 0x1174 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
10:39:25.0835 0x1174 WinUsb - ok
10:39:25.0898 0x1174 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
10:39:25.0944 0x1174 Wlansvc - ok
10:39:26.0132 0x1174 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:39:26.0256 0x1174 wlidsvc - ok
10:39:26.0272 0x1174 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
10:39:26.0288 0x1174 WmiAcpi - ok
10:39:26.0334 0x1174 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
10:39:26.0350 0x1174 wmiApSrv - ok
10:39:26.0381 0x1174 WMPNetworkSvc - ok
10:39:26.0412 0x1174 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
10:39:26.0428 0x1174 WPCSvc - ok
10:39:26.0444 0x1174 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
10:39:26.0459 0x1174 WPDBusEnum - ok
10:39:26.0490 0x1174 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
10:39:26.0537 0x1174 ws2ifsl - ok
10:39:26.0693 0x1174 [ 69671F82C17650612B68519ADA192F65, 282A0B8E5455DEEAE8AFED270A438F67463324C1B2A11369A7D3B0D47987EE53 ] WsAppService C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
10:39:26.0709 0x1174 WsAppService - detected UnsignedFile.Multi.Generic ( 1 )
10:39:29.0911 0x1174 Detect skipped due to KSN trusted
10:39:29.0911 0x1174 WsAppService - ok
10:39:29.0989 0x1174 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\system32\wscsvc.dll
10:39:30.0051 0x1174 wscsvc - ok
10:39:30.0067 0x1174 WSearch - ok
10:39:30.0223 0x1174 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\windows\system32\wuaueng.dll
10:39:30.0301 0x1174 wuauserv - ok
10:39:30.0332 0x1174 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
10:39:30.0348 0x1174 WudfPf - ok
10:39:30.0379 0x1174 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
10:39:30.0394 0x1174 WUDFRd - ok
10:39:30.0426 0x1174 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
10:39:30.0441 0x1174 wudfsvc - ok
10:39:30.0472 0x1174 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
10:39:30.0488 0x1174 WwanSvc - ok
10:39:30.0535 0x1174 [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
10:39:30.0550 0x1174 xusb21 - ok
10:39:30.0597 0x1174 ================ Scan global ===============================
10:39:30.0706 0x1174 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
10:39:30.0753 0x1174 [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\windows\system32\winsrv.dll
10:39:30.0784 0x1174 [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\windows\system32\winsrv.dll
10:39:30.0816 0x1174 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
10:39:30.0862 0x1174 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
10:39:30.0878 0x1174 [ Global ] - ok
10:39:30.0878 0x1174 ================ Scan MBR ==================================
10:39:30.0894 0x1174 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
10:39:31.0533 0x1174 \Device\Harddisk0\DR0 - ok
10:39:31.0533 0x1174 ================ Scan VBR ==================================
10:39:31.0549 0x1174 [ BB38EEC56DC0B07378DC81F6AB87771B ] \Device\Harddisk0\DR0\Partition1
10:39:31.0549 0x1174 \Device\Harddisk0\DR0\Partition1 - ok
10:39:31.0549 0x1174 [ DB115299BC0FF95F9EF0BF600398E530 ] \Device\Harddisk0\DR0\Partition2
10:39:31.0564 0x1174 \Device\Harddisk0\DR0\Partition2 - ok
10:39:31.0580 0x1174 [ 1CD169FF6D493D7D81D5E5D32E4957EB ] \Device\Harddisk0\DR0\Partition3
10:39:31.0596 0x1174 \Device\Harddisk0\DR0\Partition3 - ok
10:39:31.0596 0x1174 ================ Scan generic autorun ======================
10:39:32.0298 0x1174 [ D0E9E2E198C8BA95297EF8C9D04865F1, 1889A66AEEEE1E9D80FB99E23AFBB23AF37044BAA8AE00070667D3B2E32AB804 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:39:32.0518 0x103c Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
10:39:32.0877 0x1174 RtHDVCpl - ok
10:39:33.0048 0x1174 [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] C:\Program Files\Microsoft Security Client\msseces.exe
10:39:33.0126 0x1174 MSC - ok
10:39:33.0345 0x1174 [ 67E3BD0F8FB0F39C241A2D60CC7D98EF, 09586F6A11AB10BBD38E8C44A88AFA9AD915981B908EEDA20B9AD2C34BFF7543 ] C:\Users\Marvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:39:33.0423 0x1174 Spotify Web Helper - ok
10:39:33.0485 0x1174 [ 5D47E37C1E1F03C1E7E8DCEDD4A4BCDF, 72F9675AEA8ED5ACF19161E8FDD481460BE158A65EF2B998AE4E93A7804B2172 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
10:39:33.0501 0x1174 iCloudServices - ok
10:39:33.0594 0x1174 [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE
10:39:33.0626 0x1174 EPLTarget\P0000000000000001 - ok
10:39:33.0626 0x1174 Waiting for KSN requests completion. In queue: 206
10:39:34.0640 0x1174 Waiting for KSN requests completion. In queue: 206
10:39:35.0654 0x1174 Waiting for KSN requests completion. In queue: 206
10:39:35.0716 0x103c Object send P2P result: true
10:39:36.0668 0x1174 Waiting for KSN requests completion. In queue: 12
10:39:36.0933 0x1330 Object required for P2P: [ 67E3BD0F8FB0F39C241A2D60CC7D98EF ] C:\Users\Marvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:39:37.0682 0x1174 Waiting for KSN requests completion. In queue: 3
10:39:38.0696 0x1174 Waiting for KSN requests completion. In queue: 3
10:39:39.0710 0x1174 Waiting for KSN requests completion. In queue: 3
10:39:40.0193 0x1330 Object send P2P result: true
10:39:41.0082 0x1174 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x60000 ( disabled : updated )
10:39:41.0114 0x1174 Win FW state via NFP2: disabled ( trusted )
10:39:44.0530 0x1174 ============================================================
10:39:44.0530 0x1174 Scan finished
10:39:44.0530 0x1174 ============================================================
10:39:44.0546 0x0f30 Detected object count: 0
10:39:44.0546 0x0f30 Actual detected object count: 0
|
|
16.04.2016, 09:56
| #5 |
| /// Selecta Jahrusso | STarke Verlangsamung seit den letzten Wochen Keine Rootkits, schon mal gut Scan mit Combofix
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
16.04.2016, 10:22
| #6 |
| | STarke Verlangsamung seit den letzten WochenCode:
ATTFilter ComboFix 16-04-13.01 - Marvin 16.04.2016 11:05:34.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.5612.3941 [GMT 2:00]
ausgeführt von:: c:\users\Marvin\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marvin\AppData\Roaming\WinUpdates
c:\users\Marvin\AppData\Roaming\WinUpdates\winupdates.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2016-03-16 bis 2016-04-16 ))))))))))))))))))))))))))))))
.
.
2016-04-16 09:18 . 2016-04-16 09:18 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-04-16 09:18 . 2016-04-16 09:18 -------- d-----w- c:\users\Gast\AppData\Local\temp
2016-04-16 09:18 . 2016-04-16 09:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-04-16 00:20 . 2016-04-16 00:20 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B378B5D-7A17-448D-B831-69AE2FCDE398}\offreg.992.dll
2016-04-16 00:17 . 2016-03-17 01:45 11686560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B378B5D-7A17-448D-B831-69AE2FCDE398}\mpengine.dll
2016-04-15 14:05 . 2016-04-15 14:08 -------- d-----w- C:\FRST
2016-04-15 05:16 . 2016-03-17 01:45 11686560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-04-13 14:55 . 2016-04-14 22:07 -------- d-----w- c:\users\Marvin\AppData\Roaming\Diercke Weltatlas digital
2016-04-13 14:24 . 2016-04-13 14:25 -------- d-----w- c:\program files (x86)\Diercke Weltatlas digital
2016-04-13 14:12 . 2016-04-13 14:25 -------- d-----w- c:\program files (x86)\ImagonShared
2016-04-13 14:12 . 2016-04-13 14:25 -------- d-----w- c:\program files (x86)\Diercke Globus Online
2016-04-07 20:26 . 2016-04-07 20:26 5934784 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2016-03-26 09:09 . 2016-03-26 09:09 -------- d-----w- c:\users\Marvin\AppData\Local\SSScan
2016-03-23 11:13 . 2016-03-23 11:34 -------- d-----w- C:\Kontakte
2016-03-23 10:51 . 2016-03-23 10:51 -------- d-----w- c:\program files (x86)\MSECache
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-04-14 01:06 . 2011-12-25 09:53 135176864 ----a-w- c:\windows\system32\MRT.exe
2016-04-13 23:45 . 2010-11-21 03:27 453280 ------w- c:\windows\system32\MpSigStub.exe
2016-04-07 20:26 . 2012-03-29 14:21 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-04-07 20:26 . 2011-12-24 23:01 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-17 22:24 . 2016-04-13 09:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-26 16:27 . 2015-05-15 08:04 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-02-12 18:52 . 2016-03-09 07:50 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-12 18:52 . 2016-03-09 07:50 3169792 ----a-w- c:\windows\system32\wucltux.dll
2016-02-12 18:52 . 2016-03-09 07:50 192512 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-12 18:44 . 2016-03-09 07:50 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-12 18:39 . 2016-03-09 07:50 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2016-02-12 18:22 . 2016-03-09 07:50 2610688 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-12 18:19 . 2016-03-09 07:50 709120 ----a-w- c:\windows\system32\wuapi.dll
2016-02-12 18:18 . 2016-03-09 07:50 37888 ----a-w- c:\windows\system32\wuapp.exe
2016-02-12 18:18 . 2016-03-09 07:50 140288 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-12 18:18 . 2016-03-09 07:50 36864 ----a-w- c:\windows\system32\wups.dll
2016-02-12 18:18 . 2016-03-09 07:50 37888 ----a-w- c:\windows\system32\wups2.dll
2016-02-12 18:18 . 2016-03-09 07:50 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-12 18:06 . 2016-03-09 07:50 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2016-02-12 18:05 . 2016-03-09 07:50 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2016-02-12 18:05 . 2016-03-09 07:50 30208 ----a-w- c:\windows\SysWow64\wups.dll
2016-02-12 18:05 . 2016-03-09 07:50 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2016-02-09 09:57 . 2016-03-09 07:49 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2016-02-09 09:57 . 2016-03-09 07:49 14634496 ----a-w- c:\windows\system32\wmp.dll
2016-02-09 09:56 . 2016-03-09 07:49 5120 ----a-w- c:\windows\system32\msdxm.ocx
2016-02-09 09:56 . 2016-03-09 07:49 5120 ----a-w- c:\windows\system32\dxmasf.dll
2016-02-09 09:55 . 2016-03-09 07:49 30720 ----a-w- c:\windows\system32\seclogon.dll
2016-02-09 09:54 . 2016-03-09 07:49 9728 ----a-w- c:\windows\system32\spwmp.dll
2016-02-09 09:51 . 2016-03-09 07:49 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2016-02-09 09:13 . 2016-03-09 07:49 4096 ----a-w- c:\windows\SysWow64\msdxm.ocx
2016-02-09 09:13 . 2016-03-09 07:49 4096 ----a-w- c:\windows\SysWow64\dxmasf.dll
2016-02-09 09:13 . 2016-03-09 07:49 8192 ----a-w- c:\windows\SysWow64\spwmp.dll
2016-02-05 18:54 . 2016-03-09 07:49 41472 ----a-w- c:\windows\system32\lpk.dll
2016-02-05 18:54 . 2016-03-09 07:49 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-02-05 18:53 . 2016-03-09 07:49 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-02-05 18:53 . 2016-03-09 07:49 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-02-05 18:50 . 2016-03-09 07:49 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-02-05 18:44 . 2016-03-09 07:49 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-02-05 18:42 . 2016-03-09 07:49 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-02-05 17:48 . 2016-03-09 07:49 372736 ----a-w- c:\windows\system32\atmfd.dll
2016-02-05 17:43 . 2016-03-09 07:49 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-02-05 17:43 . 2016-03-09 07:49 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-02-05 01:19 . 2016-03-09 07:49 381440 ----a-w- c:\windows\system32\mfds.dll
2016-02-04 22:13 . 2016-02-04 22:13 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2016-02-04 22:13 . 2016-02-04 22:13 536776 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2016-02-04 18:41 . 2016-03-09 07:49 296448 ----a-w- c:\windows\SysWow64\mfds.dll
2016-02-03 18:58 . 2016-03-09 07:50 862208 ----a-w- c:\windows\system32\oleaut32.dll
2016-02-03 18:52 . 2016-03-09 07:50 84992 ----a-w- c:\windows\system32\asycfilt.dll
2016-02-03 18:49 . 2016-03-09 07:50 572416 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-02-03 18:43 . 2016-03-09 07:50 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2016-02-03 18:07 . 2016-03-09 07:50 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2016-01-22 06:19 . 2016-02-26 17:13 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-01-22 06:18 . 2016-02-26 17:21 961024 ----a-w- c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-26 17:21 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-01-22 06:15 . 2016-02-26 17:13 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:12 . 2016-02-26 17:13 1940992 ----a-w- c:\windows\system32\authui.dll
2016-01-22 06:04 . 2016-02-26 17:21 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2016-01-22 06:04 . 2016-02-26 17:21 535040 ----a-w- c:\windows\SysWow64\EncDec.dll
2016-01-22 06:00 . 2016-02-26 17:13 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-01-22 05:59 . 2016-02-26 17:13 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-01-22 05:19 . 2016-02-26 17:13 3231232 ----a-w- c:\windows\explorer.exe
2016-01-22 05:12 . 2016-02-26 17:13 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Marvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2016-03-30 1524336]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2015-11-30 60688]
"EPLTarget\P0000000000000001"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE" [2012-02-29 283232]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R0 giix;giix;c:\windows\System32\drivers\yixph.sys;c:\windows\SYSNATIVE\drivers\yixph.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys;c:\windows\SYSNATIVE\DRIVERS\GenericMount.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0105.sys [x]
R4 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 WsAppService;Wondershare Application Framework Service;c:\program files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe;c:\program files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 29509912
*Deregistered* - 29509912
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-04-11 20:09 1106072 ----a-w- c:\program files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2016-04-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 20:26]
.
2016-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-26 19:03]
.
2016-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-26 19:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2015-06-18 14021336]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\pj1kto0f.default-1435725644758\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3023224 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3035490 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074230 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074550 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3097996 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3098781 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3122656 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3127229 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3135996 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2545573064-1671415295-1629012448-1000\Software\SecuROM\License information*]
"datasecu"=hex:60,30,e4,76,16,4e,4b,ea,67,87,29,07,ce,b8,79,d9,70,f9,ad,ad,bf,
f6,2c,72,d0,1b,fe,04,77,9b,ae,4b,ae,9b,6b,01,6d,ca,ce,d5,e9,48,74,70,f6,a8,\
"rkeysecu"=hex:99,ca,3f,b3,0e,4c,53,ee,3e,57,9f,fe,6d,ef,ab,a1
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_213_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_213_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_213_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_213_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_213.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.21"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_213.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_213.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_213.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2016-04-16 11:21:50
ComboFix-quarantined-files.txt 2016-04-16 09:21
.
Vor Suchlauf: 21 Verzeichnis(se), 40.729.239.552 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 40.703.418.368 Bytes frei
.
- - End Of File - - 3DA83B4AE1AD1148583E9C39A96D1E6D
2E5DEBB2116B3417023E0D6562D7ED07
|
|
16.04.2016, 11:54
| #7 |
| /// Selecta Jahrusso | STarke Verlangsamung seit den letzten Wochen Hy Aktualisiere bitte Malwarebytes und lass dein System scannen. Entferne alle Funde. Starte bitte FRST erneut und klicke auf Untersuchen. Poste die FRST Logfile hier Wie verhält sich der Rechner ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
16.04.2016, 20:01
| #8 |
| | STarke Verlangsamung seit den letzten Wochen Guten Abemnd, Die Seiten laden immer noch ewig, vor ein paar Wochen sah das ganz anders aus. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 16.04.2016 Suchlaufzeit: 13:46 Protokolldatei: mbamscan.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.04.16.02 Rootkit-Datenbank: v2016.04.09.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Marvin Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 526039 Abgelaufene Zeit: 56 Min., 30 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Marvin (Administrator) auf MARVIN-PC (16-04-2016 20:54:55)
Gestartet von C:\Users\Marvin\Desktop
Geladene Profile: Marvin (Verfügbare Profile: Marvin & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Spotify Ltd) C:\Users\Marvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...\Run: [Spotify Web Helper] => C:\Users\Marvin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-04-16] (Spotify Ltd)
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2A94E516-2DE9-4155-BD74-533A45A480A3}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{917C8FB1-DBBD-4071-BBA1-49971A587E96}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2545573064-1671415295-1629012448-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000 -> {15C7BFC0-F1C1-47CC-8919-40ADF62BC32A} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000 -> {20895885-F6C2-4F7C-8CC8-D479174AF432} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000 -> {7362F9F6-8A85-40E9-9B9A-D19771FEE9C8} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2545573064-1671415295-1629012448-1000 -> {75139871-6B72-40A6-BCD2-F2E1BBEFBC2D} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-14] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-14] (Oracle Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\pj1kto0f.default-1435725644758
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-08-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-08-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2012-07-06] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-26] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2545573064-1671415295-1629012448-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Marvin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2545573064-1671415295-1629012448-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Marvin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2545573064-1671415295-1629012448-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marvin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-08-20] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-06-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-06-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-06-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-06-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-06-11] (Apple Inc.)
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-04-30] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-02]
CHR Extension: (Google Docs) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-02]
CHR Extension: (Google Drive) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Adblock Plus) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-12]
CHR Extension: (Google-Suche) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Tabellen) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-02]
CHR Extension: (Google Docs Offline) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Skype) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-26]
CHR Extension: (Ghostery) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-27]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (ScriptSafe) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2015-07-05]
CHR Extension: (Google Mail) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-02]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
StartMenuInternet: Google Chrome.IAXQ5T3223REKSPIGQKFT7RRYQ - C:\Users\Marvin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S4 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-05-29] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-07] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [43664 2015-05-17] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [Datei ist nicht signiert]
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-10-21] (Windows (R) 2003 DDK 3790 provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S0 giix; System32\drivers\yixph.sys [X]
U2 V2iMount; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-16 20:54 - 2016-04-16 20:54 - 00001212 _____ C:\Users\Marvin\Desktop\mbamscan.txt
2016-04-16 13:44 - 2016-04-16 13:44 - 22851472 _____ (Malwarebytes ) C:\Users\Marvin\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-16 11:21 - 2016-04-16 11:21 - 00026977 _____ C:\ComboFix.txt
2016-04-16 11:02 - 2016-04-16 11:21 - 00000000 ____D C:\Qoobox
2016-04-16 11:02 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2016-04-16 11:02 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2016-04-16 11:02 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2016-04-16 11:02 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2016-04-16 11:02 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2016-04-16 11:02 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2016-04-16 11:02 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2016-04-16 11:02 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2016-04-16 10:59 - 2016-04-16 11:00 - 05660069 ____R (Swearware) C:\Users\Marvin\Desktop\ComboFix.exe
2016-04-16 10:37 - 2016-04-16 10:42 - 00214714 _____ C:\TDSSKiller.3.1.0.9_16.04.2016_10.37.47_log.txt
2016-04-16 10:36 - 2016-04-16 10:37 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Marvin\Desktop\tdsskiller.exe
2016-04-15 16:07 - 2016-04-15 16:08 - 00070380 _____ C:\Users\Marvin\Desktop\Addition.txt
2016-04-15 16:05 - 2016-04-16 20:54 - 00021897 _____ C:\Users\Marvin\Desktop\FRST.txt
2016-04-15 16:05 - 2016-04-16 20:54 - 00000000 ____D C:\FRST
2016-04-15 16:05 - 2016-04-15 16:05 - 02375168 _____ (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2016-04-13 17:22 - 2016-04-14 14:36 - 00672256 _____ C:\Users\Marvin\Desktop\Naturraumanalyse -Russland2.ppt
2016-04-13 16:55 - 2016-04-15 00:07 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Diercke Weltatlas digital
2016-04-13 16:55 - 2016-04-13 16:55 - 00000000 ____D C:\Users\Marvin\Documents\Diercke Weltatlas digital
2016-04-13 16:25 - 2016-04-13 16:25 - 00002107 _____ C:\Users\Public\Desktop\Diercke Weltatlas digital.lnk
2016-04-13 16:25 - 2016-04-13 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diercke Weltatlas digital
2016-04-13 16:24 - 2016-04-13 16:25 - 00000000 ____D C:\Program Files (x86)\Diercke Weltatlas digital
2016-04-13 16:24 - 2016-04-13 16:24 - 00000000 ____D C:\Users\Public\Documents\Diercke Weltatlas digital
2016-04-13 16:13 - 2016-04-13 21:02 - 00000000 _____ C:\Users\Marvin\Documents\dgo_debug.txt
2016-04-13 16:13 - 2016-04-13 16:25 - 00000000 ____D C:\Users\Marvin\Documents\Diercke Globus Online
2016-04-13 16:12 - 2016-04-13 16:25 - 00002017 _____ C:\Users\Public\Desktop\Diercke Globus Online.lnk
2016-04-13 16:12 - 2016-04-13 16:25 - 00001141 _____ C:\Users\Public\Desktop\Diercke Globus Online - Whiteboard.lnk
2016-04-13 16:12 - 2016-04-13 16:25 - 00000000 ____D C:\Program Files (x86)\ImagonShared
2016-04-13 16:12 - 2016-04-13 16:25 - 00000000 ____D C:\Program Files (x86)\Diercke Globus Online
2016-04-13 16:12 - 2016-04-13 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diercke Globus Online
2016-04-13 11:06 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-04-13 11:06 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-04-13 11:06 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-04-13 11:06 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-13 11:06 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-04-13 11:06 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-13 11:06 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-04-13 11:06 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-04-13 11:06 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-04-13 11:06 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-04-13 11:06 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-04-13 11:06 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-04-13 11:06 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-04-13 11:06 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-04-13 11:06 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-04-13 11:06 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-04-13 11:06 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-04-13 11:06 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-04-13 11:06 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-13 11:06 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-04-13 11:06 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-04-13 11:06 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-04-13 11:06 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-04-13 11:06 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-04-13 11:06 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-13 11:06 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-04-13 11:06 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-04-13 11:06 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-04-13 11:06 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-04-13 11:06 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-04-13 11:06 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-04-13 11:06 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-04-13 11:06 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-13 11:06 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-04-13 11:06 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-04-13 11:06 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-04-13 11:06 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-04-13 11:06 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-04-13 11:06 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-04-13 11:06 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-04-13 11:06 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-04-13 11:06 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-13 11:06 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-04-13 11:06 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-04-13 11:06 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-04-13 11:06 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-04-13 11:06 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-04-13 11:06 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 11:06 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 11:06 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-04-13 11:06 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-04-13 11:06 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-04-13 11:06 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-04-13 11:06 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-04-13 11:06 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-04-13 11:06 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-04-13 11:06 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-13 11:06 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-13 11:06 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-13 11:06 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-04-13 11:06 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-04-13 11:06 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-04-13 11:06 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-04-13 11:06 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-04-13 11:06 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-04-13 11:06 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-04-13 11:06 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 11:06 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 11:06 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 11:06 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 11:06 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-04-13 11:06 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-04-13 11:06 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-04-13 11:06 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-04-13 11:06 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-13 11:06 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-13 11:06 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-13 11:06 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-04-13 11:06 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-04-13 11:06 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-04-13 11:06 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-04-13 11:06 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-04-13 11:06 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-13 11:06 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-13 11:06 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-13 11:06 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-13 11:06 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2016-04-13 11:06 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-04-13 11:06 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2016-04-13 11:06 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-04-13 11:06 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-04-13 11:06 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-04-11 21:46 - 2016-04-11 21:46 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2016-04-07 22:26 - 2016-04-07 22:26 - 05934784 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2016-03-26 11:09 - 2016-03-26 11:09 - 00000000 ____D C:\Users\Marvin\AppData\Local\SSScan
2016-03-23 13:13 - 2016-03-23 13:34 - 00000000 ____D C:\Kontakte
2016-03-23 12:51 - 2016-03-23 12:51 - 00000000 ____D C:\Program Files (x86)\MSECache
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-16 20:26 - 2012-03-29 16:21 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-16 20:08 - 2016-02-26 21:03 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-16 20:08 - 2016-02-26 21:03 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-16 13:46 - 2015-05-15 10:04 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 13:45 - 2015-08-25 10:43 - 00001066 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-16 13:45 - 2015-05-15 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-04-16 13:45 - 2015-05-15 10:04 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-04-16 13:45 - 2011-07-21 21:18 - 00765838 _____ C:\windows\system32\perfh007.dat
2016-04-16 13:45 - 2011-07-21 21:18 - 00175036 _____ C:\windows\system32\perfc007.dat
2016-04-16 13:45 - 2009-07-14 07:13 - 01807338 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-16 13:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-04-16 12:42 - 2015-05-18 20:36 - 00000000 ____D C:\Users\Marvin\AppData\Local\Spotify
2016-04-16 12:38 - 2014-05-04 14:06 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Spotify
2016-04-16 12:30 - 2015-07-03 23:16 - 00000000 ____D C:\Users\Marvin\AppData\Local\CrashDumps
2016-04-16 12:30 - 2011-12-29 19:31 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\vlc
2016-04-16 12:29 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-16 11:22 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2016-04-16 11:18 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2016-04-16 11:02 - 2015-06-29 21:01 - 00000000 ____D C:\windows\erdnt
2016-04-16 10:00 - 2009-07-14 06:45 - 00028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-16 10:00 - 2009-07-14 06:45 - 00028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-15 07:04 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-04-14 14:18 - 2011-12-31 01:17 - 00000000 ____D C:\Users\Marvin\Desktop\Sonstiges
2016-04-14 13:08 - 2012-01-15 13:41 - 00000000 ____D C:\windows\System32\Tasks\Games
2016-04-14 04:43 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-04-14 03:42 - 2015-05-15 20:03 - 05043400 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-14 03:39 - 2014-12-13 19:23 - 00000000 ____D C:\windows\system32\appraiser
2016-04-14 03:19 - 2013-07-25 14:56 - 00000000 ____D C:\windows\system32\MRT
2016-04-14 03:06 - 2011-12-25 11:53 - 135176864 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-04-14 01:45 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-04-13 17:08 - 2015-07-25 23:38 - 00000000 ____D C:\Users\Marvin\Documents\Outlook-Dateien
2016-04-13 17:07 - 2016-02-26 20:37 - 00000000 ____D C:\Users\Marvin\AppData\Local\9345BA89-20BA-4AE0-89F3-CC622066C156.aplzod
2016-04-13 16:50 - 2011-12-24 20:18 - 00000000 ____D C:\Users\Marvin\AppData\Local\Apple Computer
2016-04-13 16:34 - 2015-12-24 20:16 - 00000000 ____D C:\Program Files\iTunes
2016-04-11 22:10 - 2016-02-26 21:05 - 00002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-11 22:10 - 2016-02-26 21:05 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-07 22:26 - 2012-03-29 16:21 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 22:26 - 2012-03-29 16:21 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 22:26 - 2011-12-25 01:01 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-27 04:00 - 2015-04-05 00:46 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-03-27 04:00 - 2015-04-05 00:46 - 00000000 ___SD C:\windows\system32\GWX
2016-03-26 11:06 - 2014-03-07 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-03-26 11:06 - 2014-03-07 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-03-26 10:57 - 2013-09-18 13:42 - 00000000 ____D C:\Users\Marvin\AppData\Roaming\Epson
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-01-23 15:58 - 2012-01-29 18:26 - 0000600 _____ () C:\Users\Marvin\AppData\Roaming\winscp.rnd
2015-07-26 12:57 - 2015-07-26 12:57 - 0000854 _____ () C:\Users\Marvin\AppData\Local\recently-used.xbel
2015-08-26 10:54 - 2015-08-26 10:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2011-12-26 01:52 - 2011-12-26 01:52 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-09-17 18:04 - 2012-12-05 19:42 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2012-09-17 18:04 - 2012-12-05 19:44 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2012-09-17 18:03 - 2012-09-17 18:12 - 0000000 ____H () C:\ProgramData\PKP_DLeu.DAT
2012-09-17 18:04 - 2012-12-05 19:44 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
2011-07-21 06:19 - 2011-07-21 06:20 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-07-21 06:11 - 2011-07-21 06:12 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-07-21 06:16 - 2011-07-21 06:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-07-21 06:12 - 2011-07-21 06:16 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-07-21 06:17 - 2011-07-21 06:19 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-08 00:47
==================== Ende von FRST.txt ============================
|
|
17.04.2016, 12:50
| #9 |
| /// Selecta Jahrusso | STarke Verlangsamung seit den letzten Wochen Malware ist auf jeden Fall nicht mehr der Grund. Führe bitte einmal einen Cleanboot nach dieser Anleitung aus Clean Boot - Probleme beim Systemstart diagnostizieren Tritt das Problem hier immer noch auf.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
17.04.2016, 14:09
| #10 |
| | STarke Verlangsamung seit den letzten Wochen Ja ich habe alles deaktiviert und die Probleme sind nicht behoben. Sehr stark verzögerter Start, PC läuft sehr langsam, was vor allem auffällt bei der Texteingabe, die Buchstaben erscheinen viel später als sie eingetippt wurden. Hätte jemand vielleicht Tipps wie man seinen Computer wirklich sinnvoll aufräumen könnte? Oder würde es sich lohnen Windows komplett neu aufzusetzen? Dann frage ich mich nur wie man seine Daten am besten speichert, da ich sehr wichtige Daten hier drauf habe. MfG und schönen Sonntag |
|
18.04.2016, 14:28
| #11 | |
| /// Selecta Jahrusso | STarke Verlangsamung seit den letzten WochenZitat:
Ich sehe in den Logfiles keinen Grund, was dein System ausbremsen könnte und wenn das beim CleanBoot auch so ist, dann hats da was anderes. Frag einmal in der Hardware Ecke nach, bevor du Windows formatierst. Isses nämlich wirklich ein Hardware Problem, bringt das Formatieren auch nichts. Folgendes bitte noch durchführen. Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Die Reihenfolge ist hier entscheidend.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
| Themen zu STarke Verlangsamung seit den letzten Wochen |
| administrator, adobe, adobe flash player, bluestacks, bonjour, combofix, defender, desktop, dnsapi.dll, explorer, flash player, google, home, mozilla, notebook, prozesse, realtek, registry, scan, security, server, svchost.exe, symantec, system, temp, windows, winlogon.exe |
WARNUNG an die MITLESER: 
Linear-Darstellung
