| |
| |||||||
Log-Analyse und Auswertung: Email Account(GMX) verschickt NachrichtenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
17.05.2016, 12:01
| #1 |
| |  Email Account(GMX) verschickt Nachrichten Hallo! Ich habe seit einiger Zeit das Problem, dass ich ständig "Mail delivery failed" Nachrichten auf meinen Email-Account bekomme. Zusätzlich wurde ich von ein paar Leuten kontaktiert, dass ich Ihnen Mails mit irgendwelchen Links schicke, wovon ich nichts wusste. Seit kurzem verschickt man anscheinend sogar Mails unter dem Namen von meinen Kontakten (zB eines Uniprofessors) an andere Menschen, wobei ich die antworten bekomme (im Absender steht dann der Name des Professors und (Mailto: meine Emailadresse). Ich weiß, dass dieses Thema im Forum oft vorkommt (deswegen bin ich auf euch gestoßen), aber ich konnte in der Suche nichts finden, das mir hilft. Das ganze wird echt sehr unangenehm, vor allem, weil jetzt auch Emails unter fremden Namen verschickt werden  Unten hänge ich noch die Logfiles von FRST und OTL an. Avira Antivir meldet keine Bedrohung. Das Passwort hab ich mittlerweile 2mal geändert, hat nichts geholfen. Ich hoffe ihr könnt mir da helfen. Vielen dank schon mal. Lieben Gruß, Pako FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-05-2016
durchgeführt von Pako (Administrator) auf PAKO-HP840 (17-05-2016 12:47:30)
Gestartet von C:\Users\Pako\Desktop
Geladene Profile: Pako (Verfügbare Profile: Pako)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dassault Systemes) C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Steppschuh) C:\Users\Pako\AppData\Roaming\Remote Control Server\Remote Control Server.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(HP) C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(HP) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [Remote Control Server] => C:\Users\Pako\AppData\Roaming\Remote Control Server\Remote Control Server.exe [5168128 2015-04-08] (Steppschuh)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2863344 2014-10-31] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2312408 2014-06-26] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168920 2014-10-07] (CyberLink Corp.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2089056 2015-04-14] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [430304 2015-11-17] (HP)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [191200 2015-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1034240 2016-02-18] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\...\MountPoints2: {e236d276-2d3b-11e5-8728-5cb901b2644d} - G:\setup.exe
Lsa: [Notification Packages] DPPassFilter scecli
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{9986CD45-0234-442F-ABDC-AE185A5A32C1}: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{CB9F8693-0D92-4816-9BE6-3CC2480CDCAC}: [DhcpNameServer] 195.34.133.21 212.186.211.21
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-13] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-13] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-02] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default
FF Homepage: hxxp://www.google.at/
FF NetworkProxy: "backup.ftp", "79.143.176.23"
FF NetworkProxy: "backup.ftp_port", 443
FF NetworkProxy: "backup.socks", "79.143.176.23"
FF NetworkProxy: "backup.socks_port", 443
FF NetworkProxy: "backup.ssl", "79.143.176.23"
FF NetworkProxy: "backup.ssl_port", 443
FF NetworkProxy: "ftp", "91.228..53.28"
FF NetworkProxy: "ftp_port", 8089
FF NetworkProxy: "http", "91.228..53.28"
FF NetworkProxy: "http_port", 8089
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.228..53.28"
FF NetworkProxy: "socks_port", 8089
FF NetworkProxy: "ssl", "91.228..53.28"
FF NetworkProxy: "ssl_port", 8089
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-09-28] (DigitalPersona, Inc.)
FF Extension: Avira Browser Safety - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\abs@avira.com [2016-05-13]
FF Extension: YouTube mp3 - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\info@youtube-mp3.org.xpi [2016-04-29]
FF Extension: Adblock Plus - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF Extension: web_clipper - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016-04-29]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-03-10] [ist nicht signiert]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-09-28]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
R2 BBDemon; C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe [46592 2011-01-08] (Dassault Systemes) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-08-15] () [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-06-02] (DisplayLink Corp.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-09-28] (DigitalPersona, Inc.)
R2 FLCDLOCK; C:\windows\SysWOW64\flcdlock.exe [573240 2015-04-24] (Hewlett-Packard Company)
R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [782048 2015-11-17] (HP)
R2 HpDamServiceHost; C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2015-04-23] (Hewlett-Packard Development Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1102560 2015-10-19] (HP)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [149608 2015-06-05] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [76288 2015-09-24] (Synaptics Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-16] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87864 2014-11-05] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-04-01] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2015-01-13] (Motorola Solutions, Inc.)
R2 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2015-04-23] (Hewlett-Packard Company)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-18] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2015-03-24] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-06-07] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [255216 2016-03-14] (Intel Corporation)
R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3437848 2015-03-13] (Intel Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2014-03-22] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2980568 2014-11-27] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [32496 2014-10-31] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-10-31] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [213296 2014-10-15] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2016-02-18] (Cisco Systems, Inc.)
S3 btmlehid; \SystemRoot\system32\drivers\btmlehid.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-17 12:47 - 2016-05-17 12:47 - 02382336 _____ (Farbar) C:\Users\Pako\Desktop\FRST64.exe
2016-05-17 12:47 - 2016-05-17 12:47 - 00024819 _____ C:\Users\Pako\Desktop\FRST.txt
2016-05-17 12:47 - 2016-05-17 12:47 - 00000000 ____D C:\FRST
2016-05-17 12:40 - 2016-05-17 12:40 - 00602112 _____ (OldTimer Tools) C:\Users\Pako\Desktop\OTL.exe
2016-05-17 12:22 - 2016-05-17 12:23 - 00001078 _____ C:\windows\system32dbgraw.bmp
2016-05-16 23:16 - 2016-05-16 23:16 - 00001805 _____ C:\Users\Public\Desktop\Vuze.lnk
2016-05-14 23:56 - 2016-05-14 23:56 - 00001002 _____ C:\Users\Pako\Desktop\Eclipse.lnk
2016-05-13 16:15 - 2016-05-13 16:15 - 00000000 ____D C:\Users\Pako\.tooling
2016-05-13 16:09 - 2016-05-13 16:09 - 00002464 _____ C:\Users\Pako\Desktop\CATIA V5R21.lnk
2016-05-13 16:08 - 2016-05-14 23:56 - 00000000 ____D C:\Users\Pako\AppData\Local\Eclipse
2016-05-13 16:07 - 2016-05-13 16:14 - 00000000 ____D C:\Users\Pako\.eclipse
2016-05-13 16:05 - 2016-02-18 04:38 - 00000000 ____D C:\Program Files (x86)\eclipse
2016-05-13 16:02 - 2016-05-13 16:02 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Sun
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Sun
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\.oracle_jre_usage
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-13 16:01 - 2016-05-13 16:03 - 00000000 ____D C:\ProgramData\Oracle
2016-05-13 16:00 - 2016-05-13 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-13 16:00 - 2016-05-13 16:01 - 00000000 ____D C:\Program Files\Java
2016-05-13 15:59 - 2016-05-13 15:59 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Oracle
2016-05-13 15:40 - 2016-05-13 15:40 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-05-11 15:31 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-05-11 15:31 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-05-11 15:31 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-05-11 15:31 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-05-11 15:31 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-05-11 15:31 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-05-11 15:31 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-05-11 15:31 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-05-11 15:31 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-05-11 15:31 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-05-11 15:31 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-05-11 15:31 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-05-11 15:31 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-05-11 15:31 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-05-11 15:31 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-05-11 15:31 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-05-11 15:31 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-05-11 15:31 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-05-11 15:31 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-05-11 15:31 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-05-11 15:31 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-05-11 15:31 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-05-11 15:31 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-05-11 15:31 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 15:31 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-05-11 15:31 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-05-11 15:31 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-05-11 15:30 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-05-11 15:30 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-05-10 09:41 - 2016-05-10 09:41 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 09:40 - 2016-05-10 09:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-10 09:40 - 2016-05-10 09:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-05-10 09:40 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-05-10 09:40 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-05-10 09:40 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-05-10 09:34 - 2016-05-10 09:36 - 00000000 ____D C:\AdwCleaner
2016-05-09 21:16 - 2016-05-09 21:16 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-05-09 21:16 - 2016-05-09 21:16 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-05-09 17:14 - 2016-05-10 09:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-02 14:17 - 2016-05-03 11:57 - 00000000 ____D C:\Users\Pako\Desktop\Numerische Methoden
2016-05-02 14:07 - 2016-05-03 11:57 - 00000000 ____D C:\Users\Pako\AppData\Roaming\jupyter
2016-05-02 14:07 - 2016-05-02 14:07 - 00000000 ____D C:\Users\Pako\.jupyter
2016-05-02 14:04 - 2016-05-02 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)
2016-05-01 23:34 - 2016-05-17 12:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-18 13:54 - 2016-04-18 13:54 - 00000000 ____D C:\Users\Pako\.cisco
2016-04-18 13:53 - 2016-04-18 13:53 - 00000000 ____D C:\Users\Pako\AppData\Local\Cisco
2016-04-18 13:53 - 2016-04-18 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2016-04-18 13:53 - 2016-04-18 13:53 - 00000000 ____D C:\ProgramData\Cisco
2016-04-18 11:30 - 2016-04-18 11:30 - 00000000 ____D C:\Users\Pako\AppData\Roaming\xm1
2016-04-18 11:24 - 2016-04-18 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2016-04-18 11:23 - 2016-04-18 11:23 - 00000000 ____D C:\Users\Pako\AppData\Roaming\MiKTeX
2016-04-18 11:23 - 2016-04-18 11:23 - 00000000 ____D C:\Users\Pako\AppData\Local\MiKTeX
2016-04-18 11:23 - 2016-04-18 11:23 - 00000000 ____D C:\ProgramData\MiKTeX
2016-04-18 11:19 - 2016-04-18 11:21 - 00000000 ____D C:\Program Files (x86)\MiKTeX 2.9
2016-04-18 11:16 - 2016-04-18 11:16 - 00000998 _____ C:\Users\Pako\Desktop\Texmaker.lnk
2016-04-18 11:16 - 2016-04-18 11:16 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2016-04-18 11:16 - 2016-04-18 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2016-04-18 11:16 - 2016-04-18 11:16 - 00000000 ____D C:\Program Files (x86)\Texmaker
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-17 12:24 - 2015-04-08 19:47 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-17 11:01 - 2009-07-14 06:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-17 11:01 - 2009-07-14 06:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-17 10:52 - 2015-03-27 00:43 - 00715172 _____ C:\windows\system32\perfh007.dat
2016-05-17 10:52 - 2015-03-27 00:43 - 00154722 _____ C:\windows\system32\perfc007.dat
2016-05-17 10:52 - 2009-07-14 07:13 - 01651686 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-17 10:52 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-17 10:50 - 2015-05-26 19:16 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Temp
2016-05-17 10:46 - 2015-04-08 15:02 - 00000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-17 10:46 - 2015-04-08 15:02 - 00000000 __SHD C:\Users\Pako\IntelGraphicsProfiles
2016-05-17 10:46 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-17 01:01 - 2015-04-15 13:26 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Azureus
2016-05-17 01:00 - 2015-04-08 15:25 - 00000000 ____D C:\Users\Pako\AppData\Roaming\vlc
2016-05-17 00:18 - 2015-04-08 15:02 - 00003934 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{593D9C55-FF5A-4232-BB72-86BBBE12F8A1}
2016-05-16 23:16 - 2015-04-15 13:26 - 00001805 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2016-05-16 23:16 - 2015-04-15 13:26 - 00000000 ____D C:\Program Files\Vuze
2016-05-16 11:41 - 2016-01-07 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-16 11:27 - 2016-01-07 09:52 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-05-16 11:27 - 2016-01-07 09:52 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2016-05-15 11:08 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-05-15 00:19 - 2009-07-14 06:45 - 00285808 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-15 00:18 - 2015-04-09 20:22 - 00000000 ____D C:\windows\system32\appraiser
2016-05-15 00:18 - 2015-03-27 00:29 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-15 00:15 - 2015-04-09 20:08 - 00000000 ____D C:\windows\system32\MRT
2016-05-15 00:09 - 2015-04-09 20:08 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-14 18:14 - 2015-04-08 19:43 - 00003176 _____ C:\windows\System32\Tasks\HPCeeScheduleForPako
2016-05-14 18:14 - 2015-04-08 19:43 - 00000328 _____ C:\windows\Tasks\HPCeeScheduleForPako.job
2016-05-13 16:15 - 2015-04-08 15:02 - 00000000 ____D C:\Users\Pako
2016-05-13 16:08 - 2015-04-09 21:11 - 00000000 ____D C:\Uni
2016-05-13 15:40 - 2015-04-08 22:10 - 00000000 ____D C:\Users\Pako\AppData\Local\Downloaded Installations
2016-05-13 15:24 - 2015-04-08 19:47 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:24 - 2015-04-08 19:47 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:24 - 2015-04-08 19:47 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 10:54 - 2013-12-03 21:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-12 18:27 - 2015-04-11 17:01 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-12 18:26 - 2015-04-11 17:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-10 09:55 - 2015-04-09 09:53 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-10 09:55 - 2015-04-09 09:53 - 00000000 ___SD C:\windows\system32\GWX
2016-05-10 09:55 - 2015-04-08 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-09 21:21 - 2015-05-05 08:10 - 00000000 ____D C:\t00ls
2016-05-03 11:55 - 2015-04-26 18:20 - 00000000 ____D C:\Users\Pako\.matplotlib
2016-05-02 14:05 - 2015-04-08 16:39 - 00000000 ____D C:\Program Files\Anaconda
2016-05-02 14:04 - 2015-04-08 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)
2016-05-02 13:28 - 2015-04-26 18:20 - 00000000 ____D C:\Users\Pako\.spyder2
2016-04-29 14:42 - 2016-03-10 10:54 - 00000000 ____D C:\SWSetup
2016-04-29 14:21 - 2015-04-08 18:28 - 00000000 ____D C:\Users\Pako\AppData\Local\ElevatedDiagnostics
2016-04-27 18:31 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-04-18 13:53 - 2015-05-17 12:23 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-04-18 11:11 - 2015-05-20 20:35 - 00000000 ____D C:\Users\Pako\Documents\Youcam
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-03-27 00:55 - 2015-03-27 00:56 - 8952034 _____ () C:\ProgramData\hpcsmmsilogs.log
2015-03-27 01:06 - 2016-03-14 22:36 - 1992428 _____ () C:\ProgramData\hpdam_install_log.txt
2015-03-27 01:03 - 2015-03-27 01:03 - 0543880 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt
2016-03-10 18:19 - 2016-03-10 18:21 - 1609326 _____ () C:\ProgramData\SynFPRmsiLogs.log
Einige Dateien in TEMP:
====================
C:\Users\Pako\AppData\Local\Temp\avgnt.exe
C:\Users\Pako\AppData\Local\Temp\Extract.exe
C:\Users\Pako\AppData\Local\Temp\i4jdel0.exe
C:\Users\Pako\AppData\Local\Temp\libeay32.dll
C:\Users\Pako\AppData\Local\Temp\msvcr120.dll
C:\Users\Pako\AppData\Local\Temp\sqlite3.dll
Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-09 21:06
==================== Ende von FRST.txt ============================
Geändert von c.yossarian (17.05.2016 um 12:08 Uhr) |
|
17.05.2016, 12:02
| #2 |
| | Email Account(GMX) verschickt Nachrichten Addition.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-05-2016
durchgeführt von Pako (2016-05-17 12:47:59)
Gestartet von C:\Users\Pako\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-04-08 13:02:04)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1335190260-3303876769-2765954222-500 - Administrator - Disabled)
Gast (S-1-5-21-1335190260-3303876769-2765954222-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1335190260-3303876769-2765954222-1003 - Limited - Enabled)
Pako (S-1-5-21-1335190260-3303876769-2765954222-1002 - Administrator - Enabled) => C:\Users\Pako
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Age of Empires 3 complete version 1.14 (HKLM-x32\...\{D5D9F4B5-7CCE-458D-9ECA-FE9EFD7D607C}_is1) (Version: 1.14 - vol1)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.42.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.42.0 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Blobby Volley 2 Version 1.0 (HKLM-x32\...\Blobby Volley 2 Version 1.0_is1) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J825DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 1.9.4.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.2.02075 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.2.02075 - Cisco Systems, Inc.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.5806 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dassault Systemes Doc English CATIA P3 B21 (HKLM-x32\...\Dassault Systemes Doc English B21) (Version: - )
Dassault Systemes Software B21 (HKLM\...\Dassault Systemes B21_0) (Version: - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC10 Prerequisites x86-x64 (HKLM\...\{7C534131-6431-4ECB-9069-525CB5F75CC8}) (Version: 10.1.1 - Dassault Systemes)
Dassault Systemes Software VC11 Prerequisites x86-x64 (HKLM\...\{C857169D-3F1A-4530-99A0-CAE966CE267E}) (Version: 11.0.1 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
DisplayLink Core Software (HKLM\...\{73CF7443-C49F-4A11-BD78-F6D691CDDB72}) (Version: 7.6.55673.0 - DisplayLink Corp.)
EaseUS Partition Master 10.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.8.5 (HKLM-x32\...\{5EDC25EC-D966-11E4-9E5C-00163E98E7D6}) (Version: 5.8.5.7193 - Evernote Corp.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP BIOS Configuration Utility (HKLM-x32\...\{36FCBBEE-7BCE-4603-A4F5-56E73C43C820}) (Version: 4.0.11.1 - Hewlett-Packard Company)
HP BIOS Configuration Utility (HKLM-x32\...\{FADF6CC4-5AF3-4630-AEDB-41F14BC09FCF}) (Version: 4.0.15.1 - HP Inc.)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.17.2042 - HP Inc.)
HP Connection Manager (HKLM-x32\...\{F0809EF3-DE1B-4A3C-9825-D4ABD1BA06BC}) (Version: 4.8.10.1 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{1BE682E2-5AF3-485A-83D0-47CC0C1FFFDE}) (Version: 8.3.7.0 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{BC60F8B0-4365-48A3-B463-0CDDA249B07F}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{48D74C03-3D33-4A7E-9D93-A59FE58C1DEA}) (Version: 2.6.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.27.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{384737A1-509C-46EA-A1EC-C1B6DD3BDC2D}) (Version: 6.2.17.1 - HP)
HP PageLift (HKLM-x32\...\{28074A47-851D-4599-A270-87609F58EB57}) (Version: 1.0.15.1 - Hewlett-Packard Company)
HP Port Replicator Software Installer (HKLM-x32\...\{6313BCDF-1109-4682-A19D-413189817787}) (Version: 1.3.37 - HP)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{757cc2cc-5fed-43e4-b813-2bda78353297}) (Version: 4.2.4.0 - HP)
HP Software Setup (HKLM-x32\...\{F6D61EC9-347B-4019-9F8E-E24169F7C330}) (Version: 8.7.5 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP System Default Settings (HKLM-x32\...\{B5BEF5F8-BD76-4174-A47D-05A06EA62615}) (Version: 2.7.1 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{49FE8EBA-CC77-484E-A4DB-DF4EFC0E5147}) (Version: 8.3.0.8 - Hewlett-Packard Company)
HP USB Port Replicator (HKLM\...\{4BCC570D-F175-4B50-A06A-FE3506A94796}) (Version: 7.6.55872.0 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1519.1030) (HKLM\...\{302600C1-6BDF-4FD1-1504-148929CC1385}) (Version: 17.1.1504.0518 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MATLAB Production Server R2015a (HKLM\...\MATLAB Production Server R2015a) (Version: 2.1 - MathWorks)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Python 2.7.9 (Anaconda 2.2.0 64-bit) (HKLM\...\Python 2.7.9 (Anaconda 2.2.0 64-bit)) (Version: 2.2.0 - Continuum Analytics, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7383 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11072 - Realtek Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.1.1.12 - Steppschuh)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
revoSleep (HKLM-x32\...\{B76E8F60-D517-44B1-BFCD-B6C153A60F1B}) (Version: 2.4.0 - Revo)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.37.3 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{B9151DD5-DAFE-494E-AA1F-C351D5FD9E9B}) (Version: 4.5.321.0 - Synaptics)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.2.0 - Azureus Software, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E846346-8E27-43C5-9BA3-4CD87E0D9564} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-13] (Hewlett-Packard Company)
Task: {1DAECF30-3828-48D2-B84E-B836842E138D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {45D59522-84E4-4292-8C85-3DFF77E8F3DB} - System32\Tasks\HPCeeScheduleForPako => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {5CC7D514-7270-4DBB-8D9B-77B40B992FEB} - System32\Tasks\{D1A6AE07-7B25-46D9-948B-EE7254EA23C1} => pcalua.exe -a "C:\Spiele\Age of Empires II\AoFE_Launcher.exe" -d "C:\Spiele\Age of Empires II"
Task: {5D243527-641A-4CC1-942F-10A90BEA2E85} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {ADB08556-EF60-40F8-A7FE-9D72487E81B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {C95AF739-4354-461A-A75C-6007A9D6ADF2} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForPako.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-05-28 10:14 - 2014-05-28 10:14 - 00336056 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2015-07-01 09:45 - 2015-07-01 09:45 - 00022528 _____ () C:\windows\System32\us005lm.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-15 19:51 - 2014-08-15 19:51 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
2015-04-13 21:00 - 2005-04-22 06:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2014-10-28 12:49 - 2015-09-15 23:56 - 00405416 _____ () C:\windows\system32\igfxTray.exe
2016-02-18 06:24 - 2016-02-18 06:24 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-04-13 21:00 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2010-06-14 18:41 - 2010-06-14 18:41 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-10-10 18:37 - 2014-10-10 18:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{26194502-22AA-4709-AC14-A1B377061E1D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{55897B62-922E-406A-91E2-39189ADB539E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{050A4F1D-B28D-4172-8615-BF74A549145D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3F3F8700-CA53-4945-BE7F-646E02D92B41}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3DB1C88B-C304-48E1-B26B-9BDC222152A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D687D8D-42C9-4AD6-904C-B45D47242D9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F73A59E-EC31-4785-AB6F-0453471E36A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C487E073-6A9B-41DF-992C-2A23FA95F839}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{ED5D9F8C-31DE-4CB8-9585-C2063ACB031A}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [TCP Query User{A1113639-9AF8-417C-BB27-F77C7421A42D}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [UDP Query User{E8B4C2F2-BB9E-41EA-BDAE-D2C030786AF5}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [TCP Query User{4D0E1D55-7C01-4283-B011-6CA49CACC9E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [UDP Query User{5F9A2BC6-5606-4B97-9FD4-24C5EADF8B9B}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [TCP Query User{CF04BF2B-CD8C-4189-9A40-577D8B1319E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [UDP Query User{ABC23708-F948-4FEE-A3C1-39784C87F35A}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [{572C5DA1-80D5-4B17-A8B5-58572A31D368}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{99B0FD3C-B481-453B-894B-5C627B2F0B44}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{1A6D2200-9E00-4DF7-B29C-F9091B3E214A}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{16DF6E00-323C-4DC5-91F0-6692BD767132}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{4397C81B-F804-4B28-9B23-B75102BC9B86}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{E892C429-305C-4577-8793-3137479C3157}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{184FF14E-9FD3-4C8F-AC9A-B59D5B6C08AD}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{E61669F1-4AA2-48A8-B3F4-ED576879069E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{95992D6D-80DA-4A9F-88E5-A8259F897348}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{C84856A1-F94C-40D1-A72E-38FF6900BB6E}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{0370DA74-30C3-4EA4-8629-287BB4673275}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{8785BFCD-8433-40BC-9E08-D0A714C49885}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{CC249AD1-4854-4335-B71E-71A9581D4274}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{A780842E-9BB9-4871-9D09-CC8AADBC6FE7}C:\spiele\age of empires 3\age3y.exe] => (Allow) C:\spiele\age of empires 3\age3y.exe
FirewallRules: [UDP Query User{548D2FED-8586-48AA-8647-400A3E7B90DB}C:\spiele\age of empires 3\age3y.exe] => (Allow) C:\spiele\age of empires 3\age3y.exe
FirewallRules: [TCP Query User{152B4FAE-FE6D-42F5-BA02-C48BB9E7FAAF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{F3FA0139-CCF0-4F70-BEAE-0A1F96DA92CF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{C1D615EE-F9E7-4702-BDAC-14B5BDCB6C72}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{CAD7267F-42E9-4F6D-8FD8-CD21615B0985}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{F1E3FFB8-28B1-4F30-B4AD-2B61856564F2}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe
FirewallRules: [UDP Query User{F2FDC59F-1437-4776-A83C-1AD023B0E507}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe
FirewallRules: [TCP Query User{6B5B1209-03B1-4EC9-ADF3-0EC08152AAB7}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{8874D6A7-833D-4EF5-B6CF-C03844658CDD}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [TCP Query User{A595BFB1-C585-4DEB-A042-8E7FC8ACA1F5}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{A17134BB-9852-4C67-857D-341AD61D86E2}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{417C69D2-0311-45C0-A803-2C375E5B50BB}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{6FCF8D7B-FCAF-41A4-97FC-0C498602B023}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe
FirewallRules: [{4A68009D-174F-496A-BCD2-EE9DC14143B3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{55164A65-1AF2-4A22-90FF-B75D9E9A9E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F61977B-6F2B-453F-8FCE-5160379EDCD3}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{0F0AA636-B729-4C97-8F5A-E0AB89A86E6D}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{AF4F8F09-0835-44FC-B384-7A9B901CF0DF}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{0E4803D4-C350-419F-A898-DF5F70176E8F}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{42A8C856-7C7E-42B1-A2C3-3F533179FDFF}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{4D6D5AA5-7F2B-48EA-A5DE-4142279187CA}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{E903F21E-808A-470D-B373-DD0613AE9EA7}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{D89E13A1-8DFC-4356-ACD2-D00D7CF40CBF}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{0A5C10DF-E118-4F05-A778-53DAF5FACA79}C:\program files (x86)\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [UDP Query User{6E10132D-5776-445F-A829-A42AAA56656B}C:\program files (x86)\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [{E0970823-DBAF-4A16-86D9-34367AF59301}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{87B1E4F0-93AE-48B9-8053-1639CA935F91}] => (Allow) C:\Program Files\Vuze\Azureus.exe
==================== Wiederherstellungspunkte =========================
13-05-2016 16:00:31 Installed Java SE Development Kit 8 Update 92 (64-bit)
14-05-2016 19:07:16 Windows Update
15-05-2016 00:08:30 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/17/2016 10:47:04 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/17/2016 10:47:03 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/17/2016 10:47:02 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/17/2016 10:47:02 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/17/2016 10:46:57 AM) (Source: flcdlock) (EventID: 1069) (User: )
Description: Profilvorgang für aktuelle SID mit unbekanntem Ausnahmefehler fehlgeschlagen.
Error: (05/17/2016 10:46:52 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/17/2016 10:46:52 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/17/2016 10:46:41 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/17/2016 10:46:40 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/17/2016 10:46:38 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Systemfehler:
=============
Error: (05/17/2016 10:46:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/17/2016 10:46:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/17/2016 10:46:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/16/2016 11:13:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/16/2016 11:13:07 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/16/2016 11:13:07 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/16/2016 11:41:36 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Mail Protection" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
Error: (05/16/2016 11:41:14 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (05/16/2016 11:41:14 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (05/16/2016 11:41:14 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8067.11 MB
Verfügbarer physikalischer RAM: 4819.56 MB
Summe virtueller Speicher: 12113.29 MB
Verfügbarer virtueller Speicher: 8330.41 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:94.73 GB) (Free:14.3 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.05 GB) (Free:1.55 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Daten) (Fixed) (Total:298.09 GB) (Free:66.34 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.93 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9CC5D5D8)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D15CF63D)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=94.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0B)
==================== Ende von Addition.txt ============================
Code:
ATTFilter OTL logfile created on: 17.05.2016 12:48:59 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pako\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.17609) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 7,88 Gb Total Physical Memory | 4,70 Gb Available Physical Memory | 59,64% Memory free 11,83 Gb Paging File | 8,13 Gb Available in Paging File | 68,70% Paging File free Paging file location(s): c:\pagefile.sys 4048 4048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 94,73 Gb Total Space | 14,30 Gb Free Space | 15,10% Space Free | Partition Type: NTFS Drive D: | 14,05 Gb Total Space | 1,55 Gb Free Space | 11,04% Space Free | Partition Type: NTFS Drive E: | 298,09 Gb Total Space | 66,34 Gb Free Space | 22,26% Space Free | Partition Type: NTFS Drive F: | 1,99 Gb Total Space | 1,93 Gb Free Space | 97,08% Space Free | Partition Type: FAT32 Computer Name: PAKO-HP840 | User Name: Pako | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2016.05.17 12:40:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pako\Desktop\OTL.exe PRC - [2016.05.16 11:27:40 | 000,467,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe PRC - [2016.05.16 11:27:22 | 000,814,608 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe PRC - [2016.05.16 11:27:22 | 000,467,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe PRC - [2016.05.09 17:14:17 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2016.05.01 23:34:26 | 000,491,464 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe PRC - [2016.04.25 10:45:08 | 000,147,656 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe PRC - [2016.04.25 10:41:46 | 000,280,008 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe PRC - [2016.04.22 08:56:22 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2016.02.18 06:24:11 | 001,034,240 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe PRC - [2016.02.18 06:23:49 | 000,617,984 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe PRC - [2015.10.08 18:12:32 | 001,527,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe PRC - [2015.04.24 12:30:38 | 000,573,240 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysWOW64\flcdlock.exe PRC - [2015.04.23 12:26:10 | 000,018,232 | R--- | M] (Hewlett-Packard Development Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe PRC - [2015.04.14 09:14:38 | 002,089,056 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe PRC - [2015.03.31 13:52:44 | 001,714,216 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe PRC - [2015.01.27 10:32:46 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2015.01.27 10:32:06 | 001,198,456 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2014.10.10 18:37:18 | 000,409,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2014.10.10 18:37:16 | 000,158,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2014.08.25 21:50:12 | 000,293,872 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2014.08.15 19:51:14 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe PRC - [2014.06.26 23:50:26 | 001,842,904 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe PRC - [2014.06.26 23:49:58 | 002,312,408 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe PRC - [2014.06.25 18:31:08 | 000,320,360 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2014.06.25 18:31:08 | 000,016,232 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2012.08.28 12:00:32 | 001,327,104 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe PRC - [2012.08.28 11:55:16 | 000,393,216 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ========== Modules (No Company Name) ========== MOD - [2016.05.15 10:47:25 | 001,102,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\8e120675c80a179c177d6d9b5345e792\System.ServiceModel.Web.ni.dll MOD - [2016.05.15 10:47:23 | 000,430,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Serv30e99c02#\fc811832eb4d1a081148bcb0128416f5\System.ServiceModel.Channels.ni.dll MOD - [2016.05.15 10:47:20 | 019,426,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a459f8b69edabf287d593a2a08c5c8d6\System.ServiceModel.ni.dll MOD - [2016.05.15 10:47:05 | 002,937,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\c56cbffc8423ff484bf3f80aae1d5c24\System.IdentityModel.ni.dll MOD - [2016.05.15 10:46:59 | 002,532,352 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\d03ab7cb81236f14485affc6881a3e8d\System.Data.Linq.ni.dll MOD - [2016.05.15 10:46:42 | 001,065,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\db5dd84fd58ce117b2f7af7c6ce85e41\System.ComponentModel.Composition.ni.dll MOD - [2016.05.15 10:46:31 | 000,016,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\f96faf473ed69af52095444a4e9d581e\PresentationFramework-SystemXml.ni.dll MOD - [2016.05.15 10:46:31 | 000,012,288 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\c8a2ecfd900c0b634dadb6ed3411cc97\PresentationFramework-SystemXmlLinq.ni.dll MOD - [2016.05.15 10:46:30 | 000,014,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\1a302d971b5ea6e685d0ec50e80fb7e6\PresentationFramework-SystemData.ni.dll MOD - [2016.05.15 10:46:08 | 000,390,656 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\71a060bc38158376f5e6dda8d62b6c7c\System.Xml.Linq.ni.dll MOD - [2016.05.15 10:45:54 | 000,786,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\e2ab3c1c7be8727fb1f36945861e780b\System.ServiceModel.Internals.ni.dll MOD - [2016.05.15 10:45:54 | 000,117,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\32b270a7b4daf4731cf1c36ecd660297\SMDiagnostics.ni.dll MOD - [2016.05.15 10:45:53 | 002,772,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ffbd00c458124054f2049e9a25a7cca8\System.Runtime.Serialization.ni.dll MOD - [2016.05.15 00:17:30 | 019,077,632 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\850b1b2f3ba808cabfaa84b4703213cb\PresentationFramework.ni.dll MOD - [2016.05.15 00:17:21 | 011,560,960 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\86d8696483cc81f030d41061c629fa41\PresentationCore.ni.dll MOD - [2016.05.15 00:17:16 | 007,842,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\4b7c82e4ce15b62277200886545e0728\System.Data.ni.dll MOD - [2016.05.15 00:17:14 | 012,945,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\7b437291b260f008653ebc86553ab462\System.Windows.Forms.ni.dll MOD - [2016.05.15 00:17:14 | 003,975,168 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\778c4647568c87adb6930daa13e24b88\WindowsBase.ni.dll MOD - [2016.05.15 00:17:14 | 000,974,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6b3bc806e6d6a2c73c6d9f1429395698\System.Configuration.ni.dll MOD - [2016.05.15 00:17:11 | 007,518,208 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\a57805cc2d492d82e327b83ab24fad62\System.Core.ni.dll MOD - [2016.05.15 00:17:08 | 001,876,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\347ba862763b7e7c80bdef8764ae72dc\System.Xaml.ni.dll MOD - [2016.05.15 00:17:07 | 000,521,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7ab1680c39bc1c41f147f78cbe0db0f2\PresentationFramework.Aero.ni.dll MOD - [2016.05.15 00:09:09 | 007,378,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\36599a72e79974ff4c004c43df9fce2b\System.Xml.ni.dll MOD - [2016.05.15 00:09:07 | 000,706,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dc2eb8260dcff0680cb9c540180ca0fe\System.Transactions.ni.dll MOD - [2016.05.15 00:09:05 | 001,623,552 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\48453ce4573683172752f7fdc00f8820\System.Drawing.ni.dll MOD - [2016.05.15 00:09:05 | 000,218,624 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\779476f7b8e5cf194303e03c06653cc1\System.ServiceProcess.ni.dll MOD - [2016.05.15 00:09:03 | 009,983,488 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\d03eb8a47500f40d5428f9c6875f8e56\System.ni.dll MOD - [2016.04.30 14:51:50 | 000,271,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\f8271755b1dde51c6fd403c7f03c89aa\System.Numerics.ni.dll MOD - [2016.04.29 16:13:48 | 018,111,488 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\affcb83bba04f782c2586a1788330891\mscorlib.ni.dll MOD - [2016.02.18 06:24:55 | 000,070,144 | ---- | M] () -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll MOD - [2009.02.27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ========== Services (SafeList) ========== SRV:64bit: - [2016.01.29 20:34:20 | 000,374,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2016.01.29 20:34:20 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2015.09.28 13:00:34 | 000,502,232 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost) SRV:64bit: - [2015.09.24 08:03:38 | 000,076,288 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService) SRV:64bit: - [2015.09.15 23:55:28 | 000,359,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0) SRV:64bit: - [2015.07.23 02:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:64bit: - [2015.06.18 14:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Running] -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service) SRV:64bit: - [2015.01.27 18:12:22 | 000,044,680 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:64bit: - [2014.11.19 13:48:16 | 003,820,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV:64bit: - [2014.11.19 13:48:06 | 000,268,192 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2014.11.19 13:48:02 | 000,638,368 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2014.11.19 13:47:50 | 000,157,088 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2014.10.15 12:31:40 | 000,394,184 | ---- | M] (Intel) [Auto | Running] -- C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe -- (IntelUSBoverIP) SRV:64bit: - [2014.09.04 14:31:46 | 000,292,568 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService) SRV:64bit: - [2014.06.25 18:31:08 | 000,016,232 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV:64bit: - [2014.06.02 00:06:45 | 010,571,056 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService) SRV:64bit: - [2014.05.13 23:31:14 | 000,887,256 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R) SRV:64bit: - [2013.12.04 02:17:29 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2013.09.12 13:41:02 | 003,221,392 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService) SRV:64bit: - [2011.01.08 04:50:22 | 000,046,592 | ---- | M] (Dassault Systemes) [Auto | Running] -- C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe -- (BBDemon) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2016.05.16 11:27:40 | 000,467,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Antivirus\sched.exe -- (AntiVirSchedulerService) SRV - [2016.05.16 11:27:27 | 001,435,704 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe -- (AntiVirWebService) SRV - [2016.05.16 11:27:23 | 000,970,656 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe -- (AntiVirMailService) SRV - [2016.05.16 11:27:22 | 000,467,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe -- (AntiVirService) SRV - [2016.05.13 15:24:16 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2016.05.09 17:14:16 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2016.04.28 14:30:26 | 000,081,408 | ---- | M] (Chip Digital GmbH) [Auto | Running] -- C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe -- (chip1click) SRV - [2016.04.25 10:41:46 | 000,280,008 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe -- (Avira.ServiceHost) SRV - [2016.04.22 08:56:22 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2016.02.18 06:23:49 | 000,617,984 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent) SRV - [2015.11.17 00:06:20 | 000,782,048 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe -- (HP Hotkey Service) SRV - [2015.11.05 21:36:48 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2015.10.08 18:12:32 | 001,527,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv) SRV - [2015.09.15 23:48:52 | 000,291,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2015.07.09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2015.06.05 16:18:24 | 000,149,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe -- (iBtSiva) SRV - [2015.05.19 17:22:06 | 000,099,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service) SRV - [2015.04.24 12:30:38 | 000,573,240 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK) SRV - [2015.04.23 12:26:10 | 000,018,232 | R--- | M] (Hewlett-Packard Development Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe -- (HpDamServiceHost) SRV - [2015.03.31 13:52:44 | 001,714,216 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2015.01.27 10:32:46 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2015.01.27 10:32:06 | 001,198,456 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2014.10.10 18:37:18 | 000,409,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2014.10.10 18:37:16 | 000,158,496 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2014.08.15 19:51:14 | 000,007,168 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe -- (CtAgentService) SRV - [2014.06.26 23:50:26 | 001,842,904 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService) SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013.09.12 13:28:00 | 002,741,648 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2012.04.24 23:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) ========== Driver Services (SafeList) ========== DRV:64bit: - [2016.05.16 11:27:43 | 000,141,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2016.05.16 11:27:43 | 000,079,696 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avnetflt.sys -- (avnetflt) DRV:64bit: - [2016.03.14 22:36:22 | 000,255,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb) DRV:64bit: - [2016.03.10 11:07:56 | 000,154,816 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2016.02.18 05:54:45 | 000,052,592 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64-6.sys -- (vpnva) DRV:64bit: - [2016.02.18 05:53:59 | 000,209,568 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock) DRV:64bit: - [2016.02.05 21:03:08 | 000,147,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2015.12.03 16:24:37 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2015.11.13 09:50:26 | 000,133,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2015.09.15 23:54:32 | 006,398,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2015.08.08 23:41:56 | 000,474,360 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2015.07.18 21:28:05 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus) DRV:64bit: - [2015.04.23 11:54:00 | 000,065,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv) DRV:64bit: - [2015.04.01 15:24:10 | 000,141,800 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2015.03.24 17:44:10 | 000,378,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d62x64.sys -- (e1dexpress) DRV:64bit: - [2015.03.13 00:55:44 | 003,437,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw02.sys -- (NETwNs64) DRV:64bit: - [2015.01.27 18:10:52 | 000,031,880 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:64bit: - [2015.01.27 18:09:00 | 000,044,680 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:64bit: - [2015.01.13 13:09:10 | 001,448,248 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2014.11.27 18:34:48 | 002,980,568 | ---- | M] (Realtek Semiconductor Corp.) [Fixed] [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVC.sys -- (rtsuvc) DRV:64bit: - [2014.11.18 14:39:06 | 000,018,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:64bit: - [2014.11.18 14:39:06 | 000,010,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:64bit: - [2014.11.05 10:37:44 | 000,087,864 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio) DRV:64bit: - [2014.11.04 11:47:38 | 000,038,264 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2014.11.04 11:47:38 | 000,027,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2014.10.31 03:20:02 | 000,580,336 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2014.10.31 03:19:58 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI) DRV:64bit: - [2014.10.31 03:19:58 | 000,032,496 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv) DRV:64bit: - [2014.10.15 12:28:04 | 000,213,296 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usb3Hub.sys -- (usb3Hub) DRV:64bit: - [2014.10.10 19:37:16 | 000,129,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64) DRV:64bit: - [2014.08.25 21:49:22 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2014.08.25 21:49:14 | 000,795,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2014.08.25 21:49:14 | 000,383,984 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2014.08.15 22:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2014.06.07 04:20:34 | 000,670,056 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2014.06.07 04:20:32 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF) DRV:64bit: - [2014.03.27 21:06:40 | 000,331,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR) DRV:64bit: - [2014.03.27 21:01:44 | 000,272,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2014.03.22 01:34:38 | 000,476,888 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER) DRV:64bit: - [2013.12.04 02:20:51 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2013.12.04 02:20:51 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2013.12.04 02:09:27 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.10.03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.09.06 07:32:34 | 000,095,344 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb) DRV:64bit: - [2012.09.06 07:32:26 | 000,021,872 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSib.sys -- (BrUsbSIb) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009.07.14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.01.02 12:11:50 | 000,024,848 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\LUMDriver.sys -- (LUMDriver) DRV - [2014.11.18 14:39:08 | 000,014,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2014.11.18 14:39:08 | 000,010,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=CMNTDFJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=CMNTDFJS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4 IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "AT" FF - prefs.js..browser.search.hiddenOneOffs: "Bing,DuckDuckGo" FF - prefs.js..browser.search.region: "AT" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1 FF - prefs.js..network.proxy.backup.ftp: "79.143.176.23" FF - prefs.js..network.proxy.backup.ftp_port: 443 FF - prefs.js..network.proxy.backup.socks: "79.143.176.23" FF - prefs.js..network.proxy.backup.socks_port: 443 FF - prefs.js..network.proxy.backup.ssl: "79.143.176.23" FF - prefs.js..network.proxy.backup.ssl_port: 443 FF - prefs.js..network.proxy.ftp: "91.228..53.28" FF - prefs.js..network.proxy.ftp_port: 8089 FF - prefs.js..network.proxy.http: "91.228..53.28" FF - prefs.js..network.proxy.http_port: 8089 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "91.228..53.28" FF - prefs.js..network.proxy.socks_port: 8089 FF - prefs.js..network.proxy.ssl: "91.228..53.28" FF - prefs.js..network.proxy.ssl_port: 8089 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.92.2: C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.92.2: C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\digitalpersona.com/ChromeDPAgent: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\dpmaxz_ng@jetpack: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016.03.10 23:27:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 45.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 45.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2015.04.08 15:14:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pako\AppData\Roaming\mozilla\Extensions [2016.05.13 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pako\AppData\Roaming\mozilla\Firefox\Profiles\apep5xqp.default\extensions [2016.05.13 11:06:01 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\Pako\AppData\Roaming\mozilla\Firefox\Profiles\apep5xqp.default\extensions\abs@avira.com [2016.04.29 14:30:25 | 000,013,704 | ---- | M] () (No name found) -- C:\Users\Pako\AppData\Roaming\mozilla\firefox\profiles\apep5xqp.default\extensions\info@youtube-mp3.org.xpi [2016.04.29 14:30:27 | 001,036,367 | ---- | M] () (No name found) -- C:\Users\Pako\AppData\Roaming\mozilla\firefox\profiles\apep5xqp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016.04.29 14:30:27 | 004,029,588 | ---- | M] () (No name found) -- C:\Users\Pako\AppData\Roaming\mozilla\firefox\profiles\apep5xqp.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016.05.09 17:14:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) O2 - BHO: (HP File Sanitizer) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard) O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.) O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Remote Control Server] C:\Users\Pako\AppData\Roaming\Remote Control Server\Remote Control Server.exe (Steppschuh) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe (CHENGDU YIWO Tech Development Co., Ltd) O4 - HKLM..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe (Hewlett-Packard) O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (HP) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" File not found O4 - HKLM..\Run: [YouCam Tray] c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKCU..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Auswahl speichern - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found O8:64bit: - Extra context menu item: Bild ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found O8:64bit: - Extra context menu item: Diese Seite ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found O8:64bit: - Extra context menu item: Lesezeichen ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found O8:64bit: - Extra context menu item: Neue Notiz - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html () O8:64bit: - Extra context menu item: URL notieren - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found O8 - Extra context menu item: Auswahl speichern - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found O8 - Extra context menu item: Bild ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found O8 - Extra context menu item: Diese Seite ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found O8 - Extra context menu item: Lesezeichen ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found O8 - Extra context menu item: Neue Notiz - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html () O8 - Extra context menu item: URL notieren - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html () O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html () O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9986CD45-0234-442F-ABDC-AE185A5A32C1}: DhcpNameServer = 195.34.133.21 212.186.211.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB9F8693-0D92-4816-9BE6-3CC2480CDCAC}: DhcpNameServer = 195.34.133.21 212.186.211.21 O18:64bit: - Protocol\Handler\abs - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\System32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{e236d276-2d3b-11e5-8728-5cb901b2644d}\Shell - "" = AutoRun O33 - MountPoints2\{e236d276-2d3b-11e5-8728-5cb901b2644d}\Shell\AutoRun\command - "" = G:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2016.05.17 12:47:27 | 000,000,000 | ---D | C] -- C:\FRST [2016.05.17 12:47:11 | 002,382,336 | ---- | C] (Farbar) -- C:\Users\Pako\Desktop\FRST64.exe [2016.05.17 12:40:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pako\Desktop\OTL.exe [2016.05.13 16:15:08 | 000,000,000 | ---D | C] -- C:\Users\Pako\.tooling [2016.05.13 16:08:52 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Local\Eclipse [2016.05.13 16:07:29 | 000,000,000 | ---D | C] -- C:\Users\Pako\.eclipse [2016.05.13 16:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eclipse [2016.05.13 16:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2016.05.13 16:02:13 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\Sun [2016.05.13 16:02:13 | 000,000,000 | ---D | C] -- C:\Users\Pako\.oracle_jre_usage [2016.05.13 16:02:05 | 000,110,144 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll [2016.05.13 16:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2016.05.13 16:01:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2016.05.13 16:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit [2016.05.13 16:00:42 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2016.05.13 15:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chip Digital GmbH [2016.05.11 15:31:10 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll [2016.05.11 15:31:09 | 000,264,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys [2016.05.11 15:31:09 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll [2016.05.11 15:31:08 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll [2016.05.11 15:31:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jnwmon.dll [2016.05.11 15:31:07 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\InkEd.dll [2016.05.11 15:31:07 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\InkEd.dll [2016.05.11 15:31:05 | 005,546,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe [2016.05.11 15:31:04 | 003,998,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe [2016.05.11 15:31:04 | 003,943,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe [2016.05.11 15:31:04 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll [2016.05.11 15:31:04 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll [2016.05.11 15:31:04 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll [2016.05.11 15:31:04 | 000,706,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi [2016.05.11 15:31:04 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi [2016.05.11 15:31:04 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll [2016.05.11 15:31:04 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll [2016.05.11 15:31:03 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll [2016.05.11 15:31:03 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll [2016.05.11 15:31:03 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll [2016.05.11 15:31:03 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll [2016.05.11 15:31:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll [2016.05.11 15:31:03 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe [2016.05.11 15:31:03 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll [2016.05.11 15:31:03 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe [2016.05.11 15:31:03 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll [2016.05.11 15:31:03 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll [2016.05.11 15:31:03 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll [2016.05.11 15:31:03 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidpolicyconverter.exe [2016.05.11 15:31:03 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll [2016.05.11 15:31:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll [2016.05.11 15:31:03 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe [2016.05.11 15:31:03 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll [2016.05.11 15:31:03 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidapi.dll [2016.05.11 15:31:03 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appidapi.dll [2016.05.11 15:31:03 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srclient.dll [2016.05.11 15:31:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll [2016.05.11 15:31:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptbase.dll [2016.05.11 15:31:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll [2016.05.11 15:31:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll [2016.05.11 15:31:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll [2016.05.11 15:31:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll [2016.05.11 15:31:02 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll [2016.05.11 15:31:02 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll [2016.05.11 15:31:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll [2016.05.11 15:31:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll [2016.05.11 15:31:02 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\auditpol.exe [2016.05.11 15:31:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msobjs.dll [2016.05.11 15:31:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msobjs.dll [2016.05.11 15:31:02 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\auditpol.exe [2016.05.11 15:31:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe [2016.05.11 15:31:02 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidcertstorecheck.exe [2016.05.11 15:31:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll [2016.05.11 15:31:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe [2016.05.11 15:31:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll [2016.05.11 15:31:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll [2016.05.11 15:31:02 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2016.05.11 15:31:02 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2016.05.11 15:31:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2016.05.11 15:31:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2016.05.11 15:31:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll [2016.05.11 15:31:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2016.05.11 15:31:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe [2016.05.11 15:30:56 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll [2016.05.10 09:41:09 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys [2016.05.10 09:40:47 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbamchameleon.sys [2016.05.10 09:40:47 | 000,064,896 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys [2016.05.10 09:40:47 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbam.sys [2016.05.10 09:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware [2016.05.10 09:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2016.05.10 09:34:31 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2016.05.09 21:16:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2016.05.09 21:16:09 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2016.05.09 17:14:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2016.05.02 14:17:33 | 000,000,000 | ---D | C] -- C:\Users\Pako\Desktop\Numerische Methoden [2016.05.02 14:07:13 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\jupyter [2016.05.02 14:07:13 | 000,000,000 | ---D | C] -- C:\Users\Pako\.jupyter [2016.05.02 14:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit) [2016.05.01 23:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2016.04.18 13:54:10 | 000,000,000 | ---D | C] -- C:\Users\Pako\.cisco [2016.04.18 13:53:15 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Local\Cisco [2016.04.18 13:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco [2016.04.18 13:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco [2016.04.18 11:30:52 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\xm1 [2016.04.18 11:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9 [2016.04.18 11:23:43 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\MiKTeX [2016.04.18 11:23:29 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Local\MiKTeX [2016.04.18 11:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\MiKTeX [2016.04.18 11:19:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiKTeX 2.9 [2016.04.18 11:16:36 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker [2016.04.18 11:16:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker [2016.04.18 11:16:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Texmaker ========== Files - Modified Within 30 Days ========== [2016.05.17 12:47:11 | 002,382,336 | ---- | M] (Farbar) -- C:\Users\Pako\Desktop\FRST64.exe [2016.05.17 12:40:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pako\Desktop\OTL.exe [2016.05.17 12:24:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2016.05.17 12:23:19 | 000,001,078 | ---- | M] () -- C:\windows\system32dbgraw.bmp [2016.05.17 11:01:54 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2016.05.17 11:01:54 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2016.05.17 10:52:43 | 001,651,686 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2016.05.17 10:52:43 | 000,715,172 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2016.05.17 10:52:43 | 000,659,640 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2016.05.17 10:52:43 | 000,154,722 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2016.05.17 10:52:43 | 000,126,818 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2016.05.17 10:46:55 | 000,000,180 | ---- | M] () -- C:\windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [2016.05.17 10:46:29 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2016.05.16 23:16:31 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk [2016.05.16 11:27:43 | 000,141,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avipbb.sys [2016.05.16 11:27:43 | 000,079,696 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avnetflt.sys [2016.05.15 00:19:22 | 000,285,808 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2016.05.14 23:56:04 | 000,001,002 | ---- | M] () -- C:\Users\Pako\Desktop\Eclipse.lnk [2016.05.14 18:14:22 | 000,000,328 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForPako.job [2016.05.13 16:09:42 | 000,002,464 | ---- | M] () -- C:\Users\Pako\Desktop\CATIA V5R21.lnk [2016.05.13 16:02:01 | 000,110,144 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll [2016.05.13 15:24:16 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2016.05.13 15:24:16 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2016.05.10 09:41:50 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys [2016.04.18 11:16:36 | 000,000,998 | ---- | M] () -- C:\Users\Pako\Desktop\Texmaker.lnk ========== Files Created - No Company Name ========== [2016.05.17 12:22:28 | 000,001,078 | ---- | C] () -- C:\windows\system32dbgraw.bmp [2016.05.16 23:16:31 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk [2016.05.14 23:56:04 | 000,001,002 | ---- | C] () -- C:\Users\Pako\Desktop\Eclipse.lnk [2016.05.13 16:09:42 | 000,002,464 | ---- | C] () -- C:\Users\Pako\Desktop\CATIA V5R21.lnk [2016.04.18 11:16:36 | 000,000,998 | ---- | C] () -- C:\Users\Pako\Desktop\Texmaker.lnk [2015.09.28 13:00:34 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPSCApi.dll.hpsign [2015.09.28 13:00:32 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign [2015.09.28 13:00:32 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign [2015.09.28 12:59:30 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign [2015.09.28 12:59:28 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv2.dll.hpsign [2015.09.28 12:59:28 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign [2015.09.28 12:58:28 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign [2015.08.17 14:56:20 | 002,536,072 | ---- | C] () -- C:\windows\SysWow64\BootMan.exe [2015.08.17 14:56:20 | 000,088,160 | ---- | C] () -- C:\windows\SysWow64\setupempdrv03.exe [2015.08.17 14:56:20 | 000,021,088 | ---- | C] () -- C:\windows\SysWow64\EuEpmGdi.dll [2015.08.17 14:56:20 | 000,014,944 | ---- | C] () -- C:\windows\SysWow64\epmntdrv.sys [2015.08.17 14:56:20 | 000,010,208 | ---- | C] () -- C:\windows\SysWow64\EuGdiDrv.sys [2015.04.24 12:30:48 | 000,961,336 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll [2015.04.13 21:01:18 | 000,000,247 | ---- | C] () -- C:\windows\Brpfx04a.ini [2015.04.13 21:01:18 | 000,000,064 | ---- | C] () -- C:\windows\brpcfx.ini [2015.04.13 21:00:25 | 000,000,066 | ---- | C] () -- C:\windows\Brfaxrx.ini [2015.04.13 21:00:25 | 000,000,000 | ---- | C] () -- C:\windows\brdfxspd.dat [2015.04.13 20:53:14 | 000,006,616 | ---- | C] () -- C:\windows\BRPARAM.INI [2015.04.09 19:54:41 | 000,000,000 | ---- | C] () -- C:\windows\Bench32.INI [2015.04.08 18:00:11 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\dlumd9.dll [2015.04.08 18:00:11 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\dlumd11.dll [2015.04.08 18:00:11 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\dlumd10.dll [2015.03.27 00:59:09 | 000,000,248 | ---- | C] () -- C:\windows\hbcikrnl.ini ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2016.01.22 08:19:58 | 014,179,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2016.01.22 08:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
17.05.2016, 12:03
| #3 |
| | Email Account(GMX) verschickt Nachrichten Extras.txt
__________________Code:
ATTFilter OTL Extras logfile created on: 17.05.2016 12:48:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pako\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17609)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,88 Gb Total Physical Memory | 4,70 Gb Available Physical Memory | 59,64% Memory free
11,83 Gb Paging File | 8,13 Gb Available in Paging File | 68,70% Paging File free
Paging file location(s): c:\pagefile.sys 4048 4048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 94,73 Gb Total Space | 14,30 Gb Free Space | 15,10% Space Free | Partition Type: NTFS
Drive D: | 14,05 Gb Total Space | 1,55 Gb Free Space | 11,04% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 66,34 Gb Free Space | 22,26% Space Free | Partition Type: NTFS
Drive F: | 1,99 Gb Total Space | 1,93 Gb Free Space | 97,08% Space Free | Partition Type: FAT32
Computer Name: PAKO-HP840 | User Name: Pako | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0513174A-79A3-4077-A3F7-AF1014E06269}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{08AF9D48-B462-4B54-8AC5-2401381B56DF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A6D2200-9E00-4DF7-B29C-F9091B3E214A}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{39A19F96-B834-4559-BE3D-B4BF64ED9AF4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43EFA40D-87C9-43E6-91B9-A38C04CA6961}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4434757E-F8B6-4C73-94F6-07881C23D1F1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56E17D4D-5B36-47DA-934F-AD9D3FCAA54C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5B00D27F-9E0D-426B-BB81-266C681D8D3D}" = rport=445 | protocol=6 | dir=out | app=system |
"{76B629C5-6CFA-46A4-92C0-53944E75F5C8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{76BE9F1C-2F40-4A4D-BE63-81A94CCFE0E6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8AB62887-63E1-408D-8C64-B290DDA0B67E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{909F4019-28B7-4E3E-A3FA-1058CAB0B1FC}" = rport=137 | protocol=17 | dir=out | app=system |
"{9E6443EE-1AFD-4832-882F-2A50EF3A41DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A06F3C82-25BB-4CF7-AE09-08E46CD4539F}" = lport=139 | protocol=6 | dir=in | app=system |
"{AE69A899-39B7-42F8-B309-B1BF8FF43B2A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B74E9A0F-4BB3-4FA0-806B-549FD9DCF297}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB6E1237-C49D-45C7-A909-37BAD6962E67}" = rport=138 | protocol=17 | dir=out | app=system |
"{BFA424D2-9F43-4ECA-BD4E-4B7B30B00F47}" = lport=138 | protocol=17 | dir=in | app=system |
"{C9E16525-F5FE-477F-880F-6D7505121B03}" = lport=137 | protocol=17 | dir=in | app=system |
"{CA5B3F2F-A8D5-452A-9A92-3DFC107AE8A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{DDB50AC7-9CF7-434A-88BA-86DA33CAF263}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DEC85CDC-6EEA-4448-BEC7-6A9CF99C0B6C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E880487E-748F-416A-B91B-175BF6FB3804}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FF37682B-8B30-4AC0-AE77-4A417E5CBB41}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{050A4F1D-B28D-4172-8615-BF74A549145D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{26194502-22AA-4709-AC14-A1B377061E1D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2BA83475-F871-4242-862D-5E7368C550D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DB1C88B-C304-48E1-B26B-9BDC222152A0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3F3F8700-CA53-4945-BE7F-646E02D92B41}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4A68009D-174F-496A-BCD2-EE9DC14143B3}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{4F73A59E-EC31-4785-AB6F-0453471E36A8}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{5421E495-BA8E-46D9-9970-BF74E95F871E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{55164A65-1AF2-4A22-90FF-B75D9E9A9E07}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{55897B62-922E-406A-91E2-39189ADB539E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{572C5DA1-80D5-4B17-A8B5-58572A31D368}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\brmfl11a\faxrx.exe |
"{5FDF9926-002D-4E42-AA1F-E37F72C24D90}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{61A4BA59-6C93-4DAE-B7DA-307974F4EA75}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6FFBC7DE-FFFC-4A01-80D2-1E95C642A51E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{763A8A8A-25D7-47B6-AE8E-798546A2F745}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{87B1E4F0-93AE-48B9-8053-1639CA935F91}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{94E97681-CB88-42D0-8816-F577B03719EC}" = protocol=6 | dir=out | app=system |
"{95992D6D-80DA-4A9F-88E5-A8259F897348}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{99B0FD3C-B481-453B-894B-5C627B2F0B44}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\brmfl11a\faxrx.exe |
"{9CBD0561-135F-40BC-9DF5-8DC299F9E0D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D687D8D-42C9-4AD6-904C-B45D47242D9F}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{9DD90E48-CA0F-44BB-85BB-C649B1FD7F30}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AFD3FF97-F27B-4590-93E1-8EF37BE3607C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BAB8D8ED-B064-4FDD-A369-88791CECA0D0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C064180A-ABBB-45EA-BE5B-B2102C014357}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C487E073-6A9B-41DF-992C-2A23FA95F839}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{CB9A4901-1080-47EB-AB42-12A148B3A7BA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CF762252-A7F1-4BC7-9AD5-A8EB57236A2D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DF2B7C54-8662-4F78-9DF7-70C8CDBECB90}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E0970823-DBAF-4A16-86D9-34367AF59301}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{E38BF9E6-EEEA-41E4-8E0E-64CFD7CCE2A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E61669F1-4AA2-48A8-B3F4-ED576879069E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{ED5D9F8C-31DE-4CB8-9585-C2063ACB031A}" = dir=in | app=c:\program files\intel corporation\usb over ip\bin\uoipservice.exe |
"{F919D8D0-83E9-4E4E-B957-BD77EA122A76}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FA8AC096-2C35-4A0D-9ED1-F3724E782758}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FFEBC4BD-3422-428F-B25E-E5BCCA93B79E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{0A5C10DF-E118-4F05-A778-53DAF5FACA79}C:\program files (x86)\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eclipse\eclipse.exe |
"TCP Query User{152B4FAE-FE6D-42F5-BA02-C48BB9E7FAAF}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{16DF6E00-323C-4DC5-91F0-6692BD767132}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{3F61977B-6F2B-453F-8FCE-5160379EDCD3}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe |
"TCP Query User{417C69D2-0311-45C0-A803-2C375E5B50BB}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe" = protocol=6 | dir=in | app=c:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe |
"TCP Query User{42A8C856-7C7E-42B1-A2C3-3F533179FDFF}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe |
"TCP Query User{4D0E1D55-7C01-4283-B011-6CA49CACC9E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe" = protocol=6 | dir=in | app=c:\users\pako\appdata\roaming\remote control server\remote control server.exe |
"TCP Query User{6B5B1209-03B1-4EC9-ADF3-0EC08152AAB7}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe |
"TCP Query User{8785BFCD-8433-40BC-9E08-D0A714C49885}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{A1113639-9AF8-417C-BB27-F77C7421A42D}C:\program files (x86)\remote control server\remote control server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\remote control server\remote control server.exe |
"TCP Query User{A595BFB1-C585-4DEB-A042-8E7FC8ACA1F5}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe" = protocol=6 | dir=in | app=c:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe |
"TCP Query User{A780842E-9BB9-4871-9D09-CC8AADBC6FE7}C:\spiele\age of empires 3\age3y.exe" = protocol=6 | dir=in | app=c:\spiele\age of empires 3\age3y.exe |
"TCP Query User{AF4F8F09-0835-44FC-B384-7A9B901CF0DF}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe |
"TCP Query User{C1D615EE-F9E7-4702-BDAC-14B5BDCB6C72}C:\spiele\age of empires ii\age2_x1\age2_x2.exe" = protocol=6 | dir=in | app=c:\spiele\age of empires ii\age2_x1\age2_x2.exe |
"TCP Query User{C84856A1-F94C-40D1-A72E-38FF6900BB6E}C:\spiele\age of empires ii\age2_x1\age2_x2.exe" = protocol=6 | dir=in | app=c:\spiele\age of empires ii\age2_x1\age2_x2.exe |
"TCP Query User{CF04BF2B-CD8C-4189-9A40-577D8B1319E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe" = protocol=6 | dir=in | app=c:\users\pako\appdata\roaming\remote control server\remote control server.exe |
"TCP Query User{E892C429-305C-4577-8793-3137479C3157}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{E903F21E-808A-470D-B373-DD0613AE9EA7}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe |
"TCP Query User{F1E3FFB8-28B1-4F30-B4AD-2B61856564F2}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe |
"UDP Query User{0370DA74-30C3-4EA4-8629-287BB4673275}C:\spiele\age of empires ii\age2_x1\age2_x2.exe" = protocol=17 | dir=in | app=c:\spiele\age of empires ii\age2_x1\age2_x2.exe |
"UDP Query User{0E4803D4-C350-419F-A898-DF5F70176E8F}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe |
"UDP Query User{0F0AA636-B729-4C97-8F5A-E0AB89A86E6D}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe |
"UDP Query User{184FF14E-9FD3-4C8F-AC9A-B59D5B6C08AD}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{4397C81B-F804-4B28-9B23-B75102BC9B86}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{4D6D5AA5-7F2B-48EA-A5DE-4142279187CA}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe |
"UDP Query User{548D2FED-8586-48AA-8647-400A3E7B90DB}C:\spiele\age of empires 3\age3y.exe" = protocol=17 | dir=in | app=c:\spiele\age of empires 3\age3y.exe |
"UDP Query User{5F9A2BC6-5606-4B97-9FD4-24C5EADF8B9B}C:\users\pako\appdata\roaming\remote control server\remote control server.exe" = protocol=17 | dir=in | app=c:\users\pako\appdata\roaming\remote control server\remote control server.exe |
"UDP Query User{6E10132D-5776-445F-A829-A42AAA56656B}C:\program files (x86)\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eclipse\eclipse.exe |
"UDP Query User{6FCF8D7B-FCAF-41A4-97FC-0C498602B023}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe" = protocol=17 | dir=in | app=c:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe |
"UDP Query User{8874D6A7-833D-4EF5-B6CF-C03844658CDD}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe |
"UDP Query User{A17134BB-9852-4C67-857D-341AD61D86E2}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe" = protocol=17 | dir=in | app=c:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe |
"UDP Query User{ABC23708-F948-4FEE-A3C1-39784C87F35A}C:\users\pako\appdata\roaming\remote control server\remote control server.exe" = protocol=17 | dir=in | app=c:\users\pako\appdata\roaming\remote control server\remote control server.exe |
"UDP Query User{CAD7267F-42E9-4F6D-8FD8-CD21615B0985}C:\spiele\age of empires ii\age2_x1\age2_x2.exe" = protocol=17 | dir=in | app=c:\spiele\age of empires ii\age2_x1\age2_x2.exe |
"UDP Query User{CC249AD1-4854-4335-B71E-71A9581D4274}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{D89E13A1-8DFC-4356-ACD2-D00D7CF40CBF}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe |
"UDP Query User{E8B4C2F2-BB9E-41EA-BDAE-D2C030786AF5}C:\program files (x86)\remote control server\remote control server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\remote control server\remote control server.exe |
"UDP Query User{F2FDC59F-1437-4776-A83C-1AD023B0E507}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe |
"UDP Query User{F3FA0139-CCF0-4F70-BEAE-0A1F96DA92CF}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{17e91253-12f4-4fa1-bd55-5d950e7799a8}" = Intel(R) PRO/Wireless Driver
"{1B444AF9-1DBE-4884-8F35-969BEFCF69A8}" = Intel® Trusted Connect Service Client
"{1BE682E2-5AF3-485A-83D0-47CC0C1FFFDE}" = HP Device Access Manager
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{214E6139-6853-4144-AEEB-212C922159E9}" = HP Client Security Manager
"{26A24AE4-039D-4CA4-87B4-2F86418092F0}" = Java 8 Update 92 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}" = Intel(R) WiDi
"{302600C1-6BDF-4FD1-1504-148929CC1385}" = Intel(R) Wireless Bluetooth(R)(patch version 17.1.1519.1030)
"{3061DCA5-2D0B-48F9-800F-9D7C1FEB5E78}" = Microsoft Security Client
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4332723E-06E5-47F8-B106-8A2971B01368}" = Intel(R) ME UninstallLegacy
"{4BCC570D-F175-4B50-A06A-FE3506A94796}" = HP USB Port Replicator
"{55398EAC-F58E-4F19-B553-BDF8B9EFD839}" = Intel(R) Chipset Device Software
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0180920}" = Java SE Development Kit 8 Update 92 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{73CF7443-C49F-4A11-BD78-F6D691CDDB72}" = DisplayLink Core Software
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7C534131-6431-4ECB-9069-525CB5F75CC8}" = Dassault Systemes Software VC10 Prerequisites x86-x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.6.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{93F2A022-6C37-48B8-B241-FFABD9F60C30}" = iTunes
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AAC5C889-B75D-3368-BC63-CB660DE44C66}" = Microsoft .NET Framework 4.6.1 (DEU)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}" = Validity Fingerprint Sensor Driver
"{B9151DD5-DAFE-494E-AA1F-C351D5FD9E9B}" = Synaptics WBF Fingerprint Reader
"{B96314A4-5138-460F-B769-1913B0A07D78}" = Intel(R) Rapid Storage Technology
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{C2306F93-60AC-4401-B600-453376E771EC}" = Intel(R) Management Engine Components
"{C4123106-B685-48E6-B9BD-E4F911841EB4}" = Apple Mobile Device Support
"{C857169D-3F1A-4530-99A0-CAE966CE267E}" = Dassault Systemes Software VC11 Prerequisites x86-x64
"{CF1EB598-B424-436A-B15F-B763846BA970}" = Dassault Systemes Software Prerequisites x86-x64
"{D7B824DE-DA32-4772-9E5E-39C5158136A7}" = Apple Application Support (64-Bit)
"{E0729EA8-444C-4AAF-AB69-3CE907F60A38}" = Intel(R) Management Engine Components
"{F27A944C-C95A-4DB7-BC8A-AEFD9B1B5E40}" = Intel® PROSet/Wireless WiFi Software
"{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}" = Dassault Systemes Software VC9 Prerequisites x86-x64
"{FE51B16C-A025-418A-A5D6-07D93B643AFB}" = Intel(R) Management Engine Components
"8461-7759-5462-8226" = Vuze
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dassault Systemes B21_0" = Dassault Systemes Software B21
"HPProtectTools" = HP Client Security Manager
"MATLAB Production Server R2015a" = MATLAB Production Server R2015a
"Microsoft Security Client" = Microsoft Security Essentials
"PROSet" = Intel(R) Network Connections Drivers
"Python 2.7.9 (Anaconda 2.2.0 64-bit)" = Python 2.7.9 (Anaconda 2.2.0 64-bit)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.21 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{179D679D-047F-491D-8783-D4BE596D2242}" = Visual Basic for Applications (R) Core
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{28074A47-851D-4599-A270-87609F58EB57}" = HP PageLift
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{36FCBBEE-7BCE-4603-A4F5-56E73C43C820}" = HP BIOS Configuration Utility
"{384737A1-509C-46EA-A1EC-C1B6DD3BDC2D}" = HP Hotkey Support
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{40C98ADC-A44D-401E-BDDD-5094E4CF7D09}" = Avira Launcher
"{438363A8-F486-4C37-834C-4955773CB3D3}" = HP Setup
"{48D74C03-3D33-4A7E-9D93-A59FE58C1DEA}" = HP ESU for Microsoft Windows 7
"{49FE8EBA-CC77-484E-A4DB-DF4EFC0E5147}" = HP Theft Recovery
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{503CA94E-0834-4CEE-AD92-BA17AF4E809A}" = chip 1-click download service
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5EDC25EC-D966-11E4-9E5C-00163E98E7D6}" = Evernote v. 5.8.5
"{6313BCDF-1109-4682-A19D-413189817787}" = HP Port Replicator Software Installer
"{6349342F-9CEF-4A70-995A-2CF3704C2603}" = HP File Sanitizer
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{755C6515-9FEA-490C-B15E-22BB6519E57E}" = Remote Control Server
"{757cc2cc-5fed-43e4-b813-2bda78353297}" = HP SoftPaq Download Manager
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{904822F1-6C7D-4B91-B936-6A1C0810544C}" = HP Support Assistant
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}" = Avira Browser Safety
"{A13D16C5-38A9-4D96-9647-59FCCAB12A85}" = Visual Basic for Applications (R) Core - English
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}" = Brother MFL-Pro Suite MFC-J825DW
"{a2a04474-104a-49b3-9bf5-33afee260030}" = Intel® PROSet/Wireless Software
"{AC76BA86-0804-1033-1959-001824184103}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Deutsch
"{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}" = Apple Application Support (32-Bit)
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B5BEF5F8-BD76-4174-A47D-05A06EA62615}" = HP System Default Settings
"{B76E8F60-D517-44B1-BFCD-B6C153A60F1B}" = revoSleep
"{BAB89D31-4C55-472B-8909-6CBE2CC276B1}" = Microsoft Visual Basic for Applications 7.1 (x86) English
"{BC60F8B0-4365-48A3-B463-0CDDA249B07F}" = HP Documentation
"{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}" = VBA (3821b)
"{bfb60b68-92b8-481b-b416-7e05b4ea01c9}" = Avira Launcher
"{c7f54569-0018-439c-809a-48046a4d4ebc}" = Intel® Chipsatz-Gerätesoftware
"{D5D9F4B5-7CCE-458D-9ECA-FE9EFD7D607C}_is1" = Age of Empires 3 complete version 1.14
"{DD43EA67-DAF3-4879-BFF7-E534675BDEA5}" = HP PC Hardware Diagnostics UEFI
"{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}" = Realtek PC Camera
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}" = HP 3D DriveGuard
"{EA0F6FCD-988A-41DE-9D87-036C6B7C545D}" = Cisco AnyConnect Secure Mobility Client
"{F0809EF3-DE1B-4A3C-9825-D4ABD1BA06BC}" = HP Connection Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F24F876B-7D71-4BD6-88E9-614D3BB84242}" = Alcor Micro Smart Card Reader Driver
"{F6D61EC9-347B-4019-9F8E-E24169F7C330}" = HP Software Setup
"{FADF6CC4-5AF3-4630-AEDB-41F14BC09FCF}" = HP BIOS Configuration Utility
"{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}" = Energy Star
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.17
"Adobe Flash Player ActiveX" = Adobe Flash Player 21 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Avira Antivirus" = Avira Antivirus
"Blobby Volley 2 Version 1.0_is1" = Blobby Volley 2 Version 1.0
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"Dassault Systemes Doc English B21" = Dassault Systemes Doc English CATIA P3 B21
"EaseUS Partition Master_is1" = EaseUS Partition Master 10.5
"Foxit Reader_is1" = Foxit Reader
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{49FE8EBA-CC77-484E-A4DB-DF4EFC0E5147}" = HP Theft Recovery
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.2.1.1043
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 46.0.1 (x86 de)" = Mozilla Firefox 46.0.1 (x86 de)
"Mozilla Thunderbird 45.0 (x86 de)" = Mozilla Thunderbird 45.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.95
"SZCCID" = Alcor Micro Smart Card Reader Driver
"Texmaker" = Texmaker
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.05.2016 00:03:40 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
ein Fehler auf. Der Systemfehlercode lautet 0xe0000231:- ** The error code could
not be translated **
Error - 11.05.2016 00:03:40 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
ein Fehler auf. Der Systemfehlercode lautet 0xe0000231:- ** The error code could
not be translated **
Error - 11.05.2016 00:40:17 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
ein Fehler auf. Der Systemfehlercode lautet 0xe0000231:- ** The error code could
not be translated **
Error - 11.05.2016 08:52:58 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
ein Fehler auf. Der Systemfehlercode lautet 0xe0000231:- ** The error code could
not be translated **
Error - 11.05.2016 08:52:58 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
ein Fehler auf. Der Systemfehlercode lautet 0xe0000231:- ** The error code could
not be translated **
Error - 11.05.2016 08:52:58 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
ein Fehler auf. Der Systemfehlercode lautet 0xe0000231:- ** The error code could
not be translated **
Error - 11.05.2016 08:53:10 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1069
Description = Profilvorgang für aktuelle SID mit unbekanntem Ausnahmefehler fehlgeschlagen.
Error - 11.05.2016 08:53:12 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
ein Fehler auf. Der Systemfehlercode lautet 0xe0000231:- ** The error code could
not be translated **
Error - 11.05.2016 08:53:12 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
ein Fehler auf. Der Systemfehlercode lautet 0xe0000231:- ** The error code could
not be translated **
Error - 11.05.2016 08:53:12 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
ein Fehler auf. Der Systemfehlercode lautet 0xe0000231:- ** The error code could
not be translated **
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 17.05.2016 04:46:40 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE
Error - 17.05.2016 04:46:48 | Computer Name = Pako-HP840 | Source = acvpnui | ID = 67108866
Description = Function: MFDartBox::getDARTInstallDir File: .\MFDartBox.cpp Line: 337
Invoked
Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Es sind keine
Daten mehr verfügbar.
Error - 17.05.2016 04:46:58 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108866
Description = Function: CNetbinding::getIcfg File: .\CNetbinding.cpp Line: 175 Invoked
Function: INetCfgLock::AcquireWriteLock Return Code: 1 (0x00000001) Description:
Unzulässige Funktion. write lock already taken by iphlpsvc.dll
Error - 17.05.2016 04:46:58 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108866
Description = Function: ACIdentifierExts::GetMacAddressesOfPhysicalInterfaces File:
.\ACIdentifierExts.cpp Line: 314 Invoked Function: CNetbinding::EnumeratePhysicalAdapters
Return
Code: -26279926 (0xFE6F000A) Description: NETBINDING_ERROR_GETICFG
Error - 17.05.2016 04:46:58 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108866
Description = Function: CHostConfigMgr::determinePublicAddrCandidateFromDefRoute
File:
.\HostConfigMgr.cpp Line: 1814 Invoked Function: CHostConfigMgr::FindDefaultRouteInterface
Return
Code: -24117215 (0xFE900021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 17.05.2016 04:46:59 | Computer Name = Pako-HP840 | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1364 NULL object. Cannot establish a connection at this time.
Error - 17.05.2016 04:46:59 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108866
Description = Function: CHostConfigMgr::determinePublicAddrCandidateFromDefRoute
File:
.\HostConfigMgr.cpp Line: 1814 Invoked Function: CHostConfigMgr::FindDefaultRouteInterface
Return
Code: -24117215 (0xFE900021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
Error - 17.05.2016 04:51:33 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 17.05.2016 04:51:33 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 17.05.2016 04:51:33 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
[ System Events ]
Error - 16.05.2016 05:41:14 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers
fehlgeschlagen: %%5
Error - 16.05.2016 05:41:14 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers
fehlgeschlagen: %%5
Error - 16.05.2016 05:41:14 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers
fehlgeschlagen: %%5
Error - 16.05.2016 05:41:36 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Mail Protection" wurde mit folgendem dienstspezifischem
Fehler beendet: %%1.
Error - 16.05.2016 17:13:07 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7016
Description = Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen
Status gemeldet: 0
Error - 16.05.2016 17:13:07 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7016
Description = Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen
Status gemeldet: 0
Error - 16.05.2016 17:13:11 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error - 17.05.2016 04:46:34 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7016
Description = Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen
Status gemeldet: 0
Error - 17.05.2016 04:46:34 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7016
Description = Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen
Status gemeldet: 0
Error - 17.05.2016 04:46:54 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
< End of report >
|
|
18.05.2016, 09:37
| #4 |
| /// TB-Ausbilder   | Email Account(GMX) verschickt Nachrichten Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
18.05.2016, 19:43
| #5 |
| | Email Account(GMX) verschickt Nachrichten Hi Matthias! Vielen Dank für deine Hilfe! Es folgt das logfile von TDSSKiller, es wurden 2 Bedrohungen gefunden. Lieben Gruß, Pako Code:
ATTFilter 20:30:44.0556 0x1c08 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
20:30:54.0036 0x1c08
20:30:54.0036 0x1c08 Current date / time: 2016/05/18 20:30:54.0036
20:30:54.0036 0x1c08 SystemInfo:
20:30:54.0036 0x1c08
20:30:54.0036 0x1c08 OS Version: 6.1.7601 ServicePack: 1.0
20:30:54.0036 0x1c08 Product type: Workstation
20:30:54.0037 0x1c08 ComputerName: PAKO-HP840
20:30:54.0042 0x1c08 UserName: Pako
20:30:54.0042 0x1c08 Windows directory: C:\windows
20:30:54.0042 0x1c08 System windows directory: C:\windows
20:30:54.0042 0x1c08 Running under WOW64
20:30:54.0042 0x1c08 Processor architecture: Intel x64
20:30:54.0042 0x1c08 Number of processors: 4
20:30:54.0042 0x1c08 Page size: 0x1000
20:30:54.0042 0x1c08 Boot type: Normal boot
20:30:54.0042 0x1c08 ============================================================
20:30:55.0130 0x1c08 KLMD registered as C:\windows\system32\drivers\40423767.sys
20:30:56.0089 0x1c08 System UUID: {FE25E459-C728-B4B5-C868-633DDE899BE7}
20:30:57.0225 0x1c08 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:30:57.0225 0x1c08 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:30:57.0229 0x1c08 ============================================================
20:30:57.0229 0x1c08 \Device\Harddisk0\DR0:
20:30:57.0229 0x1c08 MBR partitions:
20:30:57.0229 0x1c08 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
20:30:57.0229 0x1c08 \Device\Harddisk1\DR1:
20:30:57.0229 0x1c08 MBR partitions:
20:30:57.0229 0x1c08 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x200800
20:30:57.0229 0x1c08 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x201000, BlocksNum 0xBD77800
20:30:57.0229 0x1c08 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xBF78800, BlocksNum 0x1C19800
20:30:57.0229 0x1c08 \Device\Harddisk1\DR1\Partition4: MBR, Type 0xB, StartLBA 0xDB92000, BlocksNum 0x400000
20:30:57.0229 0x1c08 ============================================================
20:30:57.0230 0x1c08 C: <-> \Device\Harddisk1\DR1\Partition2
20:30:57.0231 0x1c08 F: <-> \Device\Harddisk1\DR1\Partition4
20:30:57.0551 0x1c08 E: <-> \Device\Harddisk0\DR0\Partition1
20:30:57.0552 0x1c08 D: <-> \Device\Harddisk1\DR1\Partition3
20:30:57.0553 0x1c08 ============================================================
20:30:57.0553 0x1c08 Initialize success
20:30:57.0553 0x1c08
===
20:33:20.0290 0x1404
===
20:33:20.0290 0x1404 Scan started
20:33:20.0290 0x1404 Mode: Manual; SigCheck; TDLFS;
20:33:20.0290 0x1404
===
20:33:20.0290 0x1404 KSN ping started
20:33:23.0380 0x1404 KSN ping finished: true
20:33:23.0832 0x1404 ================ Scan system memory ========================
20:33:23.0832 0x1404 System memory - ok
20:33:23.0832 0x1404 ================ Scan services =============================
20:33:23.0879 0x1404 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
20:33:23.0988 0x1404 1394ohci - ok
20:33:24.0004 0x1404 [ AE106B87559DB159053D948221D83B60, B120963FCF9E5A84749166BBBB227FF2A7A4E5E633E385EC80FFCE4FD499B931 ] Accelerometer C:\windows\system32\drivers\Accelerometer.sys
20:33:24.0035 0x1404 Accelerometer - ok
20:33:24.0051 0x1404 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
20:33:24.0066 0x1404 ACPI - ok
20:33:24.0082 0x1404 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
20:33:24.0113 0x1404 AcpiPmi - ok
20:33:24.0113 0x1404 [ 4E179DDF5EC43973B7CFE264AAF911B2, D62E062744EE274FA10D962F534A0F16F2E9A3E34B602E67F614FCB4B9C8CB2E ] acsock C:\windows\system32\DRIVERS\acsock64.sys
20:33:24.0160 0x1404 acsock - ok
20:33:24.0160 0x1404 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:33:24.0191 0x1404 AdobeARMservice - ok
20:33:24.0222 0x1404 [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:33:24.0253 0x1404 AdobeFlashPlayerUpdateSvc - ok
20:33:24.0269 0x1404 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
20:33:24.0316 0x1404 adp94xx - ok
20:33:24.0331 0x1404 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
20:33:24.0378 0x1404 adpahci - ok
20:33:24.0378 0x1404 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
20:33:24.0425 0x1404 adpu320 - ok
20:33:24.0441 0x1404 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\windows\System32\aelupsvc.dll
20:33:24.0503 0x1404 AeLookupSvc - ok
20:33:24.0519 0x1404 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\windows\system32\drivers\afd.sys
20:33:24.0597 0x1404 AFD - ok
20:33:24.0612 0x1404 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
20:33:24.0643 0x1404 agp440 - ok
20:33:24.0659 0x1404 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
20:33:24.0675 0x1404 ALG - ok
20:33:24.0675 0x1404 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
20:33:24.0690 0x1404 aliide - ok
20:33:24.0706 0x1404 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
20:33:24.0721 0x1404 amdide - ok
20:33:24.0721 0x1404 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
20:33:24.0737 0x1404 AmdK8 - ok
20:33:24.0753 0x1404 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
20:33:24.0768 0x1404 AmdPPM - ok
20:33:24.0784 0x1404 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
20:33:24.0799 0x1404 amdsata - ok
20:33:24.0815 0x1404 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
20:33:24.0831 0x1404 amdsbs - ok
20:33:24.0831 0x1404 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
20:33:24.0862 0x1404 amdxata - ok
20:33:24.0893 0x1404 [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
20:33:25.0002 0x1404 AntiVirMailService - ok
20:33:25.0018 0x1404 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
20:33:25.0049 0x1404 AntiVirSchedulerService - ok
20:33:25.0065 0x1404 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
20:33:25.0096 0x1404 AntiVirService - ok
20:33:25.0127 0x1404 [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
20:33:25.0299 0x1404 AntiVirWebService - ok
20:33:25.0314 0x1404 [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID C:\windows\system32\drivers\appid.sys
20:33:25.0345 0x1404 AppID - ok
20:33:25.0361 0x1404 [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc C:\windows\System32\appidsvc.dll
20:33:25.0408 0x1404 AppIDSvc - ok
20:33:25.0408 0x1404 [ 046E837786271237A76C50F7CE1F5BC6, 10EFAEC9BCEF241B3046DFECA7659E137DF42C975E50B35D841024D44A58BB98 ] Appinfo C:\windows\System32\appinfo.dll
20:33:25.0439 0x1404 Appinfo - ok
20:33:25.0455 0x1404 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:33:25.0486 0x1404 Apple Mobile Device Service - ok
20:33:25.0486 0x1404 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\windows\System32\appmgmts.dll
20:33:25.0517 0x1404 AppMgmt - ok
20:33:25.0517 0x1404 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
20:33:25.0533 0x1404 arc - ok
20:33:25.0548 0x1404 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
20:33:25.0564 0x1404 arcsas - ok
20:33:25.0579 0x1404 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:33:25.0595 0x1404 aspnet_state - ok
20:33:25.0595 0x1404 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
20:33:25.0689 0x1404 AsyncMac - ok
20:33:25.0689 0x1404 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
20:33:25.0720 0x1404 atapi - ok
20:33:25.0751 0x1404 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:33:25.0798 0x1404 AudioEndpointBuilder - ok
20:33:25.0813 0x1404 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
20:33:25.0876 0x1404 AudioSrv - ok
20:33:25.0891 0x1404 [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
20:33:25.0938 0x1404 avgntflt - ok
20:33:25.0938 0x1404 [ C9BED3BDC39FBCAA77A88308355B237E, AFC74D4BF86FB695D7D31534C174D926C8ED57E7D8E98339CE3ED060AC3BB6D0 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
20:33:25.0985 0x1404 avipbb - ok
20:33:26.0001 0x1404 [ 125DFFF37D51A45A72934C3BF89A64CD, 19208A6544DC822D5010C835A6FA5E8AC5406CBFB277C4C9E034EF6309B113EE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
20:33:26.0047 0x1404 Avira.ServiceHost - ok
20:33:26.0063 0x1404 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
20:33:26.0079 0x1404 avkmgr - ok
20:33:26.0079 0x1404 [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt C:\windows\system32\DRIVERS\avnetflt.sys
20:33:26.0110 0x1404 avnetflt - ok
20:33:26.0110 0x1404 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
20:33:26.0141 0x1404 AxInstSV - ok
20:33:26.0157 0x1404 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
20:33:26.0188 0x1404 b06bdrv - ok
20:33:26.0203 0x1404 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
20:33:26.0235 0x1404 b57nd60a - ok
20:33:26.0281 0x1404 [ 0C4D8A266B11D747F454D0B7C7C78B1A, 8994721C833D333F659D527E803C4C0E03010B628E60AFD9D62194D93D2F9517 ] BBDemon C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe
20:33:26.0547 0x1404 BBDemon - detected UnsignedFile.Multi.Generic ( 1 )
20:33:28.0668 0x19b4 Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
20:33:30.0556 0x1404 BBDemon ( UnsignedFile.Multi.Generic ) - warning
20:33:32.0989 0x19b4 Object send P2P result: true
20:33:32.0989 0x19b4 Object required for P2P: [ 157DA3885AA4F03C80C10DAEB0949CAA ] AntiVirMailService
20:33:33.0239 0x0d48 Object required for P2P: [ C9BED3BDC39FBCAA77A88308355B237E ] avipbb
20:33:33.0426 0x1404 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
20:33:33.0473 0x1404 BDESVC - ok
20:33:33.0473 0x1404 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
20:33:33.0520 0x1404 Beep - ok
20:33:33.0551 0x1404 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
20:33:33.0598 0x1404 BFE - ok
20:33:33.0613 0x1404 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
20:33:33.0707 0x1404 BITS - ok
20:33:33.0707 0x1404 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
20:33:33.0723 0x1404 blbdrive - ok
20:33:33.0754 0x1404 [ 77C8C32361C4F68D4038D5AFB0460666, 5B79B6A5DCE4A9C547FFBE923C8A1958884DAABD2C3DC087A325C5A81D50AD3B ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
20:33:33.0801 0x1404 Bluetooth Device Monitor - ok
20:33:33.0847 0x1404 [ F6CDE2EB9DA7DDCD45AC7DD3570660AE, F652FBC9E3F2EA67978BEC28069FDD38F2EE4959E887966B16D39FCBBB0A8E84 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
20:33:33.0894 0x1404 Bluetooth Media Service - ok
20:33:33.0941 0x1404 [ FB933096A7CFA7BF10EBDF922D1E8CDD, 1D26496B8AAC582E4CD7DE24593D623BB8C858AE467C6F7EA7CA4D6719631571 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
20:33:33.0972 0x1404 Bluetooth OBEX Service - ok
20:33:33.0988 0x1404 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:33:34.0019 0x1404 Bonjour Service - ok
20:33:34.0035 0x1404 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
20:33:34.0050 0x1404 bowser - ok
20:33:34.0050 0x1404 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
20:33:34.0081 0x1404 BrFiltLo - ok
20:33:34.0081 0x1404 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
20:33:34.0113 0x1404 BrFiltUp - ok
20:33:34.0113 0x1404 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
20:33:34.0128 0x1404 Browser - ok
20:33:34.0144 0x1404 [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb C:\windows\system32\DRIVERS\BrSerIb.sys
20:33:34.0159 0x1404 BrSerIb - ok
20:33:34.0175 0x1404 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
20:33:34.0206 0x1404 Brserid - ok
20:33:34.0206 0x1404 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
20:33:34.0237 0x1404 BrSerWdm - ok
20:33:34.0237 0x1404 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
20:33:34.0253 0x1404 BrUsbMdm - ok
20:33:34.0269 0x1404 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
20:33:34.0284 0x1404 BrUsbSer - ok
20:33:34.0284 0x1404 [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb C:\windows\system32\DRIVERS\BrUsbSIb.sys
20:33:34.0300 0x1404 BrUsbSIb - ok
20:33:34.0300 0x1404 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
20:33:34.0331 0x1404 BthEnum - ok
20:33:34.0347 0x1404 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
20:33:34.0362 0x1404 BTHMODEM - ok
20:33:34.0378 0x1404 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
20:33:34.0409 0x1404 BthPan - ok
20:33:34.0425 0x1404 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
20:33:34.0456 0x1404 BTHPORT - ok
20:33:34.0456 0x1404 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
20:33:34.0503 0x1404 bthserv - ok
20:33:34.0503 0x1404 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
20:33:34.0534 0x1404 BTHUSB - ok
20:33:34.0534 0x1404 [ E1D7A39EA2C0A8A480B2D157AAEE981A, 2133ABD68DAB35D29D720710BEBF97D20809CA5CAC4B0F380D328F2A2C779345 ] btmaudio C:\windows\system32\drivers\btmaud.sys
20:33:34.0549 0x1404 btmaudio - ok
20:33:34.0565 0x1404 [ 947302328B27573F8773900CD8986A45, AA102A35E70CA4860A60B8654BDDC608D72BC97301D7799FEE040CD5D0354D7F ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
20:33:34.0581 0x1404 btmaux - ok
20:33:34.0627 0x1404 [ D0B50558F46922648D499F970FB38BB2, 74FB6C58DBEBDD1C1CD8333BBE9EA686DD6D4D3007FCAF7D893A6301A6149596 ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
20:33:34.0674 0x1404 btmhsf - ok
20:33:34.0674 0x1404 btmlehid - ok
20:33:34.0674 0x1404 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
20:33:34.0721 0x1404 cdfs - ok
20:33:34.0737 0x1404 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
20:33:34.0752 0x1404 cdrom - ok
20:33:34.0768 0x1404 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
20:33:34.0799 0x1404 CertPropSvc - ok
20:33:34.0799 0x1404 [ 8010F7A8C5CCD34120542DB3E0A37A14, F44922EEB9EDF527349BFC226B24AF1231EFE5BB1A6D4A4916B086CEB19092C1 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
20:33:35.0049 0x1404 chip1click - detected UnsignedFile.Multi.Generic ( 1 )
20:33:35.0922 0x19b4 Object send P2P result: true
20:33:36.0141 0x0d48 Object send P2P result: true
20:33:36.0141 0x0d48 Object required for P2P: [ 125DFFF37D51A45A72934C3BF89A64CD ] Avira.ServiceHost
20:33:37.0950 0x1404 chip1click ( UnsignedFile.Multi.Generic ) - warning
20:33:39.0073 0x0d48 Object send P2P result: true
20:33:39.0073 0x0d48 Object required for P2P: [ 138A53D17B040F5A3A307D44A89D0905 ] avnetflt
20:33:40.0774 0x1404 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
20:33:40.0805 0x1404 circlass - ok
20:33:40.0821 0x1404 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\windows\system32\CLFS.sys
20:33:40.0836 0x1404 CLFS - ok
20:33:40.0852 0x1404 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:33:40.0883 0x1404 clr_optimization_v2.0.50727_32 - ok
20:33:40.0883 0x1404 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:33:40.0914 0x1404 clr_optimization_v2.0.50727_64 - ok
20:33:40.0914 0x1404 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:33:40.0930 0x1404 clr_optimization_v4.0.30319_32 - ok
20:33:40.0945 0x1404 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:33:40.0961 0x1404 clr_optimization_v4.0.30319_64 - ok
20:33:40.0977 0x1404 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\drivers\CmBatt.sys
20:33:40.0992 0x1404 CmBatt - ok
20:33:40.0992 0x1404 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
20:33:41.0023 0x1404 cmdide - ok
20:33:41.0039 0x1404 [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\windows\system32\Drivers\cng.sys
20:33:41.0086 0x1404 CNG - ok
20:33:41.0086 0x1404 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
20:33:41.0101 0x1404 Compbatt - ok
20:33:41.0101 0x1404 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
20:33:41.0133 0x1404 CompositeBus - ok
20:33:41.0148 0x1404 COMSysApp - ok
20:33:41.0179 0x1404 [ 6F69809C4BC6E8905652F2EFA6EEE002, D0D36544F476C2BA37921337080B2B3720160FCCC14AD94C7FB2C0A8BBBFD3A0 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
20:33:41.0273 0x1404 cphs - ok
20:33:41.0289 0x1404 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
20:33:41.0304 0x1404 crcdisk - ok
20:33:41.0320 0x1404 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\windows\system32\cryptsvc.dll
20:33:41.0335 0x1404 CryptSvc - ok
20:33:41.0351 0x1404 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\windows\system32\drivers\csc.sys
20:33:41.0398 0x1404 CSC - ok
20:33:41.0413 0x1404 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\windows\System32\cscsvc.dll
20:33:41.0445 0x1404 CscService - ok
20:33:41.0445 0x1404 [ D8B22011684EBD5CB66241FF67F8393F, 75D6D892B285A893D0AAF5415A1B2DD424656661C650239986B47501B4495353 ] CtAgentService C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
20:33:41.0476 0x1404 CtAgentService - detected UnsignedFile.Multi.Generic ( 1 )
20:33:41.0991 0x0d48 Object send P2P result: true
20:33:44.0767 0x1404 Detect skipped due to KSN trusted
20:33:44.0767 0x1404 CtAgentService - ok
20:33:44.0767 0x1404 [ DF9CFF17918BBD3CB7FDBADDA35AEC06, 5CB2A30DFC432B41BCBF4AF8BB44ACA220DDD4EAB8178C06316605B10F305156 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
20:33:44.0814 0x1404 DAMDrv - ok
20:33:44.0861 0x1404 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\windows\system32\rpcss.dll
20:33:44.0955 0x1404 DcomLaunch - ok
20:33:44.0986 0x1404 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
20:33:45.0079 0x1404 defragsvc - ok
20:33:45.0079 0x1404 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
20:33:45.0142 0x1404 DfsC - ok
20:33:45.0157 0x1404 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
20:33:45.0189 0x1404 Dhcp - ok
20:33:45.0235 0x1404 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\windows\system32\diagtrack.dll
20:33:45.0298 0x1404 DiagTrack - ok
20:33:45.0329 0x1404 [ 91DF13EC831BDCFA36A7A12CD13D66B9, 5054281FE91D4BE0DB446F6F30E3D59E669185555F6C20B988DEC250713FFCED ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
20:33:45.0376 0x1404 Disc Soft Lite Bus Service - ok
20:33:45.0376 0x1404 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
20:33:45.0407 0x1404 discache - ok
20:33:45.0423 0x1404 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\windows\system32\drivers\disk.sys
20:33:45.0438 0x1404 Disk - ok
20:33:45.0672 0x1404 [ 1758AA81C83CE783497F9F496CA971C4, 5B16D7C975D6ED6EFF8BEC329B501908321227C74061F9B64ADF129995A63464 ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
20:33:45.0953 0x1404 DisplayLinkService - ok
20:33:45.0969 0x1404 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\windows\system32\drivers\dmvsc.sys
20:33:46.0000 0x1404 dmvsc - ok
20:33:46.0000 0x1404 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
20:33:46.0031 0x1404 Dnscache - ok
20:33:46.0047 0x1404 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
20:33:46.0078 0x1404 dot3svc - ok
20:33:46.0093 0x1404 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4 C:\windows\system32\DRIVERS\Dot4.sys
20:33:46.0109 0x1404 dot4 - ok
20:33:46.0125 0x1404 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
20:33:46.0140 0x1404 Dot4Print - ok
20:33:46.0140 0x1404 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
20:33:46.0171 0x1404 dot4usb - ok
20:33:46.0187 0x1404 [ 0A688835C4F8D4A05F15EE5BCFA2D5B7, 96F5031C70E7BD6B72B6524E97D2E355C5B9820F1FC75C037AC5A6D588352E9F ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
20:33:46.0218 0x1404 DpHost - ok
20:33:46.0218 0x1404 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
20:33:46.0265 0x1404 DPS - ok
20:33:46.0265 0x1404 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
20:33:46.0296 0x1404 drmkaud - ok
20:33:46.0296 0x1404 [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus C:\windows\system32\DRIVERS\dtlitescsibus.sys
20:33:46.0312 0x1404 dtlitescsibus - ok
20:33:46.0343 0x1404 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
20:33:46.0374 0x1404 DXGKrnl - ok
20:33:46.0390 0x1404 [ 979BB42743D1E876DEC8FA25D9058F08, 00A1CE265EB2D84D0169E3FB27E6D338B6B45B1C73C12A1DE4C6CA1159ED42D6 ] e1dexpress C:\windows\system32\DRIVERS\e1d62x64.sys
20:33:46.0421 0x1404 e1dexpress - ok
20:33:46.0421 0x1404 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
20:33:46.0468 0x1404 EapHost - ok
20:33:46.0546 0x1404 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
20:33:46.0655 0x1404 ebdrv - ok
20:33:46.0655 0x1404 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS C:\windows\System32\lsass.exe
20:33:46.0686 0x1404 EFS - ok
20:33:46.0702 0x1404 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
20:33:46.0749 0x1404 ehRecvr - ok
20:33:46.0749 0x1404 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
20:33:46.0764 0x1404 ehSched - ok
20:33:46.0780 0x1404 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
20:33:46.0827 0x1404 elxstor - ok
20:33:46.0827 0x1404 [ 1B677389760689A11241884C700B48E0, 75EC4D16F3F6004D2697AE25E029B95D8B9611911039777B781C5707DA6048C6 ] epmntdrv C:\windows\system32\epmntdrv.sys
20:33:46.0858 0x1404 epmntdrv - ok
20:33:46.0858 0x1404 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
20:33:46.0873 0x1404 ErrDev - ok
20:33:46.0889 0x1404 [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv C:\windows\system32\EuGdiDrv.sys
20:33:46.0905 0x1404 EuGdiDrv - ok
20:33:46.0920 0x1404 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
20:33:46.0967 0x1404 EventSystem - ok
20:33:46.0983 0x1404 [ 2761809D0BA8BD0F83463509624FD74A, BF057B1490AB912943772F3FCC97E068F365A15E67E02927E38AB31CC9EAC7D7 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:33:47.0029 0x1404 EvtEng - ok
20:33:47.0029 0x1404 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
20:33:47.0076 0x1404 exfat - ok
20:33:47.0092 0x1404 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
20:33:47.0139 0x1404 fastfat - ok
20:33:47.0154 0x1404 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
20:33:47.0201 0x1404 Fax - ok
20:33:47.0201 0x1404 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
20:33:47.0217 0x1404 fdc - ok
20:33:47.0232 0x1404 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
20:33:47.0263 0x1404 fdPHost - ok
20:33:47.0263 0x1404 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
20:33:47.0295 0x1404 FDResPub - ok
20:33:47.0310 0x1404 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
20:33:47.0326 0x1404 FileInfo - ok
20:33:47.0326 0x1404 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
20:33:47.0373 0x1404 Filetrace - ok
20:33:47.0388 0x1404 [ A598E027C97AFDF2662BE660C57EFA23, 99E8C0773BE6B93B5675C6708AF8E120BB9A616AD2A77EE899BD8C9B198F3039 ] FLCDLOCK C:\windows\SysWOW64\flcdlock.exe
20:33:47.0419 0x1404 FLCDLOCK - ok
20:33:47.0419 0x1404 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
20:33:47.0451 0x1404 flpydisk - ok
20:33:47.0451 0x1404 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
20:33:47.0482 0x1404 FltMgr - ok
20:33:47.0513 0x1404 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\windows\system32\FntCache.dll
20:33:47.0575 0x1404 FontCache - ok
20:33:47.0575 0x1404 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:33:47.0607 0x1404 FontCache3.0.0.0 - ok
20:33:47.0607 0x1404 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
20:33:47.0622 0x1404 FsDepends - ok
20:33:47.0638 0x1404 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
20:33:47.0653 0x1404 Fs_Rec - ok
20:33:47.0669 0x1404 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
20:33:47.0685 0x1404 fvevol - ok
20:33:47.0685 0x1404 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
20:33:47.0716 0x1404 gagp30kx - ok
20:33:47.0716 0x1404 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:33:47.0731 0x1404 GEARAspiWDM - ok
20:33:47.0763 0x1404 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
20:33:47.0825 0x1404 gpsvc - ok
20:33:47.0825 0x1404 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
20:33:47.0841 0x1404 hcw85cir - ok
20:33:47.0856 0x1404 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:33:47.0887 0x1404 HdAudAddService - ok
20:33:47.0903 0x1404 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
20:33:47.0919 0x1404 HDAudBus - ok
20:33:47.0934 0x1404 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
20:33:47.0950 0x1404 HidBatt - ok
20:33:47.0950 0x1404 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
20:33:47.0981 0x1404 HidBth - ok
20:33:47.0981 0x1404 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
20:33:48.0012 0x1404 HidIr - ok
20:33:48.0012 0x1404 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
20:33:48.0043 0x1404 hidserv - ok
20:33:48.0059 0x1404 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
20:33:48.0075 0x1404 HidUsb - ok
20:33:48.0090 0x1404 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
20:33:48.0121 0x1404 hkmsvc - ok
20:33:48.0121 0x1404 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:33:48.0153 0x1404 HomeGroupListener - ok
20:33:48.0153 0x1404 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:33:48.0184 0x1404 HomeGroupProvider - ok
20:33:48.0199 0x1404 [ 2A48BD9758ADF8509D8D67A594E80ADF, 5E7DB3F25949039EBBF03490AC5A098A2A818417BD8192E49B852EBBB04D75CF ] HP Hotkey Service C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
20:33:48.0231 0x1404 HP Hotkey Service - ok
20:33:48.0246 0x1404 [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:33:48.0262 0x1404 HP Support Assistant Service - ok
20:33:48.0293 0x1404 [ FD9984191B6B2E1A7A175282AE2B4C80, BF1FDA430176221D2EED3E9C9237B5A66DC22E218649BDB75518D19F3E64DD33 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
20:33:48.0340 0x1404 hpCMSrv - ok
20:33:48.0355 0x1404 [ 81D3B256EEA1CA79A68FA6BFF88AFB57, B54B96D0646D7554A62FADB22A99E0F8252AF5B16898B5F78495D7AA9FD65D7D ] HpDamServiceHost C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
20:33:48.0371 0x1404 HpDamServiceHost - ok
20:33:48.0371 0x1404 [ 990A8B2705C5D501716921F4BC4CC8BB, EF322D12CE4B8A3C14A7F93B952EE6F5B409BCBACF791B4AEF54C8A5E67E9E0F ] hpdskflt C:\windows\system32\drivers\hpdskflt.sys
20:33:48.0402 0x1404 hpdskflt - ok
20:33:48.0433 0x1404 [ FB705318D2BB72B286308F496354C11F, B805BCB62CB932B17C671D3BAFC86A87F816F824D1EEEF3E0855BCB53DF5A4EB ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
20:33:48.0511 0x1404 HPFSService - ok
20:33:48.0543 0x1404 [ 937B5E3880F5EE5B1D59E8204CD3B556, 1B32EE143BFE2EAB78BDE4B97E709F3137D91916204C351C09E8D697806C7D89 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:33:48.0574 0x1404 hpqwmiex - ok
20:33:48.0589 0x1404 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
20:33:48.0605 0x1404 HpSAMD - ok
20:33:48.0605 0x1404 [ EB68A57F870DC354817C0F23109975C0, A126CFC81B0512C15AE69ECB2E1CBE0E0CB9A7000DBA65D735C3F090738E02A6 ] hpsrv C:\windows\system32\Hpservice.exe
20:33:48.0636 0x1404 hpsrv - ok
20:33:48.0652 0x1404 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
20:33:48.0683 0x1404 HTTP - ok
20:33:48.0699 0x1404 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
20:33:48.0714 0x1404 hwpolicy - ok
20:33:48.0714 0x1404 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
20:33:48.0745 0x1404 i8042prt - ok
20:33:48.0761 0x1404 [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA C:\windows\system32\drivers\iaStorA.sys
20:33:48.0792 0x1404 iaStorA - ok
20:33:48.0792 0x1404 [ E4B16F9770B0F04A1841C74368896870, 55A07A24686DEFB53158992F4490371D7BC6378692F353124599C9E653134236 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:33:48.0808 0x1404 IAStorDataMgrSvc - ok
20:33:48.0808 0x1404 [ AB28B4CE85BE2261276ECD3482A0AED9, 0052D158B93F9A5DADD9EFC06FAED27650F104CF79A5BCEDF97AA47D18290756 ] iaStorF C:\windows\system32\drivers\iaStorF.sys
20:33:48.0823 0x1404 iaStorF - ok
20:33:48.0839 0x1404 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
20:33:48.0870 0x1404 iaStorV - ok
20:33:48.0870 0x1404 [ 08CFD7BC9F2A6A3B97A2414B374A6318, 5D1FCE74D75593DC20F3542D853D5C80DAB82A7EF892582A29F614A8593D6154 ] iBtSiva C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
20:33:48.0933 0x1404 iBtSiva - ok
20:33:48.0933 0x1404 [ 1A7330D3248DF74781426F57038F5E35, 53916668A3E2AFC37020130B5AB47A80F3C6F22FA93728A264D7A377E15998DD ] ibtusb C:\windows\system32\DRIVERS\ibtusb.sys
20:33:48.0964 0x1404 ibtusb - ok
20:33:48.0964 0x1404 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
20:33:48.0995 0x1404 ICCS - ok
20:33:49.0011 0x1404 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:33:49.0057 0x1404 idsvc - ok
20:33:49.0198 0x1404 [ 74E26184712E2727042D74DE12D42E47, CB1537DE8B421C222AEE8D4F3386EBD18B3251D5DCC98B000568033491B955E4 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
20:33:49.0401 0x1404 igfx - ok
20:33:49.0416 0x1404 [ 9AF7D3407034C2C199A5215530AAC8F4, DDCEEF89F348D0EF8339C4A297E8AC198406062C5F62D6293F37D217E6100539 ] igfxCUIService2.0.0.0 C:\windows\system32\igfxCUIService.exe
20:33:49.0463 0x1404 igfxCUIService2.0.0.0 - ok
20:33:49.0479 0x1404 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
20:33:49.0494 0x1404 iirsp - ok
20:33:49.0510 0x1404 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
20:33:49.0557 0x1404 IKEEXT - ok
20:33:49.0557 0x1404 [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
20:33:49.0572 0x1404 intaud_WaveExtensible - ok
20:33:49.0681 0x1404 [ CED0A902FF810DAB258D732EA6DDD23C, 30A1378F4B8F4B9D04BA9B6767C607BCC68357CC409C4EE555AD35C1DA6881EE ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:33:49.0791 0x1404 IntcAzAudAddService - ok
20:33:49.0806 0x1404 [ FA06FD050994E9A42FEDFDC96992C842, 5863D218AB27032C71D5CE1315A5E7D8355316CC1D0B7BB0705E8DE00A8F0DD3 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
20:33:49.0837 0x1404 IntcDAud - ok
20:33:49.0869 0x1404 [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:33:50.0773 0x1404 Intel(R) Capability Licensing Service TCP IP Interface - ok
20:33:50.0773 0x1404 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
20:33:50.0789 0x1404 intelide - ok
20:33:50.0805 0x1404 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\drivers\intelppm.sys
20:33:50.0820 0x1404 intelppm - ok
20:33:50.0836 0x1404 [ 7796E03E2BB3E9F5940F5CB12FC4CC4F, A5B156B76757BF6339A35DE4845F19ECB4AA3F0784D227536F45AE1552F680ED ] IntelUSBoverIP C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
20:33:50.0883 0x1404 IntelUSBoverIP - ok
20:33:50.0898 0x1404 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:33:50.0929 0x1404 IPBusEnum - ok
20:33:50.0929 0x1404 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:33:50.0976 0x1404 IpFilterDriver - ok
20:33:50.0992 0x1404 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:33:51.0023 0x1404 iphlpsvc - ok
20:33:51.0023 0x1404 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:33:51.0054 0x1404 IPMIDRV - ok
20:33:51.0054 0x1404 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:33:51.0101 0x1404 IPNAT - ok
20:33:51.0117 0x1404 [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:33:51.0148 0x1404 iPod Service - ok
20:33:51.0148 0x1404 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
20:33:51.0163 0x1404 IRENUM - ok
20:33:51.0179 0x1404 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
20:33:51.0195 0x1404 isapnp - ok
20:33:51.0195 0x1404 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
20:33:51.0226 0x1404 iScsiPrt - ok
20:33:51.0226 0x1404 [ F16094D5FAD9B28B192D94F809895FCD, F9161FEF5A52B1526341DF74AD321DB07C289C9F2E96EFFFF2CE928059D54CA1 ] iusb3hcs C:\windows\system32\drivers\iusb3hcs.sys
20:33:51.0241 0x1404 iusb3hcs - ok
20:33:51.0257 0x1404 [ 556830DA843946F8E6B7C840F433C39F, BF1F5AAF1D28B6E47E07194840BF3C94823B3DEEEE90AFA909A61BDF795A411C ] iusb3hub C:\windows\system32\drivers\iusb3hub.sys
20:33:51.0288 0x1404 iusb3hub - ok
20:33:51.0319 0x1404 [ C7C0F48BD5FF95644AF1A7E89F12147B, B0D530159E9ED70A6401DBB56E0A877FF523922B3834E8FACDC8022B6D1DCC26 ] iusb3xhc C:\windows\system32\drivers\iusb3xhc.sys
20:33:51.0351 0x1404 iusb3xhc - ok
20:33:51.0351 0x1404 [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys
20:33:51.0366 0x1404 iwdbus - ok
20:33:51.0382 0x1404 [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:33:51.0444 0x1404 jhi_service - ok
20:33:51.0444 0x1404 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
20:33:51.0460 0x1404 kbdclass - ok
20:33:51.0460 0x1404 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
20:33:51.0491 0x1404 kbdhid - ok
20:33:51.0491 0x1404 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso C:\windows\system32\lsass.exe
20:33:51.0507 0x1404 KeyIso - ok
20:33:51.0507 0x1404 [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
20:33:51.0522 0x1404 KSecDD - ok
20:33:51.0538 0x1404 [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
20:33:51.0553 0x1404 KSecPkg - ok
20:33:51.0569 0x1404 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
20:33:51.0600 0x1404 ksthunk - ok
20:33:51.0616 0x1404 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
20:33:51.0663 0x1404 KtmRm - ok
20:33:51.0678 0x1404 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
20:33:51.0709 0x1404 LanmanServer - ok
20:33:51.0725 0x1404 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:33:51.0756 0x1404 LanmanWorkstation - ok
20:33:51.0772 0x1404 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
20:33:51.0803 0x1404 lltdio - ok
20:33:51.0819 0x1404 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
20:33:51.0850 0x1404 lltdsvc - ok
20:33:51.0865 0x1404 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
20:33:51.0897 0x1404 lmhosts - ok
20:33:51.0912 0x1404 [ ED5C8B920F2ACF11A26586B2FA66BF3D, D6F014F0CCAB7EDA38A8CC58F439D2A8CD89195AE84F82E25475CE11CB3883C9 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:33:51.0975 0x1404 LMS - ok
20:33:51.0975 0x1404 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
20:33:51.0990 0x1404 LSI_FC - ok
20:33:52.0006 0x1404 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
20:33:52.0021 0x1404 LSI_SAS - ok
20:33:52.0021 0x1404 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
20:33:52.0053 0x1404 LSI_SAS2 - ok
20:33:52.0053 0x1404 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
20:33:52.0084 0x1404 LSI_SCSI - ok
20:33:52.0084 0x1404 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
20:33:52.0131 0x1404 luafv - ok
20:33:52.0131 0x1404 [ 701223C663019B62029FAB1A2385EE81, 5CD7559A61954BDABE988FD316E06C4AEB24716C685E0C910B8AB03A1339EFEF ] LUMDriver C:\windows\system32\drivers\LUMDriver.sys
20:33:52.0162 0x1404 LUMDriver - ok
20:33:52.0162 0x1404 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:33:52.0193 0x1404 Mcx2Svc - ok
20:33:52.0209 0x1404 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
20:33:52.0224 0x1404 megasas - ok
20:33:52.0240 0x1404 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
20:33:52.0271 0x1404 MegaSR - ok
20:33:52.0271 0x1404 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\windows\system32\drivers\TeeDriverx64.sys
20:33:52.0302 0x1404 MEIx64 - ok
20:33:52.0302 0x1404 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
20:33:52.0349 0x1404 MMCSS - ok
20:33:52.0349 0x1404 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
20:33:52.0396 0x1404 Modem - ok
20:33:52.0396 0x1404 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:33:52.0411 0x1404 monitor - ok
20:33:52.0427 0x1404 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
20:33:52.0443 0x1404 mouclass - ok
20:33:52.0443 0x1404 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:33:52.0474 0x1404 mouhid - ok
20:33:52.0474 0x1404 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
20:33:52.0489 0x1404 mountmgr - ok
20:33:52.0505 0x1404 [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:33:52.0521 0x1404 MozillaMaintenance - ok
20:33:52.0536 0x1404 [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
20:33:52.0567 0x1404 MpFilter - ok
20:33:52.0583 0x1404 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
20:33:52.0599 0x1404 mpio - ok
20:33:52.0614 0x1404 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
20:33:52.0645 0x1404 mpsdrv - ok
20:33:52.0677 0x1404 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
20:33:52.0739 0x1404 MpsSvc - ok
20:33:52.0739 0x1404 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
20:33:52.0770 0x1404 MRxDAV - ok
20:33:52.0786 0x1404 [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
20:33:52.0817 0x1404 mrxsmb - ok
20:33:52.0817 0x1404 [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
20:33:52.0848 0x1404 mrxsmb10 - ok
20:33:52.0864 0x1404 [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
20:33:52.0879 0x1404 mrxsmb20 - ok
20:33:52.0879 0x1404 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
20:33:52.0895 0x1404 msahci - ok
20:33:52.0911 0x1404 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
20:33:52.0926 0x1404 msdsm - ok
20:33:52.0942 0x1404 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
20:33:52.0957 0x1404 MSDTC - ok
20:33:52.0973 0x1404 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
20:33:53.0004 0x1404 Msfs - ok
20:33:53.0004 0x1404 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
20:33:53.0051 0x1404 mshidkmdf - ok
20:33:53.0051 0x1404 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
20:33:53.0067 0x1404 msisadrv - ok
20:33:53.0082 0x1404 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:33:53.0129 0x1404 MSiSCSI - ok
20:33:53.0129 0x1404 msiserver - ok
20:33:53.0129 0x1404 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
20:33:53.0176 0x1404 MSKSSRV - ok
20:33:53.0176 0x1404 [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:33:53.0191 0x1404 MsMpSvc - ok
20:33:53.0191 0x1404 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
20:33:53.0238 0x1404 MSPCLOCK - ok
20:33:53.0238 0x1404 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
20:33:53.0269 0x1404 MSPQM - ok
20:33:53.0285 0x1404 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
20:33:53.0316 0x1404 MsRPC - ok
20:33:53.0316 0x1404 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
20:33:53.0332 0x1404 mssmbios - ok
20:33:53.0347 0x1404 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
20:33:53.0379 0x1404 MSTEE - ok
20:33:53.0394 0x1404 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
20:33:53.0410 0x1404 MTConfig - ok
20:33:53.0410 0x1404 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
20:33:53.0441 0x1404 Mup - ok
20:33:53.0441 0x1404 [ FAA1B47AEADDB64CB9A4D31A894AA8F8, 4FDE81AF3B5C2C6652A14E97BD763275704AA13FF5691002CF1197055E4B039C ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:33:53.0472 0x1404 MyWiFiDHCPDNS - ok
20:33:53.0488 0x1404 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
20:33:53.0550 0x1404 napagent - ok
20:33:53.0550 0x1404 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
20:33:53.0581 0x1404 NativeWifiP - ok
20:33:53.0613 0x1404 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\windows\system32\drivers\ndis.sys
20:33:53.0644 0x1404 NDIS - ok
20:33:53.0644 0x1404 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
20:33:53.0691 0x1404 NdisCap - ok
20:33:53.0691 0x1404 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
20:33:53.0737 0x1404 NdisTapi - ok
20:33:53.0737 0x1404 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
20:33:53.0769 0x1404 Ndisuio - ok
20:33:53.0784 0x1404 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
20:33:53.0815 0x1404 NdisWan - ok
20:33:53.0831 0x1404 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
20:33:53.0862 0x1404 NDProxy - ok
20:33:53.0878 0x1404 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
20:33:53.0909 0x1404 NetBIOS - ok
20:33:53.0925 0x1404 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
20:33:53.0956 0x1404 NetBT - ok
20:33:53.0971 0x1404 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon C:\windows\system32\lsass.exe
20:33:53.0987 0x1404 Netlogon - ok
20:33:53.0987 0x1404 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
20:33:54.0034 0x1404 Netman - ok
20:33:54.0049 0x1404 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:33:54.0081 0x1404 NetMsmqActivator - ok
20:33:54.0081 0x1404 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:33:54.0096 0x1404 NetPipeActivator - ok
20:33:54.0112 0x1404 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
20:33:54.0159 0x1404 netprofm - ok
20:33:54.0159 0x1404 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:33:54.0174 0x1404 NetTcpActivator - ok
20:33:54.0190 0x1404 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:33:54.0205 0x1404 NetTcpPortSharing - ok
20:33:54.0283 0x1404 [ 87473262743FB71A63E3A506385DA836, 7ABB6650E9BC840AF5342072F78B7802BCF700EB94078A47951D4172124156E2 ] NETwNs64 C:\windows\system32\DRIVERS\Netwsw02.sys
20:33:54.0408 0x1404 NETwNs64 - ok
20:33:54.0408 0x1404 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
20:33:54.0439 0x1404 nfrd960 - ok
20:33:54.0439 0x1404 [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
20:33:54.0471 0x1404 NisDrv - ok
20:33:54.0486 0x1404 [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
20:33:54.0502 0x1404 NisSrv - ok
20:33:54.0517 0x1404 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
20:33:54.0549 0x1404 NlaSvc - ok
20:33:54.0549 0x1404 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
20:33:54.0580 0x1404 Npfs - ok
20:33:54.0595 0x1404 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
20:33:54.0627 0x1404 nsi - ok
20:33:54.0627 0x1404 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
20:33:54.0673 0x1404 nsiproxy - ok
20:33:54.0705 0x1404 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
20:33:54.0783 0x1404 Ntfs - ok
20:33:54.0783 0x1404 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
20:33:54.0814 0x1404 Null - ok
20:33:54.0829 0x1404 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
20:33:54.0845 0x1404 nvraid - ok
20:33:54.0861 0x1404 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
20:33:54.0876 0x1404 nvstor - ok
20:33:54.0876 0x1404 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
20:33:54.0907 0x1404 nv_agp - ok
20:33:54.0907 0x1404 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
20:33:54.0923 0x1404 ohci1394 - ok
20:33:54.0939 0x1404 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:33:54.0970 0x1404 p2pimsvc - ok
20:33:54.0970 0x1404 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
20:33:55.0001 0x1404 p2psvc - ok
20:33:55.0001 0x1404 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
20:33:55.0032 0x1404 Parport - ok
20:33:55.0032 0x1404 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
20:33:55.0063 0x1404 partmgr - ok
20:33:55.0063 0x1404 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
20:33:55.0079 0x1404 PcaSvc - ok
20:33:55.0095 0x1404 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
20:33:55.0126 0x1404 pci - ok
20:33:55.0126 0x1404 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
20:33:55.0141 0x1404 pciide - ok
20:33:55.0157 0x1404 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
20:33:55.0173 0x1404 pcmcia - ok
20:33:55.0173 0x1404 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
20:33:55.0204 0x1404 pcw - ok
20:33:55.0219 0x1404 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
20:33:55.0266 0x1404 PEAUTH - ok
20:33:55.0297 0x1404 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
20:33:55.0344 0x1404 PeerDistSvc - ok
20:33:55.0360 0x1404 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
20:33:55.0391 0x1404 PerfHost - ok
20:33:55.0422 0x1404 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
20:33:55.0500 0x1404 pla - ok
20:33:55.0516 0x1404 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:33:55.0531 0x1404 PlugPlay - ok
20:33:55.0547 0x1404 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:33:55.0563 0x1404 PNRPAutoReg - ok
20:33:55.0563 0x1404 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:33:55.0594 0x1404 PNRPsvc - ok
20:33:55.0609 0x1404 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:33:55.0656 0x1404 PolicyAgent - ok
20:33:55.0672 0x1404 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\windows\system32\umpo.dll
20:33:55.0687 0x1404 Power - ok
20:33:55.0687 0x1404 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
20:33:55.0734 0x1404 PptpMiniport - ok
20:33:55.0734 0x1404 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
20:33:55.0765 0x1404 Processor - ok
20:33:55.0765 0x1404 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
20:33:55.0797 0x1404 ProfSvc - ok
20:33:55.0797 0x1404 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\windows\system32\lsass.exe
20:33:55.0812 0x1404 ProtectedStorage - ok
20:33:55.0812 0x1404 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
20:33:55.0859 0x1404 Psched - ok
20:33:55.0890 0x1404 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
20:33:55.0953 0x1404 ql2300 - ok
20:33:55.0968 0x1404 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
20:33:55.0984 0x1404 ql40xx - ok
20:33:55.0999 0x1404 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
20:33:56.0015 0x1404 QWAVE - ok
20:33:56.0031 0x1404 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
20:33:56.0046 0x1404 QWAVEdrv - ok
20:33:56.0046 0x1404 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
20:33:56.0093 0x1404 RasAcd - ok
20:33:56.0093 0x1404 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:33:56.0140 0x1404 RasAgileVpn - ok
20:33:56.0140 0x1404 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
20:33:56.0171 0x1404 RasAuto - ok
20:33:56.0187 0x1404 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
20:33:56.0233 0x1404 Rasl2tp - ok
20:33:56.0233 0x1404 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
20:33:56.0280 0x1404 RasMan - ok
20:33:56.0280 0x1404 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
20:33:56.0327 0x1404 RasPppoe - ok
20:33:56.0327 0x1404 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
20:33:56.0389 0x1404 RasSstp - ok
20:33:56.0405 0x1404 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
20:33:56.0452 0x1404 rdbss - ok
20:33:56.0452 0x1404 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
20:33:56.0483 0x1404 rdpbus - ok
20:33:56.0483 0x1404 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
20:33:56.0514 0x1404 RDPCDD - ok
20:33:56.0530 0x1404 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\windows\system32\drivers\rdpdr.sys
20:33:56.0545 0x1404 RDPDR - ok
20:33:56.0561 0x1404 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
20:33:56.0592 0x1404 RDPENCDD - ok
20:33:56.0592 0x1404 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
20:33:56.0639 0x1404 RDPREFMP - ok
20:33:56.0639 0x1404 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
20:33:56.0670 0x1404 RdpVideoMiniport - ok
20:33:56.0686 0x1404 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
20:33:56.0701 0x1404 RDPWD - ok
20:33:56.0717 0x1404 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
20:33:56.0733 0x1404 rdyboost - ok
20:33:56.0748 0x1404 [ B16782353A0FF62FF4E92145FC9FEDDA, 45E28A34CD115574C8E315EB51F33DD88E3DB178736294036C8B00C3386158A7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:33:56.0764 0x1404 RegSrvc - ok
20:33:56.0764 0x1404 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
20:33:56.0811 0x1404 RemoteAccess - ok
20:33:56.0811 0x1404 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:33:56.0857 0x1404 RemoteRegistry - ok
20:33:56.0873 0x1404 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
20:33:56.0889 0x1404 RFCOMM - ok
20:33:56.0904 0x1404 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:33:56.0935 0x1404 RpcEptMapper - ok
20:33:56.0935 0x1404 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
20:33:56.0951 0x1404 RpcLocator - ok
20:33:56.0967 0x1404 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\windows\system32\rpcss.dll
20:33:56.0998 0x1404 RpcSs - ok
20:33:57.0013 0x1404 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
20:33:57.0045 0x1404 rspndr - ok
20:33:57.0060 0x1404 [ E8384111FDD1FC2D39FD114A50F79A84, AB8BC4251C2B1AFF3B890001CB9EAB905659EA0BEFEFB1F2126E10748196496D ] RSUSBSTOR C:\windows\System32\Drivers\RtsUStor.sys
20:33:57.0091 0x1404 RSUSBSTOR - ok
20:33:57.0091 0x1404 [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\windows\System32\Drivers\RtsUVStor.sys
20:33:57.0123 0x1404 RSUSBVSTOR - ok
20:33:57.0138 0x1404 [ B85642BE0761159B63CFFC137384E17F, ACB04AC581EE475543AEA3003E3643DC2A007C4D3F1831C120F1D07BDAFF2FA4 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
20:33:57.0169 0x1404 RtkAudioService - ok
20:33:57.0169 0x1404 [ 1C4B1188E9329CA82EE89CDBC70C8BEF, A086896C3058377CEE1A5BC1BFF11B02A33CCBD3C7CD42B7B17E05CE155E5D4D ] RTSPER C:\windows\system32\DRIVERS\RtsPer.sys
20:33:57.0201 0x1404 RTSPER - ok
20:33:57.0279 0x1404 [ CA58B86268A2634FE10FDC889A39AF1E, 6F9FFE79289DAEA85D3954ABFB06B772503D4C3A3A941F098F3B30BA03764F30 ] rtsuvc C:\windows\system32\DRIVERS\rtsuvc.sys
20:33:57.0372 0x1404 rtsuvc - ok
20:33:57.0372 0x1404 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\windows\system32\drivers\vms3cap.sys
20:33:57.0388 0x1404 s3cap - ok
20:33:57.0403 0x1404 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs C:\windows\system32\lsass.exe
20:33:57.0419 0x1404 SamSs - ok
20:33:57.0419 0x1404 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
20:33:57.0435 0x1404 sbp2port - ok
20:33:57.0450 0x1404 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
20:33:57.0481 0x1404 SCardSvr - ok
20:33:57.0497 0x1404 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
20:33:57.0528 0x1404 scfilter - ok
20:33:57.0559 0x1404 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\windows\system32\schedsvc.dll
20:33:57.0606 0x1404 Schedule - ok
20:33:57.0622 0x1404 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
20:33:57.0653 0x1404 SCPolicySvc - ok
20:33:57.0669 0x1404 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:33:57.0684 0x1404 SDRSVC - ok
20:33:57.0684 0x1404 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
20:33:57.0715 0x1404 secdrv - ok
20:33:57.0715 0x1404 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\windows\system32\seclogon.dll
20:33:57.0747 0x1404 seclogon - ok
20:33:57.0747 0x1404 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
20:33:57.0793 0x1404 SENS - ok
20:33:57.0793 0x1404 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
20:33:57.0809 0x1404 SensrSvc - ok
20:33:57.0809 0x1404 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
20:33:57.0825 0x1404 Serenum - ok
20:33:57.0840 0x1404 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
20:33:57.0856 0x1404 Serial - ok
20:33:57.0856 0x1404 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
20:33:57.0871 0x1404 sermouse - ok
20:33:57.0887 0x1404 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
20:33:57.0918 0x1404 SessionEnv - ok
20:33:57.0934 0x1404 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
20:33:57.0949 0x1404 sffdisk - ok
20:33:57.0949 0x1404 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
20:33:57.0981 0x1404 sffp_mmc - ok
20:33:57.0981 0x1404 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
20:33:57.0996 0x1404 sffp_sd - ok
20:33:57.0996 0x1404 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
20:33:58.0012 0x1404 sfloppy - ok
20:33:58.0027 0x1404 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
20:33:58.0074 0x1404 SharedAccess - ok
20:33:58.0090 0x1404 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:33:58.0137 0x1404 ShellHWDetection - ok
20:33:58.0137 0x1404 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
20:33:58.0152 0x1404 SiSRaid2 - ok
20:33:58.0152 0x1404 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
20:33:58.0183 0x1404 SiSRaid4 - ok
20:33:58.0183 0x1404 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:33:58.0230 0x1404 SkypeUpdate - ok
20:33:58.0230 0x1404 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
20:33:58.0261 0x1404 Smb - ok
20:33:58.0261 0x1404 [ F457434FA3D1E4C10AC27E1DA2BDD36A, B9666F7722A145B50C6BCCF176FB0F4CE96BF6C4D85A623A0904F1861E88CB5E ] SmbDrv C:\windows\system32\drivers\Smb_driver_AMDASF.sys
20:33:58.0293 0x1404 SmbDrv - ok
20:33:58.0293 0x1404 [ 1DCFC828177375856E8830C45EFFA3D2, 8967559FB816B2E41BAAF388DCC711B2394FAD5D387BA0F1FA1AAE611D248D43 ] SmbDrvI C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
20:33:58.0324 0x1404 SmbDrvI - ok
20:33:58.0324 0x1404 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:33:58.0339 0x1404 SNMPTRAP - ok
20:33:58.0355 0x1404 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
20:33:58.0371 0x1404 spldr - ok
20:33:58.0386 0x1404 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
20:33:58.0417 0x1404 Spooler - ok
20:33:58.0495 0x1404 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
20:33:58.0620 0x1404 sppsvc - ok
20:33:58.0620 0x1404 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:33:58.0667 0x1404 sppuinotify - ok
20:33:58.0683 0x1404 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
20:33:58.0714 0x1404 srv - ok
20:33:58.0729 0x1404 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
20:33:58.0761 0x1404 srv2 - ok
20:33:58.0776 0x1404 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
20:33:58.0792 0x1404 srvnet - ok
20:33:58.0807 0x1404 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:33:58.0854 0x1404 SSDPSRV - ok
20:33:58.0854 0x1404 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
20:33:58.0885 0x1404 SstpSvc - ok
20:33:58.0901 0x1404 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
20:33:58.0917 0x1404 stexstor - ok
20:33:58.0917 0x1404 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
20:33:58.0932 0x1404 StillCam - ok
20:33:58.0948 0x1404 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
20:33:58.0995 0x1404 stisvc - ok
20:33:58.0995 0x1404 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\windows\system32\drivers\vmstorfl.sys
20:33:59.0010 0x1404 storflt - ok
20:33:59.0010 0x1404 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\windows\system32\storsvc.dll
20:33:59.0026 0x1404 StorSvc - ok
20:33:59.0041 0x1404 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\windows\system32\drivers\storvsc.sys
20:33:59.0057 0x1404 storvsc - ok
20:33:59.0057 0x1404 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
20:33:59.0073 0x1404 swenum - ok
20:33:59.0088 0x1404 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
20:33:59.0151 0x1404 swprv - ok
20:33:59.0166 0x1404 [ 0D0571F9CFCCC3D662489744EE9E3202, CAB43E2A40E60C5D2608D0A9B676C404E3B36F23675D8F0768CC6652970BAE0C ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
20:33:59.0182 0x1404 SynTP - ok
20:33:59.0229 0x1404 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\windows\system32\sysmain.dll
20:33:59.0291 0x1404 SysMain - ok
20:33:59.0307 0x1404 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
20:33:59.0322 0x1404 TabletInputService - ok
20:33:59.0338 0x1404 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
20:33:59.0385 0x1404 TapiSrv - ok
20:33:59.0416 0x1404 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
20:33:59.0494 0x1404 Tcpip - ok
20:33:59.0541 0x1404 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
20:33:59.0587 0x1404 TCPIP6 - ok
20:33:59.0603 0x1404 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
20:33:59.0619 0x1404 tcpipreg - ok
20:33:59.0634 0x1404 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
20:33:59.0650 0x1404 TDPIPE - ok
20:33:59.0650 0x1404 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
20:33:59.0681 0x1404 TDTCP - ok
20:33:59.0681 0x1404 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\windows\system32\DRIVERS\tdx.sys
20:33:59.0712 0x1404 tdx - ok
20:33:59.0712 0x1404 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
20:33:59.0728 0x1404 TermDD - ok
20:33:59.0759 0x1404 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
20:33:59.0790 0x1404 TermService - ok
20:33:59.0790 0x1404 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
20:33:59.0821 0x1404 Themes - ok
20:33:59.0821 0x1404 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
20:33:59.0853 0x1404 THREADORDER - ok
20:33:59.0868 0x1404 [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM C:\windows\system32\drivers\tpm.sys
20:33:59.0884 0x1404 TPM - ok
20:33:59.0899 0x1404 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
20:33:59.0931 0x1404 TrkWks - ok
20:33:59.0946 0x1404 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:33:59.0977 0x1404 TrustedInstaller - ok
20:33:59.0993 0x1404 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
20:34:00.0024 0x1404 tssecsrv - ok
20:34:00.0024 0x1404 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
20:34:00.0055 0x1404 TsUsbFlt - ok
20:34:00.0055 0x1404 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
20:34:00.0071 0x1404 TsUsbGD - ok
20:34:00.0087 0x1404 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
20:34:00.0118 0x1404 tunnel - ok
20:34:00.0118 0x1404 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
20:34:00.0149 0x1404 uagp35 - ok
20:34:00.0149 0x1404 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
20:34:00.0196 0x1404 udfs - ok
20:34:00.0211 0x1404 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
20:34:00.0227 0x1404 UI0Detect - ok
20:34:00.0243 0x1404 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
20:34:00.0258 0x1404 uliagpkx - ok
20:34:00.0258 0x1404 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
20:34:00.0289 0x1404 umbus - ok
20:34:00.0289 0x1404 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
20:34:00.0305 0x1404 UmPass - ok
20:34:00.0321 0x1404 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\windows\System32\umrdp.dll
20:34:00.0336 0x1404 UmRdpService - ok
20:34:00.0352 0x1404 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
20:34:00.0399 0x1404 upnphost - ok
20:34:00.0399 0x1404 [ FF487F426CF073CB6553D9F1BB14A19D, FB010E9921AF00C51D9712B23F4EA1C37AF7F44769942C990EFFE78E13907C90 ] usb3Hub C:\windows\system32\DRIVERS\usb3Hub.sys
20:34:00.0430 0x1404 usb3Hub - ok
20:34:00.0430 0x1404 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
20:34:00.0477 0x1404 USBAAPL64 - ok
20:34:00.0477 0x1404 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
20:34:00.0508 0x1404 usbccgp - ok
20:34:00.0508 0x1404 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
20:34:00.0539 0x1404 usbcir - ok
20:34:00.0539 0x1404 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
20:34:00.0570 0x1404 usbehci - ok
20:34:00.0570 0x1404 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\drivers\usbhub.sys
20:34:00.0601 0x1404 usbhub - ok
20:34:00.0601 0x1404 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
20:34:00.0617 0x1404 usbohci - ok
20:34:00.0633 0x1404 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
20:34:00.0648 0x1404 usbprint - ok
20:34:00.0664 0x1404 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
20:34:00.0679 0x1404 usbscan - ok
20:34:00.0679 0x1404 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
20:34:00.0711 0x1404 USBSTOR - ok
20:34:00.0726 0x1404 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
20:34:00.0742 0x1404 usbuhci - ok
20:34:00.0742 0x1404 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
20:34:00.0773 0x1404 usbvideo - ok
20:34:00.0789 0x1404 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
20:34:00.0820 0x1404 UxSms - ok
20:34:00.0835 0x1404 [ 90DE4F1F0742E75B227870F0FC8D714F, B9EB074C12FB845B7289EB3A7864184E0D343FDC456ED8F529D0EFEE75D5AEC7 ] valWBFPolicyService C:\windows\system32\valWBFPolicyService.exe
20:34:00.0851 0x1404 valWBFPolicyService - ok
20:34:00.0867 0x1404 [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc C:\windows\system32\lsass.exe
20:34:00.0882 0x1404 VaultSvc - ok
20:34:00.0945 0x1404 [ 2A4070AF8A1674161905D8D0264423DC, 5EDC8C4F7E39CDE28EA00C0A9C0F56D1D65A23BADCE7151F0106AA8075405AD1 ] vcsFPService C:\windows\system32\vcsFPService.exe
20:34:01.0054 0x1404 vcsFPService - ok
20:34:01.0054 0x1404 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
20:34:01.0069 0x1404 vdrvroot - ok
20:34:01.0085 0x1404 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
20:34:01.0147 0x1404 vds - ok
20:34:01.0147 0x1404 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
20:34:01.0163 0x1404 vga - ok
20:34:01.0179 0x1404 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
20:34:01.0210 0x1404 VgaSave - ok
20:34:01.0210 0x1404 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
20:34:01.0241 0x1404 vhdmp - ok
20:34:01.0241 0x1404 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
20:34:01.0257 0x1404 viaide - ok
20:34:01.0272 0x1404 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\windows\system32\drivers\vmbus.sys
20:34:01.0303 0x1404 vmbus - ok
20:34:01.0303 0x1404 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
20:34:01.0319 0x1404 VMBusHID - ok
20:34:01.0319 0x1404 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
20:34:01.0350 0x1404 volmgr - ok
20:34:01.0350 0x1404 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
20:34:01.0381 0x1404 volmgrx - ok
20:34:01.0381 0x1404 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
20:34:01.0413 0x1404 volsnap - ok
20:34:01.0428 0x1404 [ 7B06BD62D6CFD065B94BE40F4634B130, 3F327911FDA5C7D0FA7FA6F2C732D824D605422CBDC183BAE34DEBA962D424D1 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
20:34:01.0475 0x1404 vpnagent - ok
20:34:01.0491 0x1404 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\windows\system32\DRIVERS\vpnva64-6.sys
20:34:01.0506 0x1404 vpnva - ok
20:34:01.0522 0x1404 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
20:34:01.0553 0x1404 vsmraid - ok
20:34:01.0600 0x1404 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
20:34:01.0662 0x1404 VSS - ok
20:34:01.0678 0x1404 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
20:34:01.0693 0x1404 vwifibus - ok
20:34:01.0693 0x1404 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
20:34:01.0725 0x1404 vwififlt - ok
20:34:01.0725 0x1404 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
20:34:01.0756 0x1404 vwifimp - ok
20:34:01.0756 0x1404 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
20:34:01.0803 0x1404 W32Time - ok
20:34:01.0818 0x1404 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
20:34:01.0834 0x1404 WacomPen - ok
20:34:01.0849 0x1404 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
20:34:01.0881 0x1404 WANARP - ok
20:34:01.0881 0x1404 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
20:34:01.0927 0x1404 Wanarpv6 - ok
20:34:01.0959 0x1404 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ]
.....
|
|
18.05.2016, 19:44
| #6 |
| | Email Account(GMX) verschickt Nachrichten TEIL 2: Code:
ATTFilter WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:34:02.0021 0x1404 WatAdminSvc - ok
20:34:02.0052 0x1404 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
20:34:02.0115 0x1404 wbengine - ok
20:34:02.0115 0x1404 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:34:02.0146 0x1404 WbioSrvc - ok
20:34:02.0146 0x1404 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
20:34:02.0177 0x1404 wcncsvc - ok
20:34:02.0193 0x1404 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:34:02.0208 0x1404 WcsPlugInService - ok
20:34:02.0208 0x1404 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
20:34:02.0224 0x1404 Wd - ok
20:34:02.0255 0x1404 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
20:34:02.0286 0x1404 Wdf01000 - ok
20:34:02.0286 0x1404 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
20:34:02.0302 0x1404 WdiServiceHost - ok
20:34:02.0317 0x1404 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
20:34:02.0333 0x1404 WdiSystemHost - ok
20:34:02.0349 0x1404 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\windows\System32\webclnt.dll
20:34:02.0380 0x1404 WebClient - ok
20:34:02.0380 0x1404 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
20:34:02.0427 0x1404 Wecsvc - ok
20:34:02.0442 0x1404 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:34:02.0489 0x1404 wercplsupport - ok
20:34:02.0489 0x1404 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
20:34:02.0536 0x1404 WerSvc - ok
20:34:02.0551 0x1404 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
20:34:02.0598 0x1404 WfpLwf - ok
20:34:02.0598 0x1404 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
20:34:02.0614 0x1404 WIMMount - ok
20:34:02.0614 0x1404 WinDefend - ok
20:34:02.0629 0x1404 WinHttpAutoProxySvc - ok
20:34:02.0645 0x1404 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:34:02.0692 0x1404 Winmgmt - ok
20:34:02.0754 0x1404 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
20:34:02.0817 0x1404 WinRM - ok
20:34:02.0832 0x1404 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\windows\system32\DRIVERS\WinUsb.sys
20:34:02.0848 0x1404 WinUSB - ok
20:34:02.0879 0x1404 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
20:34:02.0926 0x1404 Wlansvc - ok
20:34:02.0926 0x1404 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
20:34:02.0957 0x1404 WmiAcpi - ok
20:34:02.0957 0x1404 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:34:02.0988 0x1404 wmiApSrv - ok
20:34:02.0988 0x1404 WMPNetworkSvc - ok
20:34:03.0004 0x1404 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
20:34:03.0019 0x1404 WPCSvc - ok
20:34:03.0019 0x1404 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:34:03.0051 0x1404 WPDBusEnum - ok
20:34:03.0051 0x1404 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
20:34:03.0097 0x1404 ws2ifsl - ok
20:34:03.0113 0x1a84 Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
20:34:03.0113 0x1404 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
20:34:03.0144 0x1404 wscsvc - ok
20:34:03.0160 0x1404 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
20:34:03.0175 0x1404 WSDPrintDevice - ok
20:34:03.0191 0x1404 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
20:34:03.0207 0x1404 WSDScan - ok
20:34:03.0207 0x1404 WSearch - ok
20:34:03.0285 0x1404 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\windows\system32\wuaueng.dll
20:34:03.0363 0x1404 wuauserv - ok
20:34:03.0378 0x1404 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
20:34:03.0394 0x1404 WudfPf - ok
20:34:03.0409 0x1404 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
20:34:03.0441 0x1404 WUDFRd - ok
20:34:03.0441 0x1404 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:34:03.0472 0x1404 wudfsvc - ok
20:34:03.0472 0x1404 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
20:34:03.0503 0x1404 WwanSvc - ok
20:34:03.0597 0x1404 [ DFE071BEAA1AC65D49ECBEFC15B73D30, 510AD2507FAEFFBB6FD229484070D4DC704EFA3931EFBA5BE9115E699438F530 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
20:34:03.0706 0x1404 ZeroConfigService - ok
20:34:03.0737 0x1404 ================ Scan global ===============================
20:34:03.0737 0x1404 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
20:34:03.0753 0x1404 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\windows\system32\winsrv.dll
20:34:03.0784 0x1404 [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\windows\system32\winsrv.dll
20:34:03.0799 0x1404 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
20:34:03.0815 0x1404 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
20:34:03.0815 0x1404 [ Global ] - ok
20:34:03.0815 0x1404 ================ Scan MBR ==================================
20:34:03.0831 0x1404 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:34:04.0907 0x1404 \Device\Harddisk0\DR0 - ok
20:34:04.0907 0x1404 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:34:04.0985 0x1404 \Device\Harddisk1\DR1 - ok
20:34:04.0985 0x1404 ================ Scan VBR ==================================
20:34:04.0985 0x1404 [ 6F1F0081CE943F46C3EB31437F0DD08D ] \Device\Harddisk0\DR0\Partition1
20:34:04.0985 0x1404 \Device\Harddisk0\DR0\Partition1 - ok
20:34:05.0001 0x1404 [ 8F2CCD6CBEF24D7EF077D91133862A0B ] \Device\Harddisk1\DR1\Partition1
20:34:05.0001 0x1404 \Device\Harddisk1\DR1\Partition1 - ok
20:34:05.0001 0x1404 [ E156E91A410C51D614A16EFA6762EF33 ] \Device\Harddisk1\DR1\Partition2
20:34:05.0001 0x1404 \Device\Harddisk1\DR1\Partition2 - ok
20:34:05.0016 0x1404 [ BD3E0DDC2930C85909705F42FFE884F5 ] \Device\Harddisk1\DR1\Partition3
20:34:05.0016 0x1404 \Device\Harddisk1\DR1\Partition3 - ok
20:34:05.0016 0x1404 [ D0B9C3B9FBCA927479D13B370C07F376 ] \Device\Harddisk1\DR1\Partition4
20:34:05.0016 0x1404 \Device\Harddisk1\DR1\Partition4 - ok
20:34:05.0016 0x1404 ================ Scan generic autorun ======================
20:34:05.0032 0x1404 [ 7C17C957880958754F70963E3C8EABBD, F933F2AD913811DE5C1340CB7E76E53F6F3A2AE27943B6AAE0A1A250DA70B439 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:34:05.0094 0x1404 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
20:34:06.0030 0x1a84 Object send P2P result: true
20:34:06.0030 0x1a84 Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
20:34:08.0027 0x1404 Detect skipped due to KSN trusted
20:34:08.0027 0x1404 IAStorIcon - ok
20:34:08.0167 0x1404 [ 0A2ED726A7EF486C21C1DB83C8B7CDB1, 95EA4F5A03FFE73C43C402358E3B3186E4BFED78C3BC71C486E918BFEA0C23AD ] C:\Users\Pako\AppData\Roaming\Remote Control Server\Remote Control Server.exe
20:34:08.0370 0x1404 Remote Control Server - detected UnsignedFile.Multi.Generic ( 1 )
20:34:08.0963 0x1a84 Object send P2P result: true
20:34:11.0693 0x1404 Detect skipped due to KSN trusted
20:34:11.0693 0x1404 Remote Control Server - ok
20:34:11.0740 0x1404 [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] C:\Program Files\Microsoft Security Client\msseces.exe
20:34:11.0802 0x1404 MSC - ok
20:34:11.0802 0x1404 [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
20:34:11.0818 0x1404 iTunesHelper - ok
20:34:11.0818 0x1404 SynTPEnh - ok
20:34:11.0989 0x1404 [ C3E586CEC67E041E3F40638C1AFE9CE8, 4D8D0E06210BA07552BA98B7DFD62842A4102C0C1B40B5A7B74947716ED7C4E0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:34:12.0192 0x1404 RTHDVCPL - ok
20:34:12.0192 0x1404 BTMTrayAgent - ok
20:34:12.0208 0x1404 [ 854AE1687E2DD764023B5153AADC9529, 6ACC9A40A0E93EC9276D1CCD77A531DA4156BF6F797770E647018587C50DD0F8 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
20:34:12.0223 0x1404 USB3MON - ok
20:34:12.0270 0x1404 [ BBC22DD837C07EF330A9F73E7841D52F, B53E78FE624F74360B1BC84DF3EECCC5A4113DB38115356E27B41047A627CB69 ] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
20:34:12.0348 0x1404 HP File Sanitizer - ok
20:34:12.0348 0x1404 YouCam Mirage - ok
20:34:12.0348 0x1404 [ EDD0CDA1CBFC2A1C8A0673145C4B7F53, 6C008F52E314772FDF9A023858EDDEF10995CEA15BB5DF9BDB534D10A771D186 ] c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
20:34:12.0364 0x1404 YouCam Tray - ok
20:34:12.0379 0x1404 [ 1DF3DCE54EDF5E85D15BA381ED98FAC3, 91CDEC8ADD48A40AB4D4E49B5AF0CEB01AA7A063B6C2103E16038D46C417868F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
20:34:12.0442 0x1404 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
20:34:15.0780 0x1404 Detect skipped due to KSN trusted
20:34:15.0780 0x1404 ControlCenter4 - ok
20:34:15.0874 0x1404 [ 3ADAEB3EEF3EEDD48B120D6F32CFF595, 96DA6921AE69934A7DA6EF91D0725749262A0A65E9C3CB72FE1BCA60B0F0F045 ] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
20:34:16.0061 0x1404 EaseUS EPM tray - ok
20:34:16.0077 0x1404 [ 62634246BADBB538F78309510CAAEFDA, 74AEF5CA769BF72AC64D22A5C8CFA84438DD7611011987D10DFD81D447B65F5D ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
20:34:16.0092 0x1404 Avira SystrayStartTrigger - ok
20:34:16.0108 0x1404 [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
20:34:16.0186 0x1404 avgnt - ok
20:34:16.0186 0x1404 [ C5FE188ED572E1E133AED87258BF70BC, 4557C1E202DC8F644FC80D8848EC59202C757E5EF857F24A33DD872DF678E17D ] C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
20:34:16.0217 0x1404 QLBController - ok
20:34:16.0217 0x1404 [ F4BC46AD4FC1F2F3372EBF8505D00436, 94F752406AC4968A917691A2E2A09C2EBAAA24E549E3BC0F5F256A8233DF86D5 ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
20:34:16.0233 0x1404 AccelerometerSysTrayApplet - ok
20:34:16.0248 0x1404 [ 6DDE7441D30088B7E606C53BF5D16F7C, 8A5A50676AF5F7577E2460016F91F8D37E69A0F940A4DB7DF8BEA7B427457D19 ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
20:34:16.0264 0x1404 HPConnectionManager - ok
20:34:16.0295 0x1404 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:34:16.0373 0x1404 Sidebar - ok
20:34:16.0373 0x1404 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:34:16.0404 0x1404 mctadmin - ok
20:34:16.0435 0x1404 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:34:16.0482 0x1404 Sidebar - ok
20:34:16.0482 0x1404 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:34:16.0498 0x1404 mctadmin - ok
20:34:16.0607 0x1404 [ 3D5D4137594D2EBA8868EAD504B89366, D5FEB5B8303B083A79A4617E59B2FB34FAD71BE72F3F8DD6E4B69B3D03FE658A ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
20:34:16.0732 0x1404 DAEMON Tools Lite Automount - ok
20:34:16.0732 0x1404 Waiting for KSN requests completion. In queue: 17
20:34:17.0746 0x1404 Waiting for KSN requests completion. In queue: 17
20:34:18.0760 0x1404 Waiting for KSN requests completion. In queue: 17
20:34:19.0774 0x1404 Waiting for KSN requests completion. In queue: 17
20:34:20.0913 0x1404 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated )
20:34:20.0928 0x1404 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
20:34:20.0944 0x1404 Win FW state via NFP2: enabled ( trusted )
20:34:23.0783 0x1404
===
20:34:23.0783 0x1404 Scan finished
20:34:23.0783 0x1404
===
20:34:23.0799 0x176c Detected object count: 2
20:34:23.0799 0x176c Actual detected object count: 2
20:34:53.0720 0x176c BBDemon ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:53.0720 0x176c BBDemon ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:53.0735 0x176c chip1click ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:53.0735 0x176c chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:35:43.0062 0x1c08
===
|
|
19.05.2016, 14:23
| #7 |
| /// TB-Ausbilder | Email Account(GMX) verschickt Nachrichten Servus, die "Funde" von TDSS-Killer sind nicht immer schädlich. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
22.05.2016, 13:10
| #8 |
| /// TB-Ausbilder | Email Account(GMX) verschickt Nachrichten Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
23.05.2016, 12:11
| #9 |
| | Email Account(GMX) verschickt Nachrichten Hallo! Tut mir Leid, ich war übers Wochenende nicht da und konnte nicht zum Computer.. Das mbar-Tool hat nichts gefunden. unten ist das Logfile. Liebe Grüße! Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.05.22.02
rootkit: v2016.05.20.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.17609
Pako :: PAKO-HP840 [administrator]
22.05.2016 12:39:10
mbar-log-2016-05-22 (12-39-10).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 304740
Time elapsed: 11 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
23.05.2016, 13:52
| #10 |
| /// TB-Ausbilder | Email Account(GMX) verschickt Nachrichten Servus, Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
24.05.2016, 11:57
| #11 |
| | Email Account(GMX) verschickt Nachrichten Grüß dich, es folgen die Logdateien in chronischer Reihenfolge. Es hat nur der AdwCleaner einige Registry Dateien glöscht, sonst wurde glaub ich nichts gefunden. Vielen lieben Dank, Pako AdwCleaner: Code:
ATTFilter # AdwCleaner v5.117 - Bericht erstellt am 24/05/2016 um 12:20:37
# Aktualisiert am 15/05/2016 von Xplode
# Datenbank : 2016-05-23.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Pako - PAKO-HP840
# Gestartet von : C:\Users\Pako\Desktop\AdwCleaner_5.117.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\OCS
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1071 Bytes] - [10/05/2016 09:36:14]
C:\AdwCleaner\AdwCleaner[C2].txt - [1092 Bytes] - [24/05/2016 12:20:37]
C:\AdwCleaner\AdwCleaner[S1].txt - [973 Bytes] - [10/05/2016 09:34:42]
C:\AdwCleaner\AdwCleaner[S2].txt - [1218 Bytes] - [24/05/2016 12:19:20]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1310 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 24.05.2016 Suchlaufzeit: 12:29 Protokolldatei: mbm.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.05.24.03 Rootkit-Datenbank: v2016.05.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Pako Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 303960 Abgelaufene Zeit: 8 Min., 41 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-05-2016
durchgeführt von Pako (Administrator) auf PAKO-HP840 (24-05-2016 12:52:26)
Gestartet von C:\Users\Pako\Desktop
Geladene Profile: Pako & (Verfügbare Profile: Pako)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dassault Systemes) C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(HP) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [Remote Control Server] => C:\Users\Pako\AppData\Roaming\Remote Control Server\Remote Control Server.exe [5168128 2015-04-08] (Steppschuh)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2863344 2014-10-31] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2312408 2014-06-26] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168920 2014-10-07] (CyberLink Corp.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2089056 2015-04-14] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [430304 2015-11-17] (HP)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [191200 2015-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1034240 2016-02-18] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\...\MountPoints2: {e236d276-2d3b-11e5-8728-5cb901b2644d} - G:\setup.exe
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e236d276-2d3b-11e5-8728-5cb901b2644d} - G:\setup.exe
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {e236d276-2d3b-11e5-8728-5cb901b2644d} - G:\setup.exe
Lsa: [Notification Packages] DPPassFilter scecli
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{9986CD45-0234-442F-ABDC-AE185A5A32C1}: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{CB9F8693-0D92-4816-9BE6-3CC2480CDCAC}: [DhcpNameServer] 195.34.133.21 212.186.211.21
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-13] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-13] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-02] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default
FF Homepage: hxxp://www.google.at/
FF NetworkProxy: "backup.ftp", "79.143.176.23"
FF NetworkProxy: "backup.ftp_port", 443
FF NetworkProxy: "backup.socks", "79.143.176.23"
FF NetworkProxy: "backup.socks_port", 443
FF NetworkProxy: "backup.ssl", "79.143.176.23"
FF NetworkProxy: "backup.ssl_port", 443
FF NetworkProxy: "ftp", "91.228..53.28"
FF NetworkProxy: "ftp_port", 8089
FF NetworkProxy: "http", "91.228..53.28"
FF NetworkProxy: "http_port", 8089
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.228..53.28"
FF NetworkProxy: "socks_port", 8089
FF NetworkProxy: "ssl", "91.228..53.28"
FF NetworkProxy: "ssl_port", 8089
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-09-28] (DigitalPersona, Inc.)
FF Extension: Avira Browser Safety - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\abs@avira.com [2016-05-13]
FF Extension: YouTube mp3 - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\info@youtube-mp3.org.xpi [2016-04-29]
FF Extension: Adblock Plus - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF Extension: web_clipper - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016-04-29]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-03-10] [ist nicht signiert]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-09-28]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
R2 BBDemon; C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe [46592 2011-01-08] (Dassault Systemes) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-08-15] () [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-06-02] (DisplayLink Corp.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-09-28] (DigitalPersona, Inc.)
R2 FLCDLOCK; C:\windows\SysWOW64\flcdlock.exe [573240 2015-04-24] (Hewlett-Packard Company)
R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [782048 2015-11-17] (HP)
R2 HpDamServiceHost; C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2015-04-23] (Hewlett-Packard Development Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1102560 2015-10-19] (HP)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [149608 2015-06-05] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [76288 2015-09-24] (Synaptics Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-16] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87864 2014-11-05] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-04-01] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2015-01-13] (Motorola Solutions, Inc.)
R2 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2015-04-23] (Hewlett-Packard Company)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-18] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2015-03-24] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-06-07] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [255216 2016-03-14] (Intel Corporation)
R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-24] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3437848 2015-03-13] (Intel Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2014-03-22] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2980568 2014-11-27] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [32496 2014-10-31] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-10-31] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [213296 2014-10-15] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2016-02-18] (Cisco Systems, Inc.)
S3 btmlehid; \SystemRoot\system32\drivers\btmlehid.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-24 12:52 - 2016-05-24 12:52 - 00024462 _____ C:\Users\Pako\Desktop\FRST.txt
2016-05-24 12:51 - 2016-05-24 12:51 - 00000000 ____D C:\Users\Pako\Desktop\FRST-OlderVersion
2016-05-24 12:49 - 2016-05-24 12:49 - 00009383 _____ C:\Users\Pako\Desktop\JRT.txt
2016-05-24 12:46 - 2016-05-24 12:46 - 00001207 _____ C:\Users\Pako\Desktop\mbm.txt
2016-05-24 12:24 - 2016-05-24 12:24 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-24 12:22 - 2016-05-24 12:22 - 00001392 _____ C:\Users\Pako\Desktop\AdwCleaner[C2].txt
2016-05-24 12:15 - 2016-05-24 12:16 - 22851472 _____ (Malwarebytes ) C:\Users\Pako\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-24 12:15 - 2016-05-24 12:15 - 01610816 _____ (Malwarebytes) C:\Users\Pako\Desktop\JRT.exe
2016-05-24 12:13 - 2016-05-24 12:13 - 03651136 _____ C:\Users\Pako\Desktop\AdwCleaner_5.117.exe
2016-05-24 10:06 - 2016-05-24 12:22 - 00001078 _____ C:\windows\system32dbgraw.bmp
2016-05-22 12:23 - 2016-05-22 12:48 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-05-22 12:22 - 2016-05-22 12:48 - 00000000 ____D C:\Users\Pako\Desktop\mbar
2016-05-22 12:22 - 2016-05-22 12:22 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Pako\Desktop\mbar-1.09.3.1001.exe
2016-05-18 20:30 - 2016-05-18 23:07 - 00480590 _____ C:\TDSSKiller.3.1.0.9_18.05.2016_20.30.44_log.txt
2016-05-18 20:29 - 2016-05-18 20:29 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Pako\Desktop\tdsskiller.exe
2016-05-17 12:47 - 2016-05-24 12:52 - 00000000 ____D C:\FRST
2016-05-17 12:47 - 2016-05-24 12:51 - 02383360 _____ (Farbar) C:\Users\Pako\Desktop\FRST64.exe
2016-05-17 12:45 - 2016-05-17 19:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-17 12:40 - 2016-05-17 12:40 - 00602112 _____ (OldTimer Tools) C:\Users\Pako\Desktop\OTL.exe
2016-05-16 23:16 - 2016-05-16 23:16 - 00001805 _____ C:\Users\Public\Desktop\Vuze.lnk
2016-05-14 23:56 - 2016-05-14 23:56 - 00001002 _____ C:\Users\Pako\Desktop\Eclipse.lnk
2016-05-13 16:15 - 2016-05-13 16:15 - 00000000 ____D C:\Users\Pako\.tooling
2016-05-13 16:09 - 2016-05-13 16:09 - 00002464 _____ C:\Users\Pako\Desktop\CATIA V5R21.lnk
2016-05-13 16:08 - 2016-05-14 23:56 - 00000000 ____D C:\Users\Pako\AppData\Local\Eclipse
2016-05-13 16:07 - 2016-05-13 16:14 - 00000000 ____D C:\Users\Pako\.eclipse
2016-05-13 16:05 - 2016-02-18 04:38 - 00000000 ____D C:\Program Files (x86)\eclipse
2016-05-13 16:02 - 2016-05-13 16:02 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Sun
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Sun
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\.oracle_jre_usage
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-13 16:01 - 2016-05-13 16:03 - 00000000 ____D C:\ProgramData\Oracle
2016-05-13 16:00 - 2016-05-13 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-13 16:00 - 2016-05-13 16:01 - 00000000 ____D C:\Program Files\Java
2016-05-13 15:59 - 2016-05-13 15:59 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Oracle
2016-05-13 15:40 - 2016-05-13 15:40 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-05-11 15:31 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-05-11 15:31 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-05-11 15:31 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-05-11 15:31 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-05-11 15:31 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-05-11 15:31 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-05-11 15:31 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-05-11 15:31 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-05-11 15:31 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-05-11 15:31 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-05-11 15:31 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-05-11 15:31 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-05-11 15:31 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-05-11 15:31 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-05-11 15:31 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-05-11 15:31 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-05-11 15:31 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-05-11 15:31 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-05-11 15:31 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-05-11 15:31 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-05-11 15:31 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-05-11 15:31 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-05-11 15:31 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-05-11 15:31 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 15:31 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-05-11 15:31 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-05-11 15:31 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-05-11 15:30 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-05-11 15:30 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-05-10 09:41 - 2016-05-24 12:26 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 09:40 - 2016-05-24 12:24 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-05-10 09:40 - 2016-05-10 09:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-10 09:40 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-05-10 09:40 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-05-10 09:40 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-05-10 09:34 - 2016-05-24 12:20 - 00000000 ____D C:\AdwCleaner
2016-05-09 21:16 - 2016-05-09 21:16 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-05-09 21:16 - 2016-05-09 21:16 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-05-09 17:14 - 2016-05-10 09:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-02 14:17 - 2016-05-03 11:57 - 00000000 ____D C:\Users\Pako\Desktop\Numerische Methoden
2016-05-02 14:07 - 2016-05-03 11:57 - 00000000 ____D C:\Users\Pako\AppData\Roaming\jupyter
2016-05-02 14:07 - 2016-05-02 14:07 - 00000000 ____D C:\Users\Pako\.jupyter
2016-05-02 14:04 - 2016-05-02 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-24 12:29 - 2009-07-14 06:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-24 12:29 - 2009-07-14 06:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-24 12:27 - 2015-03-27 00:43 - 00715172 _____ C:\windows\system32\perfh007.dat
2016-05-24 12:27 - 2015-03-27 00:43 - 00154722 _____ C:\windows\system32\perfc007.dat
2016-05-24 12:27 - 2009-07-14 07:13 - 01651686 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-24 12:27 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-24 12:24 - 2015-04-08 19:47 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-24 12:22 - 2015-04-08 15:02 - 00000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-24 12:22 - 2015-04-08 15:02 - 00000000 __SHD C:\Users\Pako\IntelGraphicsProfiles
2016-05-24 12:21 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-24 12:14 - 2015-04-08 19:43 - 00003176 _____ C:\windows\System32\Tasks\HPCeeScheduleForPako
2016-05-24 12:14 - 2015-04-08 19:43 - 00000328 _____ C:\windows\Tasks\HPCeeScheduleForPako.job
2016-05-24 12:11 - 2015-04-15 13:26 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Azureus
2016-05-24 11:17 - 2015-05-26 19:16 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Temp
2016-05-24 10:52 - 2015-04-08 15:25 - 00000000 ____D C:\Users\Pako\AppData\Roaming\vlc
2016-05-23 13:06 - 2015-04-08 15:02 - 00003934 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{593D9C55-FF5A-4232-BB72-86BBBE12F8A1}
2016-05-21 12:50 - 2015-04-08 15:02 - 00000000 ____D C:\Users\Pako\AppData\Roaming\hpqLog
2016-05-19 12:39 - 2015-04-11 17:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 08:04 - 2015-04-08 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-16 23:16 - 2015-04-15 13:26 - 00001805 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2016-05-16 23:16 - 2015-04-15 13:26 - 00000000 ____D C:\Program Files\Vuze
2016-05-16 11:41 - 2016-01-07 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-16 11:27 - 2016-01-07 09:52 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-05-16 11:27 - 2016-01-07 09:52 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2016-05-15 11:08 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-05-15 00:19 - 2009-07-14 06:45 - 00285808 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-15 00:18 - 2015-04-09 20:22 - 00000000 ____D C:\windows\system32\appraiser
2016-05-15 00:18 - 2015-03-27 00:29 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-15 00:15 - 2015-04-09 20:08 - 00000000 ____D C:\windows\system32\MRT
2016-05-15 00:09 - 2015-04-09 20:08 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-13 16:15 - 2015-04-08 15:02 - 00000000 ____D C:\Users\Pako
2016-05-13 16:08 - 2015-04-09 21:11 - 00000000 ____D C:\Uni
2016-05-13 15:40 - 2015-04-08 22:10 - 00000000 ____D C:\Users\Pako\AppData\Local\Downloaded Installations
2016-05-13 15:24 - 2015-04-08 19:47 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:24 - 2015-04-08 19:47 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:24 - 2015-04-08 19:47 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 10:54 - 2013-12-03 21:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-12 18:27 - 2015-04-11 17:01 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 09:55 - 2015-04-09 09:53 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-10 09:55 - 2015-04-09 09:53 - 00000000 ___SD C:\windows\system32\GWX
2016-05-09 21:21 - 2015-05-05 08:10 - 00000000 ____D C:\t00ls
2016-05-03 11:55 - 2015-04-26 18:20 - 00000000 ____D C:\Users\Pako\.matplotlib
2016-05-02 14:05 - 2015-04-08 16:39 - 00000000 ____D C:\Program Files\Anaconda
2016-05-02 14:04 - 2015-04-08 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)
2016-05-02 13:28 - 2015-04-26 18:20 - 00000000 ____D C:\Users\Pako\.spyder2
2016-04-29 14:42 - 2016-03-10 10:54 - 00000000 ____D C:\SWSetup
2016-04-29 14:21 - 2015-04-08 18:28 - 00000000 ____D C:\Users\Pako\AppData\Local\ElevatedDiagnostics
2016-04-27 18:31 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-03-27 00:55 - 2015-03-27 00:56 - 8952034 _____ () C:\ProgramData\hpcsmmsilogs.log
2015-03-27 01:06 - 2016-03-14 22:36 - 1992428 _____ () C:\ProgramData\hpdam_install_log.txt
2015-03-27 01:03 - 2015-03-27 01:03 - 0543880 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt
2016-03-10 18:19 - 2016-03-10 18:21 - 1609326 _____ () C:\ProgramData\SynFPRmsiLogs.log
Einige Dateien in TEMP:
====================
C:\Users\Pako\AppData\Local\Temp\avgnt.exe
C:\Users\Pako\AppData\Local\Temp\Extract.exe
C:\Users\Pako\AppData\Local\Temp\i4jdel0.exe
C:\Users\Pako\AppData\Local\Temp\libeay32.dll
C:\Users\Pako\AppData\Local\Temp\msvcr120.dll
C:\Users\Pako\AppData\Local\Temp\sqlite3.dll
Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-18 00:39
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-05-2016
durchgeführt von Pako (2016-05-24 12:52:52)
Gestartet von C:\Users\Pako\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-04-08 13:02:04)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1335190260-3303876769-2765954222-500 - Administrator - Disabled)
Gast (S-1-5-21-1335190260-3303876769-2765954222-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1335190260-3303876769-2765954222-1003 - Limited - Enabled)
Pako (S-1-5-21-1335190260-3303876769-2765954222-1002 - Administrator - Enabled) => C:\Users\Pako
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Age of Empires 3 complete version 1.14 (HKLM-x32\...\{D5D9F4B5-7CCE-458D-9ECA-FE9EFD7D607C}_is1) (Version: 1.14 - vol1)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.42.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.42.0 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Blobby Volley 2 Version 1.0 (HKLM-x32\...\Blobby Volley 2 Version 1.0_is1) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J825DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 1.9.4.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.2.02075 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.2.02075 - Cisco Systems, Inc.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.5806 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dassault Systemes Doc English CATIA P3 B21 (HKLM-x32\...\Dassault Systemes Doc English B21) (Version: - )
Dassault Systemes Software B21 (HKLM\...\Dassault Systemes B21_0) (Version: - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC10 Prerequisites x86-x64 (HKLM\...\{7C534131-6431-4ECB-9069-525CB5F75CC8}) (Version: 10.1.1 - Dassault Systemes)
Dassault Systemes Software VC11 Prerequisites x86-x64 (HKLM\...\{C857169D-3F1A-4530-99A0-CAE966CE267E}) (Version: 11.0.1 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
DisplayLink Core Software (HKLM\...\{73CF7443-C49F-4A11-BD78-F6D691CDDB72}) (Version: 7.6.55673.0 - DisplayLink Corp.)
EaseUS Partition Master 10.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.8.5 (HKLM-x32\...\{5EDC25EC-D966-11E4-9E5C-00163E98E7D6}) (Version: 5.8.5.7193 - Evernote Corp.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP BIOS Configuration Utility (HKLM-x32\...\{36FCBBEE-7BCE-4603-A4F5-56E73C43C820}) (Version: 4.0.11.1 - Hewlett-Packard Company)
HP BIOS Configuration Utility (HKLM-x32\...\{FADF6CC4-5AF3-4630-AEDB-41F14BC09FCF}) (Version: 4.0.15.1 - HP Inc.)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.17.2042 - HP Inc.)
HP Connection Manager (HKLM-x32\...\{F0809EF3-DE1B-4A3C-9825-D4ABD1BA06BC}) (Version: 4.8.10.1 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{1BE682E2-5AF3-485A-83D0-47CC0C1FFFDE}) (Version: 8.3.7.0 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{BC60F8B0-4365-48A3-B463-0CDDA249B07F}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{48D74C03-3D33-4A7E-9D93-A59FE58C1DEA}) (Version: 2.6.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.27.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{384737A1-509C-46EA-A1EC-C1B6DD3BDC2D}) (Version: 6.2.17.1 - HP)
HP PageLift (HKLM-x32\...\{28074A47-851D-4599-A270-87609F58EB57}) (Version: 1.0.15.1 - Hewlett-Packard Company)
HP Port Replicator Software Installer (HKLM-x32\...\{6313BCDF-1109-4682-A19D-413189817787}) (Version: 1.3.37 - HP)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{757cc2cc-5fed-43e4-b813-2bda78353297}) (Version: 4.2.4.0 - HP)
HP Software Setup (HKLM-x32\...\{F6D61EC9-347B-4019-9F8E-E24169F7C330}) (Version: 8.7.5 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP System Default Settings (HKLM-x32\...\{B5BEF5F8-BD76-4174-A47D-05A06EA62615}) (Version: 2.7.1 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{49FE8EBA-CC77-484E-A4DB-DF4EFC0E5147}) (Version: 8.3.0.8 - Hewlett-Packard Company)
HP USB Port Replicator (HKLM\...\{4BCC570D-F175-4B50-A06A-FE3506A94796}) (Version: 7.6.55872.0 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1519.1030) (HKLM\...\{302600C1-6BDF-4FD1-1504-148929CC1385}) (Version: 17.1.1504.0518 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MATLAB Production Server R2015a (HKLM\...\MATLAB Production Server R2015a) (Version: 2.1 - MathWorks)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Python 2.7.9 (Anaconda 2.2.0 64-bit) (HKLM\...\Python 2.7.9 (Anaconda 2.2.0 64-bit)) (Version: 2.2.0 - Continuum Analytics, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7383 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11072 - Realtek Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.1.1.12 - Steppschuh)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
revoSleep (HKLM-x32\...\{B76E8F60-D517-44B1-BFCD-B6C153A60F1B}) (Version: 2.4.0 - Revo)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.37.3 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{B9151DD5-DAFE-494E-AA1F-C351D5FD9E9B}) (Version: 4.5.321.0 - Synaptics)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.2.0 - Azureus Software, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E846346-8E27-43C5-9BA3-4CD87E0D9564} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-13] (Hewlett-Packard Company)
Task: {1DAECF30-3828-48D2-B84E-B836842E138D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {45D59522-84E4-4292-8C85-3DFF77E8F3DB} - System32\Tasks\HPCeeScheduleForPako => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {5CC7D514-7270-4DBB-8D9B-77B40B992FEB} - System32\Tasks\{D1A6AE07-7B25-46D9-948B-EE7254EA23C1} => pcalua.exe -a "C:\Spiele\Age of Empires II\AoFE_Launcher.exe" -d "C:\Spiele\Age of Empires II"
Task: {5D243527-641A-4CC1-942F-10A90BEA2E85} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {ADB08556-EF60-40F8-A7FE-9D72487E81B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {C95AF739-4354-461A-A75C-6007A9D6ADF2} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForPako.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-05-28 10:14 - 2014-05-28 10:14 - 00336056 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2015-07-01 09:45 - 2015-07-01 09:45 - 00022528 _____ () C:\windows\System32\us005lm.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-15 19:51 - 2014-08-15 19:51 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
2015-04-13 21:00 - 2005-04-22 06:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2014-06-26 23:52 - 2014-06-26 23:52 - 02654936 _____ () C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2016-02-18 06:24 - 2016-02-18 06:24 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2010-06-14 18:41 - 2010-06-14 18:41 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-10-10 18:37 - 2014-10-10 18:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{26194502-22AA-4709-AC14-A1B377061E1D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{55897B62-922E-406A-91E2-39189ADB539E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{050A4F1D-B28D-4172-8615-BF74A549145D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3F3F8700-CA53-4945-BE7F-646E02D92B41}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3DB1C88B-C304-48E1-B26B-9BDC222152A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D687D8D-42C9-4AD6-904C-B45D47242D9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F73A59E-EC31-4785-AB6F-0453471E36A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C487E073-6A9B-41DF-992C-2A23FA95F839}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{ED5D9F8C-31DE-4CB8-9585-C2063ACB031A}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [TCP Query User{A1113639-9AF8-417C-BB27-F77C7421A42D}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [UDP Query User{E8B4C2F2-BB9E-41EA-BDAE-D2C030786AF5}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [TCP Query User{4D0E1D55-7C01-4283-B011-6CA49CACC9E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [UDP Query User{5F9A2BC6-5606-4B97-9FD4-24C5EADF8B9B}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [TCP Query User{CF04BF2B-CD8C-4189-9A40-577D8B1319E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [UDP Query User{ABC23708-F948-4FEE-A3C1-39784C87F35A}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [{572C5DA1-80D5-4B17-A8B5-58572A31D368}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{99B0FD3C-B481-453B-894B-5C627B2F0B44}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{1A6D2200-9E00-4DF7-B29C-F9091B3E214A}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{16DF6E00-323C-4DC5-91F0-6692BD767132}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{4397C81B-F804-4B28-9B23-B75102BC9B86}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{E892C429-305C-4577-8793-3137479C3157}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{184FF14E-9FD3-4C8F-AC9A-B59D5B6C08AD}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{E61669F1-4AA2-48A8-B3F4-ED576879069E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{95992D6D-80DA-4A9F-88E5-A8259F897348}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{C84856A1-F94C-40D1-A72E-38FF6900BB6E}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{0370DA74-30C3-4EA4-8629-287BB4673275}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{8785BFCD-8433-40BC-9E08-D0A714C49885}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{CC249AD1-4854-4335-B71E-71A9581D4274}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{A780842E-9BB9-4871-9D09-CC8AADBC6FE7}C:\spiele\age of empires 3\age3y.exe] => (Allow) C:\spiele\age of empires 3\age3y.exe
FirewallRules: [UDP Query User{548D2FED-8586-48AA-8647-400A3E7B90DB}C:\spiele\age of empires 3\age3y.exe] => (Allow) C:\spiele\age of empires 3\age3y.exe
FirewallRules: [TCP Query User{152B4FAE-FE6D-42F5-BA02-C48BB9E7FAAF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{F3FA0139-CCF0-4F70-BEAE-0A1F96DA92CF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{C1D615EE-F9E7-4702-BDAC-14B5BDCB6C72}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{CAD7267F-42E9-4F6D-8FD8-CD21615B0985}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{F1E3FFB8-28B1-4F30-B4AD-2B61856564F2}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe
FirewallRules: [UDP Query User{F2FDC59F-1437-4776-A83C-1AD023B0E507}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe
FirewallRules: [TCP Query User{6B5B1209-03B1-4EC9-ADF3-0EC08152AAB7}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{8874D6A7-833D-4EF5-B6CF-C03844658CDD}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [TCP Query User{A595BFB1-C585-4DEB-A042-8E7FC8ACA1F5}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{A17134BB-9852-4C67-857D-341AD61D86E2}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{417C69D2-0311-45C0-A803-2C375E5B50BB}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{6FCF8D7B-FCAF-41A4-97FC-0C498602B023}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe
FirewallRules: [{4A68009D-174F-496A-BCD2-EE9DC14143B3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{55164A65-1AF2-4A22-90FF-B75D9E9A9E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F61977B-6F2B-453F-8FCE-5160379EDCD3}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{0F0AA636-B729-4C97-8F5A-E0AB89A86E6D}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{AF4F8F09-0835-44FC-B384-7A9B901CF0DF}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{0E4803D4-C350-419F-A898-DF5F70176E8F}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{42A8C856-7C7E-42B1-A2C3-3F533179FDFF}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{4D6D5AA5-7F2B-48EA-A5DE-4142279187CA}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{E903F21E-808A-470D-B373-DD0613AE9EA7}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{D89E13A1-8DFC-4356-ACD2-D00D7CF40CBF}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{0A5C10DF-E118-4F05-A778-53DAF5FACA79}C:\program files (x86)\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [UDP Query User{6E10132D-5776-445F-A829-A42AAA56656B}C:\program files (x86)\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [{E0970823-DBAF-4A16-86D9-34367AF59301}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{87B1E4F0-93AE-48B9-8053-1639CA935F91}] => (Allow) C:\Program Files\Vuze\Azureus.exe
==================== Wiederherstellungspunkte =========================
22-05-2016 12:25:40 Windows Update
24-05-2016 12:48:42 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/24/2016 12:48:48 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/24/2016 12:22:11 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/24/2016 12:22:10 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/24/2016 12:22:10 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/24/2016 12:22:10 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/24/2016 12:22:06 PM) (Source: flcdlock) (EventID: 1069) (User: )
Description: Profilvorgang für aktuelle SID mit unbekanntem Ausnahmefehler fehlgeschlagen.
Error: (05/24/2016 12:21:45 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/24/2016 12:21:44 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/24/2016 12:21:43 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Error: (05/24/2016 12:21:41 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.
Der Systemfehlercode lautet 0xe0000231:-
** The error code could not be translated **
Systemfehler:
=============
Error: (05/24/2016 12:22:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/24/2016 12:21:38 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/24/2016 12:21:38 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/24/2016 12:21:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/24/2016 12:21:07 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/24/2016 12:21:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/24/2016 12:21:07 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/24/2016 12:21:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\IWMSSvc.dll
Error: (05/24/2016 12:21:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\IWMSSvc.dll
Error: (05/24/2016 12:21:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\System32\IWMSSvc.dll
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8067.11 MB
Verfügbarer physikalischer RAM: 5427.25 MB
Summe virtueller Speicher: 12113.29 MB
Verfügbarer virtueller Speicher: 9125.06 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:94.73 GB) (Free:15.3 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.05 GB) (Free:1.55 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Daten) (Fixed) (Total:298.09 GB) (Free:61.68 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.93 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9CC5D5D8)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D15CF63D)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=94.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0B)
==================== Ende von Addition.txt ============================
|
|
24.05.2016, 14:04
| #12 |
| /// TB-Ausbilder | Email Account(GMX) verschickt Nachrichten Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles.  Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
27.05.2016, 21:08
| #13 |
| /// TB-Ausbilder | Email Account(GMX) verschickt Nachrichten Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Email Account(GMX) verschickt Nachrichten |
| absender, antivirus, avira, bonjour, dnsapi.dll, email, failed, failed delivery, firefox, flash player, google, homepage, mozilla, mp3, problem, prozesse, realtek, registry, rundll, scan, security, server, services.exe, software, svchost.exe, system, usb, windows |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
