| |
| |||||||
Log-Analyse und Auswertung: Yahoo main.targo.12.com forward - fix plsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.06.2016, 15:40
| #1 | |
| |  Yahoo main.targo.12.com forward - fix pls Hallo, ich habe das selbe Problem wie der User in diesem Thread http://www.trojaner-board.de/179276-...2-anzeige.html ich werde der Lösung dort folgen oder morgen, falls bis dahin keine Antwort kommt, gerne hier mit einem Admin zusammen versuchen das Problem zu lösen. Das Problem besteht seit ca. 1 Woche. Man geht über die Lesezeichen in Chrome zu Yahoo, loggt sich in einen Account ein, und wird auf die seite main.targo.12 com (mit punkten) weitergeleitet (habe es mal nicht ausgeschrieben da ich nicht weiß ob hier autoverlinkt wird). Dort wird wahrscheinlich scareware zum download angeboten. Ich habe win 8.1, kasperky 2016, malwarebytes, und nutze täglich ccleaner. Cookies zu löschen scheint das Problem nicht zu beheben. Im HijackThis log ist ebenfalls nichts auffälliges, soweit man den Ausleseseiten des Logs Glauben schenken kann. Ich benutze bis auf google docs keine addons für chrome. Ich habe das Problem auf beiden Laptops. Grüße und danke für Ihre Hilfe Finde keine Option zum Editieren. Möchte noch hinzufügen dass diese Weiterleitung unabhägig davon passiert ob man sich bei yahoo einloggt und auch nur einmalig pro PC Session passiert, nicht immer wenn man die Seite neu aufmacht. Kasperky, Malwarebytes haben nichts gefunden. Rootkit durchlaufen lassen, ebenfalls nichts. Zitat:
|
|
07.06.2016, 19:07
| #2 |
| /// Malwareteam   | Yahoo main.targo.12.com forward - fix pls Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Schritt: 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt: 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
08.06.2016, 06:55
| #3 |
| | Yahoo main.targo.12.com forward - fix pls Farbar
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2016
durchgeführt von Nicolas Fischer (Administrator) auf ICHPUTZHIERNUR (08-06-2016 07:52:01)
Gestartet von C:\Users\Nicolas Fischer\Desktop
Geladene Profile: Nicolas Fischer & postgres (Verfügbare Profile: Nicolas Fischer & postgres)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(© 2015 Microsoft Corporation) C:\Users\Nicolas Fischer\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891568 2013-10-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2014-10-23] (Realtek Semiconductor)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Run: [BingSvc] => C:\Users\Nicolas Fischer\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-01-30]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0B214128-2D4F-4448-BCA1-5BA7204A5458}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{339D7436-EB19-4428-BAAD-5E6E5A915937}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-727180478-3196343947-2561650278-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
URLSearchHook: [S-1-5-21-727180478-3196343947-2561650278-1003] ACHTUNG => Standard URLSearchHook fehlt
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-12-08] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-12-08] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Nicolas Fischer\AppData\Roaming\Mozilla\Firefox\Profiles\xg8n5wnb.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-12-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-12-08] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-30] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-01-30] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-30] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-30] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-30] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-01-30] [ist nicht signiert]
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Profile 1 -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> bing.com
CHR Profile: C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30]
CHR Extension: (Google Docs) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30]
CHR Extension: (Google Drive) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-30]
CHR Extension: (YouTube) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30]
CHR Extension: (Google-Suche) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30]
CHR Extension: (Google Tabellen) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30]
CHR Extension: (Norton Identity Protection) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-01-30]
CHR Extension: (Google Wallet) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Google Mail) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]
CHR Profile: C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (ProxFlow) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-05-07]
CHR Extension: (Google Präsentationen) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07]
CHR Extension: (Google Docs) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Kaspersky Protection) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-02-01]
CHR Extension: (Google Tabellen) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07]
CHR Extension: (Google Docs Offline) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Skype) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2000-01-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 postgresql-x64-9.0; C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe [111104 2012-09-21] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2016-05-06] () [Datei ist nicht signiert]
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [81072 2014-02-20] (Qualcomm Atheros, Inc.)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [160464 2014-03-05] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-01-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-01-30] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-01-30] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2016-05-06] () [Datei ist nicht signiert]
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2000-01-01] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-02-21] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-08 07:52 - 2016-06-08 07:52 - 00027467 _____ C:\Users\Nicolas Fischer\Desktop\FRST.txt
2016-06-08 07:51 - 2016-06-08 07:52 - 00000000 ____D C:\FRST
2016-06-08 07:50 - 2016-06-08 07:50 - 02385408 _____ (Farbar) C:\Users\Nicolas Fischer\Desktop\FRST64.exe
2016-06-07 16:17 - 2016-06-07 16:38 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-06-07 16:17 - 2016-06-07 16:17 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-07 16:15 - 2016-06-07 16:38 - 00000000 ____D C:\Users\Nicolas Fischer\Desktop\mbar
2016-06-07 16:15 - 2016-06-07 16:15 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-07 16:14 - 2016-06-07 16:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Nicolas Fischer\Desktop\mbar-1.09.3.1001.exe
2016-06-05 12:35 - 2016-06-05 12:35 - 06893008 _____ (Piriform Ltd) C:\Users\Nicolas Fischer\Downloads\ccsetup518.exe
2016-06-05 12:35 - 2016-06-05 12:35 - 06893008 _____ (Piriform Ltd) C:\Users\Nicolas Fischer\Downloads\ccsetup518 (1).exe
2016-06-05 11:15 - 2016-06-05 11:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nicolas Fischer\Downloads\HijackThis_2.0.5.exe
2016-05-31 22:04 - 2016-06-07 16:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-31 22:04 - 2016-05-31 22:04 - 22851472 _____ (Malwarebytes ) C:\Users\Nicolas Fischer\Downloads\mbam-setup-computerbild.8000-2.2.1.1043.exe
2016-05-30 12:18 - 2016-06-02 12:17 - 00000000 ____D C:\Users\Nicolas Fischer\Desktop\Maria Arbeit
2016-05-30 10:36 - 2016-05-30 10:36 - 09795724 _____ C:\Users\Nicolas Fischer\Downloads\Moody's Ratings Handbook.pdf
2016-05-30 09:47 - 2016-05-30 09:47 - 00011818 _____ C:\Users\Nicolas Fischer\Downloads\Mappe1.xlsx
2016-05-30 09:42 - 2016-05-30 09:43 - 63526832 _____ C:\Users\Nicolas Fischer\Downloads\PT-Install-v4.14.16.exe
2016-05-29 15:40 - 2016-05-29 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2016-05-28 14:35 - 2016-05-28 14:35 - 00000000 ____D C:\Users\Nicolas Fischer\hitman
2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Program Files\MSBuild
2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-05-28 14:31 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-05-28 14:31 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-28 14:31 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-05-28 14:31 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-05-28 14:31 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-05-28 14:31 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-05-27 18:24 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-05-27 18:24 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-05-23 14:03 - 2016-05-23 14:03 - 00016799 _____ C:\Users\Nicolas Fischer\Downloads\20160523-4704003243-umsatz.CSV
2016-05-14 01:09 - 2016-05-14 01:09 - 01812264 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Nicolas Fischer\Downloads\GPU-Z.0.8.7.exe
2016-05-11 13:06 - 2016-06-04 23:37 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-05-11 13:06 - 2016-05-14 17:02 - 00003942 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-11 13:04 - 2016-05-11 13:07 - 00089525 _____ C:\Users\Nicolas Fischer\Downloads\dir.dcr
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-08 07:51 - 2015-01-30 13:56 - 00001148 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-08 07:50 - 2015-01-30 14:26 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Roaming\ClassicShell
2016-06-08 07:48 - 2015-02-02 10:33 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Roaming\Skype
2016-06-08 07:41 - 2015-01-30 13:55 - 00003994 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{018A7B7D-0C23-468D-A31E-E87B9CC3A02F}
2016-06-08 07:39 - 2015-01-30 19:06 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-06-08 07:39 - 2015-01-30 13:56 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-07 23:07 - 2015-01-30 19:20 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-07 18:26 - 2015-01-30 12:56 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-727180478-3196343947-2561650278-1001
2016-06-07 10:44 - 2014-03-18 12:03 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-07 10:44 - 2014-03-18 11:25 - 00766620 _____ C:\Windows\system32\perfh007.dat
2016-06-07 10:44 - 2014-03-18 11:25 - 00159902 _____ C:\Windows\system32\perfc007.dat
2016-06-07 10:44 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-06-07 10:43 - 2015-05-27 17:03 - 00000000 ____D C:\ProgramData\Kodak
2016-06-07 10:38 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-07 10:38 - 2013-08-22 16:44 - 00362848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-07 07:34 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-07 06:56 - 2015-04-06 11:40 - 00000000 ____D C:\Users\Nicolas Fischer\Desktop\Poker
2016-06-07 06:40 - 2015-04-06 11:45 - 00000000 ____D C:\Users\Nicolas Fischer\Documents\888poker
2016-06-07 06:40 - 2015-04-06 11:37 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Local\PokerStars.EU
2016-06-07 06:33 - 2015-02-02 10:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-07 06:32 - 2015-02-02 10:33 - 00000000 ____D C:\ProgramData\Skype
2016-06-07 06:24 - 2016-05-06 10:48 - 00000000 ____D C:\Users\Nicolas Fischer\Desktop\Vegas 2016
2016-06-06 20:52 - 2015-01-30 13:57 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-06 20:52 - 2015-01-30 13:57 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-06 14:18 - 2015-01-30 12:51 - 00000000 ____D C:\Users\Nicolas Fischer
2016-06-06 13:27 - 2015-04-06 11:14 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4
2016-06-06 01:59 - 2016-02-12 21:45 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Local\Battle.net
2016-06-05 22:19 - 2016-02-12 21:44 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-06-05 12:36 - 2015-02-07 12:16 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-05 12:35 - 2015-02-08 15:19 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-05 11:15 - 2015-01-30 12:51 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Local\VirtualStore
2016-06-04 15:58 - 2015-03-20 01:52 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Roaming\TeamViewer
2016-06-04 12:46 - 2015-04-06 11:37 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2016-06-02 22:19 - 2016-05-06 09:08 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-06-02 00:07 - 2016-02-12 21:49 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-05-31 09:32 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-31 09:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-05-30 14:52 - 2015-01-30 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-05-30 09:43 - 2015-04-26 15:02 - 00001086 _____ C:\Users\postgres\Desktop\PokerTracker 4.lnk
2016-05-30 09:43 - 2015-04-26 15:02 - 00001086 _____ C:\Users\Nicolas Fischer\Desktop\PokerTracker 4.lnk
2016-05-29 15:40 - 2015-12-22 00:28 - 00001549 _____ C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk
2016-05-29 15:40 - 2015-04-13 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-29 08:50 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-05-28 20:35 - 2015-01-30 19:32 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-28 14:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-05-28 14:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\MUI
2016-05-28 14:32 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-05-27 18:24 - 2015-01-30 13:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-23 02:58 - 2015-02-28 13:48 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Local\CrashDumps
2016-05-19 17:11 - 2015-04-06 11:43 - 00000000 ____D C:\Program Files (x86)\PacificPoker
2016-05-14 01:10 - 2015-12-09 15:41 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Roaming\NVIDIA
2016-05-11 13:06 - 2015-04-06 18:59 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Local\Adobe
2016-05-11 08:46 - 2015-01-30 13:56 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 08:46 - 2015-01-30 13:56 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-23 23:23 - 2016-02-09 08:54 - 0007626 _____ () C:\Users\Nicolas Fischer\AppData\Local\Resmon.ResmonCfg
2016-04-02 11:41 - 2016-04-02 11:41 - 0000000 _____ () C:\Users\Nicolas Fischer\AppData\Local\{46DAA92B-3992-49A1-91E4-4EB2079C9C50}
2015-04-06 11:14 - 2015-04-06 11:14 - 0004939 _____ () C:\ProgramData\flwjycbm.bab
2015-08-14 23:03 - 2015-08-14 23:03 - 0000016 _____ () C:\ProgramData\mntemp
Einige Dateien in TEMP:
====================
C:\Users\Nicolas Fischer\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-01 02:32
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-06-2016
durchgeführt von Nicolas Fischer (2016-06-08 07:52:20)
Gestartet von C:\Users\Nicolas Fischer\Desktop
Windows 8.1 (Update) (X64) (2015-01-30 10:51:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-727180478-3196343947-2561650278-500 - Administrator - Disabled)
Gast (S-1-5-21-727180478-3196343947-2561650278-501 - Limited - Disabled)
Nicolas Fischer (S-1-5-21-727180478-3196343947-2561650278-1001 - Administrator - Enabled) => C:\Users\Nicolas Fischer
postgres (S-1-5-21-727180478-3196343947-2561650278-1003 - Limited - Enabled) => C:\Users\postgres
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-PDF Printer 10.22.0.2525 (HKLM\...\7-PDF Printer_is1) (Version: 10.22.0.2525 - 7-PDF, Germany - Th. Hodes)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\BitTorrent) (Version: 7.9.3.39947 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
ETDWare PS/2-X64 11.13.6.2_WHQL (HKLM\...\Elantech) (Version: 11.13.6.2 - ELAN Microelectronic Corp.)
Filtration version 0.9 (HKLM-x32\...\{AD0C8642-110D-402E-ADF6-9DDC1908A8FC}_is1) (Version: 0.9 - Ben Wallis)
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 5.30.16.WIN.FullTilt.EU - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HoldemResources Calculator (HKLM-x32\...\HoldemResources Calculator) (Version: release - HoldemResources)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
KeePass Password Safe 1.29 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.29 - Dominik Reichl)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 44.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.1 (x86 de)) (Version: 44.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.1 - Mozilla)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin 2016 (HKLM-x32\...\{DC460501-EEFA-4701-8AD8-5F7DE1B70436}) (Version: 9.30.00 - OriginLab Corporation)
partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)
Path of Exile - The Awakening Closed Beta (HKLM-x32\...\{08614ECB-C254-422C-AB67-C51E98CD1F78}) (Version: 2.0.0.41339 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.3.0.39268 - Grinding Gear Games)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{68DD86DD-8E02-4921-926B-B358D51EAF3A}) (Version: 1.1.41.1283 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{6692DCAF-A445-4C6B-AF31-3DD85FC06FBA}) (Version: 13.014.01026 - Application)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
StackAndTile (HKLM-x32\...\StackAndTile) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 3.10.0) (Version: 3.10.0 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 3.8.0) (Version: 3.8.0 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 3.8.1) (Version: 3.8.1 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 3.9.0) (Version: 3.9.0 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 4.1.1) (Version: 4.1.1 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 4.2.3) (Version: 4.2.3 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 4.5.0) (Version: 4.5.0 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 4.7.1) (Version: 4.7.1 - Winamax)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E5}) (Version: 19.0.11293 - WinZip Computing, S.L. )
World of Tanks (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-727180478-3196343947-2561650278-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {45C9F1C7-B74B-45FD-8728-762D3407ADB6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {486B214D-9F86-44D7-9FA8-0758EE302A78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {57A4271E-004C-44C9-8728-EE95D7606454} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-14] (Adobe Systems Incorporated)
Task: {A105CF4C-20A5-4D9F-A20F-D9FE484814CA} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
Task: {CFBA5C63-BEE7-4844-948C-35DF34B2ADC3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DB558C57-8D7A-4E4F-B2A4-980271E93482} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F5FAC8A9-7455-4D75-92DD-7C83CBEA7682} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Nicolas Fischer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\RaY - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-06 11:19 - 2012-09-21 09:55 - 00217600 _____ () C:\Program Files\PostgreSQL\9.0\bin\LIBPQ.dll
2015-04-06 11:19 - 2012-08-14 14:02 - 02258432 _____ () C:\Program Files\PostgreSQL\9.0\bin\libxml2.dll
2015-01-30 13:07 - 2015-01-10 01:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-04 14:16 - 2014-03-04 14:16 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2015-02-02 19:13 - 2000-01-01 02:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-06-06 20:52 - 2016-06-04 03:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-06 20:52 - 2016-06-04 03:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
2016-06-06 20:52 - 2016-06-04 03:56 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-727180478-3196343947-2561650278-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img3.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FCB6551C-DDF3-44D6-8B76-868EDFFB0EFB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9A4CF007-78EC-4AAA-8E36-E83AEDF972C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DE6D1B8B-553D-474A-A715-F9273EAAC5FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0267B205-6E04-4731-A922-A402C229E6C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D55BF4FF-A9A2-4A2B-B28D-AF7D050D75D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3B02ED56-92B7-4051-AF30-F1F8C41A21A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F08623D1-121B-42B4-AAFD-A73FAB2B36C8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7D78A858-3AB9-4508-9965-120AD1A6A99F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A3E959C0-C150-47B5-B35F-402D65487D46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4D804ED8-0854-4421-A955-244DD8896316}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B9C0582A-379F-4F9D-8355-E8384D2CE5C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{68DE6B8B-CD21-4290-BF28-83BE275A91FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{66759BBC-2718-4A99-8580-8FAE987920BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9227C711-CBD7-4D6E-9C18-814C2849A9B2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5B7E133F-F3D4-426B-A9F4-34F5D1F6C740}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4DAE0D06-4893-46E4-A826-26848658B6BE}] => (Allow) C:\Users\Nicolas Fischer\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{AFD08483-05CC-4529-A277-8BE5DF189BAF}] => (Allow) C:\Users\Nicolas Fischer\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F7867348-33E1-4EB6-9F61-9624D1ECC6A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{480A79CB-49BF-4721-AC5C-CB4E02FF2CCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6194C867-0627-4808-B42E-7ED8B920BA33}] => (Allow) LPort=9322
FirewallRules: [{0094DAF0-8438-4903-A639-8887DC7C9917}] => (Allow) LPort=5353
FirewallRules: [{79106B7A-A9EC-4C06-ABEA-DF99A3356425}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{5E50C1A1-32E0-4683-B039-F132E0F58848}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{5D0BE862-B88D-4233-9A1A-F6E63068BE8D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{45C95E61-167A-4AE5-9D36-F2BF8CD9C1E5}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{5672A64E-E75A-4DD5-BFC7-90870E4A0749}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{9F990869-7405-477E-ADCE-88FD97CF5562}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{B7346952-C95F-4763-B9EA-35C9BF37E966}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{866B8885-9E3D-40C3-B73E-0F9D2E6D13F2}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{CE0AE42B-BFE4-4363-8890-161A93765FBA}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{3539FC2A-1256-4021-A603-B514394F39CE}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{15815A80-FE35-435A-B1D2-DAA461A0A952}] => (Allow) LPort=9322
FirewallRules: [{D991DBD7-50AF-4B22-9677-614A226F534E}] => (Allow) LPort=5353
FirewallRules: [{1E9E9182-C200-4F05-A6DC-43EBE2470336}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC0849F4-A050-40D4-854C-12B33528342B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{749C11EF-F5E6-4725-8DBD-1703B62B4137}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D1CA481F-99FA-4587-B9E3-A2F69DBC4260}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{33473AF8-A428-40A1-A11C-DDE0FF370487}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{478506A8-FCB2-466B-B50B-FF4A6E09BFAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8B1E1E17-1060-44BC-A896-1ABDE115C772}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{01BB6221-6E3D-4DB7-8036-0D4146E50284}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{3216FAF3-0C4A-4291-8C2C-3A8A81438DBD}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{E3B560E5-1ACF-4F6E-8573-61588A3939D6}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{EEC6E59B-AC9B-4D0C-9CF5-D4F60211A262}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{3FFA18F5-78B6-402A-BF24-7698560E5F1D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
04-06-2016 12:01:05 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/06/2016 05:59:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SoftwareUpdate.exe, Version 2.2.0.150 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 475c
Startzeit: 01d1c00c1c410285
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Berichts-ID: aae51be2-2bff-11e6-826d-303a6453cf68
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/06/2016 05:59:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/06/2016 05:59:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/06/2016 05:59:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/06/2016 05:43:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Ichputzhiernur)
Description: Bei der Aktivierung der App „winstore_cw5n1h2txyewy!Windows.Store“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/06/2016 02:07:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm PokerTracker4.exe, Version 4.14.16.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: a2dc
Startzeit: 01d1bf2b1f97b987
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe
Berichts-ID: b9a55fe9-2b7a-11e6-826d-303a6453cf68
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/05/2016 01:23:45 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/05/2016 01:07:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/05/2016 01:01:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/05/2016 12:41:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Systemfehler:
=============
Error: (06/07/2016 06:27:43 PM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/07/2016 06:27:13 PM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/07/2016 10:38:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (06/07/2016 10:38:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (06/06/2016 11:02:00 AM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/06/2016 11:01:29 AM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/06/2016 10:57:22 AM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/06/2016 10:56:52 AM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/05/2016 01:24:42 PM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/05/2016 01:24:12 PM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
CodeIntegrity:
===================================
Date: 2016-06-07 10:38:21.429
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-07 10:38:20.845
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-17 13:03:18.404
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-17 13:03:17.685
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-06 09:07:49.956
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-06 09:07:49.915
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-02 11:45:13.254
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-02 11:45:12.309
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-27 12:46:25.898
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-27 12:46:24.887
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 16304.22 MB
Verfügbarer physikalischer RAM: 13382.54 MB
Summe virtueller Speicher: 21424.22 MB
Verfügbarer virtueller Speicher: 14258.73 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.54 GB) (Free:79.1 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 103551C3)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
08.06.2016, 07:07
| #4 |
| | Yahoo main.targo.12.com forward - fix plsCode:
ATTFilter 08:01:09.0106 0x163c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
08:01:12.0310 0x163c ============================================================
08:01:12.0310 0x163c Current date / time: 2016/06/08 08:01:12.0310
08:01:12.0310 0x163c SystemInfo:
08:01:12.0310 0x163c
08:01:12.0310 0x163c OS Version: 6.3.9600 ServicePack: 0.0
08:01:12.0310 0x163c Product type: Workstation
08:01:12.0310 0x163c ComputerName: ICHPUTZHIERNUR
08:01:12.0310 0x163c UserName: Nicolas Fischer
08:01:12.0310 0x163c Windows directory: C:\Windows
08:01:12.0310 0x163c System windows directory: C:\Windows
08:01:12.0310 0x163c Running under WOW64
08:01:12.0310 0x163c Processor architecture: Intel x64
08:01:12.0310 0x163c Number of processors: 8
08:01:12.0310 0x163c Page size: 0x1000
08:01:12.0310 0x163c Boot type: Normal boot
08:01:12.0310 0x163c ============================================================
08:01:12.0419 0x163c KLMD registered as C:\Windows\system32\drivers\30266442.sys
08:01:12.0544 0x163c System UUID: {6C4419D0-4045-011C-4E1E-EEC776573DAB}
08:01:12.0856 0x163c Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:01:12.0856 0x163c ============================================================
08:01:12.0856 0x163c \Device\Harddisk0\DR0:
08:01:12.0856 0x163c MBR partitions:
08:01:12.0856 0x163c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
08:01:12.0856 0x163c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1D115800
08:01:12.0856 0x163c ============================================================
08:01:12.0856 0x163c C: <-> \Device\Harddisk0\DR0\Partition2
08:01:12.0856 0x163c ============================================================
08:01:12.0856 0x163c Initialize success
08:01:12.0856 0x163c ============================================================
08:01:21.0210 0x1340 ============================================================
08:01:21.0210 0x1340 Scan started
08:01:21.0210 0x1340 Mode: Manual; SigCheck; TDLFS;
08:01:21.0210 0x1340 ============================================================
08:01:21.0210 0x1340 KSN ping started
08:01:23.0585 0x1340 KSN ping finished: true
08:01:23.0773 0x1340 ================ Scan system memory ========================
08:01:23.0773 0x1340 System memory - ok
08:01:23.0773 0x1340 ================ Scan services =============================
08:01:23.0804 0x1340 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
08:01:23.0835 0x1340 1394ohci - ok
08:01:23.0851 0x1340 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
08:01:23.0867 0x1340 3ware - ok
08:01:23.0882 0x1340 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:01:23.0898 0x1340 ACPI - ok
08:01:23.0898 0x1340 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
08:01:23.0898 0x1340 acpiex - ok
08:01:23.0914 0x1340 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
08:01:23.0914 0x1340 acpipagr - ok
08:01:23.0914 0x1340 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
08:01:23.0929 0x1340 AcpiPmi - ok
08:01:23.0929 0x1340 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
08:01:23.0929 0x1340 acpitime - ok
08:01:23.0961 0x1340 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
08:01:23.0976 0x1340 ADP80XX - ok
08:01:23.0992 0x1340 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:01:23.0992 0x1340 AeLookupSvc - ok
08:01:24.0023 0x1340 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
08:01:24.0039 0x1340 AFD - ok
08:01:24.0039 0x1340 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:01:24.0039 0x1340 agp440 - ok
08:01:24.0054 0x1340 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
08:01:24.0054 0x1340 ahcache - ok
08:01:24.0054 0x1340 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe
08:01:24.0070 0x1340 ALG - ok
08:01:24.0086 0x1340 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
08:01:24.0086 0x1340 AmdK8 - ok
08:01:24.0086 0x1340 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
08:01:24.0101 0x1340 AmdPPM - ok
08:01:24.0101 0x1340 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:01:24.0117 0x1340 amdsata - ok
08:01:24.0117 0x1340 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:01:24.0132 0x1340 amdsbs - ok
08:01:24.0132 0x1340 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:01:24.0148 0x1340 amdxata - ok
08:01:24.0148 0x1340 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\Windows\system32\drivers\appid.sys
08:01:24.0164 0x1340 AppID - ok
08:01:24.0164 0x1340 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:01:24.0164 0x1340 AppIDSvc - ok
08:01:24.0179 0x1340 [ 7667B9D81EA8FD6540E6CF72F92161A6, 98F3D0E376F715EBE083FE112CAA640BCE0F13DCE0F244D059D7FA019EA3D24C ] Appinfo C:\Windows\System32\appinfo.dll
08:01:24.0179 0x1340 Appinfo - ok
08:01:24.0179 0x1340 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:01:24.0195 0x1340 Apple Mobile Device Service - ok
08:01:24.0211 0x1340 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\Windows\system32\AppReadiness.dll
08:01:24.0226 0x1340 AppReadiness - ok
08:01:24.0257 0x1340 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
08:01:24.0289 0x1340 AppXSvc - ok
08:01:24.0289 0x1340 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:01:24.0304 0x1340 arcsas - ok
08:01:24.0304 0x1340 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
08:01:24.0304 0x1340 atapi - ok
08:01:24.0320 0x1340 [ 4AEF9EC86818375495FB78CA58DF4E18, 0565888F798FAB86091E7A7D8E1D583DF3CC5756A12ACF04987C67C14E360DFB ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
08:01:24.0320 0x1340 atksgt - detected UnsignedFile.Multi.Generic ( 1 )
08:01:26.0727 0x1340 Detect skipped due to KSN trusted
08:01:26.0727 0x1340 atksgt - ok
08:01:26.0758 0x1340 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
08:01:26.0789 0x1340 AudioEndpointBuilder - ok
08:01:26.0820 0x1340 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\Windows\System32\Audiosrv.dll
08:01:26.0836 0x1340 Audiosrv - ok
08:01:26.0852 0x1340 [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
08:01:26.0867 0x1340 AVP15.0.1 - ok
08:01:26.0867 0x1340 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:01:26.0883 0x1340 AxInstSV - ok
08:01:26.0898 0x1340 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:01:26.0914 0x1340 b06bdrv - ok
08:01:26.0914 0x1340 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
08:01:26.0930 0x1340 BasicDisplay - ok
08:01:26.0930 0x1340 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
08:01:26.0930 0x1340 BasicRender - ok
08:01:26.0945 0x1340 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
08:01:26.0945 0x1340 bcmfn2 - ok
08:01:26.0961 0x1340 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:01:26.0977 0x1340 BDESVC - ok
08:01:26.0977 0x1340 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
08:01:26.0977 0x1340 Beep - ok
08:01:26.0992 0x1340 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\Windows\System32\bfe.dll
08:01:27.0024 0x1340 BFE - ok
08:01:27.0024 0x1340 [ B1EAED166CC8942F49B3391D5C2007DD, F07648493F68D22594FEAE746BF3B2BA2262707FE21216E87500E407FEDCC2CC ] BfLwf C:\Windows\system32\DRIVERS\bwcW8x64.sys
08:01:27.0024 0x1340 BfLwf - ok
08:01:27.0055 0x1340 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll
08:01:27.0070 0x1340 BITS - ok
08:01:27.0117 0x1340 [ A8E05BE650637FC1B9CA5A4AD5893D61, A13F902F64BC906473E6576745D9024D157E87F5FDE9B28B5DCAA248BDB3E7CA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
08:01:27.0149 0x1340 Bluetooth Device Monitor - ok
08:01:27.0180 0x1340 [ 889AED9D7E57139956C5B03D93386A10, A7988A977C9B6AEFB83B9D3BD60CF49D757A5436D782F840C073C4E5B89D370A ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
08:01:27.0195 0x1340 Bluetooth OBEX Service - ok
08:01:27.0211 0x1340 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:01:27.0227 0x1340 Bonjour Service - ok
08:01:27.0227 0x1340 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:01:27.0242 0x1340 bowser - ok
08:01:27.0242 0x1340 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
08:01:27.0258 0x1340 BrokerInfrastructure - ok
08:01:27.0274 0x1340 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\Windows\System32\browser.dll
08:01:27.0274 0x1340 Browser - ok
08:01:27.0274 0x1340 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
08:01:27.0289 0x1340 BthAvrcpTg - ok
08:01:27.0289 0x1340 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
08:01:27.0305 0x1340 BthEnum - ok
08:01:27.0305 0x1340 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
08:01:27.0305 0x1340 BthHFEnum - ok
08:01:27.0320 0x1340 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
08:01:27.0320 0x1340 bthhfhid - ok
08:01:27.0336 0x1340 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
08:01:27.0336 0x1340 BthLEEnum - ok
08:01:27.0352 0x1340 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
08:01:27.0352 0x1340 BTHMODEM - ok
08:01:27.0352 0x1340 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\Windows\System32\drivers\bthpan.sys
08:01:27.0367 0x1340 BthPan - ok
08:01:27.0399 0x1340 [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:01:27.0414 0x1340 BTHPORT - ok
08:01:27.0430 0x1340 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll
08:01:27.0430 0x1340 bthserv - ok
08:01:27.0445 0x1340 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:01:27.0445 0x1340 BTHUSB - ok
08:01:27.0445 0x1340 [ E55812A296C23169DEDB8841A0684958, D170365CEFBEE39A0784ECDCDEA158A0CDCFEE12DF1FB638CEECD4798C1E759C ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
08:01:27.0461 0x1340 btmaux - ok
08:01:27.0508 0x1340 [ EAAE1737D2209701E203BA017F57E579, B0CA6FDE97DEBAF2FC6FDEA0BB1A0C4234A75133E64C7739B2392F85C1E69E22 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
08:01:27.0539 0x1340 btmhsf - ok
08:01:27.0555 0x1340 [ C8D931D734FC0097478CE2583A75C4DF, 60C5F97D7E5A8B81A7123A5DB333577B0C7B9302C1D1C98D47BA96C0A3FB7417 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
08:01:27.0586 0x1340 c2cautoupdatesvc - ok
08:01:27.0617 0x1340 [ 8E1CC0517DE17DF83CF80BFCE9F0C000, 13F7929D531914FA2ED1223977E15A7F45E3FF3DA1392ECC4B15F5619B37B754 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
08:01:27.0649 0x1340 c2cpnrsvc - ok
08:01:27.0649 0x1340 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:01:27.0664 0x1340 cdfs - ok
08:01:27.0664 0x1340 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
08:01:27.0680 0x1340 cdrom - ok
08:01:27.0680 0x1340 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll
08:01:27.0695 0x1340 CertPropSvc - ok
08:01:27.0695 0x1340 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
08:01:27.0711 0x1340 circlass - ok
08:01:27.0711 0x1340 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\Windows\system32\drivers\CLFS.sys
08:01:27.0727 0x1340 CLFS - ok
08:01:27.0742 0x1340 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
08:01:27.0742 0x1340 CmBatt - ok
08:01:27.0742 0x1340 [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys
08:01:27.0758 0x1340 cm_km_w - ok
08:01:27.0774 0x1340 [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG C:\Windows\system32\Drivers\cng.sys
08:01:27.0789 0x1340 CNG - ok
08:01:27.0789 0x1340 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
08:01:27.0805 0x1340 CompositeBus - ok
08:01:27.0805 0x1340 COMSysApp - ok
08:01:27.0805 0x1340 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
08:01:27.0820 0x1340 condrv - ok
08:01:27.0836 0x1340 [ 61BE76F05BDC068B30FEE5B0F19212F0, 3EABFBF31E8498C8AFEA384E9A86C7063DC4E1255874A8E049D1CC99E51B2AD8 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
08:01:27.0836 0x1340 cphs - ok
08:01:27.0852 0x1340 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:01:27.0867 0x1340 CryptSvc - ok
08:01:27.0867 0x1340 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
08:01:27.0867 0x1340 dam - ok
08:01:27.0899 0x1340 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:01:27.0914 0x1340 DcomLaunch - ok
08:01:27.0930 0x1340 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\Windows\System32\defragsvc.dll
08:01:27.0945 0x1340 defragsvc - ok
08:01:27.0961 0x1340 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
08:01:27.0977 0x1340 DeviceAssociationService - ok
08:01:27.0977 0x1340 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
08:01:27.0977 0x1340 DeviceInstall - ok
08:01:27.0992 0x1340 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
08:01:27.0992 0x1340 Dfsc - ok
08:01:28.0008 0x1340 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\Windows\system32\dhcpcore.dll
08:01:28.0024 0x1340 Dhcp - ok
08:01:28.0024 0x1340 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
08:01:28.0039 0x1340 disk - ok
08:01:28.0039 0x1340 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
08:01:28.0055 0x1340 dmvsc - ok
08:01:28.0055 0x1340 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:01:28.0070 0x1340 Dnscache - ok
08:01:28.0070 0x1340 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll
08:01:28.0086 0x1340 dot3svc - ok
08:01:28.0102 0x1340 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll
08:01:28.0117 0x1340 DPS - ok
08:01:28.0117 0x1340 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:01:28.0117 0x1340 drmkaud - ok
08:01:28.0133 0x1340 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
08:01:28.0149 0x1340 DsmSvc - ok
08:01:28.0180 0x1340 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:01:28.0211 0x1340 DXGKrnl - ok
08:01:28.0227 0x1340 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll
08:01:28.0227 0x1340 Eaphost - ok
08:01:28.0305 0x1340 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:01:28.0367 0x1340 ebdrv - ok
08:01:28.0383 0x1340 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe
08:01:28.0383 0x1340 EFS - ok
08:01:28.0399 0x1340 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
08:01:28.0399 0x1340 EhStorClass - ok
08:01:28.0414 0x1340 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
08:01:28.0414 0x1340 EhStorTcgDrv - ok
08:01:28.0414 0x1340 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
08:01:28.0430 0x1340 ErrDev - ok
08:01:28.0430 0x1340 [ 5DC4A580FB90E083CFF96BFB03EA17EB, A3E273C3A5B4190D9872F64F77455A4E7A3279CAE7E1A191F4F7FFFE9C0E6D9E ] ETD C:\Windows\system32\DRIVERS\ETD.sys
08:01:28.0445 0x1340 ETD - ok
08:01:28.0461 0x1340 [ 31F88205E21FCDCFB9DFB9DF70AB2598, 1A9523A594CF3591F8200FE15EE1DBC57157B362F185FABB95665764DE46071A ] ETDService C:\Program Files\Elantech\ETDService.exe
08:01:28.0461 0x1340 ETDService - ok
08:01:28.0477 0x1340 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll
08:01:28.0492 0x1340 EventSystem - ok
08:01:28.0508 0x1340 [ 55588867D59BADA2F62E58618CE32B03, F7FAF420103272151194A475D6C8EF4449AFCED787AA3DF7C461370D828E522F ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
08:01:28.0524 0x1340 EvtEng - ok
08:01:28.0524 0x1340 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
08:01:28.0539 0x1340 exfat - ok
08:01:28.0555 0x1340 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:01:28.0555 0x1340 fastfat - ok
08:01:28.0570 0x1340 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe
08:01:28.0602 0x1340 Fax - ok
08:01:28.0602 0x1340 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
08:01:28.0602 0x1340 fdc - ok
08:01:28.0602 0x1340 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll
08:01:28.0617 0x1340 fdPHost - ok
08:01:28.0617 0x1340 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll
08:01:28.0633 0x1340 FDResPub - ok
08:01:28.0649 0x1340 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll
08:01:28.0649 0x1340 fhsvc - ok
08:01:28.0649 0x1340 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:01:28.0664 0x1340 FileInfo - ok
08:01:28.0664 0x1340 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:01:28.0680 0x1340 Filetrace - ok
08:01:28.0680 0x1340 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
08:01:28.0680 0x1340 flpydisk - ok
08:01:28.0695 0x1340 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:01:28.0711 0x1340 FltMgr - ok
08:01:28.0742 0x1340 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\Windows\system32\FntCache.dll
08:01:28.0758 0x1340 FontCache - ok
08:01:28.0774 0x1340 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:01:28.0774 0x1340 FontCache3.0.0.0 - ok
08:01:28.0774 0x1340 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:01:28.0789 0x1340 FsDepends - ok
08:01:28.0789 0x1340 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:01:28.0789 0x1340 Fs_Rec - ok
08:01:28.0805 0x1340 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:01:28.0820 0x1340 fvevol - ok
08:01:28.0836 0x1340 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
08:01:28.0836 0x1340 FxPPM - ok
08:01:28.0836 0x1340 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:01:28.0852 0x1340 gagp30kx - ok
08:01:28.0852 0x1340 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
08:01:28.0852 0x1340 gencounter - ok
08:01:28.0883 0x1340 [ 4DF4ABCA09AF1530D712FA589CE3BE9F, 573C04358BBAEAEDFDC4F265627E8029295C31BB17C13B428D5694119AECEDAD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
08:01:28.0899 0x1340 GfExperienceService - ok
08:01:28.0914 0x1340 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
08:01:28.0914 0x1340 GPIOClx0101 - ok
08:01:28.0977 0x1340 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\Windows\System32\gpsvc.dll
08:01:28.0992 0x1340 gpsvc - ok
08:01:29.0008 0x1340 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:01:29.0008 0x1340 gupdate - ok
08:01:29.0024 0x1340 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:01:29.0024 0x1340 gupdatem - ok
08:01:29.0039 0x1340 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:01:29.0055 0x1340 HdAudAddService - ok
08:01:29.0055 0x1340 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
08:01:29.0071 0x1340 HDAudBus - ok
08:01:29.0071 0x1340 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
08:01:29.0071 0x1340 HidBatt - ok
08:01:29.0086 0x1340 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\Windows\System32\drivers\hidbth.sys
08:01:29.0086 0x1340 HidBth - ok
08:01:29.0102 0x1340 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
08:01:29.0102 0x1340 hidi2c - ok
08:01:29.0102 0x1340 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
08:01:29.0117 0x1340 HidIr - ok
08:01:29.0117 0x1340 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll
08:01:29.0117 0x1340 hidserv - ok
08:01:29.0133 0x1340 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
08:01:29.0133 0x1340 HidUsb - ok
08:01:29.0133 0x1340 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:01:29.0149 0x1340 hkmsvc - ok
08:01:29.0164 0x1340 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:01:29.0164 0x1340 HomeGroupListener - ok
08:01:29.0180 0x1340 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:01:29.0196 0x1340 HomeGroupProvider - ok
08:01:29.0211 0x1340 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:01:29.0211 0x1340 HpSAMD - ok
08:01:29.0242 0x1340 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:01:29.0258 0x1340 HTTP - ok
08:01:29.0274 0x1340 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:01:29.0274 0x1340 hwpolicy - ok
08:01:29.0274 0x1340 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
08:01:29.0289 0x1340 hyperkbd - ok
08:01:29.0289 0x1340 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
08:01:29.0289 0x1340 HyperVideo - ok
08:01:29.0305 0x1340 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
08:01:29.0305 0x1340 i8042prt - ok
08:01:29.0305 0x1340 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
08:01:29.0321 0x1340 iaLPSSi_GPIO - ok
08:01:29.0321 0x1340 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
08:01:29.0321 0x1340 iaLPSSi_I2C - ok
08:01:29.0336 0x1340 [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
08:01:29.0352 0x1340 iaStorA - ok
08:01:29.0367 0x1340 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
08:01:29.0383 0x1340 iaStorAV - ok
08:01:29.0399 0x1340 [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
08:01:29.0399 0x1340 IAStorDataMgrSvc - ok
08:01:29.0414 0x1340 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:01:29.0430 0x1340 iaStorV - ok
08:01:29.0430 0x1340 [ E681C3C3D2EFD03F86EAF3CAAEFF6A05, 8416CAB4CC428A8841B2865472F5FFC6AF39588D6B96113090569639752225AB ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
08:01:29.0430 0x1340 ibtusb - ok
08:01:29.0446 0x1340 IEEtwCollectorService - ok
08:01:29.0524 0x1340 [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:01:29.0602 0x1340 igfx - ok
08:01:29.0617 0x1340 [ 9CD9723D813232FFFFFBC82BC8EDA77E, EE465ADE4BB4594305AC4D9B0856AE9C0FCA981F80EAD400354F50F555446B4D ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
08:01:29.0617 0x1340 igfxCUIService1.0.0.0 - ok
08:01:29.0649 0x1340 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\Windows\System32\ikeext.dll
08:01:29.0664 0x1340 IKEEXT - ok
08:01:29.0758 0x1340 [ D2B1DA73B6E8769A1BE1A55693B7F1B3, FE26FEAD6A45E4596A7CA9689B66511C4BCB4686A1914505257648DCE048CA26 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:01:29.0836 0x1340 IntcAzAudAddService - ok
08:01:29.0852 0x1340 [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
08:01:29.0867 0x1340 IntcDAud - ok
08:01:29.0883 0x1340 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
08:01:29.0899 0x1340 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
08:01:32.0290 0x1340 Detect skipped due to KSN trusted
08:01:32.0290 0x1340 Intel(R) Capability Licensing Service Interface - ok
08:01:32.0336 0x1340 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
08:01:32.0352 0x1340 Intel(R) Capability Licensing Service TCP IP Interface - ok
08:01:32.0368 0x1340 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
08:01:32.0368 0x1340 Intel(R) ME Service - ok
08:01:32.0368 0x1340 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
08:01:32.0383 0x1340 intelide - ok
08:01:32.0383 0x1340 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
08:01:32.0383 0x1340 intelpep - ok
08:01:32.0399 0x1340 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
08:01:32.0399 0x1340 intelppm - ok
08:01:32.0414 0x1340 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:01:32.0414 0x1340 IpFilterDriver - ok
08:01:32.0446 0x1340 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:01:32.0461 0x1340 iphlpsvc - ok
08:01:32.0461 0x1340 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
08:01:32.0477 0x1340 IPMIDRV - ok
08:01:32.0477 0x1340 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:01:32.0493 0x1340 IPNAT - ok
08:01:32.0508 0x1340 [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:01:32.0508 0x1340 iPod Service - ok
08:01:32.0524 0x1340 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:01:32.0524 0x1340 IRENUM - ok
08:01:32.0524 0x1340 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:01:32.0539 0x1340 isapnp - ok
08:01:32.0555 0x1340 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
08:01:32.0555 0x1340 iScsiPrt - ok
08:01:32.0555 0x1340 [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
08:01:32.0571 0x1340 iwdbus - ok
08:01:32.0571 0x1340 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
08:01:32.0586 0x1340 jhi_service - ok
08:01:32.0586 0x1340 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
08:01:32.0586 0x1340 kbdclass - ok
08:01:32.0586 0x1340 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
08:01:32.0602 0x1340 kbdhid - ok
08:01:32.0602 0x1340 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
08:01:32.0618 0x1340 kdnic - ok
08:01:32.0618 0x1340 [ EB62EE6D52F0D6B76256DBE71C07E26F, D92F2D9B1779DC52918CB5D9F212F62F62E40F7EBB81A865F090B071BE69DE77 ] Ke2200 C:\Windows\system32\DRIVERS\e22w8x64.sys
08:01:32.0618 0x1340 Ke2200 - ok
08:01:32.0633 0x1340 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe
08:01:32.0633 0x1340 KeyIso - ok
08:01:32.0649 0x1340 [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
08:01:32.0665 0x1340 kl1 - ok
08:01:32.0665 0x1340 [ 37D7CBA1797D1FA2490089DA0CFF6ADA, 52CFFD075497C480291C8B816E7D56C055CCE5DA57BCA9CD6123CA9C79757C5D ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
08:01:32.0665 0x1340 kldisk - ok
08:01:32.0665 0x1340 [ F2EB9202FCCC81E0902D3C5A70037A44, 9554851BB68228500E69536B0C484B32FC92B85A76A7F1F268549212D0D5CFCA ] klelam C:\Windows\system32\DRIVERS\klelam.sys
08:01:32.0680 0x1340 klelam - ok
08:01:32.0680 0x1340 [ 17BCA7231808182F89154B53CA006F20, 7E836029E47B97ABC363A66F0E0986C0E13094BC59A300B7207225A9830298FE ] klflt C:\Windows\system32\DRIVERS\klflt.sys
08:01:32.0680 0x1340 klflt - ok
08:01:32.0696 0x1340 [ D65DBBAD177325E3EE2B7BC8FE5EB1D0, 7DC61EA88AE26C64BCE0EC5F0EDD4585C23BAC170D86800BA246C1F9BAD33618 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
08:01:32.0711 0x1340 klhk - ok
08:01:32.0727 0x1340 [ 5753267AE3DEE1D6B9187EC6B8C55799, 5B8C53F11D6E1C794E9F8DBD1E945C575C5EA8FF94373D4D0078F22527A32040 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
08:01:32.0743 0x1340 KLIF - ok
08:01:32.0743 0x1340 [ 753BFA638ACE05983D4C64988CC13926, FE0D2604AE845D9AC35C793E1E0523BFF7FCA396183D7FED005E4CDF29381252 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
08:01:32.0743 0x1340 KLIM6 - ok
08:01:32.0758 0x1340 [ 37ADA02E498051A4D533F21096789597, 569D0D29C509695C5136D5039AACAF3CAD70FA92AB3F7FE92B6F58C0C691F3F6 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
08:01:32.0758 0x1340 klkbdflt - ok
08:01:32.0758 0x1340 klkbdflt2 - ok
08:01:32.0758 0x1340 [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
08:01:32.0774 0x1340 klmouflt - ok
08:01:32.0774 0x1340 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
08:01:32.0774 0x1340 klpd - ok
08:01:32.0774 0x1340 [ 04E01889D895C1321EE28BE80F7C1B0F, 85A1A3F96291E77AF8DD49DD1DF6AC550CA5BD4A585D7C0A0DBB5C11F87F0218 ] klwfp C:\Windows\system32\DRIVERS\klwfp.sys
08:01:32.0789 0x1340 klwfp - ok
08:01:32.0789 0x1340 [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
08:01:32.0789 0x1340 Klwtp - ok
08:01:32.0805 0x1340 [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
08:01:32.0805 0x1340 kneps - ok
08:01:32.0821 0x1340 [ 00060003E6161944A9963FA9F24102BC, 9FB85A6542F8B17504A40798727266C5F618B09D74963747F06EAF80AE13ECDE ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
08:01:32.0836 0x1340 Kodak AiO Network Discovery Service - ok
08:01:32.0852 0x1340 [ 60301F8FDF519FFEC307A686209C33BE, B9A31478707B518967A6200813DCBD4DE03824FBFAB6E35D4FA4DA783FD6305A ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
08:01:32.0883 0x1340 Kodak AiO Status Monitor Service - ok
08:01:32.0899 0x1340 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:01:32.0899 0x1340 KSecDD - ok
08:01:32.0915 0x1340 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:01:32.0915 0x1340 KSecPkg - ok
08:01:32.0915 0x1340 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:01:32.0930 0x1340 ksthunk - ok
08:01:32.0946 0x1340 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll
08:01:32.0946 0x1340 KtmRm - ok
08:01:32.0962 0x1340 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\Windows\system32\srvsvc.dll
08:01:32.0977 0x1340 LanmanServer - ok
08:01:32.0993 0x1340 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:01:32.0993 0x1340 LanmanWorkstation - ok
08:01:33.0008 0x1340 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
08:01:33.0024 0x1340 lfsvc - ok
08:01:33.0040 0x1340 [ B658B7076B1ACAA5876524595630F183, 3B800B81D0966C2B988857847F35FCA5BB446B368063B10094FB4483A1508B8E ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
08:01:33.0040 0x1340 lirsgt - detected UnsignedFile.Multi.Generic ( 1 )
08:01:35.0415 0x1340 Detect skipped due to KSN trusted
08:01:35.0415 0x1340 lirsgt - ok
08:01:35.0415 0x1340 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:01:35.0446 0x1340 lltdio - ok
08:01:35.0462 0x1340 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:01:35.0478 0x1340 lltdsvc - ok
08:01:35.0478 0x1340 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:01:35.0493 0x1340 lmhosts - ok
08:01:35.0509 0x1340 [ E2952760B05A256FB1412D20A41C89C1, B5AF47DF90D5DC8E6549DE1AFF897669E8200D08083D43DF86E34F6EE19C59DA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:01:35.0509 0x1340 LMS - ok
08:01:35.0525 0x1340 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:01:35.0525 0x1340 LSI_SAS - ok
08:01:35.0525 0x1340 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:01:35.0540 0x1340 LSI_SAS2 - ok
08:01:35.0540 0x1340 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
08:01:35.0556 0x1340 LSI_SAS3 - ok
08:01:35.0556 0x1340 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
08:01:35.0556 0x1340 LSI_SSS - ok
08:01:35.0587 0x1340 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\Windows\System32\lsm.dll
08:01:35.0603 0x1340 LSM - ok
08:01:35.0603 0x1340 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
08:01:35.0618 0x1340 luafv - ok
08:01:35.0618 0x1340 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
08:01:35.0618 0x1340 MBfilt - ok
08:01:35.0618 0x1340 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
08:01:35.0634 0x1340 megasas - ok
08:01:35.0650 0x1340 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
08:01:35.0665 0x1340 megasr - ok
08:01:35.0665 0x1340 [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
08:01:35.0681 0x1340 MEIx64 - ok
08:01:35.0681 0x1340 [ 71C6748EE8DE938532057EF10B4B7E44, 455175332156939B3CDA4511A2A6C213ABBFDB85EEECA98B6AB014C994F532C4 ] Micro Star SCM C:\Program Files (x86)\SCM\MSIService.exe
08:01:35.0681 0x1340 Micro Star SCM - detected UnsignedFile.Multi.Generic ( 1 )
08:01:38.0088 0x1340 Detect skipped due to KSN trusted
08:01:38.0088 0x1340 Micro Star SCM - ok
08:01:38.0103 0x1340 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll
08:01:38.0119 0x1340 MMCSS - ok
08:01:38.0135 0x1340 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
08:01:38.0150 0x1340 Modem - ok
08:01:38.0150 0x1340 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
08:01:38.0150 0x1340 monitor - ok
08:01:38.0150 0x1340 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\Windows\System32\drivers\mouclass.sys
08:01:38.0166 0x1340 mouclass - ok
08:01:38.0166 0x1340 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\Windows\System32\drivers\mouhid.sys
08:01:38.0181 0x1340 mouhid - ok
08:01:38.0181 0x1340 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:01:38.0181 0x1340 mountmgr - ok
08:01:38.0197 0x1340 [ A162D258A73516324DA7D7D44D04F1A9, 3F7F30CB2AFF1707FB592F8DF274AFB32B025BBA95F7442742760224F6D17C7B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:01:38.0197 0x1340 MozillaMaintenance - ok
08:01:38.0213 0x1340 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:01:38.0213 0x1340 mpsdrv - ok
08:01:38.0244 0x1340 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:01:38.0260 0x1340 MpsSvc - ok
08:01:38.0275 0x1340 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:01:38.0275 0x1340 MRxDAV - ok
08:01:38.0291 0x1340 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:01:38.0306 0x1340 mrxsmb - ok
08:01:38.0306 0x1340 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:01:38.0322 0x1340 mrxsmb10 - ok
08:01:38.0322 0x1340 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:01:38.0338 0x1340 mrxsmb20 - ok
08:01:38.0338 0x1340 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
08:01:38.0353 0x1340 MsBridge - ok
08:01:38.0353 0x1340 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe
08:01:38.0369 0x1340 MSDTC - ok
08:01:38.0369 0x1340 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:01:38.0385 0x1340 Msfs - ok
08:01:38.0385 0x1340 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
08:01:38.0385 0x1340 msgpiowin32 - ok
08:01:38.0385 0x1340 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:01:38.0400 0x1340 mshidkmdf - ok
08:01:38.0400 0x1340 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
08:01:38.0400 0x1340 mshidumdf - ok
08:01:38.0416 0x1340 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:01:38.0416 0x1340 msisadrv - ok
08:01:38.0416 0x1340 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:01:38.0431 0x1340 MSiSCSI - ok
08:01:38.0431 0x1340 msiserver - ok
08:01:38.0431 0x1340 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:01:38.0447 0x1340 MSKSSRV - ok
08:01:38.0447 0x1340 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
08:01:38.0447 0x1340 MsLldp - ok
08:01:38.0463 0x1340 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:01:38.0463 0x1340 MSPCLOCK - ok
08:01:38.0463 0x1340 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:01:38.0478 0x1340 MSPQM - ok
08:01:38.0478 0x1340 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:01:38.0494 0x1340 MsRPC - ok
08:01:38.0494 0x1340 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
08:01:38.0510 0x1340 mssmbios - ok
08:01:38.0510 0x1340 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:01:38.0510 0x1340 MSTEE - ok
08:01:38.0525 0x1340 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
08:01:38.0525 0x1340 MTConfig - ok
08:01:38.0525 0x1340 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
08:01:38.0541 0x1340 Mup - ok
08:01:38.0541 0x1340 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
08:01:38.0541 0x1340 mvumis - ok
08:01:38.0556 0x1340 [ FCDCFEDAF3C1D61DE11FA0DE9453699C, 4E79F1040E62B0DEE00F3035DBFE5241A459FE4C1A46337FF13A25FF8C5A64A5 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
08:01:38.0556 0x1340 MyWiFiDHCPDNS - ok
08:01:38.0572 0x1340 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll
08:01:38.0588 0x1340 napagent - ok
08:01:38.0603 0x1340 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:01:38.0619 0x1340 NativeWifiP - ok
08:01:38.0619 0x1340 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll
08:01:38.0635 0x1340 NcaSvc - ok
08:01:38.0650 0x1340 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll
08:01:38.0650 0x1340 NcbService - ok
08:01:38.0650 0x1340 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
08:01:38.0666 0x1340 NcdAutoSetup - ok
08:01:38.0697 0x1340 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:01:38.0744 0x1340 NDIS - ok
08:01:38.0744 0x1340 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:01:38.0760 0x1340 NdisCap - ok
08:01:38.0760 0x1340 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
08:01:38.0775 0x1340 NdisImPlatform - ok
08:01:38.0775 0x1340 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:01:38.0775 0x1340 NdisTapi - ok
08:01:38.0791 0x1340 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:01:38.0791 0x1340 Ndisuio - ok
08:01:38.0791 0x1340 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
08:01:38.0806 0x1340 NdisVirtualBus - ok
08:01:38.0806 0x1340 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:01:38.0822 0x1340 NdisWan - ok
08:01:38.0822 0x1340 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
08:01:38.0838 0x1340 NdisWanLegacy - ok
08:01:38.0838 0x1340 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:01:38.0853 0x1340 NDProxy - ok
08:01:38.0853 0x1340 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys
08:01:38.0869 0x1340 Ndu - ok
08:01:38.0869 0x1340 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:01:38.0885 0x1340 NetBIOS - ok
08:01:38.0885 0x1340 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:01:38.0900 0x1340 NetBT - ok
08:01:38.0900 0x1340 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe
08:01:38.0916 0x1340 Netlogon - ok
08:01:38.0916 0x1340 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll
08:01:38.0931 0x1340 Netman - ok
08:01:38.0947 0x1340 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll
08:01:38.0963 0x1340 netprofm - ok
08:01:38.0978 0x1340 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:01:38.0978 0x1340 NetTcpPortSharing - ok
08:01:38.0978 0x1340 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys
08:01:38.0994 0x1340 netvsc - ok
08:01:39.0072 0x1340 [ B6EDB4D2BA55CA06FF679FA4B885B1F4, 3A5E509B52216DEFBEDE2CA35C77A2AB8114E41D702765F6712DD8D24B394826 ] NETwNb64 C:\Windows\system32\DRIVERS\NETwbw02.sys
08:01:39.0119 0x1340 NETwNb64 - ok
08:01:39.0135 0x1340 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
08:01:39.0150 0x1340 NlaSvc - ok
08:01:39.0150 0x1340 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:01:39.0166 0x1340 Npfs - ok
08:01:39.0166 0x1340 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
08:01:39.0182 0x1340 npsvctrig - ok
08:01:39.0182 0x1340 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll
08:01:39.0182 0x1340 nsi - ok
08:01:39.0197 0x1340 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:01:39.0197 0x1340 nsiproxy - ok
08:01:39.0244 0x1340 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:01:39.0291 0x1340 Ntfs - ok
08:01:39.0291 0x1340 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
08:01:39.0291 0x1340 Null - ok
08:01:39.0525 0x1340 [ 7F58A8A5F208557F1FF8D7F45D5811DB, D9999DAD9BBBC907C8633AD08D90E40D861E9941A74CCF3C6183C9E220FEA0E9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:01:39.0682 0x1340 nvlddmkm - ok
08:01:39.0729 0x1340 [ EC4F787905DC5753C46A4C05CEBADF45, 334E7E277A6FDABD91108DC4FE0D861DE6C00616CCFDC5E2D390CDDED62AF5D5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
08:01:39.0760 0x1340 NvNetworkService - ok
08:01:39.0760 0x1340 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:01:39.0775 0x1340 nvraid - ok
08:01:39.0775 0x1340 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:01:39.0791 0x1340 nvstor - ok
08:01:39.0791 0x1340 [ D92F4ED189C8207D0274B8B6BB494892, 8F7656662D3F26BE51AED9B7368278B18915F98A627E70021F914016BF3E22DB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
08:01:39.0791 0x1340 NvStreamKms - ok
08:01:39.0791 0x1340 NvStreamSvc - ok
08:01:39.0822 0x1340 [ 806069C408AE736E2182D2FF6C2FA8EE, 9C2D2309C4F4135772C53C10C7442BCA362657B062177B20C2F00DC2137E8362 ] nvsvc C:\Windows\system32\nvvsvc.exe
08:01:39.0838 0x1340 nvsvc - ok
08:01:39.0838 0x1340 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
08:01:39.0838 0x1340 nvvad_WaveExtensible - ok
08:01:39.0853 0x1340 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:01:39.0853 0x1340 nv_agp - ok
08:01:39.0869 0x1340 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:01:39.0885 0x1340 p2pimsvc - ok
08:01:39.0900 0x1340 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll
08:01:39.0916 0x1340 p2psvc - ok
08:01:39.0916 0x1340 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
08:01:39.0916 0x1340 Parport - ok
08:01:39.0932 0x1340 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:01:39.0932 0x1340 partmgr - ok
08:01:39.0947 0x1340 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:01:39.0963 0x1340 PcaSvc - ok
08:01:39.0979 0x1340 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
08:01:39.0979 0x1340 pci - ok
08:01:39.0979 0x1340 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
08:01:39.0994 0x1340 pciide - ok
08:01:39.0994 0x1340 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:01:40.0010 0x1340 pcmcia - ok
08:01:40.0010 0x1340 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
08:01:40.0010 0x1340 pcw - ok
08:01:40.0025 0x1340 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
08:01:40.0025 0x1340 pdc - ok
08:01:40.0041 0x1340 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:01:40.0057 0x1340 PEAUTH - ok
08:01:40.0072 0x1340 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:01:40.0088 0x1340 PerfHost - ok
08:01:40.0166 0x1340 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll
08:01:40.0197 0x1340 pla - ok
08:01:40.0197 0x1340 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:01:40.0213 0x1340 PlugPlay - ok
08:01:40.0213 0x1340 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:01:40.0213 0x1340 PNRPAutoReg - ok
08:01:40.0228 0x1340 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:01:40.0244 0x1340 PNRPsvc - ok
08:01:40.0260 0x1340 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:01:40.0260 0x1340 PolicyAgent - ok
08:01:40.0275 0x1340 postgresql-x64-9.0 - ok
08:01:40.0275 0x1340 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll
08:01:40.0291 0x1340 Power - ok
08:01:40.0369 0x1340 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
08:01:40.0416 0x1340 PrintNotify - ok
08:01:40.0416 0x1340 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
08:01:40.0432 0x1340 Processor - ok
08:01:40.0432 0x1340 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\Windows\system32\profsvc.dll
08:01:40.0447 0x1340 ProfSvc - ok
08:01:40.0463 0x1340 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:01:40.0463 0x1340 Psched - ok
08:01:40.0479 0x1340 [ AC64125A02ACC62B064EAD6EE4920D54, 04623CD0C6DF28892C499B54964B88765BD6A1F48CFC453DA1011A169D4B82D1 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
08:01:40.0479 0x1340 Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
08:01:42.0932 0x1340 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - warning
08:01:45.0339 0x1340 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll
08:01:45.0370 0x1340 QWAVE - ok
08:01:45.0370 0x1340 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:01:45.0385 0x1340 QWAVEdrv - ok
08:01:45.0385 0x1340 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:01:45.0401 0x1340 RasAcd - ok
08:01:45.0401 0x1340 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll
08:01:45.0417 0x1340 RasAuto - ok
08:01:45.0432 0x1340 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\Windows\System32\rasmans.dll
08:01:45.0448 0x1340 RasMan - ok
08:01:45.0448 0x1340 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:01:45.0464 0x1340 RasPppoe - ok
08:01:45.0479 0x1340 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:01:45.0479 0x1340 rdbss - ok
08:01:45.0495 0x1340 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
08:01:45.0495 0x1340 rdpbus - ok
08:01:45.0495 0x1340 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
08:01:45.0510 0x1340 RDPDR - ok
08:01:45.0510 0x1340 [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:01:45.0526 0x1340 RdpVideoMiniport - ok
08:01:45.0542 0x1340 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:01:45.0542 0x1340 rdyboost - ok
08:01:45.0573 0x1340 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\Windows\system32\drivers\ReFS.sys
08:01:45.0589 0x1340 ReFS - ok
08:01:45.0604 0x1340 [ 5B1F724CBCA8E08DC9D4C158C9BC1C1C, D5B170CF4B5420213130E151AFBBD9B84C5F7E710F5F67066E07095DEC1BD4B9 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
08:01:45.0604 0x1340 RegSrvc - ok
08:01:45.0620 0x1340 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:01:45.0620 0x1340 RemoteAccess - ok
08:01:45.0635 0x1340 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:01:45.0651 0x1340 RemoteRegistry - ok
08:01:45.0651 0x1340 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
08:01:45.0667 0x1340 RFCOMM - ok
08:01:45.0667 0x1340 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:01:45.0682 0x1340 RpcEptMapper - ok
08:01:45.0682 0x1340 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe
08:01:45.0682 0x1340 RpcLocator - ok
08:01:45.0698 0x1340 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\Windows\system32\rpcss.dll
08:01:45.0729 0x1340 RpcSs - ok
08:01:45.0729 0x1340 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:01:45.0729 0x1340 rspndr - ok
08:01:45.0745 0x1340 [ D82269634BA995825E5D9166B35F8184, D81B6BE3BA0C1CCB1B89974BE24E02536DF63091871D55F5EF34C689EBEB7D7E ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys
08:01:45.0760 0x1340 RTSPER - ok
08:01:45.0760 0x1340 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
08:01:45.0776 0x1340 s3cap - ok
08:01:45.0776 0x1340 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe
08:01:45.0776 0x1340 SamSs - ok
08:01:45.0792 0x1340 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:01:45.0792 0x1340 sbp2port - ok
08:01:45.0807 0x1340 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:01:45.0807 0x1340 SCardSvr - ok
08:01:45.0823 0x1340 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
08:01:45.0823 0x1340 ScDeviceEnum - ok
08:01:45.0839 0x1340 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:01:45.0839 0x1340 scfilter - ok
08:01:45.0870 0x1340 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\Windows\system32\schedsvc.dll
08:01:45.0901 0x1340 Schedule - ok
08:01:45.0901 0x1340 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:01:45.0917 0x1340 SCPolicySvc - ok
08:01:45.0917 0x1340 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\Windows\System32\drivers\sdbus.sys
08:01:45.0932 0x1340 sdbus - ok
08:01:45.0932 0x1340 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
08:01:45.0948 0x1340 sdstor - ok
08:01:45.0948 0x1340 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:01:45.0948 0x1340 secdrv - ok
08:01:45.0948 0x1340 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll
08:01:45.0964 0x1340 seclogon - ok
08:01:45.0964 0x1340 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll
08:01:45.0979 0x1340 SENS - ok
08:01:45.0995 0x1340 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:01:45.0995 0x1340 SensrSvc - ok
08:01:46.0010 0x1340 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
08:01:46.0010 0x1340 SerCx - ok
08:01:46.0026 0x1340 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
08:01:46.0026 0x1340 SerCx2 - ok
08:01:46.0026 0x1340 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
08:01:46.0042 0x1340 Serenum - ok
08:01:46.0042 0x1340 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
08:01:46.0042 0x1340 Serial - ok
08:01:46.0057 0x1340 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\Windows\System32\drivers\sermouse.sys
08:01:46.0057 0x1340 sermouse - ok
08:01:46.0073 0x1340 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\Windows\system32\sessenv.dll
08:01:46.0089 0x1340 SessionEnv - ok
08:01:46.0089 0x1340 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
08:01:46.0089 0x1340 sfloppy - ok
08:01:46.0104 0x1340 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:01:46.0120 0x1340 SharedAccess - ok
08:01:46.0136 0x1340 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:01:46.0151 0x1340 ShellHWDetection - ok
08:01:46.0167 0x1340 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:01:46.0167 0x1340 SiSRaid2 - ok
08:01:46.0167 0x1340 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:01:46.0182 0x1340 SiSRaid4 - ok
08:01:46.0182 0x1340 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:01:46.0198 0x1340 SkypeUpdate - ok
08:01:46.0198 0x1340 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll
08:01:46.0214 0x1340 smphost - ok
08:01:46.0214 0x1340 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:01:46.0229 0x1340 SNMPTRAP - ok
08:01:46.0245 0x1340 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\Windows\system32\drivers\spaceport.sys
08:01:46.0245 0x1340 spaceport - ok
08:01:46.0261 0x1340 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
08:01:46.0261 0x1340 SpbCx - ok
08:01:46.0292 0x1340 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\Windows\System32\spoolsv.exe
08:01:46.0307 0x1340 Spooler - ok
08:01:46.0495 0x1340 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
08:01:46.0620 0x1340 sppsvc - ok
08:01:46.0636 0x1340 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:01:46.0651 0x1340 srv - ok
08:01:46.0682 0x1340 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:01:46.0698 0x1340 srv2 - ok
08:01:46.0714 0x1340 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:01:46.0729 0x1340 srvnet - ok
08:01:46.0729 0x1340 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:01:46.0745 0x1340 SSDPSRV - ok
08:01:46.0745 0x1340 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:01:46.0761 0x1340 SstpSvc - ok
08:01:46.0776 0x1340 [ BE826A247D22F2FDF24B92AD40049F89, 06996ECCE5A694DEFDC99DB56F45DD0ABD9A2150581F1FD132FBBD863C474DE3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
08:01:46.0792 0x1340 Steam Client Service - ok
08:01:46.0792 0x1340 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:01:46.0807 0x1340 stexstor - ok
08:01:46.0823 0x1340 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll
08:01:46.0839 0x1340 stisvc - ok
08:01:46.0839 0x1340 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
08:01:46.0854 0x1340 storahci - ok
08:01:46.0854 0x1340 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
08:01:46.0870 0x1340 storflt - ok
08:01:46.0870 0x1340 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
08:01:46.0870 0x1340 stornvme - ok
08:01:46.0870 0x1340 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll
08:01:46.0886 0x1340 StorSvc - ok
08:01:46.0886 0x1340 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
08:01:46.0901 0x1340 storvsc - ok
08:01:46.0901 0x1340 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll
08:01:46.0901 0x1340 svsvc - ok
08:01:46.0917 0x1340 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys
08:01:46.0917 0x1340 swenum - ok
08:01:46.0932 0x1340 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\Windows\System32\swprv.dll
08:01:46.0948 0x1340 swprv - ok
08:01:46.0995 0x1340 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\Windows\system32\sysmain.dll
08:01:47.0011 0x1340 SysMain - ok
08:01:47.0026 0x1340 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
08:01:47.0042 0x1340 SystemEventsBroker - ok
08:01:47.0042 0x1340 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
08:01:47.0042 0x1340 TabletInputService - ok
08:01:47.0057 0x1340 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:01:47.0073 0x1340 TapiSrv - ok
08:01:47.0120 0x1340 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:01:47.0167 0x1340 Tcpip - ok
08:01:47.0229 0x1340 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:01:47.0276 0x1340 TCPIP6 - ok
08:01:47.0276 0x1340 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:01:47.0292 0x1340 tcpipreg - ok
08:01:47.0292 0x1340 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:01:47.0307 0x1340 tdx - ok
08:01:47.0307 0x1340 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
08:01:47.0323 0x1340 terminpt - ok
08:01:47.0339 0x1340 [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\Windows\System32\termsrv.dll
08:01:47.0370 0x1340 TermService - ok
08:01:47.0370 0x1340 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll
08:01:47.0386 0x1340 Themes - ok
08:01:47.0386 0x1340 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll
08:01:47.0401 0x1340 THREADORDER - ok
08:01:47.0401 0x1340 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
08:01:47.0417 0x1340 TimeBroker - ok
08:01:47.0432 0x1340 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
08:01:47.0432 0x1340 TPM - ok
08:01:47.0448 0x1340 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll
08:01:47.0448 0x1340 TrkWks - ok
08:01:47.0448 0x1340 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:01:47.0464 0x1340 TrustedInstaller - ok
08:01:47.0464 0x1340 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:01:47.0479 0x1340 TsUsbFlt - ok
08:01:47.0479 0x1340 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
08:01:47.0479 0x1340 TsUsbGD - ok
08:01:47.0495 0x1340 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:01:47.0495 0x1340 tunnel - ok
08:01:47.0511 0x1340 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:01:47.0511 0x1340 uagp35 - ok
08:01:47.0511 0x1340 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
08:01:47.0526 0x1340 UASPStor - ok
08:01:47.0526 0x1340 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
08:01:47.0542 0x1340 UCX01000 - ok
08:01:47.0557 0x1340 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:01:47.0573 0x1340 udfs - ok
08:01:47.0573 0x1340 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
08:01:47.0573 0x1340 UEFI - ok
08:01:47.0573 0x1340 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:01:47.0589 0x1340 UI0Detect - ok
08:01:47.0589 0x1340 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:01:47.0604 0x1340 uliagpkx - ok
08:01:47.0604 0x1340 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
08:01:47.0604 0x1340 umbus - ok
08:01:47.0620 0x1340 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
08:01:47.0620 0x1340 UmPass - ok
08:01:47.0620 0x1340 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll
08:01:47.0636 0x1340 UmRdpService - ok
08:01:47.0651 0x1340 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll
08:01:47.0667 0x1340 upnphost - ok
08:01:47.0667 0x1340 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
08:01:47.0682 0x1340 USBAAPL64 - ok
08:01:47.0682 0x1340 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:01:47.0698 0x1340 usbaudio - ok
08:01:47.0698 0x1340 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
08:01:47.0714 0x1340 usbccgp - ok
08:01:47.0714 0x1340 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys
08:01:47.0729 0x1340 usbcir - ok
08:01:47.0729 0x1340 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
08:01:47.0729 0x1340 usbehci - ok
08:01:47.0745 0x1340 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
08:01:47.0761 0x1340 usbhub - ok
08:01:47.0776 0x1340 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
08:01:47.0792 0x1340 USBHUB3 - ok
08:01:47.0792 0x1340 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
08:01:47.0792 0x1340 usbohci - ok
08:01:47.0807 0x1340 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
08:01:47.0807 0x1340 usbprint - ok
08:01:47.0823 0x1340 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
08:01:47.0823 0x1340 USBSTOR - ok
08:01:47.0823 0x1340 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
08:01:47.0839 0x1340 usbuhci - ok
08:01:47.0839 0x1340 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
08:01:47.0854 0x1340 usbvideo - ok
08:01:47.0870 0x1340 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
08:01:47.0870 0x1340 USBXHCI - ok
08:01:47.0870 0x1340 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe
08:01:47.0886 0x1340 VaultSvc - ok
08:01:47.0886 0x1340 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:01:47.0901 0x1340 vdrvroot - ok
08:01:47.0932 0x1340 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\Windows\System32\vds.exe
08:01:47.0948 0x1340 vds - ok
08:01:47.0964 0x1340 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
08:01:47.0964 0x1340 VerifierExt - ok
08:01:47.0979 0x1340 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
08:01:47.0995 0x1340 vhdmp - ok
08:01:48.0011 0x1340 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
08:01:48.0011 0x1340 viaide - ok
08:01:48.0011 0x1340 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys
08:01:48.0026 0x1340 vmbus - ok
08:01:48.0026 0x1340 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
08:01:48.0026 0x1340 VMBusHID - ok
08:01:48.0042 0x1340 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
08:01:48.0058 0x1340 vmicguestinterface - ok
08:01:48.0073 0x1340 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
08:01:48.0089 0x1340 vmicheartbeat - ok
08:01:48.0105 0x1340 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
08:01:48.0120 0x1340 vmickvpexchange - ok
08:01:48.0136 0x1340 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll
08:01:48.0151 0x1340 vmicrdv - ok
08:01:48.0167 0x1340 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll
08:01:48.0183 0x1340 vmicshutdown - ok
08:01:48.0198 0x1340 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll
08:01:48.0214 0x1340 vmictimesync - ok
08:01:48.0229 0x1340 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll
08:01:48.0245 0x1340 vmicvss - ok
08:01:48.0245 0x1340 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:01:48.0245 0x1340 volmgr - ok
08:01:48.0261 0x1340 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:01:48.0276 0x1340 volmgrx - ok
08:01:48.0292 0x1340 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:01:48.0292 0x1340 volsnap - ok
08:01:48.0308 0x1340 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys
08:01:48.0308 0x1340 vpci - ok
08:01:48.0323 0x1340 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:01:48.0323 0x1340 vsmraid - ok
08:01:48.0354 0x1340 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\Windows\system32\vssvc.exe
08:01:48.0386 0x1340 VSS - ok
08:01:48.0401 0x1340 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
08:01:48.0401 0x1340 VSTXRAID - ok
08:01:48.0401 0x1340 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
08:01:48.0417 0x1340 vwifibus - ok
08:01:48.0417 0x1340 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:01:48.0433 0x1340 vwififlt - ok
08:01:48.0433 0x1340 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
08:01:48.0433 0x1340 vwifimp - ok
08:01:48.0448 0x1340 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll
08:01:48.0464 0x1340 W32Time - ok
08:01:48.0464 0x1340 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
08:01:48.0479 0x1340 WacomPen - ok
08:01:48.0511 0x1340 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\Windows\system32\wbengine.exe
08:01:48.0542 0x1340 wbengine - ok
08:01:48.0558 0x1340 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:01:48.0573 0x1340 WbioSrvc - ok
08:01:48.0589 0x1340 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
08:01:48.0589 0x1340 Wcmsvc - ok
08:01:48.0604 0x1340 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:01:48.0620 0x1340 wcncsvc - ok
08:01:48.0620 0x1340 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:01:48.0636 0x1340 WcsPlugInService - ok
08:01:48.0636 0x1340 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
08:01:48.0651 0x1340 WdBoot - ok
08:01:48.0667 0x1340 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:01:48.0698 0x1340 Wdf01000 - ok
08:01:48.0714 0x1340 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
08:01:48.0730 0x1340 WdFilter - ok
08:01:48.0730 0x1340 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:01:48.0745 0x1340 WdiServiceHost - ok
08:01:48.0745 0x1340 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:01:48.0761 0x1340 WdiSystemHost - ok
08:01:48.0761 0x1340 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
08:01:48.0776 0x1340 WdNisDrv - ok
08:01:48.0776 0x1340 WdNisSvc - ok
08:01:48.0776 0x1340 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\Windows\System32\webclnt.dll
08:01:48.0792 0x1340 WebClient - ok
08:01:48.0808 0x1340 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll
08:01:48.0823 0x1340 Wecsvc - ok
08:01:48.0823 0x1340 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
08:01:48.0839 0x1340 WEPHOSTSVC - ok
08:01:48.0839 0x1340 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:01:48.0855 0x1340 wercplsupport - ok
08:01:48.0855 0x1340 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\Windows\System32\WerSvc.dll
08:01:48.0870 0x1340 WerSvc - ok
08:01:48.0870 0x1340 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
08:01:48.0886 0x1340 WFPLWFS - ok
08:01:48.0886 0x1340 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll
08:01:48.0901 0x1340 WiaRpc - ok
08:01:48.0901 0x1340 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:01:48.0901 0x1340 WIMMount - ok
08:01:48.0901 0x1340 WinDefend - ok
08:01:48.0933 0x1340 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
08:01:48.0948 0x1340 WinHttpAutoProxySvc - ok
08:01:48.0964 0x1340 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:01:48.0964 0x1340 Winmgmt - ok
08:01:49.0042 0x1340 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\Windows\system32\WsmSvc.dll
08:01:49.0073 0x1340 WinRM - ok
08:01:49.0089 0x1340 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:01:49.0089 0x1340 WinUsb - ok
08:01:49.0136 0x1340 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\Windows\System32\wlansvc.dll
08:01:49.0167 0x1340 WlanSvc - ok
08:01:49.0214 0x1340 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\Windows\system32\wlidsvc.dll
08:01:49.0245 0x1340 wlidsvc - ok
08:01:49.0245 0x1340 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
08:01:49.0245 0x1340 WmiAcpi - ok
08:01:49.0261 0x1340 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:01:49.0261 0x1340 wmiApSrv - ok
08:01:49.0261 0x1340 WMPNetworkSvc - ok
08:01:49.0276 0x1340 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
08:01:49.0276 0x1340 Wof - ok
08:01:49.0323 0x1340 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
08:01:49.0355 0x1340 workfolderssvc - ok
08:01:49.0355 0x1340 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
08:01:49.0370 0x1340 wpcfltr - ok
08:01:49.0370 0x1340 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:01:49.0370 0x1340 WPCSvc - ok
08:01:49.0386 0x1340 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:01:49.0386 0x1340 WPDBusEnum - ok
08:01:49.0386 0x1340 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
08:01:49.0401 0x1340 WpdUpFltr - ok
08:01:49.0401 0x1340 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:01:49.0417 0x1340 ws2ifsl - ok
08:01:49.0417 0x1340 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\Windows\System32\wscsvc.dll
08:01:49.0417 0x1340 wscsvc - ok
08:01:49.0433 0x1340 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
08:01:49.0433 0x1340 WSDPrintDevice - ok
08:01:49.0433 0x1340 [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
08:01:49.0448 0x1340 WSDScan - ok
08:01:49.0448 0x1340 WSearch - ok
08:01:49.0542 0x1340 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\Windows\System32\WSService.dll
08:01:49.0620 0x1340 WSService - ok
08:01:49.0730 0x1340 [ D24002EB2F4A8A04897703067E81CC5D, 03806198D26DD7BA3E27EFE0911B49E5B48CAD8A05EC4F56AF45CF1E3FAD6916 ] wuauserv C:\Windows\system32\wuaueng.dll
08:01:49.0792 0x1340 wuauserv - ok
08:01:49.0792 0x1340 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:01:49.0808 0x1340 WudfPf - ok
08:01:49.0808 0x1340 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
08:01:49.0823 0x1340 WUDFRd - ok
08:01:49.0823 0x1340 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:01:49.0839 0x1340 wudfsvc - ok
08:01:49.0839 0x1340 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
08:01:49.0855 0x1340 WUDFWpdFs - ok
08:01:49.0855 0x1340 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
08:01:49.0870 0x1340 WUDFWpdMtp - ok
08:01:49.0886 0x1340 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll
08:01:49.0901 0x1340 WwanSvc - ok
08:01:50.0041 0x1340 [ C4C5C3198C3261BEC89E6C3631047BAF, 78E5604B4B2A184B328C0669781DF11A35AFC04E7375CAB4DB9A48D74929137D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
08:01:50.0088 0x1340 ZeroConfigService - ok
08:01:50.0103 0x1340 ================ Scan global ===============================
08:01:50.0103 0x1340 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
08:01:50.0103 0x1340 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
08:01:50.0119 0x1340 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
08:01:50.0135 0x1340 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe
08:01:50.0135 0x1340 [ Global ] - ok
08:01:50.0135 0x1340 ================ Scan MBR ==================================
08:01:50.0135 0x1340 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:01:50.0197 0x1340 \Device\Harddisk0\DR0 - ok
08:01:50.0197 0x1340 ================ Scan VBR ==================================
08:01:50.0197 0x1340 [ 482D0703988CEF5AF47D26CC99947728 ] \Device\Harddisk0\DR0\Partition1
08:01:50.0197 0x1340 \Device\Harddisk0\DR0\Partition1 - ok
08:01:50.0197 0x1340 [ 053371BF2FC49CFB3C04F03D8C483280 ] \Device\Harddisk0\DR0\Partition2
08:01:50.0197 0x1340 \Device\Harddisk0\DR0\Partition2 - ok
08:01:50.0197 0x1340 ================ Scan generic autorun ======================
08:01:50.0213 0x1340 [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
08:01:50.0213 0x1340 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
08:01:52.0604 0x1340 Detect skipped due to KSN trusted
08:01:52.0604 0x1340 IAStorIcon - ok
08:01:52.0604 0x1340 Nvtmru - ok
08:01:52.0619 0x1340 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
08:01:52.0650 0x1340 ShadowPlay - ok
08:01:52.0650 0x1340 ETDCtrl - ok
08:01:52.0650 0x1340 BTMTrayAgent - ok
08:01:52.0666 0x1340 [ 690EB331346D7ADFDA18E50042DEA4B4, 0C219D7A5FCD4E0252C815373E67F843DBD7356FAE7AB836C451068B51438FE7 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
08:01:52.0666 0x1340 Classic Start Menu - detected UnsignedFile.Multi.Generic ( 1 )
08:01:55.0057 0x1340 Detect skipped due to KSN trusted
08:01:55.0057 0x1340 Classic Start Menu - ok
08:01:55.0088 0x1340 [ 815F6E3727453C978FFD721B2BDF48A5, E33A85E8EF80C662C84F705080585B35A899F8E588E8481D48538BA1224B5E57 ] C:\Program Files (x86)\SCM\Radio Manager.exe
08:01:55.0120 0x1340 Radio Manager - detected UnsignedFile.Multi.Generic ( 1 )
08:01:57.0589 0x1340 Detect skipped due to KSN trusted
08:01:57.0589 0x1340 Radio Manager - ok
08:01:57.0620 0x1340 [ 0123AE1BC462CD5F7321E0249B0379E1, 60BDE9BE24B541576F8C929B32C672E9079535FE63D8FAC9B7AD5A50474A515C ] C:\Program Files (x86)\SCM\SCM.exe
08:01:57.0651 0x1340 SCM - detected UnsignedFile.Multi.Generic ( 1 )
08:02:00.0027 0x1340 Detect skipped due to KSN trusted
08:02:00.0027 0x1340 SCM - ok
08:02:00.0105 0x1340 [ 1F441326CD77B3F1532D487004B180FF, FD2FE6EECE1EF99F800DAF7B0C825C94FACE4C6D5806A2335B4D3C41F1E87F7F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
08:02:00.0136 0x1340 NvBackend - ok
08:02:00.0495 0x1340 [ 6BCE148DE6670CFB44828B8497E089F6, 150899C8FCBF57BD61794638149D8C14738AB915CA4470E2B65E766BBE4CF171 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
08:02:00.0699 0x1340 RTHDVCPL - ok
08:02:00.0777 0x1340 [ 3895C05252E7EC7EE65973775B4548B0, 5F397496D01CF77202BC44A9AF1A82142257698F18E8FF0CC4358A3406F86C79 ] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
08:02:00.0808 0x1340 EKIJ5000StatusMonitor - ok
08:02:00.0808 0x1340 [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
08:02:00.0824 0x1340 iTunesHelper - ok
08:02:00.0824 0x1340 Conime - ok
08:02:00.0870 0x1340 [ 0BA95C4CD5C908CEDAD87036126E3AB1, AFABCB336EF36B928F5573785F9910EE16B4563C44CEE0662EA58F8E60F9E020 ] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
08:02:00.0917 0x1340 EKStatusMonitor - ok
08:02:00.0964 0x1340 [ 341ADA552AAC541FD34C262296C256EE, 32672460EDDD46550955508343904705D8F26E10F713E3CACDC84689567A9ECF ] C:\Program Files (x86)\Steam\steam.exe
08:02:01.0011 0x1340 Steam - ok
08:02:01.0011 0x1340 [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Nicolas Fischer\AppData\Local\Microsoft\BingSvc\BingSvc.exe
08:02:01.0027 0x1340 BingSvc - ok
08:02:01.0027 0x1340 Waiting for KSN requests completion. In queue: 7
08:02:02.0048 0x1340 Waiting for KSN requests completion. In queue: 7
08:02:03.0048 0x1340 Waiting for KSN requests completion. In queue: 7
08:02:04.0079 0x1340 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
08:02:04.0079 0x1340 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
08:02:04.0079 0x1340 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
08:02:06.0494 0x1340 ============================================================
08:02:06.0494 0x1340 Scan finished
08:02:06.0494 0x1340 ============================================================
08:02:06.0510 0x1ce0 Detected object count: 1
08:02:06.0510 0x1ce0 Actual detected object count: 1
08:03:00.0233 0x1ce0 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - skipped by user
08:03:00.0233 0x1ce0 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
08.06.2016, 08:44
| #5 |
| /// Malwareteam | Yahoo main.targo.12.com forward - fix pls Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
08.06.2016, 09:00
| #6 |
| | Yahoo main.targo.12.com forward - fix pls adw cleaner Code:
ATTFilter # AdwCleaner v5.119 - Bericht erstellt am 08/06/2016 um 09:57:51
# Aktualisiert am 30/05/2016 von Xplode
# Datenbank : 2016-06-07.1 [Server]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : Nicolas Fischer - ICHPUTZHIERNUR
# Gestartet von : C:\Users\Nicolas Fischer\Desktop\AdwCleaner_5.119.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [696 Bytes] - [08/06/2016 09:57:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [768 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 08.06.2016 Suchlaufzeit: 10:02 Protokolldatei: mwb.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.06.08.02 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Testversion Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Nicolas Fischer Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 365640 Abgelaufene Zeit: 5 Min., 50 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2016 durchgeführt von Nicolas Fischer (Administrator) auf ICHPUTZHIERNUR (08-06-2016 10:09:41) Gestartet von C:\Users\Nicolas Fischer\Desktop Geladene Profile: Nicolas Fischer & postgres (Verfügbare Profile: Nicolas Fischer & postgres) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (MSI) C:\Program Files (x86)\SCM\Radio Manager.exe (MSI) C:\Program Files (x86)\SCM\SCM.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (© 2015 Microsoft Corporation) C:\Users\Nicolas Fischer\AppData\Local\Microsoft\BingSvc\BingSvc.exe () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation) HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891568 2013-10-22] (ELAN Microelectronics Corp.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI) HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2014-10-23] (Realtek Semiconductor) HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2010-09-02] (Eastman Kodak Company) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company) HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Run: [BingSvc] => C:\Users\Nicolas Fischer\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-01-30] ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0B214128-2D4F-4448-BCA1-5BA7204A5458}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{339D7436-EB19-4428-BAAD-5E6E5A915937}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-727180478-3196343947-2561650278-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/ URLSearchHook: [S-1-5-21-727180478-3196343947-2561650278-1003] ACHTUNG => Standard URLSearchHook fehlt BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-12-08] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-12-08] (Oracle Corporation) BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft) BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-30] (Kaspersky Lab ZAO) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Nicolas Fischer\AppData\Roaming\Mozilla\Firefox\Profiles\xg8n5wnb.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] () FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-12-08] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-12-08] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation) FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-30] () FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-01-30] () FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-30] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-30] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-30] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-01-30] [ist nicht signiert] Chrome: ======= CHR HomePage: Profile 1 -> hxxp://www.google.com/ CHR StartupUrls: Profile 1 -> "hxxp://www.google.com/" CHR DefaultSearchURL: Profile 1 -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> bing.com CHR Profile: C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30] CHR Extension: (Google Docs) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30] CHR Extension: (Google Drive) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-30] CHR Extension: (YouTube) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30] CHR Extension: (Google-Suche) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30] CHR Extension: (Google Tabellen) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30] CHR Extension: (Norton Identity Protection) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-01-30] CHR Extension: (Google Wallet) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30] CHR Extension: (Google Mail) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30] CHR Profile: C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (ProxFlow) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-05-07] CHR Extension: (Google Präsentationen) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07] CHR Extension: (Google Docs) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07] CHR Extension: (Google Drive) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google-Suche) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Kaspersky Protection) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-02-01] CHR Extension: (Google Tabellen) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07] CHR Extension: (Google Docs Offline) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Skype) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-23] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04] CHR Extension: (Google Mail) - C:\Users\Nicolas Fischer\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2000-01-01] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation) R2 postgresql-x64-9.0; C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe [111104 2012-09-21] (PostgreSQL Global Development Group) [Datei ist nicht signiert] R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2016-05-06] () [Datei ist nicht signiert] R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [81072 2014-02-20] (Qualcomm Atheros, Inc.) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.) R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [160464 2014-03-05] (Intel Corporation) R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-01-30] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-11] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-01-30] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-01-30] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO) S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2016-05-06] () [Datei ist nicht signiert] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-08] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2000-01-01] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-02-21] (Realsil Semiconductor Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-08 10:09 - 2016-06-08 10:09 - 00028169 _____ C:\Users\Nicolas Fischer\Desktop\FRST.txt 2016-06-08 10:08 - 2016-06-08 10:08 - 00001198 _____ C:\Users\Nicolas Fischer\Desktop\mwb.txt 2016-06-08 10:01 - 2016-06-08 10:01 - 00001114 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-06-08 10:01 - 2016-06-08 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-06-08 10:01 - 2016-06-08 10:01 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-06-08 10:01 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-06-08 10:01 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-06-08 09:59 - 2016-06-08 09:59 - 22851472 _____ (Malwarebytes ) C:\Users\Nicolas Fischer\Downloads\mbam-setup-2.2.1.1043.exe 2016-06-08 09:56 - 2016-06-08 09:57 - 00000000 ____D C:\AdwCleaner 2016-06-08 09:54 - 2016-06-08 09:54 - 03677248 _____ C:\Users\Nicolas Fischer\Desktop\AdwCleaner_5.119.exe 2016-06-08 08:01 - 2016-06-08 08:04 - 00232594 _____ C:\TDSSKiller.3.1.0.9_08.06.2016_08.01.09_log.txt 2016-06-08 07:59 - 2016-06-08 08:00 - 00229610 _____ C:\TDSSKiller.3.1.0.9_08.06.2016_07.59.13_log.txt 2016-06-08 07:53 - 2016-06-08 07:53 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Nicolas Fischer\Desktop\tdsskiller.exe 2016-06-08 07:51 - 2016-06-08 10:09 - 00000000 ____D C:\FRST 2016-06-08 07:50 - 2016-06-08 07:50 - 02385408 _____ (Farbar) C:\Users\Nicolas Fischer\Desktop\FRST64.exe 2016-06-07 16:17 - 2016-06-08 10:01 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-06-07 16:17 - 2016-06-07 16:38 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-06-07 16:15 - 2016-06-07 16:38 - 00000000 ____D C:\Users\Nicolas Fischer\Desktop\mbar 2016-06-07 16:15 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-06-07 16:14 - 2016-06-07 16:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Nicolas Fischer\Desktop\mbar-1.09.3.1001.exe 2016-06-05 12:35 - 2016-06-05 12:35 - 06893008 _____ (Piriform Ltd) C:\Users\Nicolas Fischer\Downloads\ccsetup518.exe 2016-06-05 12:35 - 2016-06-05 12:35 - 06893008 _____ (Piriform Ltd) C:\Users\Nicolas Fischer\Downloads\ccsetup518 (1).exe 2016-06-05 11:15 - 2016-06-05 11:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Nicolas Fischer\Downloads\HijackThis_2.0.5.exe 2016-05-31 22:04 - 2016-06-07 16:17 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-05-31 22:04 - 2016-05-31 22:04 - 22851472 _____ (Malwarebytes ) C:\Users\Nicolas Fischer\Downloads\mbam-setup-computerbild.8000-2.2.1.1043.exe 2016-05-30 12:18 - 2016-06-02 12:17 - 00000000 ____D C:\Users\Nicolas Fischer\Desktop\Maria Arbeit 2016-05-30 10:36 - 2016-05-30 10:36 - 09795724 _____ C:\Users\Nicolas Fischer\Downloads\Moody's Ratings Handbook.pdf 2016-05-30 09:47 - 2016-05-30 09:47 - 00011818 _____ C:\Users\Nicolas Fischer\Downloads\Mappe1.xlsx 2016-05-30 09:42 - 2016-05-30 09:43 - 63526832 _____ C:\Users\Nicolas Fischer\Downloads\PT-Install-v4.14.16.exe 2016-05-29 15:40 - 2016-05-29 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker 2016-05-28 14:35 - 2016-05-28 14:35 - 00000000 ____D C:\Users\Nicolas Fischer\hitman 2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer 2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Program Files\MSBuild 2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-05-28 14:32 - 2016-05-28 14:32 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-05-28 14:31 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2016-05-28 14:31 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2016-05-28 14:31 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2016-05-28 14:31 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2016-05-28 14:31 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-05-28 14:31 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2016-05-27 18:24 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-05-27 18:24 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-05-23 14:03 - 2016-05-23 14:03 - 00016799 _____ C:\Users\Nicolas Fischer\Downloads\20160523-4704003243-umsatz.CSV 2016-05-14 01:09 - 2016-05-14 01:09 - 01812264 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Nicolas Fischer\Downloads\GPU-Z.0.8.7.exe 2016-05-11 13:06 - 2016-06-04 23:37 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-05-11 13:06 - 2016-05-14 17:02 - 00003942 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-05-11 13:04 - 2016-05-11 13:07 - 00089525 _____ C:\Users\Nicolas Fischer\Downloads\dir.dcr ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-08 10:07 - 2015-02-02 10:33 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Roaming\Skype 2016-06-08 10:06 - 2015-01-30 12:56 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-727180478-3196343947-2561650278-1001 2016-06-08 09:59 - 2015-01-30 14:26 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Roaming\ClassicShell 2016-06-08 09:57 - 2015-01-30 19:06 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-06-08 09:51 - 2015-01-30 13:56 - 00001148 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-08 08:51 - 2015-01-30 13:56 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-08 07:41 - 2015-01-30 13:55 - 00003994 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{018A7B7D-0C23-468D-A31E-E87B9CC3A02F} 2016-06-07 23:07 - 2015-01-30 19:20 - 00000000 ____D C:\Program Files (x86)\Steam 2016-06-07 10:44 - 2014-03-18 12:03 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-07 10:44 - 2014-03-18 11:25 - 00766620 _____ C:\Windows\system32\perfh007.dat 2016-06-07 10:44 - 2014-03-18 11:25 - 00159902 _____ C:\Windows\system32\perfc007.dat 2016-06-07 10:44 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2016-06-07 10:43 - 2015-05-27 17:03 - 00000000 ____D C:\ProgramData\Kodak 2016-06-07 10:38 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-07 10:38 - 2013-08-22 16:44 - 00362848 _____ C:\Windows\system32\FNTCACHE.DAT 2016-06-07 07:34 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-06-07 06:56 - 2015-04-06 11:40 - 00000000 ____D C:\Users\Nicolas Fischer\Desktop\Poker 2016-06-07 06:40 - 2015-04-06 11:45 - 00000000 ____D C:\Users\Nicolas Fischer\Documents\888poker 2016-06-07 06:40 - 2015-04-06 11:37 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Local\PokerStars.EU 2016-06-07 06:33 - 2015-02-02 10:33 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-06-07 06:32 - 2015-02-02 10:33 - 00000000 ____D C:\ProgramData\Skype 2016-06-07 06:24 - 2016-05-06 10:48 - 00000000 ____D C:\Users\Nicolas Fischer\Desktop\Vegas 2016 2016-06-06 20:52 - 2015-01-30 13:57 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-06 20:52 - 2015-01-30 13:57 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-06-06 14:18 - 2015-01-30 12:51 - 00000000 ____D C:\Users\Nicolas Fischer 2016-06-06 13:27 - 2015-04-06 11:14 - 00000000 ____D C:\Program Files (x86)\PokerTracker 4 2016-06-06 01:59 - 2016-02-12 21:45 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Local\Battle.net 2016-06-05 22:19 - 2016-02-12 21:44 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-06-05 12:36 - 2015-02-07 12:16 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-06-05 12:35 - 2015-02-08 15:19 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-06-05 11:15 - 2015-01-30 12:51 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Local\VirtualStore 2016-06-04 15:58 - 2015-03-20 01:52 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Roaming\TeamViewer 2016-06-04 12:46 - 2015-04-06 11:37 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU 2016-06-02 22:19 - 2016-05-06 09:08 - 00000000 ____D C:\Program Files (x86)\Overwatch 2016-06-02 00:07 - 2016-02-12 21:49 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2016-05-31 09:32 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-31 09:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2016-05-30 14:52 - 2015-01-30 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-05-30 09:43 - 2015-04-26 15:02 - 00001086 _____ C:\Users\postgres\Desktop\PokerTracker 4.lnk 2016-05-30 09:43 - 2015-04-26 15:02 - 00001086 _____ C:\Users\Nicolas Fischer\Desktop\PokerTracker 4.lnk 2016-05-29 15:40 - 2015-12-22 00:28 - 00001549 _____ C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk 2016-05-29 15:40 - 2015-04-13 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-05-29 08:50 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2016-05-28 20:35 - 2015-01-30 19:32 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-05-28 14:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI 2016-05-28 14:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\MUI 2016-05-28 14:32 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2016-05-27 18:24 - 2015-01-30 13:19 - 00000000 ____D C:\ProgramData\Package Cache 2016-05-23 02:58 - 2015-02-28 13:48 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Local\CrashDumps 2016-05-19 17:11 - 2015-04-06 11:43 - 00000000 ____D C:\Program Files (x86)\PacificPoker 2016-05-14 01:10 - 2015-12-09 15:41 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Roaming\NVIDIA 2016-05-11 13:06 - 2015-04-06 18:59 - 00000000 ____D C:\Users\Nicolas Fischer\AppData\Local\Adobe 2016-05-11 08:46 - 2015-01-30 13:56 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-11 08:46 - 2015-01-30 13:56 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-11-23 23:23 - 2016-02-09 08:54 - 0007626 _____ () C:\Users\Nicolas Fischer\AppData\Local\Resmon.ResmonCfg 2016-04-02 11:41 - 2016-04-02 11:41 - 0000000 _____ () C:\Users\Nicolas Fischer\AppData\Local\{46DAA92B-3992-49A1-91E4-4EB2079C9C50} 2015-04-06 11:14 - 2015-04-06 11:14 - 0004939 _____ () C:\ProgramData\flwjycbm.bab 2015-08-14 23:03 - 2015-08-14 23:03 - 0000016 _____ () C:\ProgramData\mntemp Einige Dateien in TEMP: ==================== C:\Users\Nicolas Fischer\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-06-01 02:32 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-06-2016
durchgeführt von Nicolas Fischer (2016-06-08 10:09:55)
Gestartet von C:\Users\Nicolas Fischer\Desktop
Windows 8.1 (Update) (X64) (2015-01-30 10:51:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-727180478-3196343947-2561650278-500 - Administrator - Disabled)
Gast (S-1-5-21-727180478-3196343947-2561650278-501 - Limited - Disabled)
Nicolas Fischer (S-1-5-21-727180478-3196343947-2561650278-1001 - Administrator - Enabled) => C:\Users\Nicolas Fischer
postgres (S-1-5-21-727180478-3196343947-2561650278-1003 - Limited - Enabled) => C:\Users\postgres
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-PDF Printer 10.22.0.2525 (HKLM\...\7-PDF Printer_is1) (Version: 10.22.0.2525 - 7-PDF, Germany - Th. Hodes)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\BitTorrent) (Version: 7.9.3.39947 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
ETDWare PS/2-X64 11.13.6.2_WHQL (HKLM\...\Elantech) (Version: 11.13.6.2 - ELAN Microelectronic Corp.)
Filtration version 0.9 (HKLM-x32\...\{AD0C8642-110D-402E-ADF6-9DDC1908A8FC}_is1) (Version: 0.9 - Ben Wallis)
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 5.30.16.WIN.FullTilt.EU - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HoldemResources Calculator (HKLM-x32\...\HoldemResources Calculator) (Version: release - HoldemResources)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
KeePass Password Safe 1.29 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.29 - Dominik Reichl)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK All-in-One Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 44.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.1 (x86 de)) (Version: 44.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.1 - Mozilla)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin 2016 (HKLM-x32\...\{DC460501-EEFA-4701-8AD8-5F7DE1B70436}) (Version: 9.30.00 - OriginLab Corporation)
partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)
Path of Exile - The Awakening Closed Beta (HKLM-x32\...\{08614ECB-C254-422C-AB67-C51E98CD1F78}) (Version: 2.0.0.41339 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.3.0.39268 - Grinding Gear Games)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{68DD86DD-8E02-4921-926B-B358D51EAF3A}) (Version: 1.1.41.1283 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{6692DCAF-A445-4C6B-AF31-3DD85FC06FBA}) (Version: 13.014.01026 - Application)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
StackAndTile (HKLM-x32\...\StackAndTile) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 3.10.0) (Version: 3.10.0 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 3.8.0) (Version: 3.8.0 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 3.8.1) (Version: 3.8.1 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 3.9.0) (Version: 3.9.0 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 4.1.1) (Version: 4.1.1 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 4.2.3) (Version: 4.2.3 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 4.5.0) (Version: 4.5.0 - Winamax)
Winamax (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\Winamax 4.7.1) (Version: 4.7.1 - Winamax)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E5}) (Version: 19.0.11293 - WinZip Computing, S.L. )
World of Tanks (HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-727180478-3196343947-2561650278-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {45C9F1C7-B74B-45FD-8728-762D3407ADB6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {486B214D-9F86-44D7-9FA8-0758EE302A78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {57A4271E-004C-44C9-8728-EE95D7606454} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-14] (Adobe Systems Incorporated)
Task: {A105CF4C-20A5-4D9F-A20F-D9FE484814CA} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
Task: {CFBA5C63-BEE7-4844-948C-35DF34B2ADC3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {DB558C57-8D7A-4E4F-B2A4-980271E93482} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F5FAC8A9-7455-4D75-92DD-7C83CBEA7682} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.9.0.14\SymErr.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Nicolas Fischer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\RaY - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-06 11:19 - 2012-09-21 09:55 - 00217600 _____ () C:\Program Files\PostgreSQL\9.0\bin\LIBPQ.dll
2015-04-06 11:19 - 2012-08-14 14:02 - 02258432 _____ () C:\Program Files\PostgreSQL\9.0\bin\libxml2.dll
2015-01-30 13:07 - 2015-01-10 01:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-04 14:16 - 2014-03-04 14:16 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2015-02-02 19:13 - 2000-01-01 02:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-06-06 20:52 - 2016-06-04 03:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-06 20:52 - 2016-06-04 03:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-727180478-3196343947-2561650278-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img3.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-727180478-3196343947-2561650278-1001\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FCB6551C-DDF3-44D6-8B76-868EDFFB0EFB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9A4CF007-78EC-4AAA-8E36-E83AEDF972C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DE6D1B8B-553D-474A-A715-F9273EAAC5FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0267B205-6E04-4731-A922-A402C229E6C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D55BF4FF-A9A2-4A2B-B28D-AF7D050D75D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3B02ED56-92B7-4051-AF30-F1F8C41A21A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F08623D1-121B-42B4-AAFD-A73FAB2B36C8}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7D78A858-3AB9-4508-9965-120AD1A6A99F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A3E959C0-C150-47B5-B35F-402D65487D46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4D804ED8-0854-4421-A955-244DD8896316}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B9C0582A-379F-4F9D-8355-E8384D2CE5C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{68DE6B8B-CD21-4290-BF28-83BE275A91FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{66759BBC-2718-4A99-8580-8FAE987920BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{9227C711-CBD7-4D6E-9C18-814C2849A9B2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5B7E133F-F3D4-426B-A9F4-34F5D1F6C740}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4DAE0D06-4893-46E4-A826-26848658B6BE}] => (Allow) C:\Users\Nicolas Fischer\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{AFD08483-05CC-4529-A277-8BE5DF189BAF}] => (Allow) C:\Users\Nicolas Fischer\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F7867348-33E1-4EB6-9F61-9624D1ECC6A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{480A79CB-49BF-4721-AC5C-CB4E02FF2CCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6194C867-0627-4808-B42E-7ED8B920BA33}] => (Allow) LPort=9322
FirewallRules: [{0094DAF0-8438-4903-A639-8887DC7C9917}] => (Allow) LPort=5353
FirewallRules: [{79106B7A-A9EC-4C06-ABEA-DF99A3356425}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{5E50C1A1-32E0-4683-B039-F132E0F58848}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{5D0BE862-B88D-4233-9A1A-F6E63068BE8D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{45C95E61-167A-4AE5-9D36-F2BF8CD9C1E5}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{5672A64E-E75A-4DD5-BFC7-90870E4A0749}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{9F990869-7405-477E-ADCE-88FD97CF5562}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{B7346952-C95F-4763-B9EA-35C9BF37E966}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{866B8885-9E3D-40C3-B73E-0F9D2E6D13F2}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{CE0AE42B-BFE4-4363-8890-161A93765FBA}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{3539FC2A-1256-4021-A603-B514394F39CE}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{15815A80-FE35-435A-B1D2-DAA461A0A952}] => (Allow) LPort=9322
FirewallRules: [{D991DBD7-50AF-4B22-9677-614A226F534E}] => (Allow) LPort=5353
FirewallRules: [{1E9E9182-C200-4F05-A6DC-43EBE2470336}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC0849F4-A050-40D4-854C-12B33528342B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{749C11EF-F5E6-4725-8DBD-1703B62B4137}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D1CA481F-99FA-4587-B9E3-A2F69DBC4260}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{33473AF8-A428-40A1-A11C-DDE0FF370487}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{478506A8-FCB2-466B-B50B-FF4A6E09BFAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8B1E1E17-1060-44BC-A896-1ABDE115C772}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{01BB6221-6E3D-4DB7-8036-0D4146E50284}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{3216FAF3-0C4A-4291-8C2C-3A8A81438DBD}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{E3B560E5-1ACF-4F6E-8573-61588A3939D6}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{EEC6E59B-AC9B-4D0C-9CF5-D4F60211A262}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{3FFA18F5-78B6-402A-BF24-7698560E5F1D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
04-06-2016 12:01:05 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/06/2016 05:59:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SoftwareUpdate.exe, Version 2.2.0.150 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 475c
Startzeit: 01d1c00c1c410285
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Berichts-ID: aae51be2-2bff-11e6-826d-303a6453cf68
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/06/2016 05:59:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/06/2016 05:59:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/06/2016 05:59:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/06/2016 05:43:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Ichputzhiernur)
Description: Bei der Aktivierung der App „winstore_cw5n1h2txyewy!Windows.Store“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/06/2016 02:07:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm PokerTracker4.exe, Version 4.14.16.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: a2dc
Startzeit: 01d1bf2b1f97b987
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe
Berichts-ID: b9a55fe9-2b7a-11e6-826d-303a6453cf68
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/05/2016 01:23:45 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/05/2016 01:07:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/05/2016 01:01:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/05/2016 12:41:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Systemfehler:
=============
Error: (06/08/2016 09:41:11 AM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/08/2016 09:40:41 AM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/08/2016 09:36:04 AM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/08/2016 09:35:34 AM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/07/2016 06:27:43 PM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/07/2016 06:27:13 PM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/07/2016 10:38:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (06/07/2016 10:38:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (06/06/2016 11:02:00 AM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/06/2016 11:01:29 AM) (Source: DCOM) (EventID: 10010) (User: Ichputzhiernur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
CodeIntegrity:
===================================
Date: 2016-06-07 10:38:21.429
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-07 10:38:20.845
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-17 13:03:18.404
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-17 13:03:17.685
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-06 09:07:49.956
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-05-06 09:07:49.915
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-02 11:45:13.254
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-02 11:45:12.309
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-27 12:46:25.898
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-27 12:46:24.887
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 16304.22 MB
Verfügbarer physikalischer RAM: 12965.54 MB
Summe virtueller Speicher: 21424.22 MB
Verfügbarer virtueller Speicher: 13691.11 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.54 GB) (Free:79 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 103551C3)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Geändert von letsthrow (08.06.2016 um 09:10 Uhr) |
|
08.06.2016, 19:49
| #7 |
| /// Malwareteam | Yahoo main.targo.12.com forward - fix plsESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...  Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
09.06.2016, 07:35
| #8 |
| | Yahoo main.targo.12.com forward - fix pls gut werde ich morgen durchlaufen lassen nein ich habe keine Probleme mit meinem Rechner und bin denke ich, so es dem Laien möglich ist, aufmerksam und bestmöglich gerüstet. Bin auch noch keine 30 und hatte schon einiges auf meinen Platten - das meiste habe ich selbst über die Jahre löschen können aber hier bin ich leider ziemlich hilflos. Vielleicht liegt das Problem ja auf yahoo Seite, aber meist eben doch zwischen Stuhl und Bildschirm. ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=97284fd630d83d429e3fb3e0ef8a6f32
# end=init
# utc_time=2016-06-09 05:38:03
# local_time=2016-06-09 07:38:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 29740
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=97284fd630d83d429e3fb3e0ef8a6f32
# end=updated
# utc_time=2016-06-09 05:39:45
# local_time=2016-06-09 07:39:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=97284fd630d83d429e3fb3e0ef8a6f32
# engine=29740
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-09 06:31:18
# local_time=2016-06-09 08:31:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1299 16777213 100 100 165177 93025508 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 42583513 90335171 0 0
# scanned=285882
# found=6
# cleaned=0
# scan_time=3091
sh=45F5B1093F5698FFCA020860DA8B3E3AE4397625 ft=1 fh=2b17fd63bf38ecb9 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nicolas Fischer\Downloads\7 PDF Printer - CHIP-Installer.exe"
sh=D3DCF66BB7574997ACC1E332C15091A616F1888C ft=1 fh=73487f6131b6f718 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nicolas Fischer\Downloads\Classic Shell - CHIP-Installer (1).exe"
sh=2EA4E6BC0D576E57BCC97CFF2BCB182088FFF2A2 ft=1 fh=9605e19274840309 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nicolas Fischer\Downloads\Classic Shell - CHIP-Installer.exe"
sh=7C8273BAE49B63B28E7815E4786584F98B6382FA ft=1 fh=740ddfdc0f7606c4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nicolas Fischer\Downloads\OpenOffice - CHIP-Installer.exe"
sh=48C93BBDD6043054F4559780619F582DACE81949 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nicolas Fischer\Downloads\wz190gev-64.msi"
sh=48C93BBDD6043054F4559780619F582DACE81949 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\326d7a3d.msi"
|
|
10.06.2016, 17:48
| #9 |
| /// Malwareteam | Yahoo main.targo.12.com forward - fix pls Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter
C:\Users\Nicolas Fischer\Downloads\wz190gev-64.msi
C:\Windows\Installer\326d7a3d.msi
URLSearchHook: [S-1-5-21-727180478-3196343947-2561650278-1003] ACHTUNG => Standard URLSearchHook fehlt
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Bitte pass auf, wenn du von Chip oder anderen Portalen Software laden möchtest: Java Du hast eine veraltete Version von Java installiert. Bitte aktualisiere sie oder entferne Java gleich komplett von deinem PC. In nur sehr seltenen Fällen benötigt man das Programm wirklich auf dem Rechner - deshalb meine Empfehlung: Behalte Java nur auf deinem Computer wenn du es wirklich benötigst, dann halte es jedoch stets aktuell.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
12.06.2016, 00:04
| #10 |
| | Yahoo main.targo.12.com forward - fix plsCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-06-2016
durchgeführt von Nicolas Fischer (2016-06-11 11:18:53) Run:1
Gestartet von C:\Users\Nicolas Fischer\Desktop
Geladene Profile: Nicolas Fischer & postgres (Verfügbare Profile: Nicolas Fischer & postgres)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Nicolas Fischer\Downloads\wz190gev-64.msi
C:\Windows\Installer\326d7a3d.msi
URLSearchHook: [S-1-5-21-727180478-3196343947-2561650278-1003] ACHTUNG => Standard URLSearchHook fehlt
emptytemp:
*****************
C:\Users\Nicolas Fischer\Downloads\wz190gev-64.msi => erfolgreich verschoben
C:\Windows\Installer\326d7a3d.msi => erfolgreich verschoben
Konnte nicht wiederhergestellt werden Standard URLSearchHook.
EmptyTemp: => 771.3 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 11:19:08 ====
Das Problem besteht übrigens weiterhin. |
|
12.06.2016, 15:13
| #11 |
| | main.targo12.com Hallo ich habe auch dieses Problem habe das auch alles gemacht wie es hier beschrieben wird aber das Problem besteht immer noch vielleicht kann mir jemand dabei helfen |
|
14.06.2016, 00:00
| #12 |
| /// Malwareteam | Yahoo main.targo.12.com forward - fix pls Nach unserem momentanen Kenntnisstand liegt das nicht an deinem PC, sondern an der Yahoo Website selber. Einige Nutzer haben davon berichtet, dass die Verwendung eines AdBlockers hilft - es könnte sich um eine Form von Malwaretising handeln. Die Logs von deinem Rechner sehen jetzt für mich sauber aus: Herzlichen Glückwunsch - du bist Clean  Zum Schluss müssen wir noch etwas aufräumen und ich gebe dir ein paar Hinweise mit auf den Weg: Wichtig: Entfernen der verwendeten Tools Die Reihenfolge ist hier entscheidend.
Malwarebytes Anti-Malware und  ESET kannst du als Ergänzung zu deiner bestehenden Antivirus-Lösung auf dem Computer belassen und deinen Computer damit regelmäßig scannen. Persönliche Empfehlungen Das wichtigste zu erst:
Schutz vor unerwünschter Software Adware ist zu einer Art permanenten Bedrohung geworden, weil immer mehr Programme versuchen, einem beim Installieren noch was anderes unterzujubeln - und wie schnell hat man da ein Häkchen übersehen? Darum: pass auf, wenn du dir Software aus dem Internet herunterlädst! Viele Portale im Internet wie Chip, Softonic und Sourceforge versuchen häufig, dir Adware oder sonstige Downloader mit unerwünschten Programmen unterzujubeln. Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal, wie von FilePony.de. Lese dir dazu auch folgenden Artikel durch: CHIP-Installer - was ist das? - Anleitungen Selbst wenn du ein Programm von einer seriösen Quelle heruntergeladen hast, ist das keine Garantie, dass dein Programm nicht doch versucht, unerwünschte Änderungen an deinem Computer vorzunehmen. So versuchen immer mehr Programme, durch modifizierte Installationsroutinen unerwünschte Programme mit auf deinen PC zu schleusen. Das klappt leider auch häufig, weil viele Anwender nicht lesen, was auf dem Bildschirm steht und stattdessen schnell durchklicken. Deshalb: Wenn du ein Programm installierst, wähle immer die benutzerdefinierte Installation und schaue, was du da gerade eigentlich alles mit einem Klick auf "Ok" oder "Weiter" abnickst - entferne entsprechend die Haken bei Dingen, die du nicht möchtest. Wer lesen kann, ist klar im Vorteil! Benutze keine Optimizer, Cleaner oder sonstige SpeedUp Wunder, da diese Tools fast nie einen auch nur messbaren Performancegewinn bringen. Du kannst jedoch regelmäßig auf deinem PC die Datenträgerbereinigung ausführen, so gewinnst du belegten Speicherplatz zurück. Aktiviere in deiner Virenschutzlösungen den "Schutz vor potentiell unerwünschter Software", um dich bestmöglich zu schützen. Guter Trick: Wenn du den kostenlosen Windows Defender benutzt (ab Windows 8), kannst du einen vergleichbaren Schutz durch einen kleinen Trick auch nutzen! Lese dazu folgenden Artikel um dich mehr zu informieren: Windows mit verstecktem Adware-Killer Zum aktivieren dieses "Tricks" lade einfach nur diese Datei und führe sie aus: MpEnablePlus.reg Tipps, um dein System sicherer zu machen Halte immer deine Plug-ins und Software, insbesondere deinen Browser aktuell. Deinstalliere wenn möglich Java und den Adobe Flashplayer von deinem Computer. Neuerdings benötigt man sie fast nie mehr und stellen darum nur mehr eine unnötige Sicherheitslücke auf deinem Computer dar. Wenn du sie doch unbedingt benötigst, halte sie aber unbedingt aktuell. Weiters kannst du dir  Malwarebytes Anti-Exploit installieren. Es schützt gegen viele aktuelle Sicherheitslücken und erhöht so deine Sicherheit. Passwörter Ändere regelmäßig deine Passwörter! Zudem musst du sichere Passwörter benutzen, das bedeutet: mindestens 8 Zeichen, Groß- und Kleinbuchstaben und Sonderzeichen. Ganz wichtig: benutze pro Account ein anderes Passwort! Tipp: Benutze einen Spruch, den du dir leicht merken kannst, als Hilfe für ein Passwort! Zum Beispiel: Der Himmel ist blau und wenn es regnet?-grau ==> DHibuwer?-grau Unterstütze uns und empfiehl uns weiter Du kennst Freunde und Bekannte, die Probleme mit ihrem Computer haben? Schick sie doch zu uns auf das Trojaner Board, wir helfen gerne Wenn du uns mit einer Spende unterstützen möchtest, freuen wir uns sehr und dies kannst du hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html Herzlichen Dank dafür  Wir machen diese Tätigkeit hier freiwillig, darum freue ich mich besonders über ein kurzes Danke, wenn du mit mir zufrieden warest oder sonst über Verbesserungsvorschläge - das kannst du gerne hier machen Besuche und like unsere Facebook-Seite!  Danke für deine Mitarbeit und alles Gute! Bitte gib mir Bescheid, wenn du das alles gelesen hast und du keine weiteren Fragen mehr hast.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu Yahoo main.targo.12.com forward - fix pls |
| .com, account, antwort, cookies, download, ebenfalls, fix, folge, folgen, google, hijack, hijackthis, löschen, lösung, malwarebytes, nichts, problem, scareware, seite, täglich, wahrscheinlich, weitergeleitet, win, yahoo, yahoo maintargo12 scareware, zusammen |
Defender zu benutzen. Solltest du noch Windows 7 verwenden, verwende als kostenlose Lösung die 
Microsoft Security Essentials. 
Linear-Darstellung
