| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.06.2016, 12:35
| #1 |
| |  Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? Hallo, vorgestern warnte mich facebook, dass eine facebook-Veranstaltung, die ich teilen wollte, Malware enthielte. Da mehrere meiner Bekannten bereits daran teilnehmen/ sie geteilt haben, dachte ich, dass es eine fehlerhafte Meldung ist und habe es noch einmal probiert. Es erschien dieselbe Meldung und im Anschluss wurde ich von facebook ausgeloggt, allerdings ziemlich instabil, da mir erst gesagt wurde, ich sei ausgeloggt, ich dann nocheinmal auf eine Nachricht zugreifen konnte und dann endgültig ausgeloggt wurde. Jedes Mal, wenn ich jetzt versuche, mich von dem PC aus wieder einzuloggen, erscheint dieser Text: "Dein Computer muss gereinigt werden Offenbar ist dein Computer von Malware beeinträchtigt. Wir unterstützen dich bei dabei, das Problem zu beheben, um dein Konto zu schützen und zu verhindern, dass sich das Malware-Problem auch auf die Konten deiner Freunde überträgt. Bei Malware handelt es sich um eine Schadsoftware, die versucht, deine persönlichen Informationen zu stehlen und Probleme bei der Nutzung von Facebook zu verursachen. Durch das Klicken auf bzw. das Teilen von Links, die Spam enthalten, kann dein Computer mit Malware infiziert werden." Die Seite verlangt von mir, dass ich den ab jetzt von facebook zur Verfügung gestellten Anti-Malware/Virus-Scanner herunterlade, um meinen PC zu überprüfen. Alternativ kann ich mich nur Abmelden, ein Zugriff auf den Account ist nicht möglich. Mit einem kurzfristig erstellten Neuaccount konnte ich mich ohne Probleme auf dem PC einloggen. Der Zugang zum alten facebook-Account ist mir von meinem Handy aus möglich, ich konnte jedoch manchmal keine Beiträge teilen. Dann erschien ebenfalls eine Nachricht, dass mein PC möglicherweise infiziert sei und ich mich dort einloggen und den Anleitungsschritten folgen solle. In derselben Meldung wurde mir jedoch auch die Möglichkeit angeboten, mich zu beschweren, dass die Sperrung ungerechtfertigt sei, die ich genutzt habe. Eine Antwort kam bisher nicht. Den genauen Wortlaut der Fehlermeldung beim Beitrag teilen kann ich leider nicht mehr angeben, da es jetzt (vom Handy aus) bei allen Beiträgen funktioniert (letzte Fehlermeldung war vor ca. 20h). Am PC besteht das Einloggproblem weiterhin. Was kann ich jetzt tun? Den Virenscanner würde ich mir über facebook ungern aufzwingen lassen, selbst, wenn die Anzeige echt ist. Liebe Grüße & vielen Dank! Mira Hier sind die mit FRST erstellten Logfiles: (Edit: Addition als Anhang, da der Beitrag ansonsten zu groß war) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-06-2016
durchgeführt von Mira (Administrator) auf JAMIE (11-06-2016 02:03:22)
Gestartet von C:\Users\Mira\Downloads
Geladene Profile: UpdatusUser & Mira (Verfügbare Profile: UpdatusUser & Mira & Mia & Administrator)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\n360.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\n360.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\conathst.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [22912 2012-10-01] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804432 2015-11-17] (NVIDIA Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [562544 2016-05-10] ()
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [ATLauncher] => "C:\Program Files\McAfee\MSC\OOBE\ATLauncher.exe" /createshortcuts:1
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-10-05] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972712 2016-05-31] (Dropbox, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [839648 2016-03-10] (DivX, LLC)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [421768 2016-04-25] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7377936 2016-05-10] ()
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [14688 2015-03-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-03-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-03-24] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-04-18] (Glarysoft Ltd)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MountPoints2: {7843c043-e6a7-11e4-8059-6c71d929bdb6} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MountPoints2: {b41c3cc8-2ed9-11e6-825a-806e6f6e6963} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MountPoints2: {e64af5b0-3905-11e5-80c4-6c71d929bdb6} - "F:\WD Drive Unlock.exe" autoplay=true
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [186136 2016-04-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [164696 2016-04-21] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => Keine Datei
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => Keine Datei
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
Startup: C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk [2016-06-11]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * BootDefrag.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Tcpip\..\Interfaces\{2C655153-8DA1-473A-912B-E3091839733C}: [NameServer] 139.30.8.7,139.30.8.8
Tcpip\..\Interfaces\{96684D29-698D-40F5-B943-F3B269F660E4}: [DhcpNameServer] 139.30.8.7 139.30.8.8
Tcpip\..\Interfaces\{AD674BBB-4BDC-4BF8-AAC6-C8116D423017}: [DhcpNameServer] 139.30.8.7 139.30.8.8
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2226888768-1864803197-2813516363-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-29] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
IE Session Restore: HKU\S-1-5-21-2226888768-1864803197-2813516363-1002 -> ist aktiviert.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default
FF DefaultSearchEngine: Ecosia
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-03-04] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-09-09] (Nero AG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2226888768-1864803197-2813516363-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\benefind.xml [2014-03-22]
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\google-images.xml [2014-11-26]
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\google-maps.xml [2014-11-26]
FF SearchPlugin: C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\searchplugins\norton-safe-search.xml [2015-11-07]
FF Extension: NoScript - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07]
FF Extension: Avira Browser Safety - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\abs@avira.com [2016-05-14]
FF Extension: Ghostery - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\firefox@ghostery.com.xpi [2016-05-04]
FF Extension: YouTube mp3 - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\info@youtube-mp3.org.xpi [2016-04-27]
FF Extension: Video DownloadHelper - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-05-23]
FF Extension: Adblock Plus - C:\Users\Mira\AppData\Roaming\Mozilla\Firefox\Profiles\wl6e5j5j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon [2016-03-15]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-14]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-14]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1195840 2016-05-10] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2016-06-09] ()
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-14] (Dropbox, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [31616 2012-10-01] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [37760 2012-10-01] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe [289080 2016-02-26] (Symantec Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
R2 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [42336 2012-11-16] (ASUSTek Computer Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-03-22] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros) [Datei ist nicht signiert]
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160601.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-05-14] (Glarysoft Ltd)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1606000.08E\ccSetx64.sys [173808 2015-09-24] (Symantec Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-11] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339800 2016-06-09] (Acronis International GmbH)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2015-05-30] (Glarysoft Ltd)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160609.001\IDSvia64.sys [876248 2016-05-25] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-30] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160610.001\ENG64.SYS [138456 2016-05-17] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160610.001\EX64.SYS [2148056 2016-05-17] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1606000.08E\SRTSPX64.SYS [50936 2015-09-24] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1606000.08E\SymELAM.sys [24192 2015-09-24] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-11-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267552 2016-06-09] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [193376 2016-06-09] (Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [601432 2016-06-09] (Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [279392 2016-06-09] (Acronis International GmbH)
R3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-07-21] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-11 02:03 - 2016-06-11 02:03 - 00034166 _____ C:\Users\Mira\Downloads\FRST.txt
2016-06-11 02:02 - 2016-06-11 02:03 - 00000000 ____D C:\FRST
2016-06-11 02:00 - 2016-06-11 02:00 - 02385408 _____ (Farbar) C:\Users\Mira\Downloads\FRST64.exe
2016-06-11 01:42 - 2016-06-11 01:43 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-06-11 01:42 - 2016-06-11 01:43 - 00000000 ____D C:\WINDOWS\system32\NV
2016-06-11 01:37 - 2016-06-11 01:37 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-06-11 01:37 - 2016-06-11 01:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-11 01:37 - 2016-06-11 01:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-11 01:32 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-06-11 01:32 - 2016-03-31 08:53 - 07446360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-11 01:31 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-11 01:31 - 2016-06-03 15:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-11 01:31 - 2016-06-02 19:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-11 01:31 - 2016-05-29 17:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-11 01:31 - 2016-05-29 17:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-11 01:31 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-11 01:31 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-11 01:31 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-11 01:31 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-11 01:31 - 2016-04-10 07:35 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-06-11 01:31 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-06-11 01:31 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-06-11 01:31 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-06-11 01:31 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-06-11 01:31 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-06-11 01:31 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-06-11 01:31 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-06-11 01:31 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-06-11 01:31 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-06-11 01:31 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-06-11 01:31 - 2016-04-07 18:34 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-06-11 01:31 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-11 01:31 - 2016-04-07 17:36 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-06-11 01:31 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-06-11 01:31 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-06-11 01:31 - 2016-04-06 19:11 - 07074816 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-11 01:31 - 2016-04-06 18:40 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-11 01:31 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-06-11 01:31 - 2016-04-06 18:02 - 05269504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-11 01:31 - 2016-04-06 17:29 - 05265408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-11 01:31 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-06-11 01:31 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-06-11 01:31 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-06-11 01:31 - 2016-04-01 19:00 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-06-11 01:31 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-06-11 01:31 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-06-11 01:31 - 2016-04-01 18:42 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-11 01:31 - 2016-04-01 18:41 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-06-11 01:31 - 2016-04-01 18:32 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-11 01:31 - 2016-03-31 08:51 - 01134776 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-06-11 01:31 - 2016-03-31 06:36 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-06-11 01:31 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-11 01:31 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-11 01:31 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-10 12:19 - 2016-06-10 12:26 - 00000000 ____D C:\Users\Mira\Desktop\Hörbücher
2016-06-10 11:26 - 2016-06-10 11:27 - 00000000 ____D C:\Users\Mira\Documents\Sprachen
2016-06-10 10:46 - 2016-06-10 10:57 - 00000000 ____D C:\Users\Mira\Documents\Tests
2016-06-10 10:45 - 2016-06-10 10:45 - 00000000 ____D C:\Users\Mira\Documents\Von Papa Psychologie etc
2016-06-10 10:43 - 2016-06-10 11:51 - 00000000 ____D C:\Users\Mira\Desktop\Wichtige Dokumente
2016-06-09 23:27 - 2016-06-09 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2016-06-09 23:27 - 2016-06-09 23:27 - 00002171 _____ C:\Users\Public\Desktop\WD Backup.lnk
2016-06-09 23:27 - 2016-06-09 23:27 - 00001190 _____ C:\Users\Public\Desktop\WD Security.lnk
2016-06-09 23:27 - 2016-06-09 23:27 - 00001135 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2016-06-09 23:27 - 2016-06-09 23:27 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Western Digital
2016-06-09 23:27 - 2016-06-09 23:27 - 00000000 ____D C:\Program Files (x86)\Western Digital
2016-06-09 23:25 - 2016-06-09 23:25 - 00000000 ____D C:\Users\Mira\AppData\Local\Western Digital
2016-06-09 23:15 - 2016-06-09 23:15 - 01267552 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00601432 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00339800 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00279392 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2016-06-09 23:15 - 2016-06-09 23:15 - 00193376 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2016-06-09 23:14 - 2016-06-09 23:14 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2016-06-09 23:14 - 2016-06-09 23:14 - 00001219 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2016-06-09 23:13 - 2016-06-10 01:19 - 00000000 ____D C:\ProgramData\Acronis
2016-06-09 22:58 - 2016-06-09 22:58 - 00001164 _____ C:\Users\Public\Desktop\Acronis Drive Monitor.lnk
2016-06-09 22:55 - 2016-06-09 22:55 - 18992072 _____ C:\Users\Mira\Downloads\ADM_de-DE.exe
2016-06-09 22:54 - 2016-06-09 22:54 - 00001251 _____ C:\Users\Public\Desktop\Acronis Disk Director 12.lnk
2016-06-09 22:48 - 2016-06-09 23:04 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Acronis
2016-06-09 22:47 - 2016-06-09 23:15 - 00340312 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2016-06-09 22:47 - 2016-06-09 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2016-06-09 22:47 - 2016-06-09 22:47 - 00163160 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2016-06-09 22:46 - 2016-06-09 22:58 - 00000000 ____D C:\Program Files (x86)\Acronis
2016-06-09 16:38 - 2016-06-09 16:38 - 01473544 _____ C:\Users\Mira\Downloads\AntiVir Avira Free Antivirus - CHIP-Installer.exe
2016-06-09 16:35 - 2016-06-09 16:35 - 00001165 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-09 16:33 - 2016-06-09 16:33 - 00242344 _____ C:\Users\Mira\Downloads\Firefox Setup Stub 47.0.exe
2016-06-08 09:37 - 2016-06-08 09:37 - 32127420 _____ C:\Users\Mira\Downloads\KFT(2).pdf
2016-06-07 12:02 - 2016-06-07 12:02 - 00422043 _____ C:\Users\Mira\Downloads\7. Kapitel_ Sonderpadagogische Begutachtung(1).pdf
2016-06-07 11:55 - 2016-06-07 11:55 - 00712136 _____ C:\Users\Mira\Downloads\Fallbeispiel_Heidi(1).pdf
2016-06-07 11:53 - 2016-06-07 11:53 - 00079043 _____ C:\Users\Mira\Downloads\Fall Paul - Erarbeitete Ergebnisse im WiSem 14(1).pdf
2016-06-05 16:13 - 2016-06-05 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-01 19:55 - 2016-06-01 19:55 - 00044579 _____ C:\Users\Mira\Downloads\Forschungs-_und_Prüfungskolloquium_SoSe_2016.pdf
2016-05-31 18:13 - 2016-05-31 18:13 - 00051234 _____ C:\Users\Mira\Downloads\Modulplan 2016(1).xlsx
2016-05-30 22:44 - 2016-05-30 22:44 - 01512457 _____ C:\Users\Mira\Downloads\Drucker Rechnung.pdf
2016-05-30 22:08 - 2016-05-30 22:08 - 00922685 _____ C:\Users\Mira\Downloads\Drucker Rechnung Mira_1.pdf
2016-05-28 23:39 - 2016-05-28 23:40 - 00010233 _____ C:\Users\Mira\Documents\Sev.odt
2016-05-28 23:38 - 2016-05-28 23:38 - 02041978 _____ C:\Users\Mira\Downloads\Für_alle__drei_Sitzungen_Kapital_49-99.pdf
2016-05-28 19:15 - 2016-05-28 19:15 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-05-28 19:13 - 2016-06-05 16:11 - 00000000 ____D C:\Users\Mira\AppData\Roaming\HpUpdate
2016-05-28 19:13 - 2016-05-28 19:15 - 00000000 ____D C:\Program Files (x86)\HP
2016-05-28 19:13 - 2016-05-28 19:13 - 00002222 _____ C:\Users\Public\Desktop\HP Officejet Pro 8610.lnk
2016-05-28 19:13 - 2016-05-28 19:13 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2016-05-28 19:13 - 2016-05-28 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-05-28 19:13 - 2016-05-28 19:13 - 00000000 ____D C:\ProgramData\HP
2016-05-28 19:13 - 2016-05-28 19:13 - 00000000 ____D C:\Program Files\HP
2016-05-28 19:13 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM7112.dll
2016-05-28 19:10 - 2016-05-28 19:10 - 00000057 _____ C:\ProgramData\Ament.ini
2016-05-25 20:39 - 2016-05-25 21:24 - 00020878 _____ C:\Users\Mira\Downloads\Kieler Leseaufbau_Morawiak.odp
2016-05-24 20:05 - 2016-05-24 20:05 - 00016085 _____ C:\Users\Mira\Downloads\Anleitung zur Erstellung des Portfolios (Modulprufung).pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00712136 _____ C:\Users\Mira\Downloads\Fallbeispiel_Heidi.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00126402 _____ C:\Users\Mira\Downloads\Text zur Testtheorie.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00124223 _____ C:\Users\Mira\Downloads\Einverstandniserklarung fur Eltern.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00079043 _____ C:\Users\Mira\Downloads\Fall Paul - Erarbeitete Ergebnisse im WiSem 14.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00013188 _____ C:\Users\Mira\Downloads\Ablaufschema zur Gutachtenerstellung.pdf
2016-05-24 20:04 - 2016-05-24 20:04 - 00005576 _____ C:\Users\Mira\Downloads\Bewertung der Portfolios.pdf
2016-05-23 22:36 - 2016-05-28 19:15 - 00000000 ____D C:\Users\Mira\AppData\Local\HP
2016-05-20 12:13 - 2016-05-20 12:13 - 38222710 _____ C:\Users\Mira\Downloads\download.zip
2016-05-20 12:02 - 2016-05-20 12:02 - 133294414 _____ C:\Users\Mira\Downloads\bundjugendnrw_skill-sharing-camp-mastamo-2016_72157668514772735.zip
2016-05-19 18:26 - 2016-05-19 18:26 - 00154621 _____ C:\Users\Mira\Downloads\Kieler_Leseaufbau-Handout.pdf
2016-05-18 21:50 - 2016-05-18 21:50 - 02348032 _____ C:\Users\Mira\Downloads\Kieler_Leseaufbau_+_Rechtschreibaufbau.ppt
2016-05-18 10:11 - 2016-05-18 10:11 - 01621996 _____ C:\Users\Mira\Downloads\PPP_Lese-_Rechtschreibförderung.pdf
2016-05-16 14:26 - 2016-05-16 14:26 - 00028003 _____ C:\Users\Mira\Documents\Thematisierung von Drogen mit Kindern und Jugendlichen.odt
2016-05-16 12:32 - 2016-05-16 12:32 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2226888768-1864803197-2813516363-1005
2016-05-16 12:26 - 2016-05-16 12:26 - 00000429 _____ C:\Users\Mia\AppData\Roaming\sp_data.sys
2016-05-16 12:25 - 2016-05-16 12:31 - 00000000 ____D C:\Users\Mia\AppData\Local\Packages
2016-05-16 12:25 - 2016-05-16 12:25 - 00001456 _____ C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-16 12:25 - 2016-05-16 12:25 - 00000020 ___SH C:\Users\Mia\ntuser.ini
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Vorlagen
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Startmenü
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Netzwerkumgebung
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Lokale Einstellungen
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Eigene Dateien
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Druckumgebung
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Documents\Eigene Videos
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Documents\Eigene Musik
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Documents\Eigene Bilder
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\AppData\Local\Verlauf
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\AppData\Local\Anwendungsdaten
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 _SHDL C:\Users\Mia\Anwendungsdaten
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Roaming\Adobe
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Local\VirtualStore
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Local\NVIDIA
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia\AppData\Local\ASUS
2016-05-16 12:25 - 2016-05-16 12:25 - 00000000 ____D C:\Users\Mia
2016-05-16 12:25 - 2014-09-11 11:41 - 00000000 ____D C:\Users\Mia\AppData\Local\Microsoft Help
2016-05-16 12:25 - 2014-03-18 12:11 - 00000369 _____ C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-05-16 12:25 - 2014-03-18 12:11 - 00000369 _____ C:\Users\Mia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-05-15 22:09 - 2016-05-15 22:09 - 03679943 _____ C:\Users\Mira\Downloads\Falter_Campaufruf-2016.druck(1).pdf
2016-05-15 22:00 - 2016-05-15 22:00 - 00060974 _____ C:\Users\Mira\Downloads\Kontostand Sonderpädagogik (31.12.2015).pdf
2016-05-15 22:00 - 2016-05-15 22:00 - 00052254 _____ C:\Users\Mira\Downloads\Sonderpädagogik.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00623769 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_S27_Sachkunde.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00456900 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_S26_Sachkunde.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00149302 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_SIII_Kontext.pdf
2016-05-15 21:19 - 2016-05-15 21:19 - 00145248 _____ C:\Users\Mira\Downloads\S2016_04_16_taz_S25_Sachkunde.pdf
2016-05-15 20:52 - 2016-05-15 20:52 - 20723386 _____ C:\Users\Mira\Downloads\taz_2016_04_30.pdf
2016-05-15 20:37 - 2016-05-15 20:37 - 24846636 _____ C:\Users\Mira\Downloads\taz_2016_05_07.pdf
2016-05-15 19:31 - 2016-05-15 19:31 - 00051234 _____ C:\Users\Mira\Downloads\Modulplan 2016.xlsx
2016-05-14 20:09 - 2016-05-14 20:09 - 05995712 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-11 01:54 - 2014-03-23 21:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2226888768-1864803197-2813516363-1002
2016-06-11 01:49 - 2014-03-22 20:12 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Skype
2016-06-11 01:49 - 2014-03-18 12:03 - 00338278 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-11 01:49 - 2014-03-18 11:25 - 12310652 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-11 01:49 - 2014-03-18 11:25 - 04099916 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-11 01:49 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-11 01:48 - 2014-03-20 23:54 - 00000408 _____ C:\Users\Mira\AppData\Roaming\sp_data.sys
2016-06-11 01:42 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-11 01:42 - 2013-01-23 19:42 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-11 01:40 - 2015-04-16 13:00 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-11 01:40 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-11 01:37 - 2014-03-22 20:12 - 00000000 ____D C:\Users\Mira\AppData\Local\Skype
2016-06-11 01:37 - 2014-03-22 20:12 - 00000000 ____D C:\ProgramData\Skype
2016-06-11 01:36 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-11 01:33 - 2013-01-23 19:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-11 01:26 - 2014-09-11 08:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-11 01:09 - 2014-09-21 22:05 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-11 01:07 - 2014-03-22 20:32 - 00000000 ____D C:\Users\Mira\AppData\Roaming\vlc
2016-06-10 23:54 - 2014-08-13 11:56 - 00000000 ____D C:\Users\Mira
2016-06-10 23:44 - 2014-07-12 18:16 - 00000000 ____D C:\Users\Mira\AppData\Local\ElevatedDiagnostics
2016-06-10 23:42 - 2014-03-22 18:16 - 00000000 ____D C:\Users\Mira\AppData\Roaming\GlarySoft
2016-06-10 23:38 - 2016-01-08 21:50 - 00000000 ____D C:\Users\Mira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2016-06-10 23:38 - 2014-08-28 10:19 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-10 23:24 - 2014-05-29 09:01 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-06-10 23:23 - 2016-02-17 01:00 - 00000000 ____D C:\Users\Mira\AppData\Roaming\TS3Client
2016-06-10 11:47 - 2013-11-27 21:27 - 00000000 ____D C:\Users\Mira\Documents\Friri
2016-06-10 11:44 - 2015-11-07 20:14 - 00000000 ____D C:\Users\Mira\Documents\Unterrichtsmaterial
2016-06-10 11:27 - 2014-03-20 23:57 - 00000000 __RSD C:\Users\Mira\Desktop\ASUS
2016-06-10 11:27 - 2014-01-09 20:51 - 00000000 ____D C:\Users\Mira\Documents\ASUS
2016-06-10 11:01 - 2013-11-09 12:25 - 00000000 ____D C:\Users\Mira\Documents\Unfall
2016-06-10 09:05 - 2014-05-07 11:52 - 00000000 ____D C:\Program Files\WinRAR
2016-06-10 00:00 - 2015-12-30 16:51 - 00000000 ____D C:\Users\Mira\AppData\Local\Ubisoft Game Launcher
2016-06-10 00:00 - 2013-01-23 19:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-09 23:58 - 2015-04-05 22:55 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-06-09 23:55 - 2014-04-08 17:19 - 00000000 ____D C:\Users\Mira\AppData\Roaming\DVDVideoSoft
2016-06-09 23:29 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2016-06-09 23:27 - 2014-09-13 14:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-09 16:35 - 2016-05-04 14:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-09 16:35 - 2014-03-21 11:30 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-09 15:51 - 2014-03-22 18:15 - 00000000 ____D C:\Users\Mira\AppData\Roaming\DiskDefrag
2016-06-08 14:49 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2016-06-07 19:13 - 2014-03-22 14:24 - 00000000 ____D C:\Users\Mira\AppData\Local\CrashDumps
2016-06-07 17:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-06 22:27 - 2015-09-02 02:59 - 00000000 ____D C:\Users\Mira\Documents\Sonderfall
2016-06-05 16:40 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-05 16:13 - 2015-10-14 09:36 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-06-05 16:07 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-31 18:02 - 2013-04-02 20:32 - 00000000 ____D C:\Users\Mira\AppData\Local\Packages
2016-05-30 21:17 - 2013-01-23 19:42 - 00000000 ____D C:\temp
2016-05-28 23:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-05-28 16:43 - 2015-04-06 10:40 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-28 16:43 - 2015-04-06 10:40 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-16 13:43 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-14 21:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 20:09 - 2014-09-21 22:05 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-05-12 21:19 - 2016-02-17 01:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-05-12 21:04 - 2013-08-22 16:44 - 00539912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-12 00:20 - 2014-03-23 15:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-12 00:13 - 2014-03-23 15:33 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files\changelog.txt
2015-10-22 13:22 - 2015-10-22 13:22 - 0375544 _____ () C:\Program Files\createfileassoc.exe
2015-10-22 13:22 - 2015-10-22 13:22 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files\msvcr120.dll
2015-08-27 10:07 - 2015-08-27 10:07 - 1704176 _____ (Overwolf) C:\Program Files\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-10-22 13:22 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files\ssleay32.dll
2015-10-22 13:21 - 2015-10-22 13:21 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files\ts3client_win64.exe
2016-02-17 01:00 - 2016-02-17 01:00 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files\Uninstall.exe
2015-10-22 13:22 - 2015-10-22 13:22 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files\usb.ids
2014-03-20 23:54 - 2016-06-11 01:48 - 0000408 _____ () C:\Users\Mira\AppData\Roaming\sp_data.sys
2014-06-30 12:39 - 2015-11-26 22:56 - 0005120 _____ () C:\Users\Mira\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-07 01:40 - 2015-12-07 01:41 - 0000000 _____ () C:\Users\Mira\AppData\Local\{25C194DB-0F40-47C9-8C89-1DBFE8ABDA98}
2015-11-16 16:51 - 2015-11-16 16:52 - 0000000 _____ () C:\Users\Mira\AppData\Local\{90A87F66-C76B-4B0F-A8C8-AAAA4D94149D}
2016-05-28 19:10 - 2016-05-28 19:10 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-10 21:13
==================== Ende von FRST.txt ============================
|
|
11.06.2016, 14:18
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  |  Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-06-2016
durchgeführt von Mira (2016-06-11 02:04:07)
Gestartet von C:\Users\Mira\Downloads
Windows 8.1 (Update) (X64) (2014-08-13 15:25:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2226888768-1864803197-2813516363-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-2226888768-1864803197-2813516363-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2226888768-1864803197-2813516363-1004 - Limited - Enabled)
Mia (S-1-5-21-2226888768-1864803197-2813516363-1005 - Limited - Enabled) => C:\Users\Mia
Mira (S-1-5-21-2226888768-1864803197-2813516363-1002 - Administrator - Enabled) => C:\Users\Mira
UpdatusUser (S-1-5-21-2226888768-1864803197-2813516363-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Norton 360 Premier (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Premier (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.566 - Acronis)
Acronis True Image (HKLM-x32\...\{43B5FB0A-9900-43B0-BD46-9E7F89C88A98}Visible) (Version: 19.0.6571 - Acronis)
Acronis True Image (x32 Version: 19.0.6571 - Acronis) Hidden
Acronis*Disk*Director*12 (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3270 - Acronis)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Product Demo Movie (HKLM-x32\...\{DC06C90B-C5BE-42F6-B74D-A9503170998C}) (Version: 1.0.3 - ASUS )
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.36 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0006 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.22 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.2.00096 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.2.00096 - Cisco Systems, Inc.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.18 - DivX, LLC)
Dropbox (HKLM-x32\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.39.1 - Dropbox, Inc.) Hidden
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Glary Utilities 5.49 (HKLM-x32\...\Glary Utilities 5) (Version: 5.49.0.69 - Glarysoft Ltd)
Goldfinger Junior (HKLM-x32\...\{04FA5E93-3366-4CA0-9EAF-D31772998350}) (Version: - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{F6EC89A8-5C2B-4C87-B296-A4AAB473DA1A}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.6.1082 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 5.1.2.2 (HKLM\...\{7A6851F9-0867-4CB4-9017-35ECA0CBA162}) (Version: 5.1.2.2 - The Document Foundation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\MyFreeCodec) (Version: - ) <==== ACHTUNG
Nero 2015 (HKLM-x32\...\{EF09AC51-1657-4A06-9449-B2BF1C4FB608}) (Version: 16.0.05500 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero 2016 (HKLM-x32\...\{049045D5-0C46-4E78-A83F-83E993D91A7F}) (Version: 17.0.02300 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
Norton 360 Premier (HKLM-x32\...\N360) (Version: 22.6.0.142 - Symantec Corporation)
NVIDIA Grafiktreiber 359.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.46 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.210 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6793 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WD Backup (HKLM-x32\...\{6cbbe2b9-c94a-400c-92cd-14859a8e4808}) (Version: 1.0.5556.3650 - Western Digital Technologies, Inc.)
WD Backup (x32 Version: 1.0.5556.3650 - Western Digital Technologies, Inc) Hidden
WD Drive Utilities (HKLM-x32\...\{163952d1-3ca7-4e98-a686-cc0c227c7447}) (Version: 1.2.0.85 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.2.0.85 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{BE1B25F9-5A51-4DB8-81FA-CE0CABC14D07}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{b304f1ed-b08a-4d51-882b-fd651777d297}) (Version: 1.2.0.83 - Western Digital Technologies, Inc.)
WD Security (x32 Version: 1.2.0.83 - Western Digital Technologies, Inc.) Hidden
Windows Driver Package - ASUS (ATP) Mouse (11/09/2012 1.0.0.153) (HKLM\...\5AB9160B769DD2E134ADCB8010377DECA2479378) (Version: 11/09/2012 1.0.0.153 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
XSBoxGO 1.0.0.0 (HKLM-x32\...\XSBoxGO 1.0.0.0) (Version: 1.0.0.0 - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00F09D76-D7AB-4491-A52F-D463D028A963} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {0D877F8E-4543-4919-86FA-09FA6CA85E96} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {1B9CBCCA-6F84-4F4B-8852-7A6208450063} - System32\Tasks\{3EC74F90-59AA-411A-BFA5-69D7D3BDF8C6} => pcalua.exe -a E:\INSTALL.EXE -d E:\
Task: {2BB6F745-19C4-4043-BF53-1434377512CB} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-10-17] (ASUS)
Task: {2E0F9D83-81DC-4C5A-92F3-2960462C79E7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {73639546-571E-482A-80AD-ADA9B6343C98} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-03-01] (DivX, LLC)
Task: {75412052-0C70-44C9-A705-9570F46A0903} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {836C8B27-E377-4FC7-81D2-EDDAFD613707} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {868C2CC6-6EBF-46F1-943E-8D504ADD91F0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-12] (Microsoft Corporation)
Task: {918A5E43-E613-4958-B84C-60F7367BE83B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-14] (Dropbox, Inc.)
Task: {9CCBE2F2-A906-4D3B-A321-B4E2328EFDC8} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe [2016-02-10] (Symantec Corporation)
Task: {A4C55AFE-BFAA-4BAC-A7C0-3490B7CCF5C9} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-11-20] (AsusTek)
Task: {A4E04CAC-15FE-42EB-9FDA-9C212E9F41CE} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-04-18] (Glarysoft Ltd)
Task: {B36C1459-0536-41E0-A872-44EF35DD8AD3} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {B452FB3B-3B89-4D90-85D4-43616B9DE2A7} - System32\Tasks\ASUS VivoBook => C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe [2012-11-21] (ASUSTeK Computer Inc.)
Task: {C1B6A9AA-DB6E-4CD6-A06D-774A79AAEE10} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\WSCStub.exe [2016-02-26] (Symantec Corporation)
Task: {C3ACEA50-8CF4-46D9-A836-B886D748EDD3} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {CA3D40B2-56F7-48AE-82A6-CD054A306018} - System32\Tasks\KMS Activation => C:\Program Files\KMSpico\RandomFile.exe
Task: {CEBD5170-AFE3-49AD-ADC4-1BDF850A235F} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-04-18] (Glarysoft Ltd)
Task: {D187CE65-8908-4CAB-806E-1DA0231F2681} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {E09D1216-960F-47F5-B4A1-5D49C34B7126} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-14] (Dropbox, Inc.)
Task: {E229C0F8-C03F-4DD2-B3F9-2F55713AE2FD} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {ECECA832-D799-4FD0-8F98-4AA7BBE0FF0F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-14] (Adobe Systems Incorporated)
Task: {F3D95595-BBD1-4C70-9210-3EB7BF7EBD69} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360 Premier\Upgrade.exe [2016-02-26] (Symantec Corporation)
Task: {FECB8465-62A8-4C2F-BC14-3396D9DC247A} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2012-12-07] (ASUSTek Computer INC.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Mira\Documents\URO\Sopäd\Einzelfall\SAT Vortrag\Material von Fr Eisfeld\퐄\f4 Diagnoseprogramm.lnk -> C:\Program Files (x86)\f4\f4diag.bat (Keine Datei)
Shortcut: C:\Users\Mira\Documents\URO\Sopäd\Einzelfall\SAT Vortrag\Material von Fr Eisfeld\퐄\f4.lnk -> C:\Program Files (x86)\f4\f4.bat (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-01-23 19:42 - 2016-02-15 09:26 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-05-10 15:51 - 2016-05-10 15:51 - 01195840 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2016-06-09 23:15 - 2016-06-09 23:15 - 04463592 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2016-04-16 12:56 - 2016-04-16 12:56 - 09698296 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-11-13 13:18 - 2012-11-13 13:18 - 00019296 _____ () C:\Program Files\ASUS\ASUS VivoBook\WMIProcX64.dll
2016-05-10 15:39 - 2016-05-10 15:39 - 00562544 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2011-02-24 19:07 - 2011-02-24 19:07 - 00470120 _____ () C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
2016-05-10 16:23 - 2016-05-10 16:23 - 07377936 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2012-10-17 11:51 - 2012-10-17 11:51 - 00168664 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2012-12-13 04:33 - 2012-10-15 06:09 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2015-10-05 14:48 - 2015-10-05 14:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-08-11 15:36 - 2015-08-11 15:36 - 00024896 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\core_workers_shared_context.dll
2016-05-10 15:35 - 2016-05-10 15:35 - 00037808 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2016-05-10 16:25 - 2016-05-10 16:25 - 04490432 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2015-08-23 15:59 - 2015-08-23 15:59 - 00606672 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\sqlite3.dll
2016-05-10 15:36 - 2016-05-10 15:36 - 00445872 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-05-10 15:31 - 2016-05-10 15:31 - 00115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2013-01-23 19:45 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2015-11-16 18:05 - 2015-11-16 18:05 - 00126928 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2016-05-10 15:37 - 2016-05-10 15:37 - 00333744 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2016-05-10 16:21 - 2016-05-10 16:21 - 20582752 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2016-05-10 15:35 - 2016-05-10 15:35 - 00050096 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2016-04-16 12:45 - 2016-04-16 12:45 - 00248240 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2012-10-17 11:51 - 2012-10-17 11:51 - 00011776 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2226888768-1864803197-2813516363-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Mira\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 139.30.8.7 - 139.30.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\...\StartupApproved\Run: => "icq"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F036ED61-6A37-48BD-B914-F2F11CF49D73}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{F878FB44-2EA7-4AFB-B9B3-9A289A4A85BB}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8EF7718A-EDA5-4D1B-B408-D728784688FA}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{3765E59A-B7AB-4931-9830-52D641DC1B9C}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{FAB2D762-85FB-4224-8F5B-F8D8187FFC97}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [TCP Query User{19E9B41E-A663-4341-9D25-4C65088469D5}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{25D7A4EF-564E-448A-92F9-2D711A87D413}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{79CE3D2B-DEFD-40AD-9CF3-B4CCBCBA8EF1}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{435F8D47-6DBC-4769-B4CD-3A5ACFBAAEDE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{4C62FD40-1101-42A4-A470-88B8B59CA7DD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9C197A82-7AEE-483B-86A9-18D3DC1E7182}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{00B4034E-FA2C-428B-A47E-94A33DA60CD2}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{C214D11B-4851-4F4F-8B5F-8E3675833018}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{B948071A-AB4B-4366-A6DC-F989E4592EBB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{5729D285-26DD-4E57-97E9-C3930563BCD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{380D05AF-4089-47CC-90E1-2FB138A39467}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7F7F45E2-24DE-4618-8A9A-0BF6A9EABD00}] => (Allow) C:\Program Files\KMSpico\Y0ZDQ3INEJA.exe
FirewallRules: [{21BD98AA-B5EB-46BB-A9A1-AE0BE7DA7EB7}] => (Allow) C:\Program Files\KMSpico\Y0ZDQ3INEJA.exe
FirewallRules: [{58CDF033-03FC-4260-8D70-C290E0B1DC6C}] => (Allow) C:\Program Files\KMSpico\NWGDRYUZPI4.exe
FirewallRules: [{F74D718B-B74C-4970-8B15-A2FEE7DF661C}] => (Allow) C:\Program Files\KMSpico\NWGDRYUZPI4.exe
FirewallRules: [{17AAE873-C8D4-424F-8C90-9DB37F16A5F0}] => (Allow) C:\Program Files\KMSpico\4INF4E78LFS.exe
FirewallRules: [{01D5C396-D4F7-40AA-99E4-0A1785E1903B}] => (Allow) C:\Program Files\KMSpico\4INF4E78LFS.exe
FirewallRules: [{01D18E40-28EB-4F00-9096-C41CADAB0A42}] => (Allow) C:\Program Files\KMSpico\I60Q03B017U.exe
FirewallRules: [{1F6B01EB-E470-45D3-BEF2-E7C0171B0548}] => (Allow) C:\Program Files\KMSpico\I60Q03B017U.exe
FirewallRules: [{CE77C962-3B54-41BB-A269-22487D3B5AC6}] => (Allow) C:\Program Files\KMSpico\LVCSA6GSP2Y.exe
FirewallRules: [{95000A97-B668-4685-B36A-FFE4EAADAE86}] => (Allow) C:\Program Files\KMSpico\LVCSA6GSP2Y.exe
FirewallRules: [{0BA65633-70A1-46C8-A301-65A695F1EF6E}] => (Allow) C:\Program Files\KMSpico\NEA5PIGTVS3.exe
FirewallRules: [{4DB829B5-672C-459C-AE95-7145AD68DC0C}] => (Allow) C:\Program Files\KMSpico\NEA5PIGTVS3.exe
FirewallRules: [{7579BE7C-E1C3-42F6-93DB-9AF14F0D8B17}] => (Allow) C:\Program Files\KMSpico\JQOSNVLMO7Z.exe
FirewallRules: [{A49E4E79-B6F6-4923-B3DC-BE8715BA696B}] => (Allow) C:\Program Files\KMSpico\JQOSNVLMO7Z.exe
FirewallRules: [{94AD100B-B65E-47B6-A8DE-2F1C75534D58}] => (Allow) C:\Program Files\KMSpico\2RO3HWT0LHM.exe
FirewallRules: [{3AE36EB4-E6FF-4B3F-BBF8-E0FF0767D1AF}] => (Allow) C:\Program Files\KMSpico\2RO3HWT0LHM.exe
FirewallRules: [{C77AB8D0-D0AE-4920-8A78-E8E19C52AAB3}] => (Allow) C:\Program Files\KMSpico\OV6LWNNTLCV.exe
FirewallRules: [{F233CD62-009C-4A84-81E9-7877AF2A8E21}] => (Allow) C:\Program Files\KMSpico\OV6LWNNTLCV.exe
FirewallRules: [{91BE90E4-08EF-43E3-A11F-5E8974765D16}] => (Allow) C:\Program Files\KMSpico\ZJI0CWNJ3FY.exe
FirewallRules: [{B2BC6320-AA94-4349-94A6-5948B316E091}] => (Allow) C:\Program Files\KMSpico\ZJI0CWNJ3FY.exe
FirewallRules: [{334B110E-D762-453A-816C-C1F5BBCA299D}] => (Allow) C:\Program Files\KMSpico\91B3IJYUQRI.exe
FirewallRules: [{CFDD093E-8C10-4D8C-8B8B-3482612CB9D8}] => (Allow) C:\Program Files\KMSpico\91B3IJYUQRI.exe
FirewallRules: [{50A9C970-DF33-4F87-B3DD-4458C413127B}] => (Allow) C:\Program Files\KMSpico\ISLZM24KP2C.exe
FirewallRules: [{8D563F8C-06D4-41A2-BB9D-1C59E192B3A1}] => (Allow) C:\Program Files\KMSpico\ISLZM24KP2C.exe
FirewallRules: [{7072926B-1F46-46A7-8001-343734994D35}] => (Allow) C:\Program Files\KMSpico\NK4O6Q2H43S.exe
FirewallRules: [{D947DB30-70AA-4016-989F-3C379087F034}] => (Allow) C:\Program Files\KMSpico\NK4O6Q2H43S.exe
FirewallRules: [{099F69D6-3FE6-4ACF-8E37-64064348E557}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C88D9D86-2086-4CB1-AAC8-AC65F64C1A55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D44BF189-3E57-4965-B70E-401636386377}] => (Allow) C:\Program Files\KMSpico\DIOMWL3XND3.exe
FirewallRules: [{48E558B6-4EB5-46B3-8DE4-1CD381466ADE}] => (Allow) C:\Program Files\KMSpico\DIOMWL3XND3.exe
FirewallRules: [{BD1B6902-B1DC-4D34-AE03-AC75BFFA2252}] => (Allow) C:\Program Files\KMSpico\2M3GXAL0YDN.exe
FirewallRules: [{BF28FFED-87F0-4369-8F79-E2B9570BB986}] => (Allow) C:\Program Files\KMSpico\2M3GXAL0YDN.exe
FirewallRules: [{7C8C45B0-BD49-4027-AC5E-76C73322382E}] => (Allow) C:\Program Files\KMSpico\ZRA2NTHKWNO.exe
FirewallRules: [{7795FB88-233A-4CED-AA6E-73B601E5DF67}] => (Allow) C:\Program Files\KMSpico\ZRA2NTHKWNO.exe
FirewallRules: [{56E41164-18D7-4455-8207-36D1D2066C84}] => (Allow) C:\Program Files\KMSpico\84DVBHGKLZS.exe
FirewallRules: [{17A87830-ECE9-4366-96C3-2FDF04CE1514}] => (Allow) C:\Program Files\KMSpico\84DVBHGKLZS.exe
FirewallRules: [{0E0D168B-AF2F-4856-B810-D35CE3569D20}] => (Allow) C:\Program Files\KMSpico\EMDNJ8L60IS.exe
FirewallRules: [{48CB6C0B-37F1-48A9-A502-052346C52693}] => (Allow) C:\Program Files\KMSpico\EMDNJ8L60IS.exe
FirewallRules: [{8837A233-C14F-4547-B2B6-5051121F98C1}] => (Allow) C:\Program Files\KMSpico\CLX3QPLKBOD.exe
FirewallRules: [{E82D5D59-9E5E-44B8-8632-94E9B023FF14}] => (Allow) C:\Program Files\KMSpico\CLX3QPLKBOD.exe
FirewallRules: [{0C5C073F-8E39-452C-B8D7-6647E1675DAE}] => (Allow) C:\Program Files\KMSpico\9O0GZMU7DY2.exe
FirewallRules: [{8E810147-A3E4-4CAC-9ED0-F9E1EBA62357}] => (Allow) C:\Program Files\KMSpico\9O0GZMU7DY2.exe
FirewallRules: [{75790195-671A-413C-9CD5-A602FA598431}] => (Allow) C:\Program Files\KMSpico\BNQEH0HR19F.exe
FirewallRules: [{C9B56653-F8F6-4F05-8BEB-6CCC1C2CEAF0}] => (Allow) C:\Program Files\KMSpico\BNQEH0HR19F.exe
FirewallRules: [{57013F4C-FED5-4359-A8C2-D0020CDC3462}] => (Allow) C:\Program Files\KMSpico\7RSBCQYJWED.exe
FirewallRules: [{BE032266-8CF7-42B0-AA6D-F66E9102FDB1}] => (Allow) C:\Program Files\KMSpico\7RSBCQYJWED.exe
FirewallRules: [{B06A9E7D-DC8F-43BF-82E7-8810EBE9337A}] => (Allow) C:\Program Files\KMSpico\F7L2E4M9TT1.exe
FirewallRules: [{40A49E70-98E9-4776-B2A9-8F499F121E1F}] => (Allow) C:\Program Files\KMSpico\F7L2E4M9TT1.exe
FirewallRules: [{4284392A-CFE1-49A6-8526-5E41C05C633A}] => (Allow) C:\Program Files\KMSpico\IV4GAVANLCP.exe
FirewallRules: [{5C1D5871-7772-473E-8704-9373CB5B05EC}] => (Allow) C:\Program Files\KMSpico\IV4GAVANLCP.exe
FirewallRules: [{30636EAE-8481-445D-A6B7-8BBFEF4724CB}] => (Allow) C:\Program Files\KMSpico\F7400GB6Y4W.exe
FirewallRules: [{C5574019-C85D-483B-BDD6-266479E5F791}] => (Allow) C:\Program Files\KMSpico\F7400GB6Y4W.exe
FirewallRules: [{200E64CD-93B2-4A13-B471-C9E87989EB90}] => (Allow) C:\Program Files\KMSpico\AAN1J2EJ98C.exe
FirewallRules: [{45FA88CD-5719-492D-8084-A58827589EBA}] => (Allow) C:\Program Files\KMSpico\AAN1J2EJ98C.exe
FirewallRules: [{12C78C42-1987-4A83-9625-E9C8CC60A7D3}] => (Allow) C:\Program Files\KMSpico\KMWFKN38GEO.exe
FirewallRules: [{BD1E3842-7B54-4E07-BCE3-E6C4D8FFCB9D}] => (Allow) C:\Program Files\KMSpico\KMWFKN38GEO.exe
FirewallRules: [{3D41050D-AA97-4EFD-86E6-F724DC8752A5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A1050E64-DB3D-4E0E-97D3-B85E8CA49CFA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{654C652B-27AE-4DEE-A167-04255599A14B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E4915130-B44F-48A4-BD8E-FC72B158D2E6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{5310DB89-EA0B-4024-B0FC-D29CB1EB6751}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8C78B197-5359-476C-979C-61646C1296B7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6B2D6704-A2DC-430A-9E34-851117928929}] => (Allow) C:\Program Files\KMSpico\JVS2NMLY0GJ.exe
FirewallRules: [{391AD7EF-E136-4F4D-B86C-0BD0B634D99C}] => (Allow) C:\Program Files\KMSpico\JVS2NMLY0GJ.exe
FirewallRules: [{6FD187B8-1741-4AC0-A7BF-75911051A72A}] => (Allow) C:\Program Files\KMSpico\WWS4ZPHVPKW.exe
FirewallRules: [{DEEFE98D-5CB6-4ABF-9269-096AC9DA436F}] => (Allow) C:\Program Files\KMSpico\WWS4ZPHVPKW.exe
FirewallRules: [{E97E6DF5-AB93-492F-9E43-9DF3B5DB74E4}] => (Allow) C:\Program Files\KMSpico\X771ZN0XEMH.exe
FirewallRules: [{ACE3C261-C8CA-4DC8-B762-C42DE5B4EF6A}] => (Allow) C:\Program Files\KMSpico\X771ZN0XEMH.exe
FirewallRules: [{D90892DB-E1D0-4104-BF89-137F11334643}] => (Allow) C:\Program Files\KMSpico\7U22807AV2F.exe
FirewallRules: [{043467FE-0EC6-432B-9D46-3781A2BB7C94}] => (Allow) C:\Program Files\KMSpico\7U22807AV2F.exe
FirewallRules: [{3774FB35-D9E2-426A-BA0D-083A6577225F}] => (Allow) C:\Program Files\KMSpico\L7FYOHWSM8F.exe
FirewallRules: [{AC8178F6-E208-42D9-B34D-9AA21F490CEA}] => (Allow) C:\Program Files\KMSpico\L7FYOHWSM8F.exe
FirewallRules: [{48C476C3-9988-4B84-A441-3E1C2D8A584B}] => (Allow) C:\Program Files\KMSpico\PCRIP29J1NA.exe
FirewallRules: [{F72508C7-E093-4C8A-9176-CEB33653324E}] => (Allow) C:\Program Files\KMSpico\PCRIP29J1NA.exe
FirewallRules: [{12A9ADCA-620D-4980-BA2D-F72A58E6713F}] => (Allow) C:\Program Files\KMSpico\RO06EJKR47B.exe
FirewallRules: [{74F6C442-3ABB-4810-A7CD-2E58270FB469}] => (Allow) C:\Program Files\KMSpico\RO06EJKR47B.exe
FirewallRules: [{8847F9E9-34D4-4DC1-8465-D2E2E9BE6281}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{72417712-6C28-43DD-9036-C90AADDD145A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4DE163D1-9345-4D48-A161-B2D8840E04C0}] => (Allow) C:\Program Files\KMSpico\HLERFMJM992.exe
FirewallRules: [{8C83DA14-4B27-4C12-8B53-BA90CF8AF9CF}] => (Allow) C:\Program Files\KMSpico\HLERFMJM992.exe
FirewallRules: [{2E142404-17A4-430D-9434-912369DEC600}] => (Allow) C:\Program Files\KMSpico\MK5V2KHMJIZ.exe
FirewallRules: [{44974759-1F33-45AA-96BF-665FB0377F53}] => (Allow) C:\Program Files\KMSpico\MK5V2KHMJIZ.exe
FirewallRules: [{2ABDC180-577E-475C-AE11-3BA444264373}] => (Allow) C:\Program Files\KMSpico\KYUMQDCRY9R.exe
FirewallRules: [{6074FCF0-4CF5-47B0-A886-5604D808A6DB}] => (Allow) C:\Program Files\KMSpico\KYUMQDCRY9R.exe
FirewallRules: [{AEEB91CE-B6F0-42D3-8318-D2BA7B0E209A}] => (Allow) C:\Program Files\KMSpico\LF02EQQUY5W.exe
FirewallRules: [{AABCA878-FEFF-457E-B32E-7A9F8A82E134}] => (Allow) C:\Program Files\KMSpico\LF02EQQUY5W.exe
FirewallRules: [{87B16916-C02E-4098-9CF6-4CE6A31D0B8A}] => (Allow) C:\Program Files\KMSpico\G1N4C88P38Q.exe
FirewallRules: [{03155021-7DB4-40E7-A384-2D3168D4A86C}] => (Allow) C:\Program Files\KMSpico\G1N4C88P38Q.exe
FirewallRules: [{B0A2E434-DA2C-4F73-8350-841099CA3BAB}] => (Allow) C:\Program Files\KMSpico\5APSP6BAFSB.exe
FirewallRules: [{063B4834-9B7C-46AF-B597-CF1550C9EE20}] => (Allow) C:\Program Files\KMSpico\5APSP6BAFSB.exe
FirewallRules: [{6C6566B4-A50F-42AD-80C5-7C3F589C1C12}] => (Allow) C:\Program Files\KMSpico\M26B9ENYOH9.exe
FirewallRules: [{2CFC1D11-D19C-41F2-B4F0-2E22DA218BEB}] => (Allow) C:\Program Files\KMSpico\M26B9ENYOH9.exe
FirewallRules: [{766361AB-F64E-4C3C-BB7A-B991638ACAA5}] => (Allow) C:\Program Files\KMSpico\E9N4YMMTHZP.exe
FirewallRules: [{3F46FA54-4E3D-406C-B6EC-90B8F04EBA2F}] => (Allow) C:\Program Files\KMSpico\E9N4YMMTHZP.exe
FirewallRules: [{7718D5D3-0C2B-4723-9FC3-699BB6A10B83}] => (Allow) C:\Program Files\KMSpico\OL1RHMDKOVS.exe
FirewallRules: [{0395971F-B36B-4DF1-9E61-A95EC4661177}] => (Allow) C:\Program Files\KMSpico\OL1RHMDKOVS.exe
FirewallRules: [{3F53DB7B-A901-4A19-A8D6-E82613A293F9}] => (Allow) C:\Program Files\KMSpico\DMTZ8RHIH27.exe
FirewallRules: [{21859F09-886E-48D1-B862-11B75B4B5E5F}] => (Allow) C:\Program Files\KMSpico\DMTZ8RHIH27.exe
FirewallRules: [{89413ED1-CBB5-4B97-ADF7-F06F301072BA}] => (Allow) C:\Program Files\KMSpico\07OUUOVIJMD.exe
FirewallRules: [{7A85FDDE-FDF9-4FF1-9E2A-FAF5543D4077}] => (Allow) C:\Program Files\KMSpico\07OUUOVIJMD.exe
FirewallRules: [{F736E671-19B5-42C8-9B25-1901B32CBF70}] => (Allow) C:\Program Files\KMSpico\RTTTHF17L2N.exe
FirewallRules: [{C0693FBA-7BEE-42BD-A201-624D409DF527}] => (Allow) C:\Program Files\KMSpico\RTTTHF17L2N.exe
FirewallRules: [{049D60F4-7340-491E-B038-6C6F518A4FF1}] => (Allow) C:\Program Files\KMSpico\LIK9URLWD8O.exe
FirewallRules: [{1AD83C5A-4840-4CEC-A9DF-86FE0C0928B0}] => (Allow) C:\Program Files\KMSpico\LIK9URLWD8O.exe
FirewallRules: [{A2C9BB53-7CC0-468E-9F7E-C9AC93F24EFD}] => (Allow) C:\Program Files\KMSpico\TQGBFB14UZX.exe
FirewallRules: [{F18203E2-ADE5-41CB-A255-52F14DF62DFC}] => (Allow) C:\Program Files\KMSpico\TQGBFB14UZX.exe
FirewallRules: [{ABEC079C-007C-4C06-BCC8-65C60CC22FF0}] => (Allow) C:\Program Files\KMSpico\A019IR30O2H.exe
FirewallRules: [{60CB5DF3-7D6C-4DE2-8EF5-096FA4F32B90}] => (Allow) C:\Program Files\KMSpico\A019IR30O2H.exe
FirewallRules: [{C499E346-75C4-45AC-AF65-A5571CEFE2AB}] => (Allow) C:\Program Files\KMSpico\K6NULHX5ATJ.exe
FirewallRules: [{B72AB298-000F-4D37-8EA2-21E89AA0CA23}] => (Allow) C:\Program Files\KMSpico\K6NULHX5ATJ.exe
FirewallRules: [{D5643713-86A5-4BD0-82FE-AED46AB3DC7B}] => (Allow) C:\Program Files\KMSpico\8KEXDDT5K7H.exe
FirewallRules: [{236F8AC8-E204-4AC9-BE89-68612B9B008F}] => (Allow) C:\Program Files\KMSpico\8KEXDDT5K7H.exe
FirewallRules: [{C9192307-5288-4653-8D16-160A8F337443}] => (Allow) C:\Program Files\KMSpico\JE4XWHB3VGZ.exe
FirewallRules: [{6C930064-08C0-4DED-9F00-02BB8ADDF354}] => (Allow) C:\Program Files\KMSpico\JE4XWHB3VGZ.exe
FirewallRules: [{142AF579-5007-434E-9E16-67E7076BE7B7}] => (Allow) C:\Program Files\KMSpico\Z74NARPG4RU.exe
FirewallRules: [{B61D0509-3124-4424-8A41-FC5FF513A1C1}] => (Allow) C:\Program Files\KMSpico\Z74NARPG4RU.exe
FirewallRules: [{EE551640-E2A3-433C-902D-FCDD5630921A}] => (Allow) C:\Program Files\KMSpico\J6YJSNEH6NY.exe
FirewallRules: [{B774BB1D-0CE5-4FAC-B244-112C28B8511D}] => (Allow) C:\Program Files\KMSpico\J6YJSNEH6NY.exe
FirewallRules: [{049EA0D5-5637-4DFF-A220-14D2387EFD0D}] => (Allow) C:\Program Files\KMSpico\AT7WLEC9BUQ.exe
FirewallRules: [{0C94868E-E1DF-4656-A2B9-8FB965B11446}] => (Allow) C:\Program Files\KMSpico\AT7WLEC9BUQ.exe
FirewallRules: [{F88E517E-F3E1-4F12-A46C-27283704543D}] => (Allow) C:\Program Files\KMSpico\LWXQR4UXDGD.exe
FirewallRules: [{9D8BDE42-6E77-4DBE-A648-1831DEFD582D}] => (Allow) C:\Program Files\KMSpico\LWXQR4UXDGD.exe
FirewallRules: [{43D9C0FF-FF90-4A0D-9EDF-C0FE258C5E69}] => (Allow) C:\Program Files\KMSpico\EFE9FF7WRXK.exe
FirewallRules: [{3D07AD42-07B9-4151-B97C-C2D8CA34ACB5}] => (Allow) C:\Program Files\KMSpico\EFE9FF7WRXK.exe
FirewallRules: [{5A8B43D5-35FC-477D-9278-15DF670153F7}] => (Allow) C:\Program Files\KMSpico\2LFN37ZX6H9.exe
FirewallRules: [{324001A0-3A37-4E3E-AFD2-F6A03E601607}] => (Allow) C:\Program Files\KMSpico\2LFN37ZX6H9.exe
FirewallRules: [{C52C0F74-83F9-4EF5-A7F0-27D77E931C47}] => (Allow) C:\Program Files\KMSpico\NI5B10B64RQ.exe
FirewallRules: [{6F270F1C-C91C-4C33-8308-470ABDB40134}] => (Allow) C:\Program Files\KMSpico\NI5B10B64RQ.exe
FirewallRules: [{2924082E-676E-4EBA-BE6A-DEA657D81777}] => (Allow) C:\Program Files\KMSpico\70FP1HI1QS3.exe
FirewallRules: [{DFBF70EA-E2B0-4DDD-B812-3CD8E429C194}] => (Allow) C:\Program Files\KMSpico\70FP1HI1QS3.exe
FirewallRules: [{129D3908-4FF5-41BB-B805-81F15EFF1919}] => (Allow) C:\Program Files\KMSpico\OJ3S4D1UKR2.exe
FirewallRules: [{627FD75A-FD82-4346-B1AB-ED0B088ACEAB}] => (Allow) C:\Program Files\KMSpico\OJ3S4D1UKR2.exe
FirewallRules: [{461E819A-69B9-439A-AEA1-B7AB66321684}] => (Allow) C:\Program Files\KMSpico\0Z6KM5N1U3W.exe
FirewallRules: [{D0991809-FC61-48E2-838E-6A8A89F84F5F}] => (Allow) C:\Program Files\KMSpico\0Z6KM5N1U3W.exe
FirewallRules: [{6A578847-F8A4-49A7-BD36-1F36C5E62182}] => (Allow) C:\Program Files\KMSpico\NB2QPDXA981.exe
FirewallRules: [{FDD28E21-47BF-4F3E-8070-ACF0A6F89738}] => (Allow) C:\Program Files\KMSpico\NB2QPDXA981.exe
FirewallRules: [{37085869-1421-4F52-BCB4-7A42AD753912}] => (Allow) C:\Program Files\KMSpico\T5ZHYNV3S4W.exe
FirewallRules: [{ACD4B18D-2E29-48A5-B4E5-EECB5A03C55C}] => (Allow) C:\Program Files\KMSpico\T5ZHYNV3S4W.exe
FirewallRules: [{C18D1E39-31CE-4807-99A3-E4A544D0BB7C}] => (Allow) C:\Program Files\KMSpico\YAOCQNRGEJY.exe
FirewallRules: [{770DB07F-87AC-4D32-88CA-22EE329BF10A}] => (Allow) C:\Program Files\KMSpico\YAOCQNRGEJY.exe
FirewallRules: [{022D3B17-B4B0-43B6-B3A5-6F6FCCA3D4FC}] => (Allow) C:\Program Files\KMSpico\EGA24PZDRSR.exe
FirewallRules: [{4E065CE7-6969-4D49-BCC5-7B6CC046D34D}] => (Allow) C:\Program Files\KMSpico\EGA24PZDRSR.exe
FirewallRules: [{98C15BF4-A2CB-48D0-9CD6-C3BA290B8806}] => (Allow) C:\Program Files\KMSpico\6NKE2J12ZI8.exe
FirewallRules: [{A5317952-209F-4273-863F-02CCB6D2CE34}] => (Allow) C:\Program Files\KMSpico\6NKE2J12ZI8.exe
FirewallRules: [{485FF564-4EDA-4962-9672-E7C511BB7E42}] => (Allow) C:\Program Files\KMSpico\POQ8XAIE95Z.exe
FirewallRules: [{2DA8CE36-BB63-4305-9BB0-FA789AFFE60B}] => (Allow) C:\Program Files\KMSpico\POQ8XAIE95Z.exe
FirewallRules: [{1C1A1462-DEF1-4198-A1B6-F8B3F5D0E5D8}] => (Allow) C:\Program Files\KMSpico\JUH749303S0.exe
FirewallRules: [{A119DAF8-D132-4268-B1E9-78ED162597D6}] => (Allow) C:\Program Files\KMSpico\JUH749303S0.exe
FirewallRules: [{1548B4EE-3DFC-4FEE-BF6B-E038FBFA208F}] => (Allow) C:\Program Files\KMSpico\E8WX8WZE3D4.exe
FirewallRules: [{2D8B5920-98CE-4DCF-BC1D-1A918E4D2120}] => (Allow) C:\Program Files\KMSpico\E8WX8WZE3D4.exe
FirewallRules: [{351696F1-A150-4D7B-A4CA-8F2F51FAB353}] => (Allow) C:\Program Files\KMSpico\8IU7Q9O8S3G.exe
FirewallRules: [{81E8759D-343B-4EC8-A996-B0FBB05AF6AB}] => (Allow) C:\Program Files\KMSpico\8IU7Q9O8S3G.exe
FirewallRules: [{4135B795-1025-41B9-A1E1-9A7731784715}] => (Allow) C:\Program Files\KMSpico\RAX38L4D7TG.exe
FirewallRules: [{E21BA6B7-144A-4722-ABFA-E04B98721B6B}] => (Allow) C:\Program Files\KMSpico\RAX38L4D7TG.exe
FirewallRules: [{D6FE800F-20C4-45CE-8584-AEB3027B2EE2}] => (Allow) C:\Program Files\KMSpico\76ZLETZG9CL.exe
FirewallRules: [{113648D0-26E7-47E7-9243-80E98CB9B293}] => (Allow) C:\Program Files\KMSpico\76ZLETZG9CL.exe
FirewallRules: [{1E3E7AEF-6C74-4571-AB59-8A43480BD608}] => (Allow) C:\Program Files\KMSpico\R1OIFHG5UGC.exe
FirewallRules: [{3E499FC2-2A0B-421A-BD99-DDC963DE034F}] => (Allow) C:\Program Files\KMSpico\R1OIFHG5UGC.exe
FirewallRules: [{CD0E9A52-EADA-425C-AF42-87E68899B748}] => (Allow) C:\Program Files\KMSpico\P5WGBW4G8HH.exe
FirewallRules: [{F2F6C6EE-BBAE-4FE3-B65F-71A34D1184E4}] => (Allow) C:\Program Files\KMSpico\P5WGBW4G8HH.exe
FirewallRules: [{23452348-E0A2-49CF-9F08-98736119977A}] => (Allow) C:\Program Files\KMSpico\T5HKIYA3Y3U.exe
FirewallRules: [{36AE72BB-C0E3-4D73-8989-F675DAB9887D}] => (Allow) C:\Program Files\KMSpico\T5HKIYA3Y3U.exe
FirewallRules: [{4B22043C-931B-42F5-86CC-29B9EAB0688D}] => (Allow) C:\Program Files\KMSpico\K3WDST6PWPJ.exe
FirewallRules: [{B5FDEB57-F8E2-41FB-A01F-C81F1A86E3F1}] => (Allow) C:\Program Files\KMSpico\K3WDST6PWPJ.exe
FirewallRules: [{1474FC43-D156-440F-A0C9-639635045B8F}] => (Allow) C:\Program Files\KMSpico\VFT0YMWWEYF.exe
FirewallRules: [{5DF2935D-4DFB-44A0-A7F2-A123EEC5D818}] => (Allow) C:\Program Files\KMSpico\VFT0YMWWEYF.exe
FirewallRules: [{F5091C24-0B4F-44F3-B2DE-B0F60067E748}] => (Allow) C:\Program Files\KMSpico\SGILCO5FZ0Y.exe
FirewallRules: [{9083A5D0-7FED-425F-872B-A9A123C2D327}] => (Allow) C:\Program Files\KMSpico\SGILCO5FZ0Y.exe
FirewallRules: [{37D06144-4822-4966-B65A-3C2AE00EB2D4}] => (Allow) C:\Program Files\KMSpico\VNOHJUUSPAR.exe
FirewallRules: [{87480131-B8B1-49A9-BB3D-2217D2731CE5}] => (Allow) C:\Program Files\KMSpico\VNOHJUUSPAR.exe
FirewallRules: [{60780BDA-F14C-4868-B8C8-AE4BC70BDFEA}] => (Allow) C:\Program Files\KMSpico\NHI6Y9YQV67.exe
FirewallRules: [{AA9F6225-6F0C-48DF-9076-5A32C7025985}] => (Allow) C:\Program Files\KMSpico\NHI6Y9YQV67.exe
FirewallRules: [{C4D1A7D6-28F1-4719-BAE5-3E98606005F7}] => (Allow) C:\Program Files\KMSpico\LNSCN0XCNND.exe
FirewallRules: [{CB244E4B-1863-4056-BD84-D3E98E532543}] => (Allow) C:\Program Files\KMSpico\LNSCN0XCNND.exe
FirewallRules: [{88F08025-3D76-4232-B243-EE35D272668A}] => (Allow) C:\Program Files\KMSpico\GUIRQI01L5B.exe
FirewallRules: [{1CB644D6-A84C-43FA-9E8F-A4502CFCC0D3}] => (Allow) C:\Program Files\KMSpico\GUIRQI01L5B.exe
FirewallRules: [{EEA325FA-B51C-4D15-A630-982868BF37A7}] => (Allow) C:\Program Files\KMSpico\JV4S5SE5882.exe
FirewallRules: [{FA3DEA75-175D-4689-8637-14E1169BEC4D}] => (Allow) C:\Program Files\KMSpico\JV4S5SE5882.exe
FirewallRules: [{190A3654-A1D9-4264-BE7A-71CBFBA7E045}] => (Allow) C:\Program Files\KMSpico\UDQDDWAPF9J.exe
FirewallRules: [{F4B8FE8E-5643-46A2-91B8-77C1B5751803}] => (Allow) C:\Program Files\KMSpico\UDQDDWAPF9J.exe
FirewallRules: [{947B463F-2057-4F50-B35F-7B26D208E78B}] => (Allow) C:\Program Files\KMSpico\AU6SEYRJWQV.exe
FirewallRules: [{33B9820E-32D7-4137-8E00-0ACC7E2E385B}] => (Allow) C:\Program Files\KMSpico\AU6SEYRJWQV.exe
FirewallRules: [{7B486F73-B431-47CA-8AEE-7951D54071DF}] => (Allow) C:\Program Files\KMSpico\XWS06ZMAW5M.exe
FirewallRules: [{F4E80C5F-C138-4BC0-845C-07CC11421B9A}] => (Allow) C:\Program Files\KMSpico\XWS06ZMAW5M.exe
FirewallRules: [{86BA5A54-A038-48CA-941B-0611046127A0}] => (Allow) C:\Program Files\KMSpico\7XSC7EFJSJA.exe
FirewallRules: [{2AD3CAB0-DC6B-44BD-9D25-B23B8F3C1EA4}] => (Allow) C:\Program Files\KMSpico\7XSC7EFJSJA.exe
FirewallRules: [{B1CC8B61-A4D1-4CFB-B556-6528D3C5457F}] => (Allow) C:\Program Files\KMSpico\I7VBW4LX3QX.exe
FirewallRules: [{83880F11-1D8F-45BD-B868-8CF3EA1C9DD6}] => (Allow) C:\Program Files\KMSpico\I7VBW4LX3QX.exe
FirewallRules: [{F596DC84-B873-44EF-9488-17731DA4FBD3}] => (Allow) C:\Program Files\KMSpico\HH7BR74QCWZ.exe
FirewallRules: [{88FC8420-50F9-4C23-8878-FD6A56419ED9}] => (Allow) C:\Program Files\KMSpico\HH7BR74QCWZ.exe
FirewallRules: [{187F6892-C43C-43C8-871C-3F1E1BDA4220}] => (Allow) C:\Program Files\KMSpico\M37PMTSZYI0.exe
FirewallRules: [{90EA1B8A-8D57-47EF-882E-883F11E438B5}] => (Allow) C:\Program Files\KMSpico\M37PMTSZYI0.exe
FirewallRules: [{215D6811-6BF5-4723-BF4A-63E5A918D7F3}] => (Allow) C:\Program Files\KMSpico\4G3E66JVB9N.exe
FirewallRules: [{DB62257D-933A-49A2-9A09-DE0699E15D6D}] => (Allow) C:\Program Files\KMSpico\4G3E66JVB9N.exe
FirewallRules: [{85C47C70-54E3-40C0-8FEC-5C468406AF64}] => (Allow) C:\Program Files\KMSpico\9CHTAONZWAF.exe
FirewallRules: [{22785008-80F9-4A00-8D0A-9183139F20B4}] => (Allow) C:\Program Files\KMSpico\9CHTAONZWAF.exe
FirewallRules: [{CBC19585-0B58-4506-A18C-1E33BE889AAD}] => (Allow) C:\Program Files\KMSpico\ZXTXZNDLHER.exe
FirewallRules: [{E297E999-2671-490E-AA7D-3E4A19C57C62}] => (Allow) C:\Program Files\KMSpico\ZXTXZNDLHER.exe
FirewallRules: [{EC18B4F7-EEED-4FCB-9A61-0C3AAB2A1435}] => (Allow) C:\Program Files\KMSpico\WME35V1PFS2.exe
FirewallRules: [{FA24AD3D-FF98-4062-AE92-6C2666082E49}] => (Allow) C:\Program Files\KMSpico\WME35V1PFS2.exe
FirewallRules: [{D099F123-1B4A-4AF3-B55C-B72DF210FA76}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DDDAD50-9D7D-4288-ADA5-472466028D90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8A5711AB-DAFF-4EEA-8304-F770CB47D2A2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{99604223-9858-4642-BDAE-8F0436CC7F76}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{78750EED-25D2-4C9E-9385-630622500EA6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0DD36987-2235-4D9A-9BD7-69EB428C0644}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C0DCD623-0EF0-43F1-81B8-598B29784AAF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{E79140BE-1C76-476C-80F1-A650FE071A7C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{4EFBFA47-160D-484A-A989-FB36D545BFBD}] => (Allow) C:\Program Files (x86)\Nero16T\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{9DF48C86-B887-47E6-80DD-405972ADADD6}] => (Allow) C:\Program Files (x86)\Nero16T\KM\NMDllHost.exe
FirewallRules: [{ABB08FB1-307A-4C9A-BBFA-AE2C81B6C73F}] => (Allow) C:\Program Files (x86)\Nero16T\Nero 2016\Nero Burning ROM\nero.exe
FirewallRules: [{7C33F6B9-3CC7-4FEC-A5A4-794CBDA21794}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{DB47901B-9C6E-4CAB-9190-6D58A010D910}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{66FD0322-E8EA-4EC2-9AA3-1A7D7B219DC0}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{0F6DA50C-10C0-4151-AF2A-BE3D0DA42CE8}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{6B4F733C-0833-4F5C-8C66-6899EAD3EBDC}] => (Allow) C:\Program Files (x86)\Nero16T\KM\NMDllHost.exe
FirewallRules: [{CD73B823-F2A8-47A9-9D5F-C94C793F1F46}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{A65C5073-E557-4763-A7E7-ACFA69C8F74C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{BED2B2BE-2A0D-40C1-A2FA-ED487FC3C23A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{92CF5155-4295-421A-B15E-AF6E1236397C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{055B5155-3917-4641-BC21-D53C1D570D79}] => (Allow) LPort=5357
FirewallRules: [{732F1EF8-CA1E-4F5B-8D69-AE6D93D3D954}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{DD67CA93-FB40-40AE-A6DA-02F6639B59D2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{DB42C1B6-6F81-4F5B-997B-FE8F290EB293}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{9E761FD1-AB09-47BE-8AD3-F8FDE18B31AA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
==================== Wiederherstellungspunkte =========================
10-06-2016 23:29:18 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/11/2016 01:49:36 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (06/10/2016 11:51:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (06/10/2016 07:55:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (06/10/2016 07:48:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (06/10/2016 09:10:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (06/09/2016 11:28:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (06/09/2016 11:25:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (06/09/2016 10:35:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (06/09/2016 04:36:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_PcaSvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4ebb
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000925fa
ID des fehlerhaften Prozesses: 0x4b4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_PcaSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_PcaSvc1
Pfad des fehlerhaften Moduls: svchost.exe_PcaSvc2
Berichtskennung: svchost.exe_PcaSvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_PcaSvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_PcaSvc5
Error: (06/09/2016 03:59:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Systemfehler:
=============
Error: (06/11/2016 01:41:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MMCSS erreicht.
Error: (06/11/2016 01:41:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst iphlpsvc erreicht.
Error: (06/11/2016 01:40:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst CertPropSvc erreicht.
Error: (06/11/2016 01:40:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst BITS erreicht.
Error: (06/11/2016 01:39:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Gruppenrichtlinienclient" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/11/2016 01:39:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst gpsvc erreicht.
Error: (06/11/2016 01:39:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Appinfo erreicht.
Error: (06/10/2016 01:47:26 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Acronis Nonstop Backup Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (06/10/2016 12:10:23 PM) (Source: DCOM) (EventID: 10010) (User: Jamie)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/10/2016 12:09:53 PM) (Source: DCOM) (EventID: 10010) (User: Jamie)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
CodeIntegrity:
===================================
Date: 2015-03-03 19:34:02.713
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-24 10:48:13.804
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-02-17 09:03:20.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-12 13:05:43.884
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-11 20:43:39.360
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-11 08:57:19.276
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 8077.52 MB
Verfügbarer physikalischer RAM: 4674.41 MB
Summe virtueller Speicher: 16269.52 MB
Verfügbarer virtueller Speicher: 12959.25 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:15.26 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:111.71 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 01A8A7C0)
Partition: GPT.
========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 6805F127)
Partition: GPT.
==================== Ende von Addition.txt ============================
__________________ |
|
11.06.2016, 14:21
| #3 |
| /// TB-Ausbilder /// Anleitungs-Guru | Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: oder auch nicht.... Könnte es sein, dass sich auf dem Rechner gecrackte Software befindet?
__________________ |
|
12.06.2016, 14:59
| #4 |
| | Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? Hallo Jürgen, danke für deine Hilfe! An die Regeln werde ich mich bestmöglich halten, nur der keine Software-Teil macht mich unsicher, weil ich gerade einen Bericht schreibe und nicht weiß, ob ich dazu noch etwas Neues brauche. Stört es, wenn ich über eine Remote-Desktop Verbindung Uni-Programme nutze, die ich nicht selbst habe? Zu gecrackter Software: Ich weiß nicht, was du meinst (außer Allgemeinverständnis), aber wenn du mir genauer sagst, was du meinst, kann ich es bestimmt löschen. Also wenn das hilft? Liebe Grüße Mira Geändert von ShotaB (12.06.2016 um 15:11 Uhr) |
|
12.06.2016, 16:36
| #5 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware?Zitat:
Es kann auch sein, dass FB so lange meckert bis wir den empfohlenen Scanner benutzt haben.  Das Office scheint mir eine etwas besondere "Studentenedition" zu sein...  Hat Dir bestimmt ein Freund installiert? Wir ziehen jetzt mal unser Bereinigungsprogramm durch: Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
12.06.2016, 22:30
| #6 |
| | Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? Hallo =) 1. Habe alles, was ich von Microsoft Office gefunden habe, versucht zu löschen. Ist aber irgendwie unübersichtlich (es enthält eine Menge Zeug Office+Microsoft im Namen) und einer der 2 Hauptordner (habe Office 2013 und 2015 gefunden) lässt sich nicht löschen, weil angeblich etwas daraus geöffnet ist. Ich finde nur nicht wo! Falls du einen effektiven Löschtipp hast, gerne her damit. 2. Hier ist der Report von TDSSKiller.exe - Teil 1 (ist zu lang für einen Beitrag): Code:
ATTFilter 23:20:21.0639 0x01e8 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:20:21.0639 0x01e8 UEFI system
23:21:05.0281 0x01e8 ============================================================
23:21:05.0281 0x01e8 Current date / time: 2016/06/12 23:21:05.0281
23:21:05.0281 0x01e8 SystemInfo:
23:21:05.0281 0x01e8
23:21:05.0281 0x01e8 OS Version: 6.3.9600 ServicePack: 0.0
23:21:05.0281 0x01e8 Product type: Workstation
23:21:05.0281 0x01e8 ComputerName: JAMIE
23:21:05.0281 0x01e8 UserName: Mira
23:21:05.0281 0x01e8 Windows directory: C:\WINDOWS
23:21:05.0281 0x01e8 System windows directory: C:\WINDOWS
23:21:05.0281 0x01e8 Running under WOW64
23:21:05.0281 0x01e8 Processor architecture: Intel x64
23:21:05.0281 0x01e8 Number of processors: 4
23:21:05.0281 0x01e8 Page size: 0x1000
23:21:05.0281 0x01e8 Boot type: Normal boot
23:21:05.0281 0x01e8 ============================================================
23:21:06.0437 0x01e8 KLMD registered as C:\WINDOWS\system32\drivers\14565373.sys
23:21:08.0859 0x01e8 System UUID: {557CA1DB-1623-F343-13A2-F1A51EB74EED}
23:21:13.0765 0x01e8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:21:13.0765 0x01e8 Drive \Device\Harddisk1\DR1 - Size: 0x5976F6000 ( 22.37 Gb ), SectorSize: 0x200, Cylinders: 0xB67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:21:13.0765 0x01e8 ============================================================
23:21:13.0765 0x01e8 \Device\Harddisk0\DR0:
23:21:13.0765 0x01e8 GPT partitions:
23:21:13.0765 0x01e8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6B139546-F3E4-423C-8A5A-5429389899B4}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
23:21:13.0765 0x01e8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1ECA3787-605B-4E4E-947E-603B155F5389}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000
23:21:13.0765 0x01e8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {453316B9-F18D-4E99-9434-C5F0B6DD80A8}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000
23:21:13.0765 0x01e8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A5DC35F6-5A5E-47F9-97D2-207DDF78489E}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x173BB000
23:21:13.0765 0x01e8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {019BE799-4D90-4849-89FA-7B94194CFF9A}, Name: , StartLBA 0x17653800, BlocksNum 0xE1000
23:21:13.0765 0x01e8 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {274280A3-3AB5-4020-B524-0740BF2F2EEA}, Name: Basic data partition, StartLBA 0x17734800, BlocksNum 0x2044C800
23:21:13.0765 0x01e8 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {14FA438D-4143-4E70-923A-F3A4F971CEB9}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000
23:21:13.0765 0x01e8 MBR partitions:
23:21:13.0765 0x01e8 \Device\Harddisk1\DR1:
23:21:13.0765 0x01e8 GPT partitions:
23:21:13.0781 0x01e8 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {B8CB5058-C187-4719-BAF0-379CA2D4C97E}, UniqueGUID: {4613EE39-4727-4347-8134-173F590F716F}, Name: HFS, StartLBA 0x801000, BlocksNum 0x24BA000
23:21:13.0781 0x01e8 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {106260C6-8DDC-4FFE-BC93-1B7E4D01FE5A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x800000
23:21:13.0781 0x01e8 MBR partitions:
23:21:13.0781 0x01e8 ============================================================
23:21:13.0812 0x01e8 C: <-> \Device\Harddisk0\DR0\Partition4
23:21:13.0859 0x01e8 D: <-> \Device\Harddisk0\DR0\Partition6
23:21:13.0859 0x01e8 ============================================================
23:21:13.0859 0x01e8 Initialize success
23:21:13.0859 0x01e8 ============================================================
23:23:11.0709 0x0cd8 ============================================================
23:23:11.0709 0x0cd8 Scan started
23:23:11.0709 0x0cd8 Mode: Manual; SigCheck; TDLFS;
23:23:11.0709 0x0cd8 ============================================================
23:23:11.0709 0x0cd8 KSN ping started
23:23:14.0006 0x0cd8 KSN ping finished: true
23:23:15.0444 0x0cd8 ================ Scan system memory ========================
23:23:15.0459 0x0cd8 System memory - ok
23:23:15.0459 0x0cd8 ================ Scan services =============================
23:23:15.0631 0x0cd8 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
23:23:15.0678 0x0cd8 1394ohci - ok
23:23:15.0741 0x0cd8 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
23:23:15.0756 0x0cd8 3ware - ok
23:23:15.0819 0x0cd8 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
23:23:15.0834 0x0cd8 ACPI - ok
23:23:15.0850 0x0cd8 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
23:23:15.0866 0x0cd8 acpiex - ok
23:23:15.0881 0x0cd8 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
23:23:15.0897 0x0cd8 acpipagr - ok
23:23:15.0944 0x0cd8 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
23:23:15.0959 0x0cd8 AcpiPmi - ok
23:23:15.0959 0x0cd8 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
23:23:15.0975 0x0cd8 acpitime - ok
23:23:16.0116 0x0cd8 [ 36C606A3A3FB332129E1DFB5EAAEBF83, D67C96B2D53C5548A86600F64B8EED0ED0472DDE0BEE46F07A780FA02F020EBD ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
23:23:16.0147 0x0cd8 AcrSch2Svc - ok
23:23:16.0162 0x0cd8 [ 44BED6BCA7644EBE733926DAC4FCEFF6, 892A9EB2C76C52A6B152B5F8DFE111629E23AC4A63BAAB9D618724C38B5C5F82 ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
23:23:16.0194 0x0cd8 acsock - ok
23:23:16.0241 0x0cd8 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:23:16.0241 0x0cd8 AdobeARMservice - ok
23:23:16.0334 0x0cd8 [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:23:16.0350 0x0cd8 AdobeFlashPlayerUpdateSvc - ok
23:23:16.0412 0x0cd8 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:23:16.0444 0x0cd8 ADP80XX - ok
23:23:16.0475 0x0cd8 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
23:23:16.0506 0x0cd8 AeLookupSvc - ok
23:23:16.0678 0x0cd8 [ D58AFA917D97BFF073E58763B13E4A65, 5D735F27CC1C17CED976E0996033AF72E3C70BADAE8BFE6506AAF5BD747E6DA2 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
23:23:16.0787 0x0cd8 afcdpsrv - ok
23:23:16.0850 0x0cd8 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
23:23:16.0881 0x0cd8 AFD - ok
23:23:16.0913 0x0cd8 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
23:23:16.0928 0x0cd8 agp440 - ok
23:23:16.0944 0x0cd8 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:23:16.0959 0x0cd8 ahcache - ok
23:23:17.0006 0x0cd8 [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys
23:23:17.0006 0x0cd8 AiCharger - ok
23:23:17.0053 0x0cd8 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
23:23:17.0084 0x0cd8 ALG - ok
23:23:17.0100 0x0cd8 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
23:23:17.0116 0x0cd8 AmdK8 - ok
23:23:17.0147 0x0cd8 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
23:23:17.0163 0x0cd8 AmdPPM - ok
23:23:17.0178 0x0cd8 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
23:23:17.0194 0x0cd8 amdsata - ok
23:23:17.0209 0x0cd8 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
23:23:17.0225 0x0cd8 amdsbs - ok
23:23:17.0241 0x0cd8 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
23:23:17.0256 0x0cd8 amdxata - ok
23:23:17.0303 0x0cd8 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
23:23:17.0319 0x0cd8 AppID - ok
23:23:17.0334 0x0cd8 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
23:23:17.0350 0x0cd8 AppIDSvc - ok
23:23:17.0397 0x0cd8 [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\WINDOWS\System32\appinfo.dll
23:23:17.0428 0x0cd8 Appinfo - ok
23:23:17.0459 0x0cd8 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
23:23:17.0491 0x0cd8 AppReadiness - ok
23:23:17.0553 0x0cd8 [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
23:23:17.0616 0x0cd8 AppXSvc - ok
23:23:17.0647 0x0cd8 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
23:23:17.0663 0x0cd8 arcsas - ok
23:23:17.0772 0x0cd8 [ E40AF754F43E3B44E2D6DE829267AD52, 5F9427E595A56464807D071205FB4DFD6BB21B68058E67529DC1727D32FAB0AD ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
23:23:17.0772 0x0cd8 ASLDRService - ok
23:23:17.0803 0x0cd8 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:23:17.0819 0x0cd8 ASMMAP64 - ok
23:23:17.0881 0x0cd8 [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
23:23:17.0897 0x0cd8 ASUS InstantOn - ok
23:23:17.0913 0x0cd8 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
23:23:17.0928 0x0cd8 atapi - ok
23:23:17.0959 0x0cd8 [ 51C6777AD7649F6C3ED389151CFD9DE6, B010089D83A9D96DC5D1C525B8EA913CF2F80FA0254684A16DD29CCA9BE84620 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
23:23:17.0959 0x0cd8 AthBTPort - ok
23:23:18.0022 0x0cd8 [ 67EC05E67E1416A51C478A5DAA59302E, 1957D9978603088481089075DC2D4AE88B9152B9517EA2768429B9955D8D448E ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
23:23:18.0022 0x0cd8 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:23:20.0413 0x0cd8 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
23:23:20.0413 0x0cd8 Force sending object to P2P due to detect: AtherosSvc
23:23:22.0835 0x0cd8 Object send P2P result: true
23:23:25.0382 0x0cd8 [ 688941322FB20DB0407B6F149607517D, 53ABFCE11485E307D56598BF03121DDCD8D3E75FE2D85E513252C5A649D7EBAD ] athr C:\WINDOWS\system32\DRIVERS\athwbx.sys
23:23:25.0475 0x0cd8 athr - ok
23:23:25.0491 0x0cd8 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:23:25.0507 0x0cd8 ATKGFNEXSrv - ok
23:23:25.0569 0x0cd8 [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
23:23:25.0585 0x0cd8 ATKWMIACPIIO - ok
23:23:25.0600 0x0cd8 [ 234F50A5BAF3CACD752C300E865DA202, 9617F92F9E1E1B3A5CDFF61F95356500F5A4A459938A35BADCE6604A04A34825 ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
23:23:25.0600 0x0cd8 ATP - ok
23:23:25.0647 0x0cd8 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:23:25.0679 0x0cd8 AudioEndpointBuilder - ok
23:23:25.0725 0x0cd8 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
23:23:25.0757 0x0cd8 Audiosrv - ok
23:23:25.0804 0x0cd8 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
23:23:25.0819 0x0cd8 AxInstSV - ok
23:23:25.0866 0x0cd8 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
23:23:25.0882 0x0cd8 b06bdrv - ok
23:23:25.0913 0x0cd8 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:23:25.0929 0x0cd8 BasicDisplay - ok
23:23:25.0944 0x0cd8 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
23:23:25.0960 0x0cd8 BasicRender - ok
23:23:25.0975 0x0cd8 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
23:23:25.0975 0x0cd8 bcmfn2 - ok
23:23:26.0038 0x0cd8 [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\WINDOWS\System32\bdesvc.dll
23:23:26.0069 0x0cd8 BDESVC - ok
23:23:26.0116 0x0cd8 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:23:26.0147 0x0cd8 Beep - ok
23:23:26.0210 0x0cd8 [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\WINDOWS\System32\bfe.dll
23:23:26.0241 0x0cd8 BFE - ok
23:23:26.0460 0x0cd8 [ 4E8EF55692BDCB8BA97888877CD034AC, 050C73032D77D57E3B79D1BFB3F2D7F2E9CED1188F53576223FE10149D86AB6C ] BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160601.001\BHDrvx64.sys
23:23:26.0507 0x0cd8 BHDrvx64 - ok
23:23:26.0585 0x0cd8 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
23:23:26.0616 0x0cd8 BITS - ok
23:23:26.0647 0x0cd8 [ 0A7F269E6D58A8814105150B4F7F5021, A240435DE12CD433233EB623B6D458BBC96C839AF23A8B96CF4856E8603B0EE6 ] BootDefragDriver C:\WINDOWS\system32\drivers\BootDefragDriver.sys
23:23:26.0647 0x0cd8 BootDefragDriver - ok
23:23:26.0663 0x0cd8 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
23:23:26.0679 0x0cd8 bowser - ok
23:23:26.0710 0x0cd8 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:23:26.0757 0x0cd8 BrokerInfrastructure - ok
23:23:26.0804 0x0cd8 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
23:23:26.0835 0x0cd8 Browser - ok
23:23:26.0866 0x0cd8 [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS C:\WINDOWS\System32\drivers\btath_bus.sys
23:23:26.0866 0x0cd8 BTATH_BUS - ok
23:23:26.0897 0x0cd8 [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
23:23:26.0897 0x0cd8 BTATH_HCRP - ok
23:23:26.0929 0x0cd8 [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
23:23:26.0944 0x0cd8 BTATH_LWFLT - ok
23:23:26.0991 0x0cd8 [ B4A748101F8A06EFD0BF89AA7220B6EE, E36BA3EE483E3FBF45C2E97FA682D94EEA02856D3B4171A1A3507EDCF9B16A87 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
23:23:27.0022 0x0cd8 BtFilter - ok
23:23:27.0069 0x0cd8 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:23:27.0085 0x0cd8 BthAvrcpTg - ok
23:23:27.0116 0x0cd8 [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
23:23:27.0132 0x0cd8 BthEnum - ok
23:23:27.0163 0x0cd8 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
23:23:27.0179 0x0cd8 BthHFEnum - ok
23:23:27.0226 0x0cd8 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
23:23:27.0226 0x0cd8 bthhfhid - ok
23:23:27.0288 0x0cd8 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
23:23:27.0319 0x0cd8 BthHFSrv - ok
23:23:27.0335 0x0cd8 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
23:23:27.0351 0x0cd8 BthLEEnum - ok
23:23:27.0366 0x0cd8 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
23:23:27.0382 0x0cd8 BTHMODEM - ok
23:23:27.0413 0x0cd8 [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
23:23:27.0429 0x0cd8 BthPan - ok
23:23:27.0507 0x0cd8 [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
23:23:27.0554 0x0cd8 BTHPORT - ok
23:23:27.0585 0x0cd8 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
23:23:27.0616 0x0cd8 bthserv - ok
23:23:27.0632 0x0cd8 [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
23:23:27.0663 0x0cd8 BTHUSB - ok
23:23:27.0757 0x0cd8 [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_N360 C:\WINDOWS\system32\drivers\N360x64\1606000.08E\ccSetx64.sys
23:23:27.0757 0x0cd8 ccSet_N360 - ok
23:23:27.0788 0x0cd8 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:23:27.0804 0x0cd8 cdfs - ok
23:23:27.0835 0x0cd8 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
23:23:27.0851 0x0cd8 cdrom - ok
23:23:27.0882 0x0cd8 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
23:23:27.0913 0x0cd8 CertPropSvc - ok
23:23:27.0944 0x0cd8 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
23:23:27.0960 0x0cd8 circlass - ok
23:23:27.0991 0x0cd8 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
23:23:28.0022 0x0cd8 CLFS - ok
23:23:28.0054 0x0cd8 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
23:23:28.0069 0x0cd8 CmBatt - ok
23:23:28.0116 0x0cd8 [ 6A48941C527C8C51051A1514C5B23A31, B0553DAE1F70DB43F2FB3BE699B80783B7943CDE8B31FB3AAB98E689971DFA51 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
23:23:28.0147 0x0cd8 CNG - ok
23:23:28.0210 0x0cd8 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
23:23:28.0226 0x0cd8 CompositeBus - ok
23:23:28.0241 0x0cd8 COMSysApp - ok
23:23:28.0257 0x0cd8 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
23:23:28.0272 0x0cd8 condrv - ok
23:23:28.0335 0x0cd8 [ F9693D45B0F1B346CCDEEC1F341AD389, 342C81EFB434EAC29865F8BB049051635C644D7EF355D0F5FB3ADD9DDCE55D82 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
23:23:28.0351 0x0cd8 cphs - ok
23:23:28.0397 0x0cd8 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
23:23:28.0429 0x0cd8 CryptSvc - ok
23:23:28.0476 0x0cd8 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\WINDOWS\system32\drivers\dam.sys
23:23:28.0491 0x0cd8 dam - ok
23:23:28.0554 0x0cd8 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:23:28.0601 0x0cd8 DcomLaunch - ok
23:23:28.0632 0x0cd8 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
23:23:28.0679 0x0cd8 defragsvc - ok
23:23:28.0741 0x0cd8 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:23:28.0788 0x0cd8 DeviceAssociationService - ok
23:23:28.0835 0x0cd8 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
23:23:28.0866 0x0cd8 DeviceInstall - ok
23:23:28.0913 0x0cd8 [ FDE50F8CBFC986086FE47D3D582F80BE, 4D0D5C6F9B1B7EF76F89F78B79AF8D7BBFF05127F512A14701012EB01599B898 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
23:23:28.0929 0x0cd8 Dfsc - ok
23:23:28.0991 0x0cd8 [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
23:23:29.0007 0x0cd8 dg_ssudbus - ok
23:23:29.0069 0x0cd8 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
23:23:29.0101 0x0cd8 Dhcp - ok
23:23:29.0179 0x0cd8 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
23:23:29.0226 0x0cd8 DiagTrack - ok
23:23:29.0288 0x0cd8 [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\WINDOWS\system32\drivers\disk.sys
23:23:29.0304 0x0cd8 disk - ok
23:23:29.0351 0x0cd8 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
23:23:29.0351 0x0cd8 dmvsc - ok
23:23:29.0413 0x0cd8 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:23:29.0429 0x0cd8 Dnscache - ok
23:23:29.0476 0x0cd8 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
23:23:29.0507 0x0cd8 dot3svc - ok
23:23:29.0554 0x0cd8 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
23:23:29.0569 0x0cd8 DPS - ok
23:23:29.0585 0x0cd8 [ 89595B15B876EADE5780B4C4B2451AFA, 25A0813C8117CC4D831830EF07A63DDAB4D61AF2DE442F70F3B32F93B13166AD ] DptfDevDram C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys
23:23:29.0601 0x0cd8 DptfDevDram - ok
23:23:29.0632 0x0cd8 [ 6CBC15DEE81DEEF89C1835E7BF87CC87, FD0645689A2555E17EE1B54A9CA8134B47D939CE4A0BF634383B4543E561C0C1 ] DptfDevFan C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys
23:23:29.0632 0x0cd8 DptfDevFan - ok
23:23:29.0648 0x0cd8 [ A9371AA3293D6CB2E4B8620A4D302D76, E28251E84455D49F52A8234C2465278FC9F9CB01D576CCC34F079555449B83EE ] DptfDevGen C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys
23:23:29.0648 0x0cd8 DptfDevGen - ok
23:23:29.0663 0x0cd8 [ CC6B4E7D8C9C6F73D4099C6F514D2CAE, D9A23FB40B1B7C09F365FDCE7714A4D9047772F0216C2C574781016F544E4135 ] DptfDevPch C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys
23:23:29.0663 0x0cd8 DptfDevPch - ok
23:23:29.0679 0x0cd8 [ 150DB10026FA1CF01270885FB62276D8, AF259740D06A63F756A725D36E033BF9B0AF17728E3C267405DF6CC2FAC97FA4 ] DptfDevProc C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys
23:23:29.0694 0x0cd8 DptfDevProc - ok
23:23:29.0726 0x0cd8 [ A56B34459B4E6919903F214D555E2E21, 6896FBE4ACB627BBFABAB1898F349FD93CF98CCFFD0380D62D9D45D6C36B42DB ] DptfManager C:\WINDOWS\system32\DRIVERS\DptfManager.sys
23:23:29.0741 0x0cd8 DptfManager - ok
23:23:29.0773 0x0cd8 [ 2C4C814B2D76B19B581D81A1F9D5CEA1, 6A0C69011F85CCB1D9E6F02B16386668AA381261FF75FAEF515B0DE81CE4C5BD ] DptfParticipantProcessorService C:\WINDOWS\system32\DptfParticipantProcessorService.exe
23:23:29.0773 0x0cd8 DptfParticipantProcessorService - ok
23:23:29.0804 0x0cd8 [ 26C3D7C10EA87BA7B6927CD259B3158C, 85BE88C7AA13AFF743F9DB7DCAE4BEDAEB292BCCBFFFEAF7A2843DA9C3AFF831 ] DptfPolicyConfigTDPService C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
23:23:29.0804 0x0cd8 DptfPolicyConfigTDPService - ok
23:23:29.0819 0x0cd8 [ 573ACABA5147E413CEE4BD437C34CD32, F005D6C02B77887B6DD16567F2EC86B5205D784C7BFBD8C1A9279379C6701703 ] DptfPolicyLpmService C:\WINDOWS\system32\DptfPolicyLpmService.exe
23:23:29.0835 0x0cd8 DptfPolicyLpmService - ok
23:23:29.0866 0x0cd8 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:23:29.0866 0x0cd8 drmkaud - ok
23:23:29.0929 0x0cd8 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
23:23:29.0960 0x0cd8 DsmSvc - ok
23:23:29.0991 0x0cd8 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
23:23:30.0007 0x0cd8 dtsoftbus01 - ok
23:23:30.0085 0x0cd8 [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:23:30.0132 0x0cd8 DXGKrnl - ok
23:23:30.0179 0x0cd8 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
23:23:30.0194 0x0cd8 Eaphost - ok
23:23:30.0304 0x0cd8 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
23:23:30.0444 0x0cd8 ebdrv - ok
23:23:30.0523 0x0cd8 [ E5C10FCFA331D2BA13B211D0454FEA38, 9363545317C655EED282BA1FE7C71B26E2C3599F35E42E7496F413961303A24D ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:23:30.0538 0x0cd8 eeCtrl - ok
23:23:30.0585 0x0cd8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
23:23:30.0585 0x0cd8 EFS - ok
23:23:30.0632 0x0cd8 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
23:23:30.0632 0x0cd8 EhStorClass - ok
23:23:30.0663 0x0cd8 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:23:30.0679 0x0cd8 EhStorTcgDrv - ok
23:23:30.0757 0x0cd8 [ 2BD3F1059975CE90F8D968DADD790DFF, 9FD4FA7DB54B0E1E4A48863435F728220978A271D2A28BB3E9E112C1A59B1D4C ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:23:30.0773 0x0cd8 EraserUtilRebootDrv - ok
23:23:30.0788 0x0cd8 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
23:23:30.0804 0x0cd8 ErrDev - ok
23:23:30.0866 0x0cd8 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
23:23:30.0898 0x0cd8 EventSystem - ok
23:23:30.0944 0x0cd8 [ D2EAA04AF43154B62FA85B08BAD0A7CA, B18F09CAD04AD61A1B8DCD3BBC70A82FB50008C147389D3245E39856BA940A87 ] excfs C:\WINDOWS\system32\DRIVERS\excfs.sys
23:23:30.0944 0x0cd8 excfs - ok
23:23:30.0944 0x0cd8 [ E6082A6C109238A725D83184724C4A36, 66F0D4798C357FFCC5A35E45BE8E5F0A97E7BCF98CFAA1BB2269F6D6B910A0A3 ] excsd C:\WINDOWS\system32\DRIVERS\excsd.sys
23:23:30.0960 0x0cd8 excsd - ok
23:23:30.0991 0x0cd8 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
23:23:31.0023 0x0cd8 exfat - ok
23:23:31.0116 0x0cd8 [ 68030FF4B7669E15916910885E2E6160, 324EC07A0135354A5D41ED841919D61C218ECA718DE8A8357B0D2AD0B621777B ] ExpressCache C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
23:23:31.0116 0x0cd8 ExpressCache - ok
23:23:31.0163 0x0cd8 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
23:23:31.0179 0x0cd8 fastfat - ok
23:23:31.0241 0x0cd8 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
23:23:31.0304 0x0cd8 Fax - ok
23:23:31.0319 0x0cd8 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
23:23:31.0335 0x0cd8 fdc - ok
23:23:31.0382 0x0cd8 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
23:23:31.0398 0x0cd8 fdPHost - ok
23:23:31.0429 0x0cd8 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
23:23:31.0444 0x0cd8 FDResPub - ok
23:23:31.0491 0x0cd8 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
23:23:31.0523 0x0cd8 fhsvc - ok
23:23:31.0554 0x0cd8 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
23:23:31.0570 0x0cd8 FileInfo - ok
23:23:31.0585 0x0cd8 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
23:23:31.0601 0x0cd8 Filetrace - ok
23:23:31.0632 0x0cd8 [ 27B3C0F193F00D65F2D6B2C8C7FD22FF, B7DFE6D3065091C26085DB661503847F729EC2D2842C3D56D4F003548CC46503 ] file_tracker C:\WINDOWS\system32\DRIVERS\file_tracker.sys
23:23:31.0663 0x0cd8 file_tracker - ok
23:23:31.0679 0x0cd8 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
23:23:31.0710 0x0cd8 flpydisk - ok
23:23:31.0741 0x0cd8 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:23:31.0773 0x0cd8 FltMgr - ok
23:23:31.0804 0x0cd8 [ 4AD91299304A5E75084434F246DE0F9A, 3617EFEBCCB23F15FC9423544D061AF183E8E87B7E1EA9AA13EAAC5A9F0DE439 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys
23:23:31.0820 0x0cd8 fltsrv - ok
23:23:31.0898 0x0cd8 [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\WINDOWS\system32\FntCache.dll
23:23:31.0960 0x0cd8 FontCache - ok
23:23:32.0085 0x0cd8 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:23:32.0101 0x0cd8 FontCache3.0.0.0 - ok
23:23:32.0148 0x0cd8 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
23:23:32.0148 0x0cd8 FsDepends - ok
23:23:32.0163 0x0cd8 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:23:32.0179 0x0cd8 Fs_Rec - ok
23:23:32.0226 0x0cd8 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:23:32.0257 0x0cd8 fvevol - ok
23:23:32.0273 0x0cd8 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
23:23:32.0304 0x0cd8 FxPPM - ok
23:23:32.0320 0x0cd8 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
23:23:32.0335 0x0cd8 gagp30kx - ok
23:23:32.0366 0x0cd8 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
23:23:32.0382 0x0cd8 gencounter - ok
23:23:32.0413 0x0cd8 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:23:32.0429 0x0cd8 GPIOClx0101 - ok
23:23:32.0507 0x0cd8 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
23:23:32.0570 0x0cd8 gpsvc - ok
23:23:32.0601 0x0cd8 [ C06C3D6C5A0805B314E3E940632C97CB, 48D14FB139490CE79C03557DEEAC9AA1B3A095A9C517008069F2DBAB8DFE34F5 ] GUBootStartup C:\WINDOWS\System32\drivers\GUBootStartup.sys
23:23:32.0601 0x0cd8 GUBootStartup - ok
23:23:32.0616 0x0cd8 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
23:23:32.0663 0x0cd8 HDAudBus - ok
23:23:32.0679 0x0cd8 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
23:23:32.0710 0x0cd8 HidBatt - ok
23:23:32.0726 0x0cd8 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
23:23:32.0741 0x0cd8 HidBth - ok
23:23:32.0773 0x0cd8 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
23:23:32.0788 0x0cd8 hidi2c - ok
23:23:32.0820 0x0cd8 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
23:23:32.0835 0x0cd8 HidIr - ok
23:23:32.0882 0x0cd8 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
23:23:32.0898 0x0cd8 hidserv - ok
23:23:32.0929 0x0cd8 [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
23:23:32.0929 0x0cd8 HIDSwitch - ok
23:23:32.0976 0x0cd8 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
23:23:32.0991 0x0cd8 HidUsb - ok
23:23:33.0038 0x0cd8 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
23:23:33.0054 0x0cd8 hkmsvc - ok
23:23:33.0101 0x0cd8 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:23:33.0132 0x0cd8 HomeGroupListener - ok
23:23:33.0195 0x0cd8 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:23:33.0210 0x0cd8 HomeGroupProvider - ok
23:23:33.0241 0x0cd8 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
23:23:33.0257 0x0cd8 HpSAMD - ok
23:23:33.0304 0x0cd8 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
23:23:33.0335 0x0cd8 HTTP - ok
23:23:33.0382 0x0cd8 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
23:23:33.0398 0x0cd8 hwpolicy - ok
23:23:33.0398 0x0cd8 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
23:23:33.0413 0x0cd8 hyperkbd - ok
23:23:33.0429 0x0cd8 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:23:33.0445 0x0cd8 HyperVideo - ok
23:23:33.0507 0x0cd8 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
23:23:33.0523 0x0cd8 i8042prt - ok
23:23:33.0538 0x0cd8 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:23:33.0554 0x0cd8 iaLPSSi_GPIO - ok
23:23:33.0570 0x0cd8 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:23:33.0585 0x0cd8 iaLPSSi_I2C - ok
23:23:33.0616 0x0cd8 [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
23:23:33.0632 0x0cd8 iaStorA - ok
23:23:33.0663 0x0cd8 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
23:23:33.0679 0x0cd8 iaStorAV - ok
23:23:33.0726 0x0cd8 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
23:23:33.0741 0x0cd8 iaStorV - ok
23:23:33.0945 0x0cd8 [ BD14C02A9F388CB29620FF68AB6979AD, 1610C888002E1118DFEF86E27462FDBB1F625BD298FC4FCD033FBC76D54EC35E ] IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160610.001\IDSvia64.sys
23:23:33.0976 0x0cd8 IDSVia64 - ok
23:23:33.0976 0x0cd8 IEEtwCollectorService - ok
23:23:34.0101 0x0cd8 [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
23:23:34.0226 0x0cd8 igfx - ok
23:23:34.0288 0x0cd8 [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
23:23:34.0335 0x0cd8 IKEEXT - ok
23:23:34.0367 0x0cd8 [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
23:23:34.0367 0x0cd8 intaud_WaveExtensible - ok
23:23:34.0476 0x0cd8 [ C9EDE135A702B243DCADEBE913A2087F, E8A6EF5BC2D28D8E40E991DF9B0F8DD22F5B95046E134A5E62F131C94BDF9771 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:23:34.0554 0x0cd8 IntcAzAudAddService - ok
23:23:34.0601 0x0cd8 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
23:23:34.0617 0x0cd8 IntcDAud - ok
23:23:34.0710 0x0cd8 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:23:34.0726 0x0cd8 Intel(R) Capability Licensing Service Interface - ok
23:23:34.0820 0x0cd8 [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
23:23:34.0835 0x0cd8 Intel(R) ME Service - ok
23:23:34.0835 0x0cd8 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
23:23:34.0851 0x0cd8 intelide - ok
23:23:34.0882 0x0cd8 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
23:23:34.0898 0x0cd8 intelpep - ok
23:23:34.0913 0x0cd8 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
23:23:34.0945 0x0cd8 intelppm - ok
23:23:34.0960 0x0cd8 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:23:34.0976 0x0cd8 IpFilterDriver - ok
23:23:35.0038 0x0cd8 [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
23:23:35.0085 0x0cd8 iphlpsvc - ok
23:23:35.0132 0x0cd8 [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:23:35.0148 0x0cd8 IPMIDRV - ok
23:23:35.0163 0x0cd8 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
23:23:35.0179 0x0cd8 IPNAT - ok
23:23:35.0226 0x0cd8 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
23:23:35.0257 0x0cd8 IRENUM - ok
23:23:35.0288 0x0cd8 [ 4D9B9A794F22415B8C3E0CCFBE61BC7A, 4CF01BC95F0AD7DC42AF8A0FCE032DF00610524A98CF52F531E9DE93137E7B87 ] irstrtdv C:\WINDOWS\System32\drivers\irstrtdv.sys
23:23:35.0288 0x0cd8 irstrtdv - ok
23:23:35.0382 0x0cd8 [ E145E934392E7A49FDC6775AC3A347F8, 8E5DBC8C34FB3B68851489E0860BA3ACE6CDF46BB5E2AEFD1DEF6E895566068B ] irstrtsv C:\Windows\SysWOW64\irstrtsv.exe
23:23:35.0398 0x0cd8 irstrtsv - ok
23:23:35.0429 0x0cd8 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
23:23:35.0429 0x0cd8 isapnp - ok
23:23:35.0492 0x0cd8 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
23:23:35.0507 0x0cd8 iScsiPrt - ok
23:23:35.0523 0x0cd8 [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
23:23:35.0538 0x0cd8 iwdbus - ok
23:23:35.0570 0x0cd8 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:23:35.0585 0x0cd8 jhi_service - ok
23:23:35.0617 0x0cd8 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
23:23:35.0617 0x0cd8 kbdclass - ok
23:23:35.0679 0x0cd8 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
23:23:35.0710 0x0cd8 kbdhid - ok
23:23:35.0726 0x0cd8 [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys
23:23:35.0742 0x0cd8 kbfiltr - ok
23:23:35.0820 0x0cd8 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
23:23:35.0835 0x0cd8 kdnic - ok
23:23:35.0898 0x0cd8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
23:23:35.0898 0x0cd8 KeyIso - ok
23:23:35.0976 0x0cd8 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
23:23:35.0976 0x0cd8 KSecDD - ok
23:23:36.0007 0x0cd8 [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:23:36.0023 0x0cd8 KSecPkg - ok
23:23:36.0054 0x0cd8 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
23:23:36.0085 0x0cd8 ksthunk - ok
23:23:36.0195 0x0cd8 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
23:23:36.0210 0x0cd8 KtmRm - ok
23:23:36.0304 0x0cd8 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
23:23:36.0335 0x0cd8 LanmanServer - ok
23:23:36.0382 0x0cd8 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:23:36.0398 0x0cd8 LanmanWorkstation - ok
23:23:36.0476 0x0cd8 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
23:23:36.0539 0x0cd8 lfsvc - ok
23:23:36.0585 0x0cd8 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
23:23:36.0617 0x0cd8 lltdio - ok
23:23:36.0710 0x0cd8 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
23:23:36.0742 0x0cd8 lltdsvc - ok
23:23:36.0789 0x0cd8 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
23:23:36.0820 0x0cd8 lmhosts - ok
23:23:36.0882 0x0cd8 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:23:36.0898 0x0cd8 LMS - ok
23:23:36.0929 0x0cd8 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
23:23:36.0945 0x0cd8 LSI_SAS - ok
23:23:36.0960 0x0cd8 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
23:23:36.0976 0x0cd8 LSI_SAS2 - ok
23:23:36.0992 0x0cd8 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
23:23:37.0007 0x0cd8 LSI_SAS3 - ok
23:23:37.0023 0x0cd8 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
23:23:37.0039 0x0cd8 LSI_SSS - ok
23:23:37.0148 0x0cd8 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
23:23:37.0210 0x0cd8 LSM - ok
23:23:37.0242 0x0cd8 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
23:23:37.0257 0x0cd8 luafv - ok
23:23:37.0445 0x0cd8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McOobeSv2 C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
23:23:37.0476 0x0cd8 McOobeSv2 - ok
23:23:37.0492 0x0cd8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
23:23:37.0492 0x0cd8 mcpltsvc - ok
23:23:37.0507 0x0cd8 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McSchedulerSvc C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
23:23:37.0523 0x0cd8 McSchedulerSvc - ok
23:23:37.0585 0x0cd8 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
23:23:37.0601 0x0cd8 megasas - ok
23:23:37.0632 0x0cd8 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
23:23:37.0664 0x0cd8 megasr - ok
23:23:37.0695 0x0cd8 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
23:23:37.0695 0x0cd8 MEIx64 - ok
23:23:37.0726 0x0cd8 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
23:23:37.0757 0x0cd8 MMCSS - ok
23:23:37.0992 0x0cd8 [ D9652739D1007B9B5CE34CEF38E095C5, 20AFFEA3B2E7F254A58CDD9F4F9D51D94710C20E98A650BE33FD446A474D7D12 ] mmsminisrv C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
23:23:38.0117 0x0cd8 mmsminisrv - ok
23:23:38.0169 0x0cd8 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
23:23:38.0185 0x0cd8 Modem - ok
23:23:38.0195 0x0cd8 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
23:23:38.0195 0x0cd8 monitor - ok
23:23:38.0227 0x0cd8 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
23:23:38.0227 0x0cd8 mouclass - ok
23:23:38.0242 0x0cd8 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
23:23:38.0258 0x0cd8 mouhid - ok
23:23:38.0273 0x0cd8 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
23:23:38.0289 0x0cd8 mountmgr - ok
23:23:38.0336 0x0cd8 [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:23:38.0336 0x0cd8 MozillaMaintenance - ok
23:23:38.0383 0x0cd8 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
23:23:38.0398 0x0cd8 mpsdrv - ok
23:23:38.0445 0x0cd8 [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
23:23:38.0477 0x0cd8 MpsSvc - ok
23:23:38.0524 0x0cd8 [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
23:23:38.0539 0x0cd8 MRxDAV - ok
23:23:38.0602 0x0cd8 [ 5DCD41F62F71519D2A46D41F60C69B0C, A9C2F8B8F82BDBF48F34D5837ED27CE251C75232A07AF26F7B796D2A106795A0 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:23:38.0633 0x0cd8 mrxsmb - ok
23:23:38.0649 0x0cd8 [ D7C9BC4D37BF08C7DD436A0A5F321668, 30A5AF211BEC89E26134CDAE3E60D0D9F0AE2748F56E9D09B07431206AD381C6 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:23:38.0664 0x0cd8 mrxsmb10 - ok
23:23:38.0680 0x0cd8 [ FE219A7107C4BC3BBC35D6CDC281612C, 98CA0FECF1F7269DAED43561FA40AAC1A9456F2C2FE7C1243C628F78864D2F54 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:23:38.0711 0x0cd8 mrxsmb20 - ok
23:23:38.0758 0x0cd8 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
23:23:38.0774 0x0cd8 MsBridge - ok
23:23:38.0820 0x0cd8 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
23:23:38.0836 0x0cd8 MSDTC - ok
23:23:38.0852 0x0cd8 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:23:38.0867 0x0cd8 Msfs - ok
23:23:38.0914 0x0cd8 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:23:38.0930 0x0cd8 msgpiowin32 - ok
23:23:38.0945 0x0cd8 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:23:38.0961 0x0cd8 mshidkmdf - ok
23:23:38.0961 0x0cd8 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
23:23:38.0977 0x0cd8 mshidumdf - ok
23:23:38.0992 0x0cd8 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
23:23:39.0008 0x0cd8 msisadrv - ok
23:23:39.0055 0x0cd8 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
23:23:39.0086 0x0cd8 MSiSCSI - ok
23:23:39.0086 0x0cd8 msiserver - ok
23:23:39.0117 0x0cd8 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:23:39.0133 0x0cd8 MSKSSRV - ok
23:23:39.0180 0x0cd8 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
23:23:39.0195 0x0cd8 MsLldp - ok
23:23:39.0211 0x0cd8 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:23:39.0227 0x0cd8 MSPCLOCK - ok
23:23:39.0227 0x0cd8 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:23:39.0258 0x0cd8 MSPQM - ok
23:23:39.0289 0x0cd8 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
23:23:39.0320 0x0cd8 MsRPC - ok
23:23:39.0336 0x0cd8 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
23:23:39.0336 0x0cd8 mssmbios - ok
23:23:39.0352 0x0cd8 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:23:39.0367 0x0cd8 MSTEE - ok
23:23:39.0383 0x0cd8 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
23:23:39.0399 0x0cd8 MTConfig - ok
23:23:39.0445 0x0cd8 [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\WINDOWS\system32\Drivers\mup.sys
23:23:39.0461 0x0cd8 Mup - ok
23:23:39.0492 0x0cd8 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
23:23:39.0508 0x0cd8 mvumis - ok
23:23:39.0617 0x0cd8 [ B3C3841A4A46B88E394C66FDDD786F71, 8854B95F84C33DF228BAC2A458ECE4F0C170E788BF802E76AB952919ACCE50B8 ] N360 C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\N360.exe
23:23:39.0633 0x0cd8 N360 - ok
23:23:39.0695 0x0cd8 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
23:23:39.0711 0x0cd8 napagent - ok
23:23:39.0774 0x0cd8 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:23:39.0789 0x0cd8 NativeWifiP - ok
23:23:39.0899 0x0cd8 [ 4DF6F43F761A600208F90A55D05F9B7E, AC93B4497FB428F7EC42DCF5956A2A61B951394E555BF6C89E55943E0B681586 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
23:23:39.0914 0x0cd8 NAUpdate - ok
23:23:40.0024 0x0cd8 [ 2892939B5ED33D1D90B6DECBFE0DED19, 86E4BDD283351B6B700DF34D101C230ACABAF27866CDA19EAEBF215EA557B3A6 ] NAVENG C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160612.001\ENG64.SYS
23:23:40.0039 0x0cd8 NAVENG - ok
23:23:40.0102 0x0cd8 [ 967CC229AB24D8576F8D4494E91400BC, 8EE751756668934DB2A63EFECDE0A355E28AC7C5820EC22FF750528FACF30E70 ] NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160612.001\EX64.SYS
23:23:40.0149 0x0cd8 NAVEX15 - ok
23:23:40.0195 0x0cd8 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
23:23:40.0227 0x0cd8 NcaSvc - ok
23:23:40.0274 0x0cd8 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
23:23:40.0289 0x0cd8 NcbService - ok
23:23:40.0305 0x0cd8 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
23:23:40.0336 0x0cd8 NcdAutoSetup - ok
23:23:40.0383 0x0cd8 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
23:23:40.0430 0x0cd8 NDIS - ok
23:23:40.0461 0x0cd8 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
23:23:40.0477 0x0cd8 NdisCap - ok
23:23:40.0508 0x0cd8 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
23:23:40.0524 0x0cd8 NdisImPlatform - ok
23:23:40.0571 0x0cd8 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:23:40.0586 0x0cd8 NdisTapi - ok
23:23:40.0602 0x0cd8 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:23:40.0617 0x0cd8 Ndisuio - ok
23:23:40.0633 0x0cd8 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:23:40.0633 0x0cd8 NdisVirtualBus - ok
23:23:40.0696 0x0cd8 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:23:40.0727 0x0cd8 NdisWan - ok
23:23:40.0727 0x0cd8 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:23:40.0742 0x0cd8 NdisWanLegacy - ok
23:23:40.0774 0x0cd8 [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:23:40.0805 0x0cd8 NDProxy - ok
23:23:40.0836 0x0cd8 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
23:23:40.0852 0x0cd8 Ndu - ok
23:23:40.0899 0x0cd8 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:23:40.0914 0x0cd8 NetBIOS - ok
23:23:40.0930 0x0cd8 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:23:40.0961 0x0cd8 NetBT - ok
23:23:40.0977 0x0cd8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
23:23:40.0977 0x0cd8 Netlogon - ok
23:23:41.0039 0x0cd8 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
23:23:41.0071 0x0cd8 Netman - ok
23:23:41.0133 0x0cd8 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
23:23:41.0149 0x0cd8 netprofm - ok
23:23:41.0227 0x0cd8 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:23:41.0227 0x0cd8 NetTcpPortSharing - ok
23:23:41.0258 0x0cd8 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
23:23:41.0274 0x0cd8 netvsc - ok
23:23:41.0305 0x0cd8 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
23:23:41.0336 0x0cd8 NlaSvc - ok
23:23:41.0367 0x0cd8 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:23:41.0399 0x0cd8 Npfs - ok
23:23:41.0461 0x0cd8 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
23:23:41.0461 0x0cd8 npsvctrig - ok
23:23:41.0508 0x0cd8 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
23:23:41.0539 0x0cd8 nsi - ok
23:23:41.0586 0x0cd8 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
23:23:41.0602 0x0cd8 nsiproxy - ok
23:23:41.0696 0x0cd8 [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:23:41.0758 0x0cd8 Ntfs - ok
23:23:41.0774 0x0cd8 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
23:23:41.0789 0x0cd8 Null - ok
23:23:42.0102 0x0cd8 [ EE1B3752121C4B4E8C279A3FB272C136, 7BE853950FD79588A99E4BBCC99FBF1A805B74FA0BB6D2B3232D3132F960C26F ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
23:23:42.0383 0x0cd8 nvlddmkm - ok
23:23:42.0492 0x0cd8 [ EFF29849069D217B2A3C78206CF5ACA4, 14216D84549F300819B10DA5CEC316DBAA479756FF44E1D4F8E2B377382156AA ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
23:23:42.0492 0x0cd8 nvpciflt - ok
23:23:42.0539 0x0cd8 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
23:23:42.0555 0x0cd8 nvraid - ok
23:23:42.0571 0x0cd8 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
23:23:42.0586 0x0cd8 nvstor - ok
23:23:42.0664 0x0cd8 [ AA1305BD98009DB1766925E335911060, AF57AE2598B000AB615097FD24AD54F4D3E8EAF8880CC0119F1A20E42D67765D ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
23:23:42.0696 0x0cd8 nvsvc - ok
23:23:42.0821 0x0cd8 [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:23:42.0852 0x0cd8 nvUpdatusService - ok
23:23:42.0883 0x0cd8 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
23:23:42.0899 0x0cd8 nv_agp - ok
23:23:42.0930 0x0cd8 [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:23:42.0946 0x0cd8 ose64 - ok
23:23:43.0008 0x0cd8 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
23:23:43.0024 0x0cd8 p2pimsvc - ok
23:23:43.0086 0x0cd8 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
23:23:43.0133 0x0cd8 p2psvc - ok
23:23:43.0164 0x0cd8 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
23:23:43.0180 0x0cd8 Parport - ok
23:23:43.0227 0x0cd8 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
23:23:43.0242 0x0cd8 partmgr - ok
23:23:43.0289 0x0cd8 [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
23:23:43.0321 0x0cd8 PcaSvc - ok
23:23:43.0352 0x0cd8 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
23:23:43.0368 0x0cd8 pci - ok
23:23:43.0399 0x0cd8 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
23:23:43.0399 0x0cd8 pciide - ok
23:23:43.0446 0x0cd8 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
23:23:43.0461 0x0cd8 pcmcia - ok
23:23:43.0477 0x0cd8 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
23:23:43.0477 0x0cd8 pcw - ok
23:23:43.0508 0x0cd8 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
23:23:43.0524 0x0cd8 pdc - ok
23:23:43.0571 0x0cd8 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
23:23:43.0602 0x0cd8 PEAUTH - ok
23:23:43.0680 0x0cd8 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
23:23:43.0696 0x0cd8 PerfHost - ok
23:23:43.0774 0x0cd8 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
23:23:43.0836 0x0cd8 pla - ok
23:23:43.0868 0x0cd8 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
23:23:43.0883 0x0cd8 PlugPlay - ok
23:23:43.0930 0x0cd8 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
23:23:43.0946 0x0cd8 PNRPAutoReg - ok
23:23:43.0977 0x0cd8 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
23:23:44.0008 0x0cd8 PNRPsvc - ok
23:23:44.0071 0x0cd8 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
23:23:44.0086 0x0cd8 PolicyAgent - ok
23:23:44.0118 0x0cd8 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
23:23:44.0149 0x0cd8 Power - ok
23:23:44.0289 0x0cd8 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ]
|
|
12.06.2016, 22:31
| #7 |
| | Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? Der Report von TDSSKiller.exe - Teil 2: Code:
ATTFilter PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:23:44.0383 0x0cd8 PrintNotify - ok
23:23:44.0430 0x0cd8 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
23:23:44.0446 0x0cd8 Processor - ok
23:23:44.0477 0x0cd8 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
23:23:44.0508 0x0cd8 ProfSvc - ok
23:23:44.0555 0x0cd8 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
23:23:44.0586 0x0cd8 Psched - ok
23:23:44.0633 0x0cd8 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
23:23:44.0664 0x0cd8 QWAVE - ok
23:23:44.0696 0x0cd8 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
23:23:44.0711 0x0cd8 QWAVEdrv - ok
23:23:44.0727 0x0cd8 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:23:44.0743 0x0cd8 RasAcd - ok
23:23:44.0789 0x0cd8 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:23:44.0805 0x0cd8 RasAuto - ok
23:23:44.0868 0x0cd8 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:23:44.0899 0x0cd8 RasMan - ok
23:23:44.0930 0x0cd8 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:23:44.0961 0x0cd8 RasPppoe - ok
23:23:45.0008 0x0cd8 [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:23:45.0039 0x0cd8 rdbss - ok
23:23:45.0086 0x0cd8 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
23:23:45.0102 0x0cd8 rdpbus - ok
23:23:45.0118 0x0cd8 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
23:23:45.0149 0x0cd8 RDPDR - ok
23:23:45.0164 0x0cd8 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:23:45.0180 0x0cd8 RdpVideoMiniport - ok
23:23:45.0196 0x0cd8 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
23:23:45.0211 0x0cd8 rdyboost - ok
23:23:45.0274 0x0cd8 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
23:23:45.0321 0x0cd8 ReFS - ok
23:23:45.0383 0x0cd8 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:23:45.0399 0x0cd8 RemoteAccess - ok
23:23:45.0446 0x0cd8 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:23:45.0461 0x0cd8 RemoteRegistry - ok
23:23:45.0493 0x0cd8 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
23:23:45.0508 0x0cd8 RFCOMM - ok
23:23:45.0524 0x0cd8 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
23:23:45.0524 0x0cd8 RpcEptMapper - ok
23:23:45.0571 0x0cd8 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
23:23:45.0571 0x0cd8 RpcLocator - ok
23:23:45.0633 0x0cd8 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:23:45.0664 0x0cd8 RpcSs - ok
23:23:45.0696 0x0cd8 [ 7B386B880EDAD12C5102B448E2A3127C, 9B7906AA6F043533B8665012445D63733C703DB77EAAEFB5985C32437A03D56F ] RSBASTOR C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys
23:23:45.0711 0x0cd8 RSBASTOR - ok
23:23:45.0758 0x0cd8 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
23:23:45.0774 0x0cd8 rspndr - ok
23:23:45.0805 0x0cd8 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
23:23:45.0836 0x0cd8 RTL8168 - ok
23:23:45.0868 0x0cd8 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
23:23:45.0899 0x0cd8 s3cap - ok
23:23:45.0930 0x0cd8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
23:23:45.0930 0x0cd8 SamSs - ok
23:23:45.0961 0x0cd8 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
23:23:45.0977 0x0cd8 sbp2port - ok
23:23:46.0024 0x0cd8 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
23:23:46.0055 0x0cd8 SCardSvr - ok
23:23:46.0086 0x0cd8 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
23:23:46.0118 0x0cd8 ScDeviceEnum - ok
23:23:46.0165 0x0cd8 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:23:46.0180 0x0cd8 scfilter - ok
23:23:46.0227 0x0cd8 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:23:46.0274 0x0cd8 Schedule - ok
23:23:46.0305 0x0cd8 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
23:23:46.0321 0x0cd8 SCPolicySvc - ok
23:23:46.0352 0x0cd8 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
23:23:46.0368 0x0cd8 sdbus - ok
23:23:46.0415 0x0cd8 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
23:23:46.0430 0x0cd8 sdstor - ok
23:23:46.0461 0x0cd8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
23:23:46.0493 0x0cd8 secdrv - ok
23:23:46.0540 0x0cd8 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\WINDOWS\system32\seclogon.dll
23:23:46.0571 0x0cd8 seclogon - ok
23:23:46.0618 0x0cd8 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
23:23:46.0633 0x0cd8 SENS - ok
23:23:46.0665 0x0cd8 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
23:23:46.0696 0x0cd8 SensrSvc - ok
23:23:46.0711 0x0cd8 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
23:23:46.0727 0x0cd8 SerCx - ok
23:23:46.0774 0x0cd8 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
23:23:46.0790 0x0cd8 SerCx2 - ok
23:23:46.0790 0x0cd8 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
23:23:46.0805 0x0cd8 Serenum - ok
23:23:46.0821 0x0cd8 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
23:23:46.0836 0x0cd8 Serial - ok
23:23:46.0868 0x0cd8 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
23:23:46.0883 0x0cd8 sermouse - ok
23:23:46.0946 0x0cd8 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
23:23:46.0977 0x0cd8 SessionEnv - ok
23:23:47.0008 0x0cd8 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
23:23:47.0040 0x0cd8 sfloppy - ok
23:23:47.0071 0x0cd8 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:23:47.0102 0x0cd8 SharedAccess - ok
23:23:47.0165 0x0cd8 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:23:47.0196 0x0cd8 ShellHWDetection - ok
23:23:47.0211 0x0cd8 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:23:47.0227 0x0cd8 SiSRaid2 - ok
23:23:47.0258 0x0cd8 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
23:23:47.0274 0x0cd8 SiSRaid4 - ok
23:23:47.0352 0x0cd8 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:23:47.0368 0x0cd8 SkypeUpdate - ok
23:23:47.0415 0x0cd8 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
23:23:47.0430 0x0cd8 smphost - ok
23:23:47.0493 0x0cd8 [ 67E7E7DB39769F2D8C4DC7BD4EBA02E6, 0FA9E2D4B100AA5BD258B152D1CA7CD7682DF2796584892710F822FEF1AF1A85 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
23:23:47.0508 0x0cd8 snapman - ok
23:23:47.0555 0x0cd8 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
23:23:47.0586 0x0cd8 SNMPTRAP - ok
23:23:47.0633 0x0cd8 [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
23:23:47.0665 0x0cd8 spaceport - ok
23:23:47.0680 0x0cd8 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
23:23:47.0696 0x0cd8 SpbCx - ok
23:23:47.0758 0x0cd8 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\WINDOWS\System32\spoolsv.exe
23:23:47.0774 0x0cd8 Spooler - ok
23:23:47.0993 0x0cd8 [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
23:23:48.0165 0x0cd8 sppsvc - ok
23:23:48.0305 0x0cd8 [ D6786650A26543FFF83806057458B96E, 1002A5E6338255ACF9E7DD901378CB8BCE0FC6A7503C6D78EEBF8BAD619ECBC4 ] SRTSP C:\WINDOWS\System32\Drivers\N360x64\1606000.08E\SRTSP64.SYS
23:23:48.0337 0x0cd8 SRTSP - ok
23:23:48.0368 0x0cd8 [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX C:\WINDOWS\system32\drivers\N360x64\1606000.08E\SRTSPX64.SYS
23:23:48.0383 0x0cd8 SRTSPX - ok
23:23:48.0430 0x0cd8 [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:23:48.0462 0x0cd8 srv - ok
23:23:48.0493 0x0cd8 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
23:23:48.0524 0x0cd8 srv2 - ok
23:23:48.0571 0x0cd8 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:23:48.0602 0x0cd8 srvnet - ok
23:23:48.0649 0x0cd8 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:23:48.0665 0x0cd8 SSDPSRV - ok
23:23:48.0712 0x0cd8 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
23:23:48.0743 0x0cd8 SstpSvc - ok
23:23:48.0758 0x0cd8 [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
23:23:48.0774 0x0cd8 ssudmdm - ok
23:23:48.0790 0x0cd8 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
23:23:48.0805 0x0cd8 stexstor - ok
23:23:48.0852 0x0cd8 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
23:23:48.0883 0x0cd8 stisvc - ok
23:23:48.0915 0x0cd8 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
23:23:48.0915 0x0cd8 storahci - ok
23:23:48.0962 0x0cd8 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
23:23:48.0962 0x0cd8 storflt - ok
23:23:48.0993 0x0cd8 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
23:23:49.0008 0x0cd8 stornvme - ok
23:23:49.0040 0x0cd8 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
23:23:49.0071 0x0cd8 StorSvc - ok
23:23:49.0071 0x0cd8 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
23:23:49.0087 0x0cd8 storvsc - ok
23:23:49.0118 0x0cd8 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
23:23:49.0133 0x0cd8 svsvc - ok
23:23:49.0180 0x0cd8 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
23:23:49.0196 0x0cd8 swenum - ok
23:23:49.0258 0x0cd8 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
23:23:49.0290 0x0cd8 swprv - ok
23:23:49.0383 0x0cd8 [ 6F227CF9E64364578E2DABD1EF6E51A4, D5223B441A319D4C57FDBEA9BFBB8E5C95CA6F7B6AE6F4029BCE84A5CCE51B33 ] SymEFASI C:\WINDOWS\system32\drivers\N360x64\1606000.08E\SYMEFASI64.SYS
23:23:49.0430 0x0cd8 SymEFASI - ok
23:23:49.0462 0x0cd8 [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM C:\WINDOWS\system32\drivers\N360x64\1606000.08E\SymELAM.sys
23:23:49.0477 0x0cd8 SymELAM - ok
23:23:49.0524 0x0cd8 [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
23:23:49.0524 0x0cd8 SymEvent - ok
23:23:49.0571 0x0cd8 [ EC8538693C84E5B85014CB0F4174A8B7, 570D4193A5616A65962D086048D51C37BE166B77ED7293DF3E8871A502831261 ] SymIRON C:\WINDOWS\system32\drivers\N360x64\1606000.08E\Ironx64.SYS
23:23:49.0587 0x0cd8 SymIRON - ok
23:23:49.0649 0x0cd8 [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS C:\WINDOWS\System32\Drivers\N360x64\1606000.08E\SYMNETS.SYS
23:23:49.0665 0x0cd8 SymNetS - ok
23:23:49.0977 0x0cd8 [ C653C8A3D3079A7D03F8DAB6C5FE6DD7, 7A0A6F6697227924F9EEB6CA020D807746FADAEC1D27096A9A9F7FC5B54DC593 ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
23:23:50.0196 0x0cd8 syncagentsrv - ok
23:23:50.0305 0x0cd8 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
23:23:50.0352 0x0cd8 SysMain - ok
23:23:50.0384 0x0cd8 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:23:50.0430 0x0cd8 SystemEventsBroker - ok
23:23:50.0477 0x0cd8 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:23:50.0509 0x0cd8 TabletInputService - ok
23:23:50.0571 0x0cd8 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:23:50.0602 0x0cd8 TapiSrv - ok
23:23:50.0712 0x0cd8 [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
23:23:50.0790 0x0cd8 Tcpip - ok
23:23:50.0837 0x0cd8 [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:23:50.0899 0x0cd8 TCPIP6 - ok
23:23:50.0993 0x0cd8 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
23:23:51.0009 0x0cd8 tcpipreg - ok
23:23:51.0055 0x0cd8 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
23:23:51.0071 0x0cd8 tdx - ok
23:23:51.0102 0x0cd8 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
23:23:51.0118 0x0cd8 terminpt - ok
23:23:51.0180 0x0cd8 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
23:23:51.0212 0x0cd8 TermService - ok
23:23:51.0259 0x0cd8 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
23:23:51.0274 0x0cd8 Themes - ok
23:23:51.0305 0x0cd8 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
23:23:51.0321 0x0cd8 THREADORDER - ok
23:23:51.0399 0x0cd8 [ D66C989F0C86A11472A57963841643D4, B75C1645512DE29281DE28AB125CFB449E75D285BF3EF577FD4A096DF3FF7260 ] tib C:\WINDOWS\system32\DRIVERS\tib.sys
23:23:51.0430 0x0cd8 tib - ok
23:23:51.0462 0x0cd8 [ 0F9FD35675C7B29AA01DF7CA038FC18C, E0FE87FBD73A9070D6C900BC535B9B99402005957306562CA1D68AB920CB0EE9 ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
23:23:51.0477 0x0cd8 tib_mounter - ok
23:23:51.0524 0x0cd8 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
23:23:51.0555 0x0cd8 TimeBroker - ok
23:23:51.0618 0x0cd8 [ 21AFBEAC264AB4C6A399E41EF7B2A500, 005089F7F971BED5184A36C6FAE21A68117FB1C017B2F00021FA218131E9AC3A ] tnd C:\WINDOWS\system32\DRIVERS\tnd.sys
23:23:51.0634 0x0cd8 tnd - ok
23:23:51.0680 0x0cd8 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
23:23:51.0696 0x0cd8 TPM - ok
23:23:51.0743 0x0cd8 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
23:23:51.0759 0x0cd8 TrkWks - ok
23:23:51.0837 0x0cd8 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:23:51.0868 0x0cd8 TrustedInstaller - ok
23:23:51.0884 0x0cd8 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
23:23:51.0899 0x0cd8 TsUsbFlt - ok
23:23:51.0946 0x0cd8 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:23:51.0962 0x0cd8 TsUsbGD - ok
23:23:52.0009 0x0cd8 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
23:23:52.0024 0x0cd8 tunnel - ok
23:23:52.0040 0x0cd8 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
23:23:52.0055 0x0cd8 uagp35 - ok
23:23:52.0071 0x0cd8 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
23:23:52.0071 0x0cd8 UASPStor - ok
23:23:52.0118 0x0cd8 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
23:23:52.0134 0x0cd8 UCX01000 - ok
23:23:52.0165 0x0cd8 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
23:23:52.0180 0x0cd8 udfs - ok
23:23:52.0196 0x0cd8 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
23:23:52.0212 0x0cd8 UEFI - ok
23:23:52.0259 0x0cd8 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
23:23:52.0290 0x0cd8 UI0Detect - ok
23:23:52.0306 0x0cd8 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
23:23:52.0321 0x0cd8 uliagpkx - ok
23:23:52.0337 0x0cd8 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
23:23:52.0337 0x0cd8 umbus - ok
23:23:52.0368 0x0cd8 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
23:23:52.0384 0x0cd8 UmPass - ok
23:23:52.0431 0x0cd8 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
23:23:52.0462 0x0cd8 UmRdpService - ok
23:23:52.0571 0x0cd8 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:23:52.0587 0x0cd8 UNS - ok
23:23:52.0649 0x0cd8 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:23:52.0665 0x0cd8 upnphost - ok
23:23:52.0712 0x0cd8 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
23:23:52.0727 0x0cd8 usbaudio - ok
23:23:52.0759 0x0cd8 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
23:23:52.0774 0x0cd8 usbccgp - ok
23:23:52.0790 0x0cd8 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
23:23:52.0806 0x0cd8 usbcir - ok
23:23:52.0852 0x0cd8 [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
23:23:52.0868 0x0cd8 usbehci - ok
23:23:52.0899 0x0cd8 [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
23:23:52.0931 0x0cd8 usbhub - ok
23:23:52.0946 0x0cd8 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
23:23:52.0977 0x0cd8 USBHUB3 - ok
23:23:52.0993 0x0cd8 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
23:23:53.0009 0x0cd8 usbohci - ok
23:23:53.0056 0x0cd8 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
23:23:53.0071 0x0cd8 usbprint - ok
23:23:53.0102 0x0cd8 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:23:53.0118 0x0cd8 usbscan - ok
23:23:53.0165 0x0cd8 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:23:53.0181 0x0cd8 USBSTOR - ok
23:23:53.0212 0x0cd8 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
23:23:53.0243 0x0cd8 usbuhci - ok
23:23:53.0290 0x0cd8 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
23:23:53.0321 0x0cd8 usbvideo - ok
23:23:53.0352 0x0cd8 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:23:53.0368 0x0cd8 USBXHCI - ok
23:23:53.0384 0x0cd8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
23:23:53.0399 0x0cd8 VaultSvc - ok
23:23:53.0415 0x0cd8 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
23:23:53.0431 0x0cd8 vdrvroot - ok
23:23:53.0509 0x0cd8 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
23:23:53.0571 0x0cd8 vds - ok
23:23:53.0587 0x0cd8 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
23:23:53.0602 0x0cd8 VerifierExt - ok
23:23:53.0665 0x0cd8 [ 5DB4AFA10A488EC4DDB3DA09B0425BE5, 480AFB6A6BCC95E86C5087C3D9DCD6058D48659A5A63F524A0B9ED3A8FEF6B9B ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
23:23:53.0696 0x0cd8 vhdmp - ok
23:23:53.0712 0x0cd8 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
23:23:53.0727 0x0cd8 viaide - ok
23:23:53.0759 0x0cd8 [ 593D66A1424176B07E1E04B581C636C2, D4E1FA96A1A24DD3EEB3FAB0F32C702C5A621F633007B3D7874995C77CB116E5 ] virtual_file C:\WINDOWS\system32\DRIVERS\virtual_file.sys
23:23:53.0774 0x0cd8 virtual_file - ok
23:23:53.0806 0x0cd8 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
23:23:53.0821 0x0cd8 vmbus - ok
23:23:53.0852 0x0cd8 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
23:23:53.0868 0x0cd8 VMBusHID - ok
23:23:53.0915 0x0cd8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:23:53.0962 0x0cd8 vmicguestinterface - ok
23:23:53.0962 0x0cd8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
23:23:53.0993 0x0cd8 vmicheartbeat - ok
23:23:54.0009 0x0cd8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:23:54.0024 0x0cd8 vmickvpexchange - ok
23:23:54.0040 0x0cd8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
23:23:54.0056 0x0cd8 vmicrdv - ok
23:23:54.0071 0x0cd8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
23:23:54.0102 0x0cd8 vmicshutdown - ok
23:23:54.0102 0x0cd8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
23:23:54.0134 0x0cd8 vmictimesync - ok
23:23:54.0149 0x0cd8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
23:23:54.0165 0x0cd8 vmicvss - ok
23:23:54.0212 0x0cd8 [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
23:23:54.0212 0x0cd8 volmgr - ok
23:23:54.0227 0x0cd8 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
23:23:54.0259 0x0cd8 volmgrx - ok
23:23:54.0274 0x0cd8 [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
23:23:54.0290 0x0cd8 volsnap - ok
23:23:54.0337 0x0cd8 [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
23:23:54.0352 0x0cd8 vpci - ok
23:23:54.0415 0x0cd8 [ 82893A9942BE0104A914DAD7BE8C05F6, 4864CA51B1C83FF62674F5EF67A8AFC63477BE869D4A3F340ACF4FFA0FACD82C ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
23:23:54.0446 0x0cd8 vpnagent - ok
23:23:54.0462 0x0cd8 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys
23:23:54.0477 0x0cd8 vpnva - ok
23:23:54.0509 0x0cd8 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
23:23:54.0509 0x0cd8 vsmraid - ok
23:23:54.0587 0x0cd8 [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\WINDOWS\system32\vssvc.exe
23:23:54.0634 0x0cd8 VSS - ok
23:23:54.0665 0x0cd8 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
23:23:54.0681 0x0cd8 VSTXRAID - ok
23:23:54.0774 0x0cd8 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
23:23:54.0790 0x0cd8 vwifibus - ok
23:23:54.0821 0x0cd8 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
23:23:54.0837 0x0cd8 vwififlt - ok
23:23:54.0868 0x0cd8 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
23:23:54.0884 0x0cd8 vwifimp - ok
23:23:54.0931 0x0cd8 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
23:23:54.0993 0x0cd8 W32Time - ok
23:23:55.0024 0x0cd8 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
23:23:55.0040 0x0cd8 WacomPen - ok
23:23:55.0134 0x0cd8 [ BC9ECDD7276B4A890607B6343E7DBE51, 7C795D7AF2EA9711777D027311E81173CC7B3344B3071BA63EAEFE98A6B56060 ] WakeupService C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
23:23:55.0149 0x0cd8 WakeupService - ok
23:23:55.0227 0x0cd8 [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine C:\WINDOWS\system32\wbengine.exe
23:23:55.0274 0x0cd8 wbengine - ok
23:23:55.0321 0x0cd8 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
23:23:55.0353 0x0cd8 WbioSrvc - ok
23:23:55.0415 0x0cd8 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
23:23:55.0431 0x0cd8 Wcmsvc - ok
23:23:55.0462 0x0cd8 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
23:23:55.0478 0x0cd8 wcncsvc - ok
23:23:55.0524 0x0cd8 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:23:55.0556 0x0cd8 WcsPlugInService - ok
23:23:55.0618 0x0cd8 WD Backup Drive Helper - ok
23:23:55.0618 0x0cd8 WD Backup Snapshot - ok
23:23:55.0649 0x0cd8 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
23:23:55.0665 0x0cd8 WdBoot - ok
23:23:55.0696 0x0cd8 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
23:23:55.0712 0x0cd8 WDC_SAM - ok
23:23:55.0821 0x0cd8 [ 09FA7160B29CF6EB198387F62CEB4540, ECAF9409D98EEF94731F48EE1013ABF64D29F916470CEB78055C4BC2B772CFB9 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
23:23:55.0821 0x0cd8 WDDriveService - ok
23:23:55.0868 0x0cd8 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
23:23:55.0884 0x0cd8 Wdf01000 - ok
23:23:55.0931 0x0cd8 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
23:23:55.0946 0x0cd8 WdFilter - ok
23:23:55.0978 0x0cd8 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
23:23:56.0009 0x0cd8 WdiServiceHost - ok
23:23:56.0009 0x0cd8 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
23:23:56.0024 0x0cd8 WdiSystemHost - ok
23:23:56.0056 0x0cd8 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:23:56.0071 0x0cd8 WdNisDrv - ok
23:23:56.0103 0x0cd8 WdNisSvc - ok
23:23:56.0134 0x0cd8 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll
23:23:56.0165 0x0cd8 WebClient - ok
23:23:56.0212 0x0cd8 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
23:23:56.0243 0x0cd8 Wecsvc - ok
23:23:56.0274 0x0cd8 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
23:23:56.0290 0x0cd8 WEPHOSTSVC - ok
23:23:56.0337 0x0cd8 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
23:23:56.0368 0x0cd8 wercplsupport - ok
23:23:56.0399 0x0cd8 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
23:23:56.0415 0x0cd8 WerSvc - ok
23:23:56.0462 0x0cd8 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
23:23:56.0478 0x0cd8 WFPLWFS - ok
23:23:56.0509 0x0cd8 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
23:23:56.0524 0x0cd8 WiaRpc - ok
23:23:56.0540 0x0cd8 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
23:23:56.0556 0x0cd8 WIMMount - ok
23:23:56.0556 0x0cd8 WinDefend - ok
23:23:56.0618 0x0cd8 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:23:56.0649 0x0cd8 WinHttpAutoProxySvc - ok
23:23:56.0728 0x0cd8 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:23:56.0743 0x0cd8 Winmgmt - ok
23:23:56.0837 0x0cd8 [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
23:23:56.0931 0x0cd8 WinRM - ok
23:23:56.0978 0x0cd8 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
23:23:56.0993 0x0cd8 WinUsb - ok
23:23:57.0087 0x0cd8 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
23:23:57.0149 0x0cd8 WlanSvc - ok
23:23:57.0228 0x0cd8 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
23:23:57.0274 0x0cd8 wlidsvc - ok
23:23:57.0306 0x0cd8 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
23:23:57.0321 0x0cd8 WmiAcpi - ok
23:23:57.0368 0x0cd8 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:23:57.0384 0x0cd8 wmiApSrv - ok
23:23:57.0400 0x0cd8 WMPNetworkSvc - ok
23:23:57.0478 0x0cd8 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
23:23:57.0493 0x0cd8 Wof - ok
23:23:57.0556 0x0cd8 [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
23:23:57.0634 0x0cd8 workfolderssvc - ok
23:23:57.0681 0x0cd8 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:23:57.0681 0x0cd8 wpcfltr - ok
23:23:57.0728 0x0cd8 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
23:23:57.0743 0x0cd8 WPCSvc - ok
23:23:57.0775 0x0cd8 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
23:23:57.0806 0x0cd8 WPDBusEnum - ok
23:23:57.0853 0x0cd8 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:23:57.0868 0x0cd8 WpdUpFltr - ok
23:23:57.0900 0x0cd8 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:23:57.0915 0x0cd8 ws2ifsl - ok
23:23:57.0962 0x0cd8 [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\WINDOWS\System32\wscsvc.dll
23:23:57.0978 0x0cd8 wscsvc - ok
23:23:57.0978 0x0cd8 WSearch - ok
23:23:58.0134 0x0cd8 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
23:23:58.0243 0x0cd8 WSService - ok
23:23:58.0368 0x0cd8 [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv C:\WINDOWS\system32\wuaueng.dll
23:23:58.0493 0x0cd8 wuauserv - ok
23:23:58.0540 0x0cd8 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
23:23:58.0556 0x0cd8 WudfPf - ok
23:23:58.0603 0x0cd8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
23:23:58.0634 0x0cd8 WUDFRd - ok
23:23:58.0681 0x0cd8 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
23:23:58.0696 0x0cd8 wudfsvc - ok
23:23:58.0712 0x0cd8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
23:23:58.0728 0x0cd8 WUDFWpdFs - ok
23:23:58.0743 0x0cd8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
23:23:58.0759 0x0cd8 WUDFWpdMtp - ok
23:23:58.0821 0x0cd8 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
23:23:58.0837 0x0cd8 WwanSvc - ok
23:23:58.0915 0x0cd8 [ 03CD249A16CF815FFFD347DC61EF9E6D, 3DE860B1BACF3F1D48B773FD6F4E25977F5193F01897278AED6CD276595356CE ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
23:23:58.0915 0x0cd8 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
23:24:01.0243 0x0cd8 Detect skipped due to KSN trusted
23:24:01.0243 0x0cd8 ZAtheros Bt and Wlan Coex Agent - ok
23:24:01.0259 0x0cd8 ================ Scan global ===============================
23:24:01.0337 0x0cd8 [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
23:24:01.0368 0x0cd8 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
23:24:01.0400 0x0cd8 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
23:24:01.0447 0x0cd8 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
23:24:01.0447 0x0cd8 [ Global ] - ok
23:24:01.0447 0x0cd8 ================ Scan MBR ==================================
23:24:01.0462 0x0cd8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:24:01.0556 0x0cd8 \Device\Harddisk0\DR0 - ok
23:24:01.0556 0x0cd8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:24:01.0618 0x0cd8 \Device\Harddisk1\DR1 - ok
23:24:01.0618 0x0cd8 ================ Scan VBR ==================================
23:24:01.0618 0x0cd8 [ ABB2ED13517D3EEC809D92F8861E5205 ] \Device\Harddisk0\DR0\Partition1
23:24:01.0650 0x0cd8 \Device\Harddisk0\DR0\Partition1 - ok
23:24:01.0650 0x0cd8 [ D51B264373F707DD420F0E452603725D ] \Device\Harddisk0\DR0\Partition2
23:24:01.0665 0x0cd8 \Device\Harddisk0\DR0\Partition2 - ok
23:24:01.0681 0x0cd8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
23:24:01.0681 0x0cd8 \Device\Harddisk0\DR0\Partition3 - ok
23:24:01.0697 0x0cd8 [ 30C4071CF787D3945010B44D4AF6EF2C ] \Device\Harddisk0\DR0\Partition4
23:24:01.0712 0x0cd8 \Device\Harddisk0\DR0\Partition4 - ok
23:24:01.0728 0x0cd8 [ E7C044AB859298824EB70E8932B74D74 ] \Device\Harddisk0\DR0\Partition5
23:24:01.0743 0x0cd8 \Device\Harddisk0\DR0\Partition5 - ok
23:24:01.0759 0x0cd8 [ 1A3AC4C75D08CAC5BF2A7EB14224F83E ] \Device\Harddisk0\DR0\Partition6
23:24:01.0759 0x0cd8 \Device\Harddisk0\DR0\Partition6 - ok
23:24:01.0790 0x0cd8 [ 96BE788D53F74506713C6120F12E7A36 ] \Device\Harddisk0\DR0\Partition7
23:24:01.0806 0x0cd8 \Device\Harddisk0\DR0\Partition7 - ok
23:24:01.0806 0x0cd8 [ 4442C0A6C04745FB6E5882AD4133A05F ] \Device\Harddisk1\DR1\Partition1
23:24:01.0806 0x0cd8 \Device\Harddisk1\DR1\Partition1 - ok
23:24:01.0806 0x0cd8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition2
23:24:01.0806 0x0cd8 \Device\Harddisk1\DR1\Partition2 - ok
23:24:01.0822 0x0cd8 ================ Scan generic autorun ======================
23:24:01.0853 0x0cd8 [ E55DEA605DB147818E2F2F53F16C0373, FDCF546E37CABB587F0C7A599887EB487CC2DBD9B966EE9EA463B6E5F724E493 ] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
23:24:01.0868 0x0cd8 DptfPolicyLpmServiceHelper - ok
23:24:01.0962 0x0cd8 [ 2C5E357DFA60AA683B27E3C1F47B32F8, 67EB765BBA12E91AC30C008043F3B0DF4AB36324747531A141F54A12558AEA65 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
23:24:02.0009 0x0cd8 NvBackend - ok
23:24:02.0118 0x0cd8 [ DFE7FD46194D1711DA45EFDF02B78BD9, 5BF9AFAAE5835F6FFA47638BCA3C85B555C9C7042287877E4E2B666A7A0D06E2 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
23:24:02.0134 0x0cd8 Acronis Scheduler2 Service - ok
23:24:02.0150 0x0cd8 mcui_exe - ok
23:24:02.0165 0x0cd8 ATLauncher - ok
23:24:02.0243 0x0cd8 [ 9183CA92DF1584158C79E9A69325EB43, 943CFFE0E9DE7342503CE81FAB4AD4B4B3A3BB65CC0BDFDFD0ED51BAAEA2A80E ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
23:24:02.0275 0x0cd8 Cisco AnyConnect Secure Mobility Agent for Windows - ok
23:24:02.0384 0x0cd8 [ 0502B22B2B6377D076EE3A205A44981D, 81E3E8742BB1AF883C02EF708A67CE82DB99AA3AE375F148857A6DCA87DB5450 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
23:24:02.0400 0x0cd8 DivXMediaServer - ok
23:24:02.0494 0x0cd8 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
23:24:02.0494 0x0cd8 HP Software Update - ok
23:24:02.0572 0x0cd8 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
23:24:02.0619 0x0cd8 WAB Migrate - ok
23:24:02.0650 0x0cd8 [ 2545DB0FC7229CE566B4F0F6E72E6C3A, F7E703A687C741905F17BFE39E7A6022D2142E9E16922546DFC5A23D1B184348 ] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
23:24:02.0665 0x0cd8 GUDelayStartup - ok
23:24:02.0697 0x0cd8 Skype - ok
23:24:02.0728 0x0cd8 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
23:24:02.0744 0x0cd8 WAB Migrate - ok
23:24:02.0744 0x0cd8 Waiting for KSN requests completion. In queue: 177
23:24:03.0759 0x0cd8 Waiting for KSN requests completion. In queue: 177
23:24:04.0775 0x0cd8 Waiting for KSN requests completion. In queue: 9
23:24:05.0791 0x0cd8 AV detected via SS2: Norton 360 Premier, C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\WSCStub.exe ( 22.6.0.0 ), 0x51000 ( enabled : updated )
23:24:05.0853 0x0cd8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
23:24:05.0853 0x0cd8 FW detected via SS2: Norton 360 Premier, C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\WSCStub.exe ( 22.6.0.0 ), 0x51010 ( enabled )
23:24:08.0213 0x0cd8 ============================================================
23:24:08.0213 0x0cd8 Scan finished
23:24:08.0213 0x0cd8 ============================================================
23:24:08.0213 0x1798 Detected object count: 1
23:24:08.0213 0x1798 Actual detected object count: 1
23:24:21.0448 0x1798 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:24:21.0448 0x1798 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
13.06.2016, 07:48
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? Programme sollten nicht gelöscht werden, sondern deinstalliert.  Schritt 1 Bitte deinstalliere folgende Programme: MyFreeCodec Versuche es bei Windows 8  mit der Windowstaste + X über  .Sollte das nicht gehen, lade Dir bitte Revo Uninstaller  hier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter. Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus: Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3  
Schritt 4 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
13.06.2016, 15:58
| #9 |
| | Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? Ja, bei einzelnen Programmen ist mir das klar, bei etwas so Großem wusste ich nicht wie. Die empohlenen Schritte führe ich gleich aus, dafür deaktiviere ich Norton vorher, oder? Von Norton kam als ich den PC hochfuhr diese Meldung: Code:
ATTFilter Behobene Bedrohungen:
PUA.OpenCandy
Typ: Anomalie
Risiko: Gering (Gering Stealth, Gering Entfernen, Gering Leistung, Gering Datenschutz)
Kategorien: Sicherheitsrisiko
Status: Ausgeschlossen
-----------
1 Datei
c:\users\mira\downloads\divx35installer.exe - Ausgeschlossen
1 Browser-Cache
Nicht behobene Bedrohungen:
Keine nicht behobenen Risiken
Schritt 1: MyFreeCodec deinstalliert (Über Win + X hat geklappt). Schritt 2: Logdatei von AdwCleaner. Code:
ATTFilter # AdwCleaner v5.119 - Bericht erstellt am 13/06/2016 um 14:02:03
# Aktualisiert am 30/05/2016 von Xplode
# Datenbank : 2016-06-12.1 [Server]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : Mira - JAMIE
# Gestartet von : C:\Users\Mira\Desktop\AdwCleaner_5.119.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht : C:\Program Files (x86)\myfree codec
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKCU\Software\distromatic
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\Mail.Ru
[-] Schlüssel gelöscht : HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt : HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten wiederhergestellt : HKU\S-1-5-21-2226888768-1864803197-2813516363-1002\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [2993 Bytes] - [13/06/2016 14:02:03]
C:\AdwCleaner\AdwCleaner[S1].txt - [3993 Bytes] - [13/06/2016 14:00:49]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3139 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 13.06.2016 Suchlaufzeit: 14:21 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.06.13.03 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Mira Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 442515 Abgelaufene Zeit: 42 Min., 26 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ad52ed249e0d1f4e8eac6ef84be4b94c
# end=init
# utc_time=2016-06-13 01:14:04
# local_time=2016-06-13 03:14:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 29780
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ad52ed249e0d1f4e8eac6ef84be4b94c
# end=updated
# utc_time=2016-06-13 01:16:50
# local_time=2016-06-13 03:16:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ad52ed249e0d1f4e8eac6ef84be4b94c
# engine=29780
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-13 02:49:18
# local_time=2016-06-13 04:49:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=3589 16777213 100 57 2753654 228425943 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 26440775 43310490 0 0
# scanned=313318
# found=3
# cleaned=0
# scan_time=5547
sh=761E9515D3C0B4367787308E4379D8FEFCC44A2E ft=1 fh=ce9871a1f6f0d9d8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mira\Downloads\League of Legends - CHIP-Installer.exe"
sh=4DA3D9D9B7724364AB692387E1BF9138D0877AC9 ft=1 fh=c50eb51e88beb1dd vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mira\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe"
sh=85B5BC3DB5A6508AB1FFEFF5813620A4F32F3DC4 ft=1 fh=fa4c3a4b1477c2fe vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mira\Downloads\YouTube Downloader HD - CHIP-Installer.exe"
Mira |
|
13.06.2016, 22:10
| #10 |
| /// TB-Ausbilder /// Anleitungs-Guru | Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? So weit, so gut. Was sagt FB? Tue denen halt den Gefallen und scanne mit deren empfohlenem Programm.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
14.06.2016, 07:47
| #11 |
| | Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? Habe den FB-Scanner laufen lassen. Hat (Überraschung) nichts gefunden. Jetzt kann ich mich wieder einloggen. Vielen Dank dir für die Vorüberprüfung! lg Mira Geändert von ShotaB (14.06.2016 um 07:53 Uhr) |
|
| Themen zu Facebook: "Dein Computer muss gereinigt werden" - Virus/Malware? |
| antivir, antivirus, computer, desktop, dllhost.exe, dnsapi.dll, einlogproblem, facebook, fehlermeldung, firefox, flash player, homepage, installation, malware, malwaremeldung, mozilla, mp3, officejet, problem, prozesse, registry, rundll, security, services.exe, spam, svchost.exe, symantec, system, teamspeak, werden", windows, wlan |
dann auf 
und dann auf 
.
Linear-Darstellung
