| |
| |||||||
Log-Analyse und Auswertung: [WIN 10] TR/Dropper.MSIL.Gen gefunden!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.11.2016, 15:58
| #1 |
 | ![[WIN 10] TR/Dropper.MSIL.Gen gefunden! - Standard](images/icons/icon1.gif){kind=icon} [WIN 10] TR/Dropper.MSIL.Gen gefunden! Hallo, ich habe mir über den Chip.de Installer beim Download von VirtualCloneDrive einen Trojaner eingefangen. Wie zur Hölle ist sowas möglich???  Antivir hat das noch während der Installation gemeldet und in Quaratäne verschoben.Was muss ich nun alles tun damit mein System wieder sauber wird? In den letzten Monaten ist mir aufgefallen, dass mein Rechner generell auch deutlich langsamer ist als zu Beginn. Steckt da eventuell noch was anderes dahinter? Wäre super wenn jmd helfen könnte!  |
|
01.11.2016, 22:06
| #2 |
| | [WIN 10] TR/Dropper.MSIL.Gen gefunden! Avira Antivir Logfile
__________________Code:
ATTFilter 01.11.2016, 15:08:20 [Echtzeit-Scanner] Malware gefunden
Muster 'TR/Dropper.MSIL.Gen [trojan]'
in Datei 'C:\Program Files (x86)\Chip Digital GmbH\chip1click\CHIP Active Download.exe gefunden.
Durchgeführte Aktion: Datei in Quarantäne verschieben
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 01.11.2016 Suchlaufzeit: 15:29 Protokolldatei: Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.11.01.07 Rootkit-Datenbank: v2016.10.31.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Johannes Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 494387 Abgelaufene Zeit: 3 Std., 2 Min., 58 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 2 Trojan.Dropper, C:\Program Files (x86)\Counter Strike 1.6 Reloaded\SierraUp.exe, Keine Aktion durch Benutzer, [041786359703b680183a2cb26b96f709], PUP.Optional.StartPage24, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\jp77m2iy.default-1438181041466\extensions\ffext_basicvideoext@startpage24.xpi, In Quarantäne, [a7744b70a0fa9b9b99a45582bb474db3], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016 durchgeführt von Johannes (Administrator) auf JB (01-11-2016 15:34:40) Gestartet von C:\Users\Johannes\Downloads Geladene Profile: Johannes & Lisa & (Verfügbare Profile: Johannes & Lisa) Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Samsung) C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AllShareFrameworkManagerDMS.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Samsung) C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AllShareFrameworkDMS.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\SamsungLink\SamsungLinkService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\SamsungLink\SLServiceUserApp.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Greenshot) C:\Program Files\Greenshot\Greenshot.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\WISO\Steuersoftware 2016\wmain16.dll (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Microsoft Corporation) C:\Windows\System32\LogonUI.exe (Microsoft Corporation) C:\Windows\System32\LockAppHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\SamsungLink\SLServiceUserApp.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Greenshot) C:\Program Files\Greenshot\Greenshot.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.0_none_36d3ccc3ddfd1ecb\TiWorker.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3251408 2015-09-23] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917584 2016-10-21] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25424008 2016-10-24] (Dropbox, Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [226816 2016-05-23] (Geek Software GmbH) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-12] (Greenshot) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Run: [Amazon Music] => C:\Users\Johannes\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-02] () HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-09-09] (Apple Inc.) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-09-09] (Apple Inc.) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-07-14] (TomTom) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\MountPoints2: {545d25b2-66b7-11e2-be94-c48508aae0d7} - "E:\setup.exe" HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-12] (Greenshot) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\Johannes\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-02] () HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-09-09] (Apple Inc.) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-09-09] (Apple Inc.) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-07-14] (TomTom) HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {545d25b2-66b7-11e2-be94-c48508aae0d7} - "E:\setup.exe" HKU\S-1-5-21-2739015723-2927197382-1160632269-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-2739015723-2927197382-1160632269-1004\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-12] (Greenshot) HKU\S-1-5-21-2739015723-2927197382-1160632269-1004\...\MountPoints2: {545d25b2-66b7-11e2-be94-c48508aae0d7} - "E:\setup.exe" HKU\S-1-5-21-2739015723-2927197382-1160632269-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\S-1-5-21-2739015723-2927197382-1160632269-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-12] (Greenshot) HKU\S-1-5-21-2739015723-2927197382-1160632269-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {545d25b2-66b7-11e2-be94-c48508aae0d7} - "E:\setup.exe" HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-12] (Greenshot) HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Run: [Amazon Music] => C:\Users\Johannes\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-02] () HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.) HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.) HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-09-09] (Apple Inc.) HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-09-09] (Apple Inc.) HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-07-14] (TomTom) HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\RunOnce: [Uninstall C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\RunOnce: [Uninstall C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\RunOnce: [Uninstall C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\RunOnce: [Uninstall C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1004)\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1004)\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-12] (Greenshot) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [0SamsungLinkOverlayIconCreated] -> {D130049C-7512-4075-9145-7B8B18149060} => C:\Program Files\Samsung\SamsungLink\SLIconOverlay.dll [2015-07-16] (Samsung Electronics CO., LTD.) ShellIconOverlayIdentifiers: [0SamsungLinkOverlayIconRenamed] -> {D130049D-7512-4075-9145-7B8B18149060} => C:\Program Files\Samsung\SamsungLink\SLIconOverlay.dll [2015-07-16] (Samsung Electronics CO., LTD.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{f777addd-2478-438e-85c8-bf3c873a22a6}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com HKU\S-1-5-21-2739015723-2927197382-1160632269-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2739015723-2927197382-1160632269-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com HKU\S-1-5-21-2739015723-2927197382-1160632269-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2739015723-2927197382-1160632269-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1004)\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1004)\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com SearchScopes: HKLM -> DefaultScope Wert fehlt SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\S-1-5-21-2739015723-2927197382-1160632269-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2739015723-2927197382-1160632269-1001 -> {216F2AAB-AC60-4908-BAF9-3DA6499FC0FE} URL = SearchScopes: HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {216F2AAB-AC60-4908-BAF9-3DA6499FC0FE} URL = SearchScopes: HKU\S-1-5-21-2739015723-2927197382-1160632269-1004 -> DefaultScope {216F2AAB-AC60-4908-BAF9-3DA6499FC0FE} URL = SearchScopes: HKU\S-1-5-21-2739015723-2927197382-1160632269-1004 -> {216F2AAB-AC60-4908-BAF9-3DA6499FC0FE} URL = SearchScopes: HKU\S-1-5-21-2739015723-2927197382-1160632269-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {216F2AAB-AC60-4908-BAF9-3DA6499FC0FE} URL = SearchScopes: HKU\S-1-5-21-2739015723-2927197382-1160632269-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {216F2AAB-AC60-4908-BAF9-3DA6499FC0FE} URL = SearchScopes: HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001) -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001) -> {216F2AAB-AC60-4908-BAF9-3DA6499FC0FE} URL = SearchScopes: HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1004) -> DefaultScope {216F2AAB-AC60-4908-BAF9-3DA6499FC0FE} URL = SearchScopes: HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1004) -> {216F2AAB-AC60-4908-BAF9-3DA6499FC0FE} URL = BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20] (DVDVideoSoft Ltd.) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-01-09] (pdfforge GbR) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-22] (DVDVideoSoft Ltd.) FireFox: ======== FF ProfilePath: C:\Users\Johannes\AppData\Roaming\TomTom\HOME\Profiles\4xhj38pk.default [2016-09-22] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-09-22] [ist nicht signiert] FF ProfilePath: C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\jp77m2iy.default-1438181041466 [2016-11-01] FF Extension: (Video Downloader Professional) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\jp77m2iy.default-1438181041466\Extensions\ffext_basicvideoext@startpage24.xpi [2016-05-24] FF Extension: (Firefox Hotfix) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\jp77m2iy.default-1438181041466\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-22] FF Extension: (Adblock Plus) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\jp77m2iy.default-1438181041466\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-01] FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-11-26] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-26] [ist nicht signiert] FF HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-13] [ist nicht signiert] FF HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-21] () FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\windows\system32\npDeployJava1.dll [2013-02-14] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-21] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2012-08-23] (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-06] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-30] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-30] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-30] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-30] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-30] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AllShare Framework DMS; C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AllShareFrameworkManagerDMS.exe [403264 2015-07-16] (Samsung) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1086040 2016-10-21] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [475232 2016-10-21] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [475232 2016-10-21] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1489240 2016-10-21] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.) S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG) S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L) R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert] S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-14] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-14] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [41576 2016-10-24] (Dropbox, Inc.) R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [139984 2015-09-23] (ELAN Microelectronics Corp.) R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation) R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-08-22] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR) R2 SamsungLinkService; C:\Program Files\Samsung\SamsungLink\SamsungLinkService.exe [24914272 2015-07-16] (Samsung Electronics CO., LTD.) S2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3289448 2016-05-11] (Samsung Electronics Co., Ltd.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [149832 2016-10-21] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153392 2016-10-21] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2015-12-21] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-25] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2014-02-23] (DT Soft Ltd) R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41024 2015-09-23] (ELAN Microelectronic Corp.) R1 excfs; C:\WINDOWS\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies) R0 excsd; C:\WINDOWS\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies) R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2012-08-22] (Intel Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-01] (Malwarebytes) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation) R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek ) S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-09-03] (Windows (R) 2003 DDK 3790 provider) R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation) R3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-11-01 15:38 - 2016-11-01 15:38 - 00000512 _____ C:\Users\Johannes\Desktop\Ereignisse.txt 2016-11-01 15:38 - 2016-11-01 15:38 - 00000000 ___SH C:\DkHyperbootSync 2016-11-01 15:34 - 2016-11-01 15:42 - 00038767 _____ C:\Users\Johannes\Downloads\FRST.txt 2016-11-01 15:34 - 2016-11-01 15:34 - 00000000 ____D C:\FRST 2016-11-01 15:33 - 2016-11-01 15:33 - 02408960 _____ (Farbar) C:\Users\Johannes\Downloads\FRST64.exe 2016-11-01 15:22 - 2016-11-01 15:22 - 03910208 _____ C:\Users\Johannes\Downloads\AdwCleaner_6.030.exe 2016-11-01 15:22 - 2016-11-01 15:22 - 01631928 _____ (Malwarebytes) C:\Users\Johannes\Downloads\JRT.exe 2016-11-01 15:09 - 2016-11-01 15:09 - 00001327 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk 2016-11-01 15:08 - 2016-11-01 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2016-11-01 15:08 - 2016-11-01 15:08 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes 2016-11-01 15:08 - 2016-11-01 15:08 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH 2016-11-01 15:05 - 2016-11-01 15:06 - 01474568 _____ C:\Users\Johannes\Downloads\Virtual CloneDrive - CHIP-Installer.exe 2016-11-01 14:48 - 2016-11-01 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-11-01 14:43 - 2016-11-01 14:46 - 00000000 ____D C:\Users\Johannes\AppData\Local\ConnectedDevicesPlatform 2016-11-01 14:43 - 2016-11-01 14:43 - 00000020 ___SH C:\Users\Johannes\ntuser.ini 2016-10-24 14:06 - 2016-10-24 14:06 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2016-10-24 14:06 - 2016-10-24 14:06 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2016-10-24 14:06 - 2016-10-24 14:06 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2016-10-24 14:06 - 2016-10-24 14:06 - 00041576 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2016-10-21 20:39 - 2016-10-21 20:39 - 06183104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2016-10-21 20:34 - 2016-10-21 20:28 - 00023640 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys 2016-10-21 20:30 - 2016-10-21 20:57 - 00000000 ____D C:\Users\Lisa\AppData\Roaming\vlc 2016-10-21 20:26 - 2016-10-21 20:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-10-21 20:15 - 2016-10-30 10:53 - 00000000 ____D C:\Users\Lisa\AppData\Local\ConnectedDevicesPlatform 2016-10-21 20:15 - 2016-10-21 20:15 - 00000020 ___SH C:\Users\Lisa\ntuser.ini ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-11-01 15:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-11-01 15:30 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2016-11-01 15:29 - 2015-08-30 17:26 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-11-01 15:27 - 2015-08-30 17:26 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-11-01 15:27 - 2015-08-30 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-11-01 15:27 - 2015-08-30 17:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-11-01 15:09 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-11-01 15:08 - 2016-09-22 10:13 - 00000000 ____D C:\Users\Johannes\AppData\Local\Downloaded Installations 2016-11-01 15:00 - 2015-12-11 08:33 - 00000000 ___RD C:\Users\Johannes\OneDrive 2016-11-01 15:00 - 2015-10-18 13:28 - 00002428 _____ C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-11-01 14:57 - 2012-08-22 08:33 - 00000000 ____D C:\ProgramData\WinClon 2016-11-01 14:51 - 2013-01-26 23:35 - 00000000 ___RD C:\Users\Johannes\Dropbox 2016-11-01 14:50 - 2016-08-07 14:26 - 00000000 ___RD C:\Users\Johannes\iCloudDrive 2016-11-01 14:49 - 2015-11-14 16:51 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-11-01 14:49 - 2013-02-21 20:35 - 00000000 ____D C:\Users\Johannes\AppData\Local\Greenshot 2016-11-01 14:48 - 2013-01-25 07:36 - 00000000 ____D C:\Users\Johannes\AppData\Local\Packages 2016-11-01 14:45 - 2016-09-24 03:57 - 00000000 ____D C:\Users\Johannes 2016-11-01 14:43 - 2015-10-18 13:21 - 00000000 __SHD C:\Users\Johannes\IntelGraphicsProfiles 2016-11-01 14:43 - 2015-09-10 06:37 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-11-01 14:41 - 2016-09-24 03:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-10-30 11:16 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-10-30 11:16 - 2013-04-22 19:40 - 00000000 ____D C:\Users\Lisa\AppData\Local\Packages 2016-10-30 11:06 - 2015-11-14 16:14 - 00000000 ____D C:\Users\Lisa\Documents\steuer 2016-10-30 11:03 - 2015-04-06 19:59 - 00000710 _____ C:\WINDOWS\wiso.ini 2016-10-30 10:59 - 2016-09-24 04:53 - 00003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2016-10-30 10:57 - 2015-11-14 16:06 - 00000000 ____D C:\Users\Lisa\AppData\Local\Buhl 2016-10-30 10:51 - 2016-09-24 03:57 - 00000000 ____D C:\Users\Lisa 2016-10-30 10:51 - 2015-11-01 13:21 - 00000000 __SHD C:\Users\Lisa\IntelGraphicsProfiles 2016-10-21 20:49 - 2016-09-24 04:53 - 00003604 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon 2016-10-21 20:41 - 2016-09-24 04:53 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-10-21 20:41 - 2013-02-09 17:58 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-10-21 20:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-10-21 20:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-10-21 20:39 - 2013-01-26 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-10-21 20:33 - 2016-09-24 04:53 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-10-21 20:29 - 2015-11-27 19:34 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-10-21 20:28 - 2013-03-31 14:33 - 00153392 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2016-10-21 20:28 - 2013-03-31 14:33 - 00149832 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2016-10-21 20:16 - 2015-10-18 13:21 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-01-25 07:38 - 2013-01-26 15:57 - 0002223 _____ () C:\Users\Johannes\AppData\Roaming\AbsoluteReminder.xml 2014-01-23 19:14 - 2014-01-23 19:15 - 0013448 _____ () C:\Users\Johannes\AppData\Local\WiDiSetupLog.20140123.191458.txt 2014-01-23 19:28 - 2014-01-23 19:29 - 0023639 _____ () C:\Users\Johannes\AppData\Local\WiDiSetupLog.20140123.192808.txt 2016-09-24 03:51 - 2016-09-24 03:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2013-07-11 10:02 - 2013-02-21 15:59 - 2063240 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe 2013-07-11 10:02 - 2013-01-12 22:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml Einige Dateien in TEMP: ==================== C:\Users\Lisa\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-09-24 03:46 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-10-2016
durchgeführt von Johannes (01-11-2016 15:47:25)
Gestartet von C:\Users\Johannes\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-24 04:00:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2739015723-2927197382-1160632269-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2739015723-2927197382-1160632269-503 - Limited - Disabled)
Gast (S-1-5-21-2739015723-2927197382-1160632269-501 - Limited - Disabled)
Johannes (S-1-5-21-2739015723-2927197382-1160632269-1001 - Administrator - Enabled) => C:\Users\Johannes
Lisa (S-1-5-21-2739015723-2927197382-1160632269-1004 - Administrator - Enabled) => C:\Users\Lisa
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Amazon Music (HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
Amazon Music (HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.22.54 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Counter Strike 1.6 Reloaded (HKLM-x32\...\Counter Strike 1.6 Reloaded) (Version: 1.00 - The Reloaded Team)
CyberGhost 5 (HKLM\...\CyberGhost VPN 5_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Dropbox (HKLM-x32\...\Dropbox) (Version: 13.4.21 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2739015723-2927197382-1160632269-1004\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2739015723-2927197382-1160632269-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Dropbox (HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1004)\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies)
Fast Flash Sleep Resume (x32 Version: 1.1.0 - Samsung) Hidden
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free Studio version 6.4.0.1122 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.0.1122 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.60.713 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.60.713 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Greenshot 1.1.7.17 (HKLM\...\Greenshot_is1) (Version: 1.1.7.17 - Greenshot)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
iDump Classic 2013 (HKLM-x32\...\{1726A855-4764-4439-9576-CE845A4088CE}) (Version: 2.0.1.0 - EscSoft)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e6d17d96-ddaa-476f-bb07-db601024ffb1}) (Version: 15.8.0 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Nero12EssTSST (HKLM-x32\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)
ON1 Effects Free 10 (HKLM\...\ON1 Effects Free 10) (Version: 10.5.1 - ON1)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF24 Creator 7.8.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge)
Perfect Effects 8 (HKLM-x32\...\{ABC791C9-E95B-40C8-8BDD-F5E84E2E268B}) (Version: 8.1.0 - onOne Software)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.1.0.1 - Samsung Electronics CO., LTD.)
Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
Rosetta Stone V3 (HKLM-x32\...\{7210BCFE-ED8D-4261-8537-81B5A4BDFA2A}) (Version: 3.2.11 - Rosetta Stone)
S Agent (Version: 1.1.58 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link (HKLM\...\{5A1F24BA-845E-4C89-BFF0-826FD9A6D4EB}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Samsung Update (HKLM-x32\...\{0BC4AC38-E7C5-4394-A6BD-32CDCE2C8B9D}) (Version: 2.2.36 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TomTom HOME (HKLM-x32\...\{B581E191-A2C1-4CE3-907E-9FE3C728750C}) (Version: 2.9.91 - Ihr Firmenname)
tRoX's CS Script Pack v1.71 (HKLM-x32\...\tRoX's CS Script Pack v1.71) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2739015723-2927197382-1160632269-1004\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2739015723-2927197382-1160632269-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1004)\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
WISO steuer:Start 2015 (HKLM-x32\...\{38DE3756-F1B2-404C-9FBA-D83D53D5FC67}) (Version: 22.00.8811 - Buhl Data Service GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{A86BFEA4-FB33-4119-90E9-4005804DC47A}) (Version: 23.00.1146 - Buhl Data Service GmbH)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2739015723-2927197382-1160632269-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2739015723-2927197382-1160632269-1004_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Lisa\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2739015723-2927197382-1160632269-1004_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03CEB5CD-B6DA-4F2D-98D2-864303AB6F22} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {0438F8B2-214D-407E-AE69-0E2082FEE838} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {108F4485-55C2-41C1-9261-D40A6E0BC86A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {1F02D2A7-A2A0-4CE6-B471-BD39E692CA8B} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Keine Datei <==== ACHTUNG
Task: {2A1AD0D5-55CF-460E-82DB-002F30495A08} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Keine Datei <==== ACHTUNG
Task: {2AA0D329-C1C6-41CC-B547-2A79E3E8F230} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2AC9C4AB-7F58-42E0-80D7-6013BA064F86} - \WPD\SqmUpload_S-1-5-21-2739015723-2927197382-1160632269-1004 -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {38CF2FB5-4C48-41A5-88DE-899DCFD9ABC6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {3EA0FE15-4B31-431A-BBBE-CEDEFDE5744E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {40071072-70FA-47F5-9269-79E541EF38EA} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-24] (Microsoft Corporation)
Task: {54D3D5E9-003C-43ED-946E-DC6C86603D5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {58303426-54F6-4D9F-84C4-6CBEE867615B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {63903F4E-BF1A-4943-B6E3-98EADB6158F4} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2015-07-14] (SEC)
Task: {649B2583-94D6-4D0E-A5E7-F0985C2B7EF9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7779DC57-6677-4966-9B21-0E516EBBB7C6} - System32\Tasks\FFSRConfigurer => C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe [2012-08-10] (Samsung)
Task: {77F5E948-C3DD-47EE-BDA5-0245B24C0F29} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {7AC893F1-843B-4892-9113-997600B7C3B0} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2016-02-23] (Samsung Electronics Co., Ltd.)
Task: {7C15DE96-3CC5-43B6-AA28-C114AEC062B7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {7D5230F2-AE3D-4998-84F1-BBEAD4B6B756} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7D87FE72-1B11-46B8-81BA-C7FDB543B685} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7EEE7FAE-D747-4053-8DC8-911B998C70E1} - \WPD\SqmUpload_S-1-5-21-2739015723-2927197382-1160632269-1001 -> Keine Datei <==== ACHTUNG
Task: {7F2C795F-0E2E-423F-8A93-CD9508F429AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {7F369CDF-9CD2-4F2C-AA87-CE1C4827D613} - System32\Tasks\SamsungLinkTray => C:\Program Files\Samsung\SamsungLink\SLServiceUserApp.exe [2015-07-16] (Samsung Electronics CO., LTD.)
Task: {8BDDC5B6-C55E-4529-91D2-7A2E1D0B91E4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {8E0D92C8-69D1-4124-B7A4-B6E620D166B8} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {9DAFD5CD-88F3-416A-ABA2-CD4129275049} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
Task: {AE0C6051-FFD9-441A-8DF5-BB23C9D24EDD} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-14] (Dropbox, Inc.)
Task: {B8F23A27-4210-4DC2-8535-86ACEBE9F6A3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {D56E4A3B-B56C-49B4-A438-F869EB2CB6A9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {D806B19F-CE70-41FD-9F0F-1AB1C9B55CAF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {DE7F644F-AF05-4895-B02C-91C3FAA3FC5D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {E227411C-D45A-45CF-AE7A-1F639E660D31} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {EDD03181-9C3D-4C2F-8541-F0BC9542DDC9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-14] (Dropbox, Inc.)
Task: {F3795DD6-F322-4428-A29D-8BA58ED9F078} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00128000 _____ () C:\Program Files\Samsung\SamsungLink\Logger.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 02801664 _____ () C:\Program Files\Samsung\SamsungLink\scs_masi.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-01-29 12:20 - 2014-01-29 12:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2016-09-24 04:37 - 2016-09-24 04:37 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-30 08:02 - 2016-08-25 15:46 - 03686016 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wmain16.dll
2016-11-01 14:58 - 2016-11-01 14:58 - 01864384 _____ () C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 02045952 _____ () C:\Program Files\Samsung\SamsungLink\SLCtxMenuExtension.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 03378528 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-09-24 04:37 - 2016-09-24 04:37 - 02263904 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 01138176 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DMSManager.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00012800 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_system-vc90-mt-1_47.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00038912 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_date_time-vc90-mt-1_47.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00227840 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_serialization-vc90-mt-1_47.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00046592 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\boost_thread-vc90-mt-1_47.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00107008 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DCMCDP.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00102400 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\FolderCDP.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00707072 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ContentDirectoryPresenter.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00041472 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DirectoryScanner.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00032768 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\Autobackup.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00055808 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\RosettaAllShare.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00078336 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\MetadataFramework.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00520234 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\sqlite3.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00450560 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\MoodExtractor.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00028672 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AutoChaptering.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 05717504 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\DCMImgExtractor.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00017920 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\VideoExtractor.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00028160 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AudioExtractor.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00012288 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ImageExtractor.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00013824 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\TextExtractor.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00147456 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libexpat.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00125952 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ThumbnailMaker.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00012288 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\VideoThumb.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00137216 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\VideoMetadataDriver.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00024064 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\SECMetaDriver.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00024064 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\photoDriver.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00064000 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ID3Driver.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00289792 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libThumbnail.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00022528 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\RichInfoDriver.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 01033216 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\ImageMagickWrapper.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00070656 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\avutil-50.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00686080 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\avformat-52.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 04671488 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\avcodec-52.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00399826 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libexif-12.dll.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00152064 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\swscale-0.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00290816 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\libKeyFrame.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00366592 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\tag.dll
2015-07-16 09:41 - 2015-07-16 09:41 - 00044032 _____ () C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\us.dll
2014-01-29 12:20 - 2014-01-29 12:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 12:20 - 2014-01-29 12:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 12:20 - 2014-01-29 12:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 12:20 - 2014-01-29 12:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 12:20 - 2014-01-29 12:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 12:20 - 2014-01-29 12:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 12:20 - 2014-01-29 12:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 12:20 - 2014-01-29 12:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 12:20 - 2014-01-29 12:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2016-09-13 19:15 - 2016-09-13 19:15 - 01383616 _____ () C:\Users\Lisa\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-09-13 19:15 - 2016-09-13 19:15 - 00118976 _____ () C:\Users\Lisa\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2013-09-28 11:13 - 2016-05-23 08:25 - 00075264 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2013-09-28 11:13 - 2016-05-23 08:24 - 00053248 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2016-01-30 08:02 - 2016-08-25 15:38 - 04724864 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wbae216.dll
2016-01-30 08:02 - 2016-08-25 15:38 - 02019968 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wbae316.dll
2016-01-30 08:02 - 2016-08-25 15:38 - 03359360 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wbae416.dll
2016-01-30 08:02 - 2016-08-25 15:45 - 01589376 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wfabu16.dll
2016-01-30 08:02 - 2016-08-25 15:37 - 01731712 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\whau116.dll
2016-01-30 08:02 - 2016-08-25 15:38 - 03821184 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\whau216.dll
2016-01-30 08:02 - 2016-08-25 15:46 - 09697920 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wkont16.dll
2016-01-30 08:02 - 2016-08-25 15:38 - 03565696 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wwerb16.dll
2016-01-30 08:02 - 2016-08-25 15:45 - 03138688 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wimp16.dll
2016-01-30 08:02 - 2016-08-25 15:44 - 11228800 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wbae116.dll
2016-01-30 08:02 - 2016-08-25 15:37 - 39315584 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wgui16.dll
2016-01-30 08:02 - 2016-08-25 15:27 - 05128192 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\btselsterapi.dll
2016-01-30 08:02 - 2016-08-25 15:33 - 04792448 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wreli16.dll
2016-01-30 08:02 - 2016-08-25 15:32 - 09780864 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\wcore16.dll
2016-01-30 08:02 - 2016-08-25 15:23 - 00858240 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\btsguiwinapi55.dll
2016-01-30 08:02 - 2016-08-25 15:23 - 00362112 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\btsservices55.dll
2016-01-30 08:02 - 2016-08-25 15:22 - 00623232 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\btsplatformapi55.dll
2016-01-30 08:02 - 2016-08-25 15:23 - 00164480 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\btsdcom55.dll
2016-01-30 08:02 - 2015-10-22 10:24 - 00249344 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2016\clucene-contribs-lib.dll
2016-01-30 08:02 - 2015-10-22 10:24 - 01029120 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2016\clucene-core.dll
2016-01-30 08:02 - 2016-08-25 15:22 - 00685568 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\sqlitesee.dll
2016-01-30 08:02 - 2015-10-22 10:24 - 00096768 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2016\clucene-shared.dll
2016-01-30 08:02 - 2015-10-22 10:24 - 00067584 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2016\zlib1.dll
2016-01-30 08:02 - 2016-08-25 15:23 - 00112128 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2016\sqldrivers\libqsqlitesee.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-21 20:21 - 2016-10-10 19:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-11-01 14:47 - 2016-10-10 19:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-11-01 14:47 - 2016-10-10 19:19 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-11-01 14:47 - 2016-10-10 19:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-10-21 20:21 - 2016-10-10 19:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-10-21 20:21 - 2016-10-10 19:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-10-21 20:21 - 2016-10-10 19:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-11-01 14:47 - 2016-10-24 14:15 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-10-21 20:21 - 2016-10-10 19:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-11-01 14:47 - 2016-10-24 14:15 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-11-01 14:47 - 2016-10-24 14:15 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-11-01 14:47 - 2016-10-24 14:15 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-11-01 14:47 - 2016-10-24 14:15 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-11-01 14:47 - 2016-10-10 19:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-11-01 14:47 - 2016-10-10 19:21 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-11-01 14:47 - 2016-10-24 14:15 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-11-01 14:47 - 2016-10-24 14:15 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-10-21 20:21 - 2016-10-10 19:20 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-11-01 14:47 - 2016-10-24 14:15 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-10-21 20:21 - 2016-10-10 19:21 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-11-01 14:47 - 2016-10-24 14:15 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-11-01 14:47 - 2016-10-10 19:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-11-01 14:47 - 2016-10-24 14:15 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-11-01 14:47 - 2016-10-24 14:06 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-11-01 14:47 - 2016-10-24 14:15 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-11-01 14:47 - 2016-10-24 14:15 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-10-21 20:21 - 2016-10-10 19:19 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-11-01 14:47 - 2016-10-24 14:16 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-11-01 14:47 - 2016-10-24 14:16 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-11-01 14:47 - 2016-10-24 14:15 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-11-01 14:47 - 2016-10-24 14:16 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-11-01 14:47 - 2016-10-24 14:16 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-11-01 14:47 - 2016-10-24 14:16 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-11-01 14:47 - 2016-10-10 19:24 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-11-01 14:47 - 2016-10-10 19:24 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-10-21 20:21 - 2016-10-10 19:21 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-10-21 20:21 - 2016-10-24 14:16 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-11-01 14:47 - 2016-10-24 14:16 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-11-01 14:47 - 2016-10-24 14:16 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-11-01 14:47 - 2016-10-24 14:16 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-11-01 14:47 - 2016-10-24 14:16 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-11-01 14:57 - 2016-11-01 14:57 - 01383616 _____ () C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-11-01 14:58 - 2016-11-01 14:58 - 00118976 _____ () C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Johannes\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Johannes\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2739015723-2927197382-1160632269-1004\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2739015723-2927197382-1160632269-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\Control Panel\Desktop\\Wallpaper -> C:\Users\Johannes\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1004)\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\StartupApproved\Run: => "OV3_Monitor"
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OV3_Monitor"
HKU\S-1-5-21-2739015723-2927197382-1160632269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Amazon Music"
HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\StartupApproved\Run: => "Plex Media Server"
HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\StartupApproved\Run: => "CyberGhost"
HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\StartupApproved\Run: => "OV3_Monitor"
HKU\SourceUser(S-1-5-21-2739015723-2927197382-1160632269-1001)\...\StartupApproved\Run: => "Amazon Music"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CC30324B-DEE3-408A-8F52-C38647C0126E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{752F31CF-116F-473F-BB0B-BF7A4A2C2260}] => (Block) C:\program files\on1\on1 effects free 10\on1 effects free 10.exe
FirewallRules: [{58C76835-768C-47A9-B71B-4B78B54CB91C}] => (Block) C:\program files\on1\on1 effects free 10\on1 effects free 10.exe
FirewallRules: [UDP Query User{4F7E1106-9E04-4FED-B308-A96C2450B9DB}C:\program files\on1\on1 effects free 10\on1 effects free 10.exe] => (Allow) C:\program files\on1\on1 effects free 10\on1 effects free 10.exe
FirewallRules: [TCP Query User{EABB4FF1-611C-4B13-A983-AE5F6261F39C}C:\program files\on1\on1 effects free 10\on1 effects free 10.exe] => (Allow) C:\program files\on1\on1 effects free 10\on1 effects free 10.exe
FirewallRules: [{FBD43A2A-B656-447A-B741-604B5FD275F1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{83EE6EB5-7D8A-4720-B23F-F656B0D17F7F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F21C221A-B8F1-44EA-A6E3-DA588FAB16CC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{18CDC759-A52D-4B2C-8DD8-863F773B2DE6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8BE1D30C-4B58-4F93-A8F9-40677A68C376}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C0DD1123-E497-405A-9FED-95DF7A599A1B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{31EE8119-A9C6-4184-8C4F-ACD315685445}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{BC9F47CD-19CC-49F6-8671-58201A9B4031}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{04B1A735-A4DE-491D-BCA2-D6CF981A02D1}] => (Block) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
FirewallRules: [{25627F25-8C70-4E89-A2E0-C393BD4DB102}] => (Block) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
FirewallRules: [UDP Query User{79F68EFB-FAED-48FE-BA3F-FA9E38F4B61E}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
FirewallRules: [TCP Query User{737B1F9C-8B3F-4821-897B-78B50776F536}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
FirewallRules: [{6AE9C5E5-3F18-4C4A-A9C9-485ADF5FEDF6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{902D8229-4772-4A06-9EBF-D9B4B39ABFEA}] => (Allow) LPort=2869
FirewallRules: [{3C475E40-F2E3-4E6B-9413-316B5EB46352}] => (Allow) LPort=1900
FirewallRules: [{B062B232-763E-4986-9F35-4284BAB0EA18}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{7A2A9C84-EAD9-4C4C-B8BA-A8AD0F1BF562}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{31DAAA06-3F7E-4699-A393-4D26D11E031E}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{F716C1AD-26FF-4AC3-A7B2-19F81DEC7346}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{666E9DD1-B22F-41F5-B07B-CE7DF2354319}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E5ED7E84-5E04-44FB-BC68-CE4C8E5C8D28}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CBDC47B6-F38D-495B-932E-22174D805338}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B9F0699E-17F6-48D2-964F-4C420D55B97E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8DBF6FB0-08A0-46C8-9282-B587894D35DC}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe
FirewallRules: [{6543BDF5-1CCD-4E3D-BDC6-9541835A17A3}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe
FirewallRules: [{97C19348-5ADA-48A2-BE86-FFC36C8B8144}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe
FirewallRules: [{C957CC14-8B16-46BA-BF86-250EF39D671A}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe
FirewallRules: [{7AE71C8E-4530-4BE0-A049-1B6901D263E9}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [TCP Query User{9CA731ED-20F3-47C1-8F33-618E7AC60E16}C:\users\johannes\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\johannes\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{D773734C-6E06-40EB-8E55-72B688544DBC}C:\users\johannes\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\johannes\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{DB8D1FE5-8944-4225-858A-FBDE1889ED80}C:\program files (x86)\counter strike 1.6 reloaded\hl.exe] => (Allow) C:\program files (x86)\counter strike 1.6 reloaded\hl.exe
FirewallRules: [UDP Query User{25C2F1E0-590E-4C36-B81F-058EC8F0CB36}C:\program files (x86)\counter strike 1.6 reloaded\hl.exe] => (Allow) C:\program files (x86)\counter strike 1.6 reloaded\hl.exe
FirewallRules: [TCP Query User{DF1743B8-20FF-4461-BB25-743C21AE8EAA}C:\program files (x86)\counter strike 1.6 reloaded\hl.exe] => (Allow) C:\program files (x86)\counter strike 1.6 reloaded\hl.exe
FirewallRules: [UDP Query User{649DC088-C22E-49D5-A4EF-C2B6C7F3072B}C:\program files (x86)\counter strike 1.6 reloaded\hl.exe] => (Allow) C:\program files (x86)\counter strike 1.6 reloaded\hl.exe
FirewallRules: [{3D4B829C-E248-43A9-AD33-410DB82BC7D0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{AB10E8AE-C507-4996-A58F-94677BB759E3}C:\program files\samsung\recovery\networkserver.exe] => (Block) C:\program files\samsung\recovery\networkserver.exe
FirewallRules: [UDP Query User{00DB6283-BF5F-4B87-BED1-C64630D0A8F8}C:\program files\samsung\recovery\networkserver.exe] => (Block) C:\program files\samsung\recovery\networkserver.exe
FirewallRules: [{D00328D0-541B-4CFD-B03E-74FFDF922066}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{564F11B2-D5E6-4E01-A575-660B1C02E7E1}] => (Allow) C:\Program Files\Samsung\SamsungLink\SamsungLinkService.exe
FirewallRules: [{9A41A6DD-B760-4C81-9FA3-6779CB1A77A8}] => (Allow) C:\Program Files\Samsung\SamsungLink\SamsungLinkService.exe
FirewallRules: [{158B0A0E-0F93-467A-A97C-028F33AAB3A6}] => (Allow) LPort=24234
FirewallRules: [{DE0B81AA-6751-4FA1-AEB0-76BFC47D305B}] => (Allow) LPort=7900
FirewallRules: [{7DAC6D01-72EC-471F-8554-4BADDE0F6E8D}] => (Allow) LPort=7676
FirewallRules: [{CE133C2B-366F-4A84-B637-4D5FED8BBF85}] => (Allow) LPort=7679
FirewallRules: [{A30FA0A1-9C35-49D3-A641-DD28CC5C645E}] => (Allow) LPort=8743
FirewallRules: [{71DA2A3B-E56E-4A4B-88DB-A4590225AF22}] => (Allow) LPort=8643
FirewallRules: [{89B35CB8-2F98-44B2-9323-9E8AAFF22C22}] => (Allow) LPort=1900
FirewallRules: [{18EA264F-C06D-4515-B107-6157FBF79A8A}] => (Allow) C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AllShareFrameworkDMS.exe
FirewallRules: [{4AEDF454-CEC7-4C14-BC7C-5357D21B2221}] => (Allow) C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AllShareFrameworkDMS.exe
FirewallRules: [{561B2499-58C2-435A-BC3C-70556C97ACBC}] => (Allow) LPort=1900
FirewallRules: [{CF912335-572F-42CF-AB5F-333E0BCAAA1C}] => (Allow) LPort=2869
FirewallRules: [{91252D5F-94D0-4B72-8CAA-30C37926C1E1}] => (Allow) LPort=16720
FirewallRules: [{1B2DE3FC-45CA-433B-BE44-9EDB13A7B00C}] => (Allow) LPort=16720
FirewallRules: [{D8FBE725-5872-4DD7-AA4F-A91F4A50B499}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EB037D71-AABB-4183-95C0-511EEFD80217}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9CC828C5-B85D-4C0A-999D-3931776E2328}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
21-10-2016 20:17:39 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/01/2016 03:40:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.14393.187, Zeitstempel: 0x57cf9d73
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.187, Zeitstempel: 0x57cf9d04
Ausnahmecode: 0xc000041d
Fehleroffset: 0x000000000010e4da
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0x01d2344642c572ae
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: ed67c237-3316-473a-bab9-c1f18d5d62d5
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.14393.187_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (11/01/2016 03:40:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.14393.187, Zeitstempel: 0x57cf9d73
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.187, Zeitstempel: 0x57cf9d04
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000010e4da
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0x01d2344642c572ae
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 6cf98798-efcb-49dd-9bea-06722ebedcaf
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.14393.187_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (11/01/2016 02:48:37 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (11/01/2016 02:48:31 PM) (Source: DbxSvc) (EventID: 270) (User: )
Description: Filter Unload failed with: (-2145452013) Der angegebene Filter wurde nicht gefunden.
Error: (11/01/2016 02:43:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JB)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/01/2016 02:42:13 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (11/01/2016 02:42:10 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (10/30/2016 10:49:47 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (10/30/2016 10:49:47 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (10/30/2016 10:49:47 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.
Details:
(HRESULT : 0x80040210) (0x80040210)
Systemfehler:
=============
Error: (11/01/2016 03:08:16 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (11/01/2016 03:08:16 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (11/01/2016 02:51:01 PM) (Source: DCOM) (EventID: 10016) (User: JB)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "JB\Lisa" (SID: S-1-5-21-2739015723-2927197382-1160632269-1004) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/01/2016 02:46:13 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 02:44:04 PM) (Source: DCOM) (EventID: 10010) (User: JB)
Description: Der Server "App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 02:43:42 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 02:43:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/01/2016 02:42:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (10/30/2016 11:51:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (10/30/2016 10:54:34 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 5845.53 MB
Verfügbarer physikalischer RAM: 2149.3 MB
Summe virtueller Speicher: 7509.53 MB
Verfügbarer virtueller Speicher: 2651.1 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:440.89 GB) (Free:44.59 GB) NTFS
Drive e: (Fischerprüfung) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1C1CBB20)
Partition: GPT.
========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: C047C58F)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
02.11.2016, 10:36
| #3 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | [WIN 10] TR/Dropper.MSIL.Gen gefunden!Zitat:
 Von chip lädst du in Zukunft besser nix mehr. Die verarschen ihre Kunden aus reiner Profitgier. Siehe auch http://www.trojaner-board.de/168364-...mpfehlung.html und CHIP-Installer - was ist das? - Anleitungen Zitat:
__________________ |
|
02.11.2016, 16:21
| #4 |
| | [WIN 10] TR/Dropper.MSIL.Gen gefunden! Guten Tag cosinus, Danke für den Hinweis. Chip.de werde ich zukünftig auf jeden Fall meiden. Dieses "Counter Strike" ist wohl ein sogenanntes Killerspiel. Eben unseren kurzen gefragt. Er hat es auf einer LAN Party vor 2 Jahren von einem Freund installiert bekommen.  ich hab ihm meinen Laptop überlassen, damit er seinen großen Computer nicht mitschleppen muss. Rechner danach aber auf Viren etc geprüft und nichts gefunden.Können Sie weiterhelfen? |
|
02.11.2016, 21:39
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | [WIN 10] TR/Dropper.MSIL.Gen gefunden! Was Counterstrike ist weiß ich schon. Mir ging es um die Herkunft dieser Datei.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.11.2016, 21:53
| #6 |
| | [WIN 10] TR/Dropper.MSIL.Gen gefunden! wie oben beschriebenen, auf dieser LAN Party hat er dieses Spiel installiert bekommen |
|
03.11.2016, 10:50
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | [WIN 10] TR/Dropper.MSIL.Gen gefunden!Zitat:
Wenn die Datei schon ausgewertet sein sollte, bitte eine weitere Auswertung starten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.11.2016, 16:45
| #8 |
| | [WIN 10] TR/Dropper.MSIL.Gen gefunden! Hallo cosinus, hier der Link zum Ergebnis von virustotal.com: https://www.virustotal.com/de/file/fdacea5607f5da00b9ea0f34cc4c91bab7f3e06a09eb5739670bbda503017d7f/analysis/1478187295/ |
|
04.11.2016, 09:30
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | [WIN 10] TR/Dropper.MSIL.Gen gefunden! ah, danke, jetzt weiß ich was für ne Datei das ist => Counter Strike LanT FinaL 1.1.1.1 SierraUp.exe belong to Counter Strike LanT FinaL module developed by unknown in the database contains 1 versions of the SierraUp.exe not signed and file md5 is b12268711a871a9d64019e9927b2a937 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.11.2016, 16:12
| #10 |
| | [WIN 10] TR/Dropper.MSIL.Gen gefunden! hier das Malwarebytes Antirootkit: file wurde erkannt und erfolgreich gelöscht. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.11.04.04
rootkit: v2016.10.31.01
Windows 10 x64 NTFS
Internet Explorer 11.187.14393.0
Johannes :: JB [administrator]
04.11.2016 12:34:58
mbar-log-2016-11-04 (12-34-58).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 492402
Time elapsed: 3 hour(s), 15 minute(s), 55 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Program Files (x86)\Counter Strike 1.6 Reloaded\SierraUp.exe (Trojan.Dropper) -> Delete on reboot. [9fa5328ab1e9181e8fc3c51914edb24e]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Teil1: Code:
ATTFilter 16:07:31.0673 0x1dd4 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
16:07:31.0673 0x1dd4 UEFI system
16:07:34.0120 0x1dd4 ============================================================
16:07:34.0120 0x1dd4 Current date / time: 2016/11/04 16:07:34.0120
16:07:34.0120 0x1dd4 SystemInfo:
16:07:34.0120 0x1dd4
16:07:34.0120 0x1dd4 OS Version: 10.0.14393 ServicePack: 0.0
16:07:34.0120 0x1dd4 Product type: Workstation
16:07:34.0120 0x1dd4 ComputerName: JB
16:07:34.0120 0x1dd4 UserName: Johannes
16:07:34.0120 0x1dd4 Windows directory: C:\WINDOWS
16:07:34.0120 0x1dd4 System windows directory: C:\WINDOWS
16:07:34.0120 0x1dd4 Running under WOW64
16:07:34.0120 0x1dd4 Processor architecture: Intel x64
16:07:34.0120 0x1dd4 Number of processors: 4
16:07:34.0120 0x1dd4 Page size: 0x1000
16:07:34.0120 0x1dd4 Boot type: Normal boot
16:07:34.0120 0x1dd4 CodeIntegrityOptions = 0x00000001
16:07:34.0120 0x1dd4 ============================================================
16:07:34.0120 0x1dd4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.187, osProperties = 0x19
16:07:35.0297 0x1dd4 System UUID: {61108E23-7BBF-8929-382C-2DD29017306E}
16:07:37.0487 0x1dd4 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:07:37.0502 0x1dd4 Drive \Device\Harddisk1\DR1 - Size: 0x5976F6000 ( 22.37 Gb ), SectorSize: 0x200, Cylinders: 0xB67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:07:37.0534 0x1dd4 ============================================================
16:07:37.0534 0x1dd4 \Device\Harddisk0\DR0:
16:07:37.0540 0x1dd4 GPT partitions:
16:07:37.0540 0x1dd4 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {03F2497F-482F-4041-B3EB-6BBE377D12E4}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
16:07:37.0556 0x1dd4 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D3091C52-BC07-4059-A129-0C037E493158}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
16:07:37.0556 0x1dd4 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {181D7FA3-C956-471A-9C94-ECC5121EA503}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
16:07:37.0556 0x1dd4 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C9E1AEAB-B230-4D74-91F5-92DE1AC939BD}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x371C700A
16:07:37.0556 0x1dd4 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {58B1406B-B484-4619-A42D-D6E9BCD8D75B}, Name: , StartLBA 0x37398000, BlocksNum 0x19B800
16:07:37.0556 0x1dd4 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {98E61EBE-AF2F-4A56-AB5D-14891A524E4A}, Name: , StartLBA 0x37533800, BlocksNum 0xAF000
16:07:37.0556 0x1dd4 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2AF8F10D-91D6-4EF3-BA76-FCCCACFE5388}, Name: Basic data partition, StartLBA 0x375E2800, BlocksNum 0x2BA3800
16:07:37.0556 0x1dd4 \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3FE90EFA-1274-47B3-4173-636C65706975}, Name: Basic data partition, StartLBA 0x3A186000, BlocksNum 0x200000
16:07:37.0556 0x1dd4 MBR partitions:
16:07:37.0556 0x1dd4 \Device\Harddisk1\DR1:
16:07:37.0556 0x1dd4 GPT partitions:
16:07:37.0556 0x1dd4 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {85CC4D16-BE47-482B-BD16-8222ADD225DF}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
16:07:37.0556 0x1dd4 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {B8CB5058-C187-4719-BAF0-379CA2D4C97E}, UniqueGUID: {4613EE39-4727-4347-8134-173F590F716F}, Name: HFS, StartLBA 0x941000, BlocksNum 0x237A000
16:07:37.0556 0x1dd4 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {42B740BB-827B-42F9-AFB0-994E758D814B}, Name: EFI system partition, StartLBA 0x40800, BlocksNum 0x900000
16:07:37.0556 0x1dd4 MBR partitions:
16:07:37.0556 0x1dd4 ============================================================
16:07:37.0938 0x1dd4 C: <-> \Device\Harddisk0\DR0\Partition4
16:07:37.0939 0x1dd4 ============================================================
16:07:37.0939 0x1dd4 Initialize success
16:07:37.0939 0x1dd4 ============================================================
16:07:39.0759 0x2050 ============================================================
16:07:39.0759 0x2050 Scan started
16:07:39.0759 0x2050 Mode: Manual;
16:07:39.0759 0x2050 ============================================================
16:07:39.0759 0x2050 KSN ping started
16:07:39.0843 0x2050 KSN ping finished: true
16:08:04.0850 0x2050 ================ Scan system memory ========================
16:08:04.0850 0x2050 System memory - ok
16:08:04.0852 0x2050 ================ Scan services =============================
16:08:05.0644 0x2050 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
16:08:05.0661 0x2050 1394ohci - ok
16:08:05.0876 0x2050 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
16:08:05.0885 0x2050 3ware - ok
16:08:06.0025 0x2050 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
16:08:06.0078 0x2050 ACPI - ok
16:08:06.0210 0x2050 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
16:08:06.0210 0x2050 AcpiDev - ok
16:08:06.0279 0x2050 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
16:08:06.0294 0x2050 acpiex - ok
16:08:06.0341 0x2050 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
16:08:06.0341 0x2050 acpipagr - ok
16:08:06.0426 0x2050 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
16:08:06.0426 0x2050 AcpiPmi - ok
16:08:06.0479 0x2050 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
16:08:06.0479 0x2050 acpitime - ok
16:08:06.0875 0x2050 [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:08:06.0880 0x2050 AdobeARMservice - ok
16:08:07.0281 0x2050 [ 1E30AB3A4D3EB916FF6C1B71B9F2331A, 4D1D703CD16FAE5096A8897DDC69C925FA3BFF1F45E1EA55898BF251AF0D3E9A ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:08:07.0297 0x2050 AdobeFlashPlayerUpdateSvc - ok
16:08:07.0560 0x2050 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:08:07.0675 0x2050 ADP80XX - ok
16:08:07.0961 0x2050 [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD C:\WINDOWS\system32\drivers\afd.sys
16:08:08.0005 0x2050 AFD - ok
16:08:08.0132 0x2050 [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:08:08.0150 0x2050 ahcache - ok
16:08:08.0277 0x2050 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
16:08:08.0281 0x2050 AJRouter - ok
16:08:08.0447 0x2050 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
16:08:08.0453 0x2050 ALG - ok
16:08:08.0991 0x2050 [ D2D5D54304805F434CB351F40636752A, 6A591811ADEEF70263366BE5C39C44417606D60AF40DCE03995CD083F1C1E8B2 ] AllShare Framework DMS C:\Program Files\Samsung\SamsungLink\AllShare Framework DMS\bin\AllShareFrameworkManagerDMS.exe
16:08:09.0023 0x2050 AllShare Framework DMS - ok
16:08:09.0104 0x2050 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
16:08:09.0115 0x2050 AmdK8 - ok
16:08:09.0174 0x2050 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
16:08:09.0185 0x2050 AmdPPM - ok
16:08:09.0230 0x2050 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
16:08:09.0238 0x2050 amdsata - ok
16:08:09.0441 0x2050 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
16:08:09.0505 0x2050 amdsbs - ok
16:08:09.0621 0x2050 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
16:08:09.0625 0x2050 amdxata - ok
16:08:09.0821 0x2050 [ 5451A638FACAA57F2F179837BC29A543, E0BDBC13D84D97985983307E7D780E3FD29AE9EF2612C36FC2A92AF3566DA40B ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys
16:08:09.0835 0x2050 AMPPAL - ok
16:08:10.0739 0x2050 [ 04B856A07EDCFEE14C4CB0D389531020, 38094E6FECF22FBC72B46C4A78519F9E698092DF28A81C5742332FCA6609CB9B ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
16:08:10.0838 0x2050 AntiVirMailService - ok
16:08:11.0116 0x2050 [ FE817303FA4308B6149D2FC1D07D0DF2, 471EA57785EE40FE244BB2AF10FB5F5B113F1D79F34CAE28CC46177AB3F15141 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:08:11.0154 0x2050 AntiVirSchedulerService - ok
16:08:11.0538 0x2050 [ FE817303FA4308B6149D2FC1D07D0DF2, 471EA57785EE40FE244BB2AF10FB5F5B113F1D79F34CAE28CC46177AB3F15141 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:08:11.0576 0x2050 AntiVirService - ok
16:08:12.0300 0x2050 [ 82A7739C01B7FBD6738B08C6FEB13CE5, 49BD8764CC7BB8F3AEFD8A8585A2F492C0B48A6AAACA86BDE7CB6D182EADD703 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:08:12.0421 0x2050 AntiVirWebService - ok
16:08:12.0734 0x2050 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
16:08:12.0748 0x2050 AppID - ok
16:08:12.0841 0x2050 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
16:08:12.0852 0x2050 AppIDSvc - ok
16:08:12.0890 0x2050 [ 008E4CCA7A4B33042276061E0A5B8244, DAD980540B564EFA06760435AF1B3213056E6DE8B2A55DF98E7D871625D4B080 ] Appinfo C:\WINDOWS\System32\appinfo.dll
16:08:12.0901 0x2050 Appinfo - ok
16:08:13.0198 0x2050 [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:08:13.0206 0x2050 Apple Mobile Device Service - ok
16:08:13.0284 0x2050 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
16:08:13.0287 0x2050 applockerfltr - ok
16:08:13.0410 0x2050 [ 41BF82B41BD24BAC9D9890DAC3212007, 0644BEE740244188B3D39F875D313B560D288B7FC33064E352C2A5F09073E361 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
16:08:13.0457 0x2050 AppReadiness - ok
16:08:14.0456 0x2050 [ 879DA389BCF21EDA85969EF18A264F5A, 12713870D469515F439288B3ACF2960E3656F2D8AC0396B19E3305648FD9F9E5 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
16:08:14.0639 0x2050 AppXSvc - ok
16:08:14.0749 0x2050 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
16:08:14.0760 0x2050 arcsas - ok
16:08:14.0796 0x2050 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
16:08:14.0799 0x2050 AsyncMac - ok
16:08:14.0900 0x2050 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
16:08:14.0904 0x2050 atapi - ok
16:08:15.0336 0x2050 [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:08:15.0363 0x2050 AudioEndpointBuilder - ok
16:08:15.0722 0x2050 [ 2F9E20EBCBEF629812D49B1DA27020AF, 9C270CBDD183ABB92BD87773F565699C798EEB4AA1E3376EE845C283707B188B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
16:08:15.0775 0x2050 Audiosrv - ok
16:08:15.0864 0x2050 [ 5BAD6576E9DB51C6FB1AA4F74A1491F0, 60BE48FD4C15D49425EAB2B53731D73CD19ED456F42EE2C2D32FE9FD0638A1D0 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:08:15.0876 0x2050 avgntflt - ok
16:08:15.0941 0x2050 [ E73A2960A54F83B96415BAE10E66CCB2, C44CE2A638D2CB219A0BCDFEE2855E14A9BEAB032788D7661992735726EFC983 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:08:15.0953 0x2050 avipbb - ok
16:08:16.0207 0x2050 [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
16:08:16.0233 0x2050 Avira.ServiceHost - ok
16:08:16.0258 0x2050 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
16:08:16.0263 0x2050 avkmgr - ok
16:08:16.0298 0x2050 [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
16:08:16.0305 0x2050 avnetflt - ok
16:08:16.0373 0x2050 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
16:08:16.0384 0x2050 AxInstSV - ok
16:08:16.0641 0x2050 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
16:08:16.0681 0x2050 b06bdrv - ok
16:08:16.0875 0x2050 [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:08:16.0881 0x2050 BasicDisplay - ok
16:08:16.0940 0x2050 [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
16:08:16.0945 0x2050 BasicRender - ok
16:08:17.0076 0x2050 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
16:08:17.0078 0x2050 bcmfn - ok
16:08:17.0106 0x2050 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
16:08:17.0108 0x2050 bcmfn2 - ok
16:08:17.0311 0x2050 [ D4EFDA0D56429018281F8F3188E6F86C, 020B861338BAF8E2A861CA1D2D22640CCD39BA84F18260F9862F7E3AC5014985 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
16:08:17.0339 0x2050 BDESVC - ok
16:08:17.0415 0x2050 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:08:17.0418 0x2050 Beep - ok
16:08:17.0639 0x2050 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
16:08:17.0705 0x2050 BFE - ok
16:08:18.0156 0x2050 [ BC27BF1FCD63540A194E549FB80C9C8D, E0D698201AC00BA8A8D8E2B19FAAB6DD0488E837EDB011943ACAD5E72EF281DA ] BITS C:\WINDOWS\System32\qmgr.dll
16:08:18.0263 0x2050 BITS - ok
16:08:18.0468 0x2050 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:08:18.0504 0x2050 Bonjour Service - ok
16:08:18.0541 0x2050 [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
16:08:18.0550 0x2050 bowser - ok
16:08:18.0722 0x2050 [ 03B156D30D2EF0A5C9ADA5EBC2A808AC, 583C3A6D3C9B935C8C1756BBB2BB082E15BC69C1A9CEEA8C907F1F30E161BABC ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:08:18.0783 0x2050 BrokerInfrastructure - ok
16:08:18.0850 0x2050 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll
16:08:18.0864 0x2050 Browser - ok
16:08:18.0932 0x2050 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:08:18.0937 0x2050 BthAvrcpTg - ok
16:08:19.0070 0x2050 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
16:08:19.0076 0x2050 BthHFEnum - ok
16:08:19.0211 0x2050 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
16:08:19.0215 0x2050 bthhfhid - ok
16:08:19.0568 0x2050 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
16:08:19.0594 0x2050 BthHFSrv - ok
16:08:19.0641 0x2050 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
16:08:19.0647 0x2050 BTHMODEM - ok
16:08:19.0812 0x2050 [ 7A167521DC7A190B2FC37D6AB660CBF1, 627E41713C3A381525327EA42FFE2EFDD35A0FFDD3C44FE9DB45258B1474EB3B ] BTHPORT C:\WINDOWS\system32\DRIVERS\BTHport.sys
16:08:19.0888 0x2050 BTHPORT - ok
16:08:19.0986 0x2050 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\WINDOWS\system32\bthserv.dll
16:08:20.0008 0x2050 bthserv - ok
16:08:20.0060 0x2050 [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
16:08:20.0068 0x2050 BTHUSB - ok
16:08:20.0127 0x2050 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
16:08:20.0132 0x2050 buttonconverter - ok
16:08:20.0177 0x2050 [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
16:08:20.0187 0x2050 CapImg - ok
16:08:20.0286 0x2050 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:08:20.0295 0x2050 cdfs - ok
16:08:20.0553 0x2050 [ 7AD576CF28F1E7AEFC3D6E8279DF84F6, 1F7E26F9354B543881E940F5183086AC00684CDC0AB7A797E1F0AB21C4AD8716 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
16:08:20.0587 0x2050 CDPSvc - ok
16:08:20.0835 0x2050 [ 0415CA08674F64D63329CB51D4004685, 12F3AB9A263F2E131F4969E6CED2AE6DD7AF06C10AF02923256FF4C9E34698BF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
16:08:20.0862 0x2050 CDPUserSvc - ok
16:08:21.0383 0x2050 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
16:08:21.0402 0x2050 cdrom - ok
16:08:21.0621 0x2050 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
16:08:21.0652 0x2050 CertPropSvc - ok
16:08:21.0784 0x2050 [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
16:08:21.0802 0x2050 chip1click - ok
16:08:22.0207 0x2050 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
16:08:22.0223 0x2050 cht4iscsi - ok
16:08:22.0536 0x2050 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
16:08:22.0711 0x2050 cht4vbd - ok
16:08:22.0781 0x2050 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
16:08:22.0786 0x2050 circlass - ok
16:08:22.0876 0x2050 [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
16:08:22.0905 0x2050 CLFS - ok
16:08:23.0042 0x2050 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
16:08:23.0103 0x2050 ClipSVC - ok
16:08:23.0179 0x2050 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
16:08:23.0194 0x2050 clreg - ok
16:08:23.0310 0x2050 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
16:08:23.0310 0x2050 CmBatt - ok
16:08:23.0542 0x2050 [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG C:\WINDOWS\system32\Drivers\cng.sys
16:08:23.0595 0x2050 CNG - ok
16:08:23.0626 0x2050 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
16:08:23.0642 0x2050 cnghwassist - ok
16:08:23.0974 0x2050 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
16:08:23.0979 0x2050 CompositeBus - ok
16:08:23.0996 0x2050 COMSysApp - ok
16:08:24.0090 0x2050 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
16:08:24.0095 0x2050 condrv - ok
16:08:24.0243 0x2050 [ 60B3708BC68B378B8037DC68222D4857, 3189C3E39DEA4CE7D8D39DFE3E19A870B4F1E63A07AE1934C0CE68DD7BF0282F ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
16:08:24.0296 0x2050 CoreMessagingRegistrar - ok
16:08:24.0582 0x2050 [ A28D6FA203CE094BDE7ED8CEC6079E42, 5DCA8BA21F5FD0D9F00620E7592949ABCF3BA202CF7AF3D84F93DF7C13E2D4C9 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:08:24.0697 0x2050 cphs - ok
16:08:24.0782 0x2050 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
16:08:24.0798 0x2050 CryptSvc - ok
16:08:24.0960 0x2050 [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam C:\WINDOWS\system32\drivers\dam.sys
16:08:24.0960 0x2050 dam - ok
16:08:25.0315 0x2050 dbupdate - ok
16:08:25.0315 0x2050 dbupdatem - ok
16:08:25.0330 0x2050 dbx - ok
16:08:25.0430 0x2050 [ 566BD6ED419F7FBC88EDD579044AD5C9, EC66C10DAC23ED149545305EA25F60888C5D3675BD850C7C12275B8666D18FEF ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe
16:08:25.0430 0x2050 DbxSvc - ok
16:08:25.0515 0x2050 [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
16:08:25.0531 0x2050 dc3d - ok
16:08:25.0747 0x2050 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:08:25.0816 0x2050 DcomLaunch - ok
16:08:25.0884 0x2050 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
16:08:25.0900 0x2050 DcpSvc - ok
16:08:26.0300 0x2050 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
16:08:26.0363 0x2050 defragsvc - ok
16:08:26.0485 0x2050 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:08:26.0517 0x2050 DeviceAssociationService - ok
16:08:26.0648 0x2050 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
16:08:26.0663 0x2050 DeviceInstall - ok
16:08:26.0732 0x2050 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
16:08:26.0748 0x2050 DevQueryBroker - ok
16:08:26.0817 0x2050 [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
16:08:26.0817 0x2050 Dfsc - ok
16:08:26.0932 0x2050 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
16:08:26.0948 0x2050 Dhcp - ok
16:08:27.0186 0x2050 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
16:08:27.0186 0x2050 diagnosticshub.standardcollector.service - ok
16:08:27.0433 0x2050 [ 6079A6F6406C4FFB552F66384F25F919, 8B38645F1F4A8F72DF18373EDCD3828DDF8D4E2A406E42E654F21C0C1A5EB661 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
16:08:27.0565 0x2050 DiagTrack - ok
16:08:27.0618 0x2050 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
16:08:27.0618 0x2050 disk - ok
16:08:27.0803 0x2050 [ 53757B27986CDC970725FAE35F45CA11, 3B332C2FBD502BAD959DDD65C86FEAFA78DFDDF6405F130F2F26A8AF9424E21B ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
16:08:27.0819 0x2050 DmEnrollmentSvc - ok
16:08:27.0888 0x2050 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
16:08:27.0888 0x2050 dmvsc - ok
16:08:27.0966 0x2050 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
16:08:27.0966 0x2050 dmwappushservice - ok
16:08:28.0066 0x2050 [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:08:28.0088 0x2050 Dnscache - ok
16:08:28.0203 0x2050 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
16:08:28.0219 0x2050 dot3svc - ok
16:08:28.0288 0x2050 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
16:08:28.0303 0x2050 DPS - ok
16:08:28.0366 0x2050 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
16:08:28.0366 0x2050 drmkaud - ok
16:08:28.0435 0x2050 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
16:08:28.0450 0x2050 DsmSvc - ok
16:08:28.0504 0x2050 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
16:08:28.0519 0x2050 DsSvc - ok
16:08:28.0704 0x2050 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
16:08:28.0735 0x2050 dtsoftbus01 - ok
16:08:29.0171 0x2050 [ A90C76FB62526DEB5A5557A8839841AB, 939BDA8A4F73E834A319D45C97B0892B0A44886A9191BA20D1121622BAE413FA ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:08:29.0321 0x2050 DXGKrnl - ok
16:08:29.0421 0x2050 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:08:29.0436 0x2050 EapHost - ok
16:08:29.0667 0x2050 [ E8A3102296B412EBE14801733474816B, 5B88E0A8DE37D09E6A8E86347E7F69BACF9C87B2C053A92518DE60852728BDEC ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
16:08:29.0789 0x2050 Easy Launcher - ok
16:08:30.0090 0x2050 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
16:08:30.0290 0x2050 ebdrv - ok
16:08:30.0368 0x2050 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe
16:08:30.0386 0x2050 EFS - ok
16:08:30.0453 0x2050 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
16:08:30.0468 0x2050 EhStorClass - ok
16:08:30.0537 0x2050 [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:08:30.0537 0x2050 EhStorTcgDrv - ok
16:08:30.0606 0x2050 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
16:08:30.0622 0x2050 ElbyCDIO - ok
16:08:30.0737 0x2050 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
16:08:30.0753 0x2050 embeddedmode - ok
16:08:30.0791 0x2050 [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
16:08:30.0822 0x2050 EntAppSvc - ok
16:08:30.0890 0x2050 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
16:08:30.0906 0x2050 ErrDev - ok
16:08:30.0990 0x2050 [ 5EAA408441C180F6A86CA560AF5AC5CA, 97FF330F1CD49E9A9A89D8CEBEE7254CF954D0C99342DD76B9BB8085ACBC0693 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
16:08:31.0022 0x2050 ETD - ok
16:08:31.0169 0x2050 [ 6D90EF3DEDDB94751A4DD4E4F16B4879, 77D07CFAEBB55DAF204A058C247223AB2FB604088B6930A248ABDD3DD23711A4 ] ETDService C:\Program Files\Elantech\ETDService.exe
16:08:31.0191 0x2050 ETDService - ok
16:08:31.0191 0x2050 [ 1371D03D479C3CE94F4F36D8901037CB, 9F8A2ACF195BAAE9BD3F669591155BF02B96CBA7923C1742741967ECFE64F270 ] ETDSMBus C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys
16:08:31.0207 0x2050 ETDSMBus - ok
16:08:31.0291 0x2050 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
16:08:31.0338 0x2050 EventSystem - ok
16:08:31.0388 0x2050 [ 2F7D6F7E2F264D60D48981C3178B93C7, EB2EAE9ED3040333A82A9654A17CE3BDD14C44D65DA00E20F252745879AE436C ] excfs C:\WINDOWS\system32\DRIVERS\excfs.sys
16:08:31.0391 0x2050 excfs - ok
16:08:31.0438 0x2050 [ 313E08AFCB4C2F6831A5F7A3F847C53E, 732C84E9C680A80ED599DC1ADBF546A4AB8BE64AD04EFB53916AD58C51F2F7C8 ] excsd C:\WINDOWS\system32\DRIVERS\excsd.sys
16:08:31.0438 0x2050 excsd - ok
16:08:31.0503 0x2050 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
16:08:31.0528 0x2050 exfat - ok
16:08:31.0604 0x2050 [ A32BCA68B50B0BE2058A1467F6DD7488, F2D5E5F63EF502447054E997749918DA966E79D59D20576E6BC413695B34BB46 ] ExpressCache C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
16:08:31.0620 0x2050 ExpressCache - ok
16:08:31.0720 0x2050 [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
16:08:31.0757 0x2050 fastfat - ok
16:08:31.0920 0x2050 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe
16:08:31.0957 0x2050 Fax - ok
16:08:32.0004 0x2050 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
16:08:32.0004 0x2050 fdc - ok
16:08:32.0073 0x2050 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
16:08:32.0089 0x2050 fdPHost - ok
16:08:32.0144 0x2050 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
16:08:32.0152 0x2050 FDResPub - ok
16:08:32.0209 0x2050 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
16:08:32.0224 0x2050 fhsvc - ok
16:08:32.0286 0x2050 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
16:08:32.0296 0x2050 FileCrypt - ok
16:08:32.0319 0x2050 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
16:08:32.0328 0x2050 FileInfo - ok
16:08:32.0400 0x2050 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
16:08:32.0405 0x2050 Filetrace - ok
16:08:32.0545 0x2050 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:08:32.0595 0x2050 FLEXnet Licensing Service - ok
16:08:32.0641 0x2050 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
16:08:32.0646 0x2050 flpydisk - ok
16:08:32.0722 0x2050 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:08:32.0753 0x2050 FltMgr - ok
16:08:33.0014 0x2050 [ 289EFA0470B308F01BAF955DE81E0682, F88081AD427BD90B3085A07439D1BDBB4966A898D49B0ABEFF7829D68BE532A5 ] FontCache C:\WINDOWS\system32\FntCache.dll
16:08:33.0130 0x2050 FontCache - ok
16:08:33.0383 0x2050 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:08:33.0384 0x2050 FontCache3.0.0.0 - ok
16:08:33.0515 0x2050 [ AF0811F38B56B57B3FF53F14E04AA1B0, 45DC6775762E4E9216DAF3914A3C99C536BFF96E1CF8577FC4B5758248D1D043 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
16:08:33.0584 0x2050 FrameServer - ok
16:08:33.0684 0x2050 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
16:08:33.0684 0x2050 FsDepends - ok
16:08:33.0731 0x2050 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:08:33.0731 0x2050 Fs_Rec - ok
16:08:33.0831 0x2050 [ B719EAA1EC93586955B013BD7DD61356, 0D0D94CF33322EEC0AD08835D0314E578F9687F361CD436A2073A4D2C0D56C86 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:08:33.0862 0x2050 fvevol - ok
16:08:33.0955 0x2050 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:08:33.0960 0x2050 GEARAspiWDM - ok
16:08:34.0019 0x2050 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
16:08:34.0023 0x2050 gencounter - ok
16:08:34.0097 0x2050 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
16:08:34.0101 0x2050 genericusbfn - ok
16:08:34.0187 0x2050 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:08:34.0203 0x2050 GPIOClx0101 - ok
16:08:34.0384 0x2050 [ C9316C91895057669386E620C89580E5, 5C7BF2C890E77AE3D401BB1F9F76B42D8A0ECD98118F17929FCD4097C768D90A ] gpsvc C:\WINDOWS\System32\gpsvc.dll
16:08:34.0463 0x2050 gpsvc - ok
16:08:34.0516 0x2050 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
16:08:34.0516 0x2050 GpuEnergyDrv - ok
16:08:34.0616 0x2050 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:08:34.0632 0x2050 gupdate - ok
16:08:34.0648 0x2050 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:08:34.0663 0x2050 gupdatem - ok
16:08:34.0748 0x2050 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
16:08:34.0763 0x2050 HDAudBus - ok
16:08:34.0801 0x2050 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
16:08:34.0801 0x2050 HidBatt - ok
16:08:34.0864 0x2050 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
16:08:34.0886 0x2050 HidBth - ok
16:08:34.0933 0x2050 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
16:08:34.0933 0x2050 hidi2c - ok
16:08:35.0017 0x2050 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
16:08:35.0017 0x2050 hidinterrupt - ok
16:08:35.0033 0x2050 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
16:08:35.0033 0x2050 HidIr - ok
16:08:35.0102 0x2050 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
16:08:35.0102 0x2050 hidserv - ok
16:08:35.0187 0x2050 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
16:08:35.0187 0x2050 HidUsb - ok
16:08:35.0303 0x2050 [ 44D54C8356588525D7AD0FDCFDDA0811, 46963ADBF14FA8A9B0E6564106ADEA49BBD4EBD9E43DF389CCD31F9B9BD080D9 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:08:35.0334 0x2050 HomeGroupListener - ok
16:08:35.0518 0x2050 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:08:35.0550 0x2050 HomeGroupProvider - ok
16:08:35.0634 0x2050 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
16:08:35.0634 0x2050 HpSAMD - ok
16:08:35.0850 0x2050 [ 65E358D604267CBAACB74A2598BBE22B, A645E48641D638A58789B7948FC3DD5072179C0919B546A6DB08094FA9321A30 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
16:08:35.0904 0x2050 HTTP - ok
16:08:35.0988 0x2050 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
16:08:36.0004 0x2050 HvHost - ok
16:08:36.0066 0x2050 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
16:08:36.0066 0x2050 hvservice - ok
16:08:36.0151 0x2050 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
16:08:36.0167 0x2050 hwpolicy - ok
16:08:36.0236 0x2050 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
16:08:36.0236 0x2050 hyperkbd - ok
16:08:36.0289 0x2050 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
16:08:36.0289 0x2050 i8042prt - ok
16:08:36.0336 0x2050 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
16:08:36.0336 0x2050 iagpio - ok
16:08:36.0389 0x2050 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
16:08:36.0389 0x2050 iai2c - ok
16:08:36.0436 0x2050 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
16:08:36.0452 0x2050 iaLPSS2i_GPIO2 - ok
16:08:36.0590 0x2050 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
16:08:36.0605 0x2050 iaLPSS2i_I2C - ok
16:08:36.0652 0x2050 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:08:36.0652 0x2050 iaLPSSi_GPIO - ok
16:08:36.0705 0x2050 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:08:36.0705 0x2050 iaLPSSi_I2C - ok
16:08:36.0837 0x2050 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
16:08:36.0868 0x2050 iaStorA - ok
16:08:36.0953 0x2050 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
16:08:37.0006 0x2050 iaStorAV - ok
16:08:37.0137 0x2050 [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:08:37.0137 0x2050 IAStorDataMgrSvc - ok
16:08:37.0253 0x2050 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
16:08:37.0268 0x2050 iaStorV - ok
16:08:37.0353 0x2050 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
16:08:37.0390 0x2050 ibbus - ok
16:08:37.0469 0x2050 [ 62F0CB0A54EAF37E15EC385300957BB8, 55FCF7068D84D5AEEAF3149A5349BF13F1D18E34956217916ED7C1950885E63C ] ibtfltcoex C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys
16:08:37.0469 0x2050 ibtfltcoex - ok
16:08:37.0607 0x2050 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
16:08:37.0622 0x2050 ICCS - ok
16:08:37.0716 0x2050 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
16:08:37.0748 0x2050 icssvc - ok
16:08:38.0139 0x2050 [ 9CE4D3A79D3180AC5A141E2F7E7137F4, 1D717D2156B78632895281779D2646AB066619EA1DB293A9505BF7C174F53271 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:08:38.0400 0x2050 igfx - ok
16:08:38.0520 0x2050 [ 6A9C613D0F5F9676D128F39B63ACE45B, 027B9568C740E336C7CBBE952309E2719E8FFA14E7DFC2B85B49E0C0CE7D2149 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
16:08:38.0538 0x2050 igfxCUIService1.0.0.0 - ok
16:08:38.0669 0x2050 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
16:08:38.0738 0x2050 IKEEXT - ok
16:08:38.0770 0x2050 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
16:08:38.0770 0x2050 IndirectKmd - ok
16:08:38.0823 0x2050 [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
16:08:38.0838 0x2050 intaud_WaveExtensible - ok
16:08:39.0355 0x2050 [ 8DEDB08D32562867A3E83F0184F39ED4, 48D5A490C436386BA9BD0F9173E96346118C5E584099F2F31B0E931FF96BB4B9 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:08:39.0624 0x2050 IntcAzAudAddService - ok
16:08:39.0740 0x2050 [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:08:39.0771 0x2050 IntcDAud - ok
16:08:40.0224 0x2050 [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
16:08:40.0372 0x2050 Intel(R) Capability Licensing Service TCP IP Interface - ok
16:08:40.0541 0x2050 [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
16:08:40.0557 0x2050 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok
16:08:40.0721 0x2050 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
16:08:40.0726 0x2050 intelide - ok
16:08:40.0888 0x2050 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
16:08:40.0888 0x2050 intelpep - ok
16:08:41.0227 0x2050 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
16:08:41.0242 0x2050 intelppm - ok
16:08:41.0443 0x2050 [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
16:08:41.0443 0x2050 iorate - ok
16:08:41.0791 0x2050 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:08:41.0791 0x2050 IpFilterDriver - ok
16:08:42.0678 0x2050 [ 89548E57FD0A7BC703541C69C0286B13, 261698B302DF5B80C57FC4257E0A0AABC8DEFFED16D8CD142AD8E7CB51AF2007 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
16:08:42.0831 0x2050 iphlpsvc - ok
16:08:42.0909 0x2050 [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:08:42.0909 0x2050 IPMIDRV - ok
16:08:42.0963 0x2050 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
16:08:42.0978 0x2050 IPNAT - ok
16:08:43.0148 0x2050 [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:08:43.0195 0x2050 iPod Service - ok
16:08:43.0264 0x2050 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
16:08:43.0279 0x2050 irda - ok
16:08:43.0295 0x2050 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
16:08:43.0295 0x2050 IRENUM - ok
16:08:43.0410 0x2050 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
16:08:43.0410 0x2050 irmon - ok
16:08:43.0564 0x2050 [ 4D9B9A794F22415B8C3E0CCFBE61BC7A, 4CF01BC95F0AD7DC42AF8A0FCE032DF00610524A98CF52F531E9DE93137E7B87 ] irstrtdv C:\WINDOWS\System32\drivers\irstrtdv.sys
16:08:43.0580 0x2050 irstrtdv - ok
16:08:44.0565 0x2050 [ E145E934392E7A49FDC6775AC3A347F8, 8E5DBC8C34FB3B68851489E0860BA3ACE6CDF46BB5E2AEFD1DEF6E895566068B ] irstrtsv C:\windows\SysWOW64\irstrtsv.exe
16:08:44.0596 0x2050 irstrtsv - ok
16:08:44.0650 0x2050 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
16:08:44.0650 0x2050 isapnp - ok
16:08:44.0766 0x2050 [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
16:08:44.0797 0x2050 iScsiPrt - ok
16:08:44.0951 0x2050 [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
16:08:44.0966 0x2050 iumsvc - ok
16:08:45.0050 0x2050 [ 48B904D31F2369D7B0122617038D3F5B, 8A43CB37667929CCCC37B6E79E82509BBCA6C8884B44059DC87BCA7C21BE7FE1 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
16:08:45.0050 0x2050 iwdbus - ok
16:08:45.0267 0x2050 [ DE70C5C10803C700DC1CFDE2D5CF207A, 4D11DE8B986C6966B66E1D6E931A72A1E9FA8D0B5B9EF57EF3EEDD09D0BE0B4E ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:08:45.0414 0x2050 jhi_service - ok
16:08:45.0516 0x2050 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
16:08:45.0535 0x2050 kbdclass - ok
16:08:45.0567 0x2050 [ 2D05785B0C58D90A34EA15032EADBBA9, 3E1238FF7F6ECA522761830FE7EA7587B704FCB3ECE8C6BF94CC17A640B678ED ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
16:08:45.0567 0x2050 kbdhid - ok
16:08:45.0599 0x2050 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
16:08:45.0599 0x2050 kdnic - ok
16:08:45.0683 0x2050 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe
16:08:45.0683 0x2050 KeyIso - ok
16:08:45.0735 0x2050 [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
16:08:45.0736 0x2050 KSecDD - ok
16:08:45.0814 0x2050 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:08:45.0835 0x2050 KSecPkg - ok
16:08:45.0899 0x2050 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
16:08:45.0899 0x2050 ksthunk - ok
16:08:46.0135 0x2050 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
16:08:46.0153 0x2050 KtmRm - ok
16:08:46.0253 0x2050 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
16:08:46.0284 0x2050 LanmanServer - ok
16:08:46.0353 0x2050 [ 752FE77F22592016A5EBBF399EC12E14, 231CF3E069FF64A4E8C81D0799A73924D864585B25382EFF8D1707F87747AC9E ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:08:46.0384 0x2050 LanmanWorkstation - ok
16:08:46.0469 0x2050 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
16:08:46.0469 0x2050 lfsvc - ok
16:08:46.0538 0x2050 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
16:08:46.0554 0x2050 LicenseManager - ok
16:08:46.0638 0x2050 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
16:08:46.0638 0x2050 lltdio - ok
16:08:46.0732 0x2050 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
16:08:46.0754 0x2050 lltdsvc - ok
16:08:46.0855 0x2050 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
16:08:46.0855 0x2050 lmhosts - ok
16:08:46.0939 0x2050 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
16:08:46.0939 0x2050 LSI_SAS - ok
16:08:46.0986 0x2050 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
16:08:46.0986 0x2050 LSI_SAS2i - ok
16:08:47.0071 0x2050 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
16:08:47.0086 0x2050 LSI_SAS3i - ok
16:08:47.0137 0x2050 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
16:08:47.0140 0x2050 LSI_SSS - ok
16:08:47.0318 0x2050 [ 5570D03E2048AC7961BEF6FFEE3A2CA5, FD0232312D87015FA0B8062FA175A44410F8C1C9778145CCDD57BA1C23929C87 ] LSM C:\WINDOWS\System32\lsm.dll
16:08:47.0387 0x2050 LSM - ok
16:08:47.0434 0x2050 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
16:08:47.0441 0x2050 luafv - ok
16:08:47.0503 0x2050 [ ED5B42D75F3DEE93040B3930DA9F3009, E919DA20E46FE1C81CB76090B799DD858DD4771DB0EBDE4545DB4681A0AFFE8E ] MapsBroker C:\WINDOWS\System32\moshost.dll
16:08:47.0519 0x2050 MapsBroker - ok
16:08:47.0603 0x2050 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
16:08:47.0603 0x2050 megasas - ok
16:08:47.0711 0x2050 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
16:08:47.0756 0x2050 megasr - ok
16:08:47.0847 0x2050 [ 48F64A35BA9F2E4AC0587DDA555FF951, 77FE2BE86ADCE103F4220A641139C42B1407CF8EFFEB66F841ABF9CFC3621558 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
16:08:47.0863 0x2050 MEIx64 - ok
16:08:47.0936 0x2050 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
16:08:47.0947 0x2050 MessagingService - ok
16:08:48.0142 0x2050 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
16:08:48.0208 0x2050 mlx4_bus - ok
16:08:48.0306 0x2050 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
16:08:48.0311 0x2050 MMCSS - ok
16:08:48.0356 0x2050 [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem C:\WINDOWS\system32\drivers\modem.sys
16:08:48.0362 0x2050 Modem - ok
16:08:48.0389 0x2050 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
16:08:48.0394 0x2050 monitor - ok
16:08:48.0452 0x2050 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
16:08:48.0457 0x2050 mouclass - ok
16:08:48.0545 0x2050 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
16:08:48.0550 0x2050 mouhid - ok
16:08:48.0611 0x2050 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
16:08:48.0620 0x2050 mountmgr - ok
16:08:48.0719 0x2050 [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:08:48.0735 0x2050 MozillaMaintenance - ok
16:08:48.0772 0x2050 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
16:08:48.0788 0x2050 mpsdrv - ok
16:08:48.0942 0x2050 [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
16:08:49.0028 0x2050 MpsSvc - ok
16:08:49.0324 0x2050 [ 50C2389CD04C5B8632E3DC2D733EF15D, 0F83A8A5F405BC6F401B5A75D45F6D07C61C0CA692D2A77C63E742622F5BF921 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
16:08:49.0324 0x2050 MRxDAV - ok
16:08:49.0656 0x2050 [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:08:49.0693 0x2050 mrxsmb - ok
16:08:50.0056 0x2050 [ 200E4A385F5F370D8866BAE25B0D9D32, 114AD45000A0C74EAE26C3075BBFEF80B9386C69D58CE4436CAFCF13613EAEFA ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:08:50.0072 0x2050 mrxsmb10 - ok
16:08:50.0226 0x2050 [ 57A8C77BD62F4C052ECC40EB221A7078, A0D5A91403A764B6DD83BAE4C4A32555C675AD5F5A8203F7A58FCFA481C37BE9 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:08:50.0241 0x2050 mrxsmb20 - ok
16:08:50.0357 0x2050 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
16:08:50.0373 0x2050 MsBridge - ok
16:08:50.0611 0x2050 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
16:08:50.0627 0x2050 MSDTC - ok
16:08:50.0774 0x2050 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:08:50.0793 0x2050 Msfs - ok
16:08:50.0859 0x2050 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:08:50.0859 0x2050 msgpiowin32 - ok
16:08:50.0928 0x2050 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:08:50.0928 0x2050 mshidkmdf - ok
16:08:50.0959 0x2050 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
16:08:50.0974 0x2050 mshidumdf - ok
16:08:50.0974 0x2050 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
16:08:50.0994 0x2050 msisadrv - ok
16:08:51.0075 0x2050 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
16:08:51.0091 0x2050 MSiSCSI - ok
16:08:51.0097 0x2050 msiserver - ok
16:08:51.0175 0x2050 [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
16:08:51.0192 0x2050 MSKSSRV - ok
16:08:51.0222 0x2050 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
16:08:51.0231 0x2050 MsLldp - ok
16:08:51.0246 0x2050 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
16:08:51.0250 0x2050 MSPCLOCK - ok
16:08:51.0285 0x2050 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
16:08:51.0289 0x2050 MSPQM - ok
16:08:51.0389 0x2050 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
16:08:51.0420 0x2050 MsRPC - ok
16:08:51.0462 0x2050 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
16:08:51.0468 0x2050 mssmbios - ok
16:08:51.0507 0x2050 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
16:08:51.0511 0x2050 MSTEE - ok
16:08:51.0526 0x2050 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
16:08:51.0531 0x2050 MTConfig - ok
16:08:51.0635 0x2050 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
16:08:51.0646 0x2050 Mup - ok
16:08:51.0699 0x2050 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
16:08:51.0719 0x2050 mvumis - ok
16:08:51.0872 0x2050 [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:08:51.0914 0x2050 NativeWifiP - ok
16:08:52.0290 0x2050 [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
16:08:52.0354 0x2050 NAUpdate - ok
16:08:52.0459 0x2050 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
16:08:52.0474 0x2050 NcaSvc - ok
16:08:52.0659 0x2050 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
16:08:52.0855 0x2050 NcbService - ok
16:08:52.0960 0x2050 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
16:08:52.0975 0x2050 NcdAutoSetup - ok
16:08:53.0038 0x2050 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
16:08:53.0057 0x2050 ndfltr - ok
16:08:53.0323 0x2050 [ 36DD2C614720EC2970CB5E870BA69D8D, 692BDA4201119E0561E17E7E1A72320DBECDE3F8E4E65FBEA1B2C1128E16508B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
16:08:53.0419 0x2050 NDIS - ok
16:08:53.0489 0x2050 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
16:08:53.0494 0x2050 NdisCap - ok
16:08:53.0518 0x2050 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
16:08:53.0529 0x2050 NdisImPlatform - ok
16:08:53.0592 0x2050 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:08:53.0595 0x2050 NdisTapi - ok
16:08:53.0639 0x2050 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
16:08:53.0646 0x2050 Ndisuio - ok
16:08:53.0662 0x2050 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:08:53.0667 0x2050 NdisVirtualBus - ok
16:08:53.0725 0x2050 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
16:08:53.0740 0x2050 NdisWan - ok
16:08:53.0769 0x2050 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:08:53.0784 0x2050 ndiswanlegacy - ok
16:08:53.0809 0x2050 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
16:08:53.0816 0x2050 ndproxy - ok
16:08:53.0846 0x2050 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
16:08:53.0858 0x2050 Ndu - ok
16:08:53.0954 0x2050 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\WINDOWS\System32\drivers\netaapl64.sys
16:08:53.0957 0x2050 Netaapl - ok
16:08:54.0007 0x2050 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
16:08:54.0015 0x2050 NetAdapterCx - ok
16:08:54.0083 0x2050 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
16:08:54.0089 0x2050 NetBIOS - ok
16:08:54.0144 0x2050 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:08:54.0166 0x2050 NetBT - ok
16:08:54.0200 0x2050 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:08:54.0210 0x2050 Netlogon - ok
16:08:54.0308 0x2050 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
16:08:54.0339 0x2050 Netman - ok
16:08:54.0462 0x2050 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
16:08:54.0509 0x2050 netprofm - ok
16:08:54.0568 0x2050 [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
16:08:54.0597 0x2050 NetSetupSvc - ok
16:08:54.0852 0x2050 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:08:54.0868 0x2050 NetTcpPortSharing - ok
16:08:55.0400 0x2050 [ 99C24A7DC1F3D4845553B4BD189274A0, 801C2A1F12E6F0D646E92C98477FCDB84C6743803CD7365B774B0F88EB650584 ] NETwNe64 C:\WINDOWS\System32\drivers\NETwew01.sys
16:08:55.0661 0x2050 NETwNe64 - ok
16:08:55.0762 0x2050 [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
16:08:55.0796 0x2050 NgcCtnrSvc - ok
16:08:55.0914 0x2050 [ 2EC2F2E4C88BA9B72D1F6B92234BCD53, 4DC98EBE5A3B34ED654017F076F457970D3FBF749DC54A6533DAABDE85A7C4FE ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
16:08:56.0000 0x2050 NgcSvc - ok
16:08:56.0095 0x2050 [ 0B5083278F195C26FE9E0140AEAEDCBE, B4D505963D5EBA14EC80E6D0BB8B862D96D1D1C3A57F4744AEBA3FF4BFB1997A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
16:08:56.0126 0x2050 NlaSvc - ok
16:08:56.0195 0x2050 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:08:56.0211 0x2050 Npfs - ok
16:08:56.0295 0x2050 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
16:08:56.0295 0x2050 npsvctrig - ok
16:08:56.0380 0x2050 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
16:08:56.0380 0x2050 nsi - ok
16:08:56.0464 0x2050 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
16:08:56.0480 0x2050 nsiproxy - ok
16:08:56.0865 0x2050 [ 5DD8CB01C0394F8D052763D2E3C6E684, BF58C1586A2402576B91D7F862861974F7BDB38704E88F4974FF3F1D1B481386 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
16:08:57.0058 0x2050 NTFS - ok
16:08:57.0130 0x2050 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
16:08:57.0133 0x2050 Null - ok
16:08:57.0196 0x2050 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
16:08:57.0208 0x2050 nvraid - ok
16:08:57.0256 0x2050 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
16:08:57.0271 0x2050 nvstor - ok
16:08:57.0366 0x2050 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
16:08:57.0397 0x2050 OneSyncSvc - ok
16:08:57.0552 0x2050 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:08:57.0568 0x2050 ose - ok
16:08:58.0418 0x2050 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:08:58.0767 0x2050 osppsvc - ok
16:08:58.0898 0x2050 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
16:08:58.0929 0x2050 p2pimsvc - ok
16:08:59.0013 0x2050 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
16:08:59.0041 0x2050 p2psvc - ok
16:08:59.0080 0x2050 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
16:08:59.0090 0x2050 Parport - ok
16:08:59.0209 0x2050 [ 64E0AA114871B2A37908E44A18F35A73, 2FB434EE48894C9B538349918B9B96FE9C6A76ADAC325EB9DA6E84D0B104D457 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
16:08:59.0220 0x2050 partmgr - ok
16:08:59.0345 0x2050 [ CE515B2C6E2EA50053A8862398646B38, C85D370E5250AFCF44796CE274B5A100C6829DC28BF1D4C6991EF61DE46FD10A ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
16:08:59.0383 0x2050 PcaSvc - ok
16:08:59.0499 0x2050 [ 55E45E0A89429AE9C62D728B9C4891C0, 729922C3488866C8D67F00E82C082F2E8E6F05180F4767AD30FC7E1FFE4946C5 ] pci C:\WINDOWS\system32\drivers\pci.sys
16:08:59.0514 0x2050 pci - ok
16:08:59.0567 0x2050 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
16:08:59.0567 0x2050 pciide - ok
16:08:59.0630 0x2050 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
16:08:59.0645 0x2050 pcmcia - ok
16:08:59.0730 0x2050 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
16:08:59.0745 0x2050 pcw - ok
16:08:59.0783 0x2050 [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc C:\WINDOWS\system32\drivers\pdc.sys
16:08:59.0799 0x2050 pdc - ok
16:09:00.0099 0x2050 [ A1688A4FB2EC49D040C027EF6DC7A87B, E5F5768D189B590F4D8D20C13FC0F7FF5AC7C4729848F38A93D653AB0B740696 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
16:09:00.0184 0x2050 PDF Architect Helper Service - ok
16:09:00.0367 0x2050 [ E23FF9B2F8EEAB2BDDA681C21C48E843, 2D0072C2EFFD5278D0211438FA9A29CF394F01857273A53B09A629977C024B30 ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
16:09:00.0431 0x2050 PDF Architect Service - ok
16:09:00.0585 0x2050 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
16:09:00.0632 0x2050 PEAUTH - ok
16:09:00.0735 0x2050 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
16:09:00.0735 0x2050 percsas2i - ok
16:09:00.0818 0x2050 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
16:09:00.0819 0x2050 percsas3i - ok
16:09:01.0082 0x2050 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
16:09:01.0098 0x2050 PerfHost - ok
16:09:01.0583 0x2050 [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
16:09:01.0636 0x2050 PhoneSvc - ok
16:09:01.0783 0x2050 [ 06A31E2C90347128A1A25290568E152C, 7F0BC96C116A5C6B9796233CA975B1F6A73D554A533191F38295D60221E503C4 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
16:09:01.0799 0x2050 PimIndexMaintenanceSvc - ok
16:09:02.0269 0x2050 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
16:09:02.0423 0x2050 pla - ok
16:09:02.0570 0x2050 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
16:09:02.0586 0x2050 PlugPlay - ok
16:09:02.0723 0x2050 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
16:09:02.0739 0x2050 PNRPAutoReg - ok
16:09:02.0855 0x2050 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
16:09:02.0886 0x2050 PNRPsvc - ok
16:09:03.0002 0x2050 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
16:09:03.0024 0x2050 PolicyAgent - ok
16:09:03.0124 0x2050 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
16:09:03.0140 0x2050 Power - ok
16:09:03.0256 0x2050 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
16:09:03.0256 0x2050 PptpMiniport - ok
16:09:04.0426 0x2050 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:09:04.0627 0x2050 PrintNotify - ok
16:09:04.0805 0x2050 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
16:09:04.0826 0x2050 Processor - ok
16:09:05.0043 0x2050 [ B2DC3BA675F95343D55EC989FE303561, C53FCA036358B0B11BBE5348074FA24831CF67C9FEE31A3DC9CF88B6178CFBC8 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
16:09:05.0143 0x2050 ProfSvc - ok
16:09:05.0242 0x2050 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
16:09:05.0242 0x2050 Psched - ok
16:09:05.0505 0x2050 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
16:09:05.0528 0x2050 QWAVE - ok
16:09:05.0675 0x2050 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
16:09:05.0675 0x2050 QWAVEdrv - ok
16:09:05.0828 0x2050 [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini C:\WINDOWS\System32\drivers\RadioHIDMini.sys
16:09:05.0828 0x2050 RadioHIDMini - ok
16:09:05.0891 0x2050 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:09:05.0906 0x2050 RasAcd - ok
16:09:06.0007 0x2050 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
16:09:06.0028 0x2050 RasAgileVpn - ok
16:09:06.0176 0x2050 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:09:06.0191 0x2050 RasAuto - ok
16:09:06.0260 0x2050 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
16:09:06.0260 0x2050 Rasl2tp - ok
16:09:06.0407 0x2050 [ DF0702D6A190452E1BFA52F36E58640A, 37B7B8220CDE965F1232D883CEEEDDDB309ABA0ACBE38486E69B9052D39187C4 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:09:06.0461 0x2050 RasMan - ok
16:09:06.0545 0x2050 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:09:06.0545 0x2050 RasPppoe - ok
16:09:06.0592 0x2050 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
16:09:06.0592 0x2050 RasSstp - ok
16:09:06.0826 0x2050 [ 392CD98739F4A8F188A3CB34F6AB193E, C36D1CD8EEB57DB37A0A079DFC87120F948A8E3EE09973CCF5D613566B17EA10 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:09:06.0846 0x2050 rdbss - ok
16:09:06.0931 0x2050 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
16:09:06.0946 0x2050 rdpbus - ok
16:09:07.0009 0x2050 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
16:09:07.0009 0x2050 RDPDR - ok
16:09:07.0209 0x2050 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:09:07.0209 0x2050 RdpVideoMiniport - ok
16:09:07.0394 0x2050 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
16:09:07.0410 0x2050 rdyboost - ok
16:09:07.0710 0x2050 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
16:09:07.0779 0x2050 ReFSv1 - ok
16:09:07.0895 0x2050 [ FD2B3A645798A2EFB7FB61AC42AAA611, 8A121D361A73CA19AA87B1AD33B8020A99444BF4C8904944AD5913C5083859B8 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:09:07.0933 0x2050 RemoteAccess - ok
16:09:08.0064 0x2050 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:09:08.0080 0x2050 RemoteRegistry - ok
16:09:08.0396 0x2050 [ 94DCF20DF6170B557AFD386E37C128BC, 70FB7C7A7D2BFA95EACEEE38B39E1DCA93DA63AE1898C4F54956B9413C60EB88 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
16:09:08.0434 0x2050 RetailDemo - ok
16:09:08.0566 0x2050 [ 068220E1B417556F4226E6A3CA0A1C24, 381DD82EF6EAEE83B5B3FA123D04A4D1EEB3407737683C22BBA787C39DCAFFE3 ] RmSvc C:\WINDOWS\System32\RMapi.dll
16:09:08.0581 0x2050 RmSvc - ok
16:09:08.0734 0x2050 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
16:09:08.0750 0x2050 RpcEptMapper - ok
16:09:08.0797 0x2050 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
16:09:08.0812 0x2050 RpcLocator - ok
16:09:09.0045 0x2050 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:09:09.0114 0x2050 RpcSs - ok
16:09:09.0196 0x2050 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
16:09:09.0203 0x2050 rspndr - ok
16:09:09.0798 0x2050 [ FA00B16D06217288AFD700223DA131BA, 90688C3A8403FEF2A90550781CBA932A522125B47D71F3F0AF73E21E43BC5564 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
16:09:09.0851 0x2050 rt640x64 - ok
16:09:10.0098 0x2050 [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport C:\windows\SysWOW64\drivers\rtport.sys
16:09:10.0113 0x2050 rtport - ok
16:09:10.0183 0x2050 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
16:09:10.0183 0x2050 s3cap - ok
16:09:10.0313 0x2050 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe
16:09:10.0313 0x2050 SamSs - ok
16:09:10.0683 0x2050 SamsungLinkService - ok
16:09:10.0915 0x2050 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
16:09:10.0915 0x2050 sbp2port - ok
16:09:11.0184 0x2050 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
16:09:11.0199 0x2050 SCardSvr - ok
16:09:11.0353 0x2050 [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
16:09:11.0368 0x2050 ScDeviceEnum - ok
16:09:11.0484 0x2050 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:09:11.0484 0x2050 scfilter - ok
16:09:11.0917 0x2050 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:09:12.0017 0x2050 Schedule - ok
16:09:12.0139 0x2050 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
16:09:12.0139 0x2050 scmbus - ok
16:09:12.0186 0x2050 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
16:09:12.0201 0x2050 scmdisk0101 - ok
16:09:12.0355 0x2050 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
16:09:12.0370 0x2050 SCPolicySvc - ok
16:09:12.0536 0x2050 [ B728AB4A8FBBCF5269DD5290D3F1F1EF, B85E0AD5DE7D8E26675A36F7D5ACD64CDDCADD86610C3C065DF1BC757B73816D ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
16:09:12.0539 0x2050 sdbus - ok
16:09:12.0655 0x2050 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
16:09:12.0670 0x2050 SDRSVC - ok
16:09:12.0817 0x2050 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
16:09:12.0817 0x2050 sdstor - ok
16:09:12.0886 0x2050 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
16:09:12.0886 0x2050 seclogon - ok
16:09:13.0002 0x2050 [ B605A44ACA1FCFF736235A4D7AEDA548, 48D8B5BC027CFE91AF7402C463327572181D4C1B1E2942F4D05792EED070B2DC ] SENS C:\WINDOWS\System32\sens.dll
16:09:13.0017 0x2050 SENS - ok
16:09:13.0471 0x2050 [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
16:09:13.0556 0x2050 SensorDataService - ok
16:09:13.0671 0x2050 [ 7BFD114F0F308CE29AEB8F16056D0658, 0CD3B3C69DCB3EAD8F8EF5C633911DD4F2C1167DC6FE28107EE38713A35A1F5C ] SensorService C:\WINDOWS\system32\SensorService.dll
16:09:13.0756 0x2050 SensorService - ok
16:09:13.0772 0x2050 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
16:09:13.0787 0x2050 SensrSvc - ok
16:09:13.0839 0x2050 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
16:09:13.0841 0x2050 SerCx - ok
16:09:13.0941 0x2050 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
16:09:13.0941 0x2050 SerCx2 - ok
16:09:14.0002 0x2050 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
16:09:14.0005 0x2050 Serenum - ok
16:09:14.0097 0x2050 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
16:09:14.0104 0x2050 Serial - ok
16:09:14.0155 0x2050 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
16:09:14.0158 0x2050 sermouse - ok
16:09:14.0356 0x2050 [ D525D273BE5691BDACE72B07AB0D1E02, 9231BD2137E71B3D555CEBBA8811297F239FDA08BF573CA4741D03D76718B5B1 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
16:09:14.0388 0x2050 SessionEnv - ok
16:09:14.0541 0x2050 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
16:09:14.0541 0x2050 sfloppy - ok
16:09:14.0873 0x2050 [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:09:14.0904 0x2050 SharedAccess - ok
16:09:15.0221 0x2050 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:09:15.0274 0x2050 ShellHWDetection - ok
16:09:15.0421 0x2050 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
16:09:15.0458 0x2050 shpamsvc - ok
16:09:15.0505 0x2050 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:09:15.0520 0x2050 SiSRaid2 - ok
16:09:15.0605 0x2050 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
16:09:15.0621 0x2050 SiSRaid4 - ok
16:09:16.0121 0x2050 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:09:16.0143 0x2050 SkypeUpdate - ok
16:09:16.0321 0x2050 [ 3EB12F95C259907F976B9FFCD26FA047, 1ADC40D8911F7C3C7376882DC0B5526F1C16089E13883734498D36C9CE4D8E76 ] smphost C:\WINDOWS\System32\smphost.dll
16:09:16.0339 0x2050 smphost - ok
16:09:16.0674 0x2050 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
16:09:16.0739 0x2050 SmsRouter - ok
16:09:16.0859 0x2050 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
16:09:16.0874 0x2050 SNMPTRAP - ok
16:09:17.0044 0x2050 [ 3DB9C2950439B61A038BF83E697C7A14, 6BF5EA5D4A251CB982F336840A60EF4241A3FC7442E7CD4D7C82199F5BF8D4D2 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
16:09:17.0075 0x2050 spaceport - ok
16:09:17.0140 0x2050 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
16:09:17.0144 0x2050 SpbCx - ok
16:09:17.0260 0x2050 [ DA5A9752A702E86AFC10F06115A8AF4C, 1EBF973AAEE0D851934CFD99BF6FC3B33D6EF5EDE95F81450D2EA18117172FC9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
16:09:17.0322 0x2050 Spooler - ok
16:09:17.0893 0x2050 [ 36E594EF1B8F040C4F2C452D126C0215, 90FF47911E5EE4C315DDAF38D169DCA5C5B8555D7EDB2E3676CFCBDC1B8D21CC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
16:09:18.0353 0x2050 sppsvc - ok
16:09:18.0473 0x2050 [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:09:18.0506 0x2050 srv - ok
16:09:18.0645 0x2050 [ 2C2D61825A3D036CACA7E34FF75B8207, 73A212B2432CD10881BCC95FFEB3C91CDCD4E5DFA2AD2AFE7905597985CFAC47 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
16:09:18.0699 0x2050 srv2 - ok
16:09:18.0730 0x2050 [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:09:18.0746 0x2050 srvnet - ok
16:09:18.0846 0x2050 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:09:18.0883 0x2050 SSDPSRV - ok
16:09:18.0985 0x2050 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
16:09:19.0009 0x2050 SstpSvc - ok
16:09:19.0601 0x2050 [ DF762D30EF0EE10E569C507BE75EAA6B, C23BA05E778CF1A547E7D3FE2226E0E68917570C56D5E703E599CAF2FD10BD17 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
16:09:19.0932 0x2050 StateRepository - ok
16:09:20.0001 0x2050 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
16:09:20.0001 0x2050 stexstor - ok
16:09:20.0132 0x2050 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\WINDOWS\System32\wiaservc.dll
16:09:20.0185 0x2050 stisvc - ok
16:09:20.0285 0x2050 [ 0FE3B9A9E40DE1029B0AC2368A3F765D, AB06795E456DB9CE4E5A91DD1C2638B4D474CE1C5DB4819D5EE17A337D74A231 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
16:09:20.0301 0x2050 storahci - ok
16:09:20.0370 0x2050 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
16:09:20.0386 0x2050 storflt - ok
16:09:20.0448 0x2050 [ B739FF1C1FAF9D0ADFBFB0FD59A5AB37, F128D872283AD1F91B56667DB885E7404D76B1CC72D6D71382C5DFA19AE433ED ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
16:09:20.0467 0x2050 stornvme - ok
16:09:20.0586 0x2050 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
16:09:20.0586 0x2050 storqosflt - ok
16:09:20.0733 0x2050 [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc C:\WINDOWS\system32\storsvc.dll
16:09:20.0771 0x2050 StorSvc - ok
16:09:20.0933 0x2050 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
16:09:20.0933 0x2050 storufs - ok
16:09:20.0986 0x2050 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
16:09:21.0002 0x2050 storvsc - ok
16:09:21.0087 0x2050 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
16:09:21.0102 0x2050 svsvc - ok
16:09:21.0133 0x2050 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
16:09:21.0133 0x2050 swenum - ok
16:09:21.0202 0x2050 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
16:09:21.0249 0x2050 swprv - ok
16:09:21.0472 0x2050 SWUpdateService - ok
16:09:21.0550 0x2050 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
16:09:21.0572 0x2050 Synth3dVsc - ok
16:09:21.0835 0x2050 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
16:09:21.0919 0x2050 SysMain - ok
16:09:22.0051 0x2050 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:09:22.0092 0x2050 SystemEventsBroker - ok
16:09:22.0163 0x2050 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:09:22.0185 0x2050 TabletInputService - ok
16:09:22.0274 0x2050 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
|
|
04.11.2016, 16:13
| #11 |
| | [WIN 10] TR/Dropper.MSIL.Gen gefunden! Teil 2: Code:
ATTFilter 16:09:22.0289 0x2050 tap0901 - ok
16:09:22.0441 0x2050 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:09:22.0459 0x2050 TapiSrv - ok
16:09:22.0506 0x2050 [ 93F0F5EF8A4CA261372DF98B31B2BD05, 8CE4C01EF8BB6A2A11324D4ED1320760D78852A96570EEC5252FCEC2E50C597D ] tbhsd C:\WINDOWS\system32\drivers\tbhsd.sys
16:09:22.0506 0x2050 tbhsd - ok
16:09:22.0863 0x2050 [ B705D8E3011268160833518FBD80FBCE, 28EE5D3D49CC2C88BEEC4A4AF76EC58ED707D6AD353A7700CE92D61AF1264507 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
16:09:23.0045 0x2050 Tcpip - ok
16:09:23.0531 0x2050 [ B705D8E3011268160833518FBD80FBCE, 28EE5D3D49CC2C88BEEC4A4AF76EC58ED707D6AD353A7700CE92D61AF1264507 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
16:09:23.0863 0x2050 Tcpip6 - ok
16:09:24.0031 0x2050 [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
16:09:24.0036 0x2050 tcpipreg - ok
16:09:24.0131 0x2050 [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
16:09:24.0142 0x2050 tdx - ok
16:09:24.0197 0x2050 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
16:09:24.0201 0x2050 terminpt - ok
16:09:24.0600 0x2050 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
16:09:24.0653 0x2050 TermService - ok
16:09:24.0769 0x2050 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
16:09:24.0785 0x2050 Themes - ok
16:09:24.0954 0x2050 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
16:09:24.0969 0x2050 TieringEngineService - ok
16:09:25.0185 0x2050 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
16:09:25.0501 0x2050 tiledatamodelsvc - ok
16:09:25.0739 0x2050 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
16:09:25.0770 0x2050 TimeBrokerSvc - ok
16:09:26.0118 0x2050 [ A4DDEE4BB810FBAC4798D1BF4FCCF2DD, 45F3EA7C50D183C8CA226D0E92CD48C34EC529894BB619DB9FE07E3C152E31A9 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
16:09:26.0139 0x2050 TomTomHOMEService - ok
16:09:26.0236 0x2050 [ 798C8CB861EB09C5AFB77468E5449BBB, F6631E779159B99B097A59792D11713809CA493618B6A210A4BC905F16782094 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
16:09:26.0240 0x2050 TPM - ok
16:09:26.0441 0x2050 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
16:09:26.0472 0x2050 TrkWks - ok
16:09:26.0641 0x2050 [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:09:26.0657 0x2050 TrustedInstaller - ok
16:09:26.0842 0x2050 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
16:09:26.0842 0x2050 tsusbflt - ok
16:09:27.0120 0x2050 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:09:27.0120 0x2050 TsUsbGD - ok
16:09:27.0242 0x2050 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
16:09:27.0258 0x2050 tunnel - ok
16:09:27.0441 0x2050 [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
16:09:27.0458 0x2050 tzautoupdate - ok
16:09:27.0705 0x2050 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
16:09:27.0705 0x2050 UASPStor - ok
16:09:27.0805 0x2050 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
16:09:27.0821 0x2050 UcmCx0101 - ok
16:09:27.0843 0x2050 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
16:09:27.0859 0x2050 UcmTcpciCx0101 - ok
16:09:27.0990 0x2050 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
16:09:27.0990 0x2050 UcmUcsi - ok
16:09:28.0106 0x2050 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
16:09:28.0139 0x2050 Ucx01000 - ok
16:09:28.0306 0x2050 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
16:09:28.0322 0x2050 UdeCx - ok
16:09:28.0522 0x2050 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
16:09:28.0545 0x2050 udfs - ok
16:09:28.0661 0x2050 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
16:09:28.0661 0x2050 UEFI - ok
16:09:28.0946 0x2050 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
16:09:28.0977 0x2050 Ufx01000 - ok
16:09:29.0258 0x2050 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
16:09:29.0267 0x2050 UfxChipidea - ok
16:09:29.0393 0x2050 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
16:09:29.0393 0x2050 ufxsynopsys - ok
16:09:29.0478 0x2050 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
16:09:29.0494 0x2050 UI0Detect - ok
16:09:29.0562 0x2050 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
16:09:29.0562 0x2050 umbus - ok
16:09:29.0711 0x2050 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
16:09:29.0711 0x2050 UmPass - ok
16:09:30.0112 0x2050 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
16:09:30.0150 0x2050 UmRdpService - ok
16:09:30.0512 0x2050 [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
16:09:30.0745 0x2050 UnistoreSvc - ok
16:09:30.0982 0x2050 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:09:31.0013 0x2050 upnphost - ok
16:09:31.0129 0x2050 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
16:09:31.0145 0x2050 UrsChipidea - ok
16:09:31.0286 0x2050 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
16:09:31.0286 0x2050 UrsCx01000 - ok
16:09:31.0530 0x2050 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
16:09:31.0530 0x2050 UrsSynopsys - ok
16:09:31.0652 0x2050 [ 8047D8AFA070A4C3B9FCBDBF77A84C45, D8B47716EE57391E3B9CBE3B35FF1F933F08E40B1C8C12EB5BE2438D9E409FF0 ] usb3Hub C:\WINDOWS\System32\drivers\usb3Hub.sys
16:09:31.0652 0x2050 usb3Hub - ok
16:09:31.0815 0x2050 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
16:09:31.0831 0x2050 USBAAPL64 - ok
16:09:32.0000 0x2050 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
16:09:32.0000 0x2050 usbccgp - ok
16:09:32.0200 0x2050 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
16:09:32.0200 0x2050 usbcir - ok
16:09:32.0302 0x2050 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
16:09:32.0302 0x2050 usbehci - ok
16:09:32.0733 0x2050 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
16:09:32.0755 0x2050 usbhub - ok
16:09:33.0070 0x2050 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
16:09:33.0117 0x2050 USBHUB3 - ok
16:09:33.0217 0x2050 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
16:09:33.0233 0x2050 usbohci - ok
16:09:33.0386 0x2050 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
16:09:33.0386 0x2050 usbprint - ok
16:09:33.0555 0x2050 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
16:09:33.0555 0x2050 usbser - ok
16:09:33.0802 0x2050 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:09:33.0818 0x2050 USBSTOR - ok
16:09:34.0006 0x2050 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
16:09:34.0013 0x2050 usbuhci - ok
16:09:34.0172 0x2050 [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
16:09:34.0192 0x2050 usbvideo - ok
16:09:34.0356 0x2050 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:09:34.0403 0x2050 USBXHCI - ok
16:09:35.0235 0x2050 [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
16:09:35.0357 0x2050 UserDataSvc - ok
16:09:35.0774 0x2050 [ 8F6DAAFDDDA27D83ACC8C7FF1536CAF6, 5E1B67A5B388CBB3B193C238546BAD4DC5F5DF54859E16607A60681E6D38FA73 ] UserManager C:\WINDOWS\System32\usermgr.dll
16:09:35.0874 0x2050 UserManager - ok
16:09:36.0337 0x2050 [ 0F3C4209200F3DAD2015DA3044FA8DC3, 84DC9CB21ECD79C3BFDBBDF66173F4E2D7E6CB118E0EEA4516A6661636D4CE8F ] UsoSvc C:\WINDOWS\system32\usocore.dll
16:09:36.0391 0x2050 UsoSvc - ok
16:09:36.0491 0x2050 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\WINDOWS\system32\lsass.exe
16:09:36.0491 0x2050 VaultSvc - ok
16:09:36.0637 0x2050 [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone C:\WINDOWS\System32\drivers\VClone.sys
16:09:36.0637 0x2050 VClone - ok
16:09:36.0691 0x2050 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
16:09:36.0706 0x2050 vdrvroot - ok
16:09:37.0107 0x2050 [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds C:\WINDOWS\System32\vds.exe
16:09:37.0161 0x2050 vds - ok
16:09:37.0223 0x2050 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
16:09:37.0239 0x2050 VerifierExt - ok
16:09:37.0392 0x2050 [ C12B4859FC255AA6B3021CF8BB14A11F, E95922351825D23ABCADD173E9256FC9AFFF28555DD1971CFF5666A2055958C5 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
16:09:37.0439 0x2050 vhdmp - ok
16:09:37.0593 0x2050 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
16:09:37.0608 0x2050 vhf - ok
16:09:37.0739 0x2050 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
16:09:37.0762 0x2050 vmbus - ok
16:09:37.0824 0x2050 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
16:09:37.0840 0x2050 VMBusHID - ok
16:09:37.0909 0x2050 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
16:09:37.0909 0x2050 vmgid - ok
16:09:38.0093 0x2050 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
16:09:38.0125 0x2050 vmicguestinterface - ok
16:09:38.0178 0x2050 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
16:09:38.0209 0x2050 vmicheartbeat - ok
16:09:38.0294 0x2050 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
16:09:38.0309 0x2050 vmickvpexchange - ok
16:09:38.0363 0x2050 [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
16:09:38.0394 0x2050 vmicrdv - ok
16:09:38.0525 0x2050 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
16:09:38.0541 0x2050 vmicshutdown - ok
16:09:38.0726 0x2050 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
16:09:38.0742 0x2050 vmictimesync - ok
16:09:38.0826 0x2050 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
16:09:38.0842 0x2050 vmicvmsession - ok
16:09:38.0926 0x2050 [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
16:09:38.0960 0x2050 vmicvss - ok
16:09:39.0023 0x2050 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
16:09:39.0048 0x2050 volmgr - ok
16:09:39.0113 0x2050 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
16:09:39.0225 0x2050 volmgrx - ok
16:09:39.0272 0x2050 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
16:09:39.0303 0x2050 volsnap - ok
16:09:39.0364 0x2050 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
16:09:39.0380 0x2050 volume - ok
16:09:39.0465 0x2050 [ 04BEC879AD7B3FDDD0339B19FECB0160, 8C92755DDB41AD7DDA1643D7F32FAA0FCA7E2C65C69611EB5EC1B3276EA8DBC7 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
16:09:39.0480 0x2050 vpci - ok
16:09:39.0543 0x2050 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
16:09:39.0565 0x2050 vsmraid - ok
16:09:39.0781 0x2050 [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\WINDOWS\system32\vssvc.exe
16:09:39.0997 0x2050 VSS - ok
16:09:40.0163 0x2050 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
16:09:40.0182 0x2050 VSTXRAID - ok
16:09:40.0298 0x2050 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
16:09:40.0298 0x2050 vwifibus - ok
16:09:40.0329 0x2050 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
16:09:40.0329 0x2050 vwififlt - ok
16:09:40.0414 0x2050 [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
16:09:40.0414 0x2050 vwifimp - ok
16:09:40.0529 0x2050 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
16:09:40.0567 0x2050 W32Time - ok
16:09:40.0645 0x2050 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
16:09:40.0667 0x2050 WacomPen - ok
16:09:40.0799 0x2050 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
16:09:40.0830 0x2050 WalletService - ok
16:09:40.0867 0x2050 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:09:40.0883 0x2050 wanarp - ok
16:09:40.0899 0x2050 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:09:40.0899 0x2050 wanarpv6 - ok
16:09:41.0168 0x2050 [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\WINDOWS\system32\wbengine.exe
16:09:41.0268 0x2050 wbengine - ok
16:09:41.0431 0x2050 [ 6BE945D6DE02713BAD8627205CDF9F48, F6548EAF5D67DA4682D8B31E5B565606DEAAB9276B44F25F1A4203AB61B9400B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
16:09:41.0500 0x2050 WbioSrvc - ok
16:09:41.0569 0x2050 [ CD24DEEA22152524CCFE859591D12A57, C60ACF77647E5D6EDC10BBBCF974DF264145123C8EDB6506AFA9C949EBA53D7F ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
16:09:41.0585 0x2050 wcifs - ok
16:09:41.0732 0x2050 [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
16:09:41.0785 0x2050 Wcmsvc - ok
16:09:41.0917 0x2050 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
16:09:41.0948 0x2050 wcncsvc - ok
16:09:42.0032 0x2050 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
16:09:42.0048 0x2050 wcnfs - ok
16:09:42.0148 0x2050 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
16:09:42.0148 0x2050 WdBoot - ok
16:09:42.0371 0x2050 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
16:09:42.0418 0x2050 Wdf01000 - ok
16:09:42.0487 0x2050 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
16:09:42.0502 0x2050 WdFilter - ok
16:09:42.0702 0x2050 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
16:09:42.0718 0x2050 WdiServiceHost - ok
16:09:42.0733 0x2050 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
16:09:42.0749 0x2050 WdiSystemHost - ok
16:09:42.0849 0x2050 [ 373DF27CD5D5E50FFA2A90FEE0C0D994, 09E6C6C690AEE1C1A9A84BBA87A934040B2A20F677E5F5B2D24F8433B61BD81E ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
16:09:42.0903 0x2050 wdiwifi - ok
16:09:42.0971 0x2050 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:09:42.0971 0x2050 WdNisDrv - ok
16:09:43.0071 0x2050 WdNisSvc - ok
16:09:43.0150 0x2050 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:09:43.0172 0x2050 WebClient - ok
16:09:43.0272 0x2050 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
16:09:43.0303 0x2050 Wecsvc - ok
16:09:43.0334 0x2050 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
16:09:43.0350 0x2050 WEPHOSTSVC - ok
16:09:43.0388 0x2050 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
16:09:43.0404 0x2050 wercplsupport - ok
16:09:43.0466 0x2050 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
16:09:43.0473 0x2050 WerSvc - ok
16:09:43.0535 0x2050 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
16:09:43.0551 0x2050 WFPLWFS - ok
16:09:43.0635 0x2050 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
16:09:43.0651 0x2050 WiaRpc - ok
16:09:43.0689 0x2050 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
16:09:43.0689 0x2050 WIMMount - ok
16:09:43.0704 0x2050 WinDefend - ok
16:09:43.0751 0x2050 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
16:09:43.0770 0x2050 WindowsTrustedRT - ok
16:09:43.0805 0x2050 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
16:09:43.0805 0x2050 WindowsTrustedRTProxy - ok
16:09:43.0989 0x2050 [ C9E7D91A044B77CBCB4121C06610A86C, 9FF039D67A5CE4732920EA4F1F5CFD9DE0AAADC34829A007EA697030D42D3623 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:09:44.0076 0x2050 WinHttpAutoProxySvc - ok
16:09:44.0154 0x2050 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
16:09:44.0160 0x2050 WinMad - ok
16:09:44.0636 0x2050 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:09:44.0669 0x2050 Winmgmt - ok
16:09:45.0005 0x2050 [ F86E9029774478D276E0AAB7D169896D, EDCB96F745E1F16BDFF70B140B38412096FA29A407157183223AE6111CBB4B38 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
16:09:45.0190 0x2050 WinRM - ok
16:09:45.0471 0x2050 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
16:09:45.0475 0x2050 WINUSB - ok
16:09:45.0506 0x2050 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
16:09:45.0506 0x2050 WinVerbs - ok
16:09:45.0574 0x2050 [ 3A627A24EAC6CEC3BA59548AA70BAD6E, C4B908CEB2D6F7F14C635AE02E20B16DAF795073975AE3967627D27E8ABAB015 ] WirelessKeyboardFilter C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys
16:09:45.0590 0x2050 WirelessKeyboardFilter - ok
16:09:45.0722 0x2050 [ 4D694EDF85F1BFC463B15846D4E00A9B, 4ED44C0E22D2843121E4C8A58F97B526BB7D85C0D7A0BB4B1158A970258C791E ] wisvc C:\WINDOWS\system32\flightsettings.dll
16:09:45.0775 0x2050 wisvc - ok
16:09:46.0154 0x2050 [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
16:09:46.0354 0x2050 WlanSvc - ok
16:09:46.0639 0x2050 [ 7A98AF088E0B1A5EB98863B14F493716, 8B2F8D02AC0637C72859AF29C05C01D7D1C81C6A15CBE2D579F27F3254E66076 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
16:09:46.0792 0x2050 wlidsvc - ok
16:09:46.0892 0x2050 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
16:09:46.0892 0x2050 WmiAcpi - ok
16:09:47.0008 0x2050 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:09:47.0024 0x2050 wmiApSrv - ok
16:09:47.0140 0x2050 WMPNetworkSvc - ok
16:09:47.0208 0x2050 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
16:09:47.0224 0x2050 Wof - ok
16:09:47.0478 0x2050 [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
16:09:47.0609 0x2050 workfolderssvc - ok
16:09:47.0694 0x2050 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
16:09:47.0710 0x2050 WPDBusEnum - ok
16:09:47.0810 0x2050 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:09:47.0825 0x2050 WpdUpFltr - ok
16:09:47.0894 0x2050 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
16:09:47.0910 0x2050 WpnService - ok
16:09:47.0994 0x2050 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
16:09:48.0010 0x2050 WpnUserService - ok
16:09:48.0141 0x2050 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:09:48.0157 0x2050 ws2ifsl - ok
16:09:48.0279 0x2050 [ 519806FBCF00A0B17B8E03297DB0F551, 1911EA7168B06DBF3D36833120E4731437BF1ACC294C289B132C50280A40F548 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
16:09:48.0295 0x2050 wscsvc - ok
16:09:48.0342 0x2050 [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
16:09:48.0342 0x2050 WSDPrintDevice - ok
16:09:48.0410 0x2050 [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
16:09:48.0410 0x2050 WSDScan - ok
16:09:48.0426 0x2050 WSearch - ok
16:09:48.0942 0x2050 [ 92E3A595ECA98F09B72A1E68ACB4651A, 161CAC79B0D908F0C0B219B07FEEF2280C31860A8661426EB2095ABCEB56CF13 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
16:09:49.0100 0x2050 wuauserv - ok
16:09:49.0166 0x2050 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
16:09:49.0177 0x2050 WudfPf - ok
16:09:49.0310 0x2050 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
16:09:49.0323 0x2050 WUDFRd - ok
16:09:49.0427 0x2050 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
16:09:49.0443 0x2050 wudfsvc - ok
16:09:49.0559 0x2050 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:09:49.0581 0x2050 WUDFWpdFs - ok
16:09:49.0879 0x2050 [ D4F2FFCF5D199152DD01026D3AA38138, 4F90FE9BFC6CC2ABB2A163A36A000458A96AB64071861582F17B74C95CAEFB32 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
16:09:49.0944 0x2050 WwanSvc - ok
16:09:50.0298 0x2050 [ 862B5A128CC64904FDAB54CEEC3C57CD, FC9C9BF1AF76C635B054832EE3581FC8F12446FE47C492925D8624DB85ABE606 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
16:09:50.0382 0x2050 XblAuthManager - ok
16:09:50.0761 0x2050 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
16:09:50.0829 0x2050 XblGameSave - ok
16:09:50.0930 0x2050 [ 59335CEA021FB89E07AD5DB5D17F09D0, 33FEFD5798BFA306FBEDCC8F2D0D984B6546A61B5026E921A8AC0466ADF2B698 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
16:09:50.0946 0x2050 xboxgip - ok
16:09:51.0300 0x2050 [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
16:09:51.0363 0x2050 XboxNetApiSvc - ok
16:09:51.0480 0x2050 [ 24E57041608ED6A9D7FDAD0D9EC214E2, 895A16072F5EFFF57A7DCA21917540726BF816A2746EC47A066AAD363F69E5D7 ] XHCIPort C:\WINDOWS\System32\drivers\XHCIPort.sys
16:09:51.0485 0x2050 XHCIPort - ok
16:09:51.0663 0x2050 [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
16:09:51.0678 0x2050 xinputhid - ok
16:09:51.0685 0x2050 ================ Scan global ===============================
16:09:51.0847 0x2050 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
16:09:51.0963 0x2050 [ C1448641F2FFFEAB54DE9274BD3E65FD, 4A666332462CB65606A88FFD9DF74EC660A62EC34F2FA754E566F61D8D3C1E9F ] C:\WINDOWS\system32\winsrv.dll
16:09:51.0986 0x2050 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
16:09:52.0101 0x2050 [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
16:09:52.0148 0x2050 [ Global ] - ok
16:09:52.0148 0x2050 ================ Scan MBR ==================================
16:09:52.0164 0x2050 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:09:52.0333 0x2050 \Device\Harddisk0\DR0 - ok
16:09:52.0333 0x2050 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:09:52.0364 0x2050 \Device\Harddisk1\DR1 - ok
16:09:52.0364 0x2050 ================ Scan VBR ==================================
16:09:52.0364 0x2050 [ 8F6667F0B06D826AEC58062AFE6EE04B ] \Device\Harddisk0\DR0\Partition1
16:09:52.0364 0x2050 \Device\Harddisk0\DR0\Partition1 - ok
16:09:52.0402 0x2050 [ FAA3BB23AA374C2D290F39197D902806 ] \Device\Harddisk0\DR0\Partition2
16:09:52.0402 0x2050 \Device\Harddisk0\DR0\Partition2 - ok
16:09:52.0417 0x2050 [ BC56C2EB68F396C6FCB60AD9913A1102 ] \Device\Harddisk0\DR0\Partition3
16:09:52.0417 0x2050 \Device\Harddisk0\DR0\Partition3 - ok
16:09:52.0448 0x2050 [ 24471DCDE94787943DC10444F7D4EFE5 ] \Device\Harddisk0\DR0\Partition4
16:09:52.0448 0x2050 \Device\Harddisk0\DR0\Partition4 - ok
16:09:52.0486 0x2050 [ BE751290C5BE0292D0D797B46D3E684F ] \Device\Harddisk0\DR0\Partition5
16:09:52.0533 0x2050 \Device\Harddisk0\DR0\Partition5 - ok
16:09:52.0648 0x2050 [ 104950DBEF59DC917C639B9BB9F25FE7 ] \Device\Harddisk0\DR0\Partition6
16:09:52.0701 0x2050 \Device\Harddisk0\DR0\Partition6 - ok
16:09:52.0748 0x2050 [ D1240E282C19767B0B99116675B1FE27 ] \Device\Harddisk0\DR0\Partition7
16:09:52.0748 0x2050 \Device\Harddisk0\DR0\Partition7 - ok
16:09:52.0784 0x2050 [ 178DD9CE11B8C0D2ABC83D572AAA4A6B ] \Device\Harddisk0\DR0\Partition8
16:09:52.0786 0x2050 \Device\Harddisk0\DR0\Partition8 - ok
16:09:52.0786 0x2050 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
16:09:52.0786 0x2050 \Device\Harddisk1\DR1\Partition1 - ok
16:09:52.0802 0x2050 [ 4442C0A6C04745FB6E5882AD4133A05F ] \Device\Harddisk1\DR1\Partition2
16:09:52.0802 0x2050 \Device\Harddisk1\DR1\Partition2 - ok
16:09:52.0817 0x2050 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition3
16:09:52.0817 0x2050 \Device\Harddisk1\DR1\Partition3 - ok
16:09:52.0817 0x2050 ================ Scan generic autorun ======================
16:09:52.0817 0x2050 ETDCtrl - ok
16:09:54.0334 0x2050 [ C6992F5730886B6977313918583D13C7, 5D75DBF4D272BD4A8DDF40C7D9D8044621EFD12AB4303DBF90538AFBE2FEFD42 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:09:55.0128 0x2050 RtHDVCpl - ok
16:09:55.0282 0x2050 [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
16:09:55.0282 0x2050 IAStorIcon - ok
16:09:55.0398 0x2050 [ 9C3F26DCA9142F16ED3D7EE8AB4E417D, 867AD96CB5738266E5BC93E424EA1673881C5F5FBF19C7B699F800C7206CA929 ] C:\Program Files\iTunes\iTunesHelper.exe
16:09:55.0413 0x2050 iTunesHelper - ok
16:09:55.0614 0x2050 [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
16:09:55.0630 0x2050 Intel AppUp(SM) center - ok
16:09:55.0783 0x2050 [ D713106D059C67888CD5F5A862059D7B, 5F9344DA3AE43EEAFAC9E662DF380D77730DEE0AFE8DA31ED7C654E86BE196E5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:09:55.0846 0x2050 avgnt - ok
16:09:55.0961 0x2050 [ D644073DAAC7AE80F757F82A8D90C3D1, C98283B30CFBAB315BFD9CBA36ED2DC65150B7400BFE3285C21E6C1E52F41AFC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:09:55.0978 0x2050 APSDaemon - ok
16:09:56.0084 0x2050 [ F655E4A1AED366E96E5D5AA397E0F255, F8573CCA72FA25079B8CE2FC5D30379487E2905B109C73C741FAB31589FA49E1 ] C:\Program Files (x86)\QuickTime\QTTask.exe
16:09:56.0115 0x2050 QuickTime Task - ok
16:09:56.0300 0x2050 Dropbox - ok
16:09:56.0400 0x2050 [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
16:09:56.0400 0x2050 Avira SystrayStartTrigger - ok
16:09:56.0516 0x2050 [ 44E614FCBD7C4606D6E1FA24E2A8B26C, A6EE595A701A7351CFDE11F7376677766121762B101082F64F60C9EE1A8831B9 ] C:\Program Files (x86)\PDF24\pdf24.exe
16:09:56.0547 0x2050 PDFPrint - ok
16:09:56.0722 0x2050 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
16:09:56.0732 0x2050 VirtualCloneDrive - ok
16:09:57.0770 0x2050 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:09:58.0458 0x2050 OneDriveSetup - ok
16:09:59.0525 0x2050 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:10:00.0011 0x2050 OneDriveSetup - ok
16:10:00.0027 0x2050 DAEMON Tools Lite - ok
16:10:00.0148 0x2050 [ C816EC69693ED89D4D20A31D1647FEB9, CFEEE93A0B33AC1132AA10C26D8489471A0FDB8781DDE28C9173E0DA46BE5561 ] C:\Program Files\Greenshot\Greenshot.exe
16:10:00.0164 0x2050 Greenshot - ok
16:10:00.0897 0x2050 [ B7275CEE6103BAD919BE61DFEE7D2895, D97619370A4EF70FEF462417479E0F492C765B3F7CC0E5B67DB0C8DFB52E5967 ] C:\Users\Johannes\AppData\Local\Amazon Music\Amazon Music Helper.exe
16:10:01.0229 0x2050 Amazon Music - ok
16:10:01.0398 0x2050 [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Johannes\AppData\Local\Microsoft\OneDrive\OneDrive.exe
16:10:01.0451 0x2050 OneDrive - ok
16:10:01.0499 0x2050 [ 64BD910F426F389CB1050764AF254E6E, 67341775B3AA1376339984DA3741263A0EC6ADD80A0878E9F5C9529CCDEE7808 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
16:10:01.0514 0x2050 iCloudServices - ok
16:10:01.0552 0x2050 [ 9BF52261C5CB340047DCFA505F5B0DB8, D22AE9148C416836EB2B809CC3AA7B6FCE5ED464C93BEEEF3F272AB837B7F816 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
16:10:01.0568 0x2050 iCloudDrive - ok
16:10:01.0684 0x2050 [ 3957B2BCC2EF4C86C9E153BCF70C150F, 06DB82F9D15ACD11792913C7F69C3F7DA9E824B63BFE56B6495997B67A1760B9 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
16:10:01.0699 0x2050 iCloudPhotos - ok
16:10:01.0815 0x2050 [ ABD18F12F8905B86856250C0ADFCCDD7, A670EF7CD8BB98A15F176CE98F28E8EC4AC8289F9F2230300F9AAA6CEBCB0628 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
16:10:01.0830 0x2050 TomTomHOME.exe - ok
16:10:01.0830 0x2050 DAEMON Tools Lite - ok
16:10:01.0948 0x2050 [ C816EC69693ED89D4D20A31D1647FEB9, CFEEE93A0B33AC1132AA10C26D8489471A0FDB8781DDE28C9173E0DA46BE5561 ] C:\Program Files\Greenshot\Greenshot.exe
16:10:01.0968 0x2050 Greenshot - ok
16:10:02.0268 0x2050 [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Lisa\AppData\Local\Microsoft\OneDrive\OneDrive.exe
16:10:02.0315 0x2050 OneDrive - ok
16:10:02.0315 0x2050 Waiting for KSN requests completion. In queue: 21
16:10:03.0371 0x2050 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.23.58 ), 0x41000 ( enabled : updated )
16:10:03.0371 0x2050 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
16:10:03.0386 0x2050 Win FW state via NFP2: enabled ( trusted )
16:10:03.0586 0x2050 ============================================================
16:10:03.0586 0x2050 Scan finished
16:10:03.0586 0x2050 ============================================================
16:10:03.0602 0x00e4 Detected object count: 0
16:10:03.0602 0x00e4 Actual detected object count: 0
|
|
04.11.2016, 22:28
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | [WIN 10] TR/Dropper.MSIL.Gen gefunden! Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu [WIN 10] TR/Dropper.MSIL.Gen gefunden! |
| anderes, antivir, chip.de, dahinter, deutlich, download, gefunde, gemeldet, generell, hölle, installation, installer, langsamer, monate, quara, rechner, sauber, steckt, super, system, tr/dropper.msil.gen, troja, trojaner, win, win 10 |
![[WIN 10] TR/Dropper.MSIL.Gen gefunden!](iconimages/log-analyse-auswertung/win-10-tr-dropper-msil-gen-gefunden_ltr.gif)
Linear-Darstellung
