| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.01.2017, 16:14
| #1 |
 |  Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? Werte Spezialisten, nun brauch ich doch Eure Hilfe, der Computerfritze um die Ecke will immer nur alles neu installieren!!! Betriebssystem: Windows 7 Professional 64bit mit SP1 Notebook: Acer Travelmate P653M Virensoftware: Zonealarm Seit ca. 1/4 Jahr hab ich das Problem, das unabhängig wieviele Internetseiten ich geöffnet habe die Tastatur wenn ich zum Beispiel bei google was eingebe hängt bzw. nur stark verzögert reagiert. Der Coursor blinkt zwar noch und die Maus reagiert in dem Moment wo ich Buchstaben eingetippt habe auch nicht, aber gleich danach wieder. Komischerweise tritt dieser Fehler aber nicht bei allen Seiten auf. Ich habe schon mehrmals den Firefox repariert bzw. bereinigt, Zonealarm macht regelmäßig eine Überprüfung. Aus lauter Verzweiflung habe ich mir schon den adwcleaner installiert und ausgeführt. Das was er gefunden und bereinigt hat hier im Anhang. Der Fehler tritt aber immer noch auf!!! Vielleicht kann mir ja jemand helfen denn ich zwar nicht ganz unbeleckt vom Computerthema aber in dieser Beziehung auch nur ein Otto-Normalverbraucher. Danke schon im Vorraus!!! PS. Wenn die Tastatur dann hängt und ich des Taskmanager kurz aufrufe geht es wieder, aber sowie ich zu schnell tippe hängt die Tastatur wieder fest. Ich benutze regelmäßig: - Auslogics Disk Defrag - CCleaner - Wise Registry Cleaner # AdwCleaner v6.042 - Bericht erstellt am 12/01/2017 um 10:10:37 # Aktualisiert am 06/01/2017 von Malwarebytes # Datenbank : 2017-01-11.1 [Server] # Betriebssystem : Windows 7 Professional Service Pack 1 (X64) # Benutzername : Jens - JENS-PC # Gestartet von : D:\Eigene Dateien\Downloads\adwcleaner_6.042(1).exe # Modus: Löschen # Unterstützung : https://www.malwarebytes.com/support ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner gelöscht: C:\ProgramData\Auslogics [#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Auslogics [-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics [-] Ordner gelöscht: C:\Program Files (x86)\Auslogics ***** [ Dateien ] ***** [-] Datei gelöscht: C:\Windows\SysNative\LavasoftTcpService64.dll [-] Datei gelöscht: C:\Windows\SysNative\LavasoftTcpServiceOff.ini [-] Datei gelöscht: C:\Windows\SysWOW64\lavasofttcpservice.dll [-] Datei gelöscht: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1 [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1 [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1 [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1 [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1 [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1 [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1 [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1 [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1 [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1 [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1 [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1 [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1 [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1 [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Lavasoft\Web Companion [-] Schlüssel gelöscht: HKLM\SOFTWARE\WISECLEANER [-] Schlüssel gelöscht: HKLM\SOFTWARE\Auslogics [-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 [-] Schlüssel gelöscht: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com [-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com ***** [ Browser ] ***** ************************* :: "Tracing" Schlüssel gelöscht :: Winsock Einstellungen zurückgesetzt ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [6320 Bytes] - [12/01/2017 10:10:37] C:\AdwCleaner\AdwCleaner[R0].txt - [11618 Bytes] - [24/03/2015 13:36:55] C:\AdwCleaner\AdwCleaner[R1].txt - [1833 Bytes] - [08/06/2015 15:36:46] C:\AdwCleaner\AdwCleaner[S0].txt - [9066 Bytes] - [24/03/2015 13:40:56] C:\AdwCleaner\AdwCleaner[S1].txt - [1743 Bytes] - [08/06/2015 15:51:57] C:\AdwCleaner\AdwCleaner[S2].txt - [6523 Bytes] - [12/01/2017 10:09:03] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6759 Bytes] ########## |
|
13.01.2017, 09:35
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? Hi,
__________________ZoneAlarm bitte deinstallieren, das Teil hat noch nie was getaugt und war vor etlichen Jahren schon extrem umstritten. Danach bitte FRST: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
13.01.2017, 12:56
| #3 |
| | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? Hi Cosinus,
__________________erst mal Dank für die schnelle Hilfe. Zonaalarm deinstallieren ist einfach gesagt aber womit schütze ich dann die ca. sechs mit Windows betriebenen Rechner effektiv am besten??? Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-01-2017
durchgeführt von Jens (Administrator) auf JENS-PC (13-01-2017 12:31:01)
Gestartet von D:\Eigene Dateien\Downloads
Geladene Profile: Jens (Verfügbare Profile: Jens)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\AKL\AkSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\D-Link Corporation\D-Link DWA-140\WPSHWPBC.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\AKL\AkSA.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(STMicroelectronics) C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Token.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Alcor Micro Corp) C:\Program Files (x86)\Multimedia Card Reader\shwicon2k.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(RSA, The Security Division of EMC.) C:\Program Files (x86)\Common Files\RSA Shared\RSA Card Conversion Utility\RSACardConversionUtility.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [563840 2011-12-02] (Conexant Systems, Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Acer MotionProtect Tray Application] => C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Token.exe [211608 2012-05-25] (STMicroelectronics)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016944 2013-04-11] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [ISW] => C:\Program Files (x86)\CheckPoint\AKL\AkSA.exe [935544 2016-01-22] (Check Point Software Technologies LTD)
HKLM\...\Run: [ALU] => C:\Program Files\Acer\Acer Updater\ALU.exe [2419104 2016-06-06] (Acer Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1144112 2013-01-16] (Dritek System Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-03-06] (Intel Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134480 2016-03-24] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Sunkist2k] => C:\Program Files (x86)\Multimedia Card Reader\shwicon2k.exe [135168 2003-04-09] (Alcor Micro Corp)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [RSA Card Conversion Utility] => C:\Program Files (x86)\Common Files\RSA Shared\RSA Card Conversion Utility\RSACardConversionUtility.exe [3499728 2010-08-27] (RSA, The Security Division of EMC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\...\MountPoints2: {ab50c787-baff-11e6-8e44-001e101f1f81} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{DE4A5399-94CB-44B4-9351-194021FF4416}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.de/
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001 -> DefaultScope {8F065789-B230-4E17-BFBF-DCA335C4D982} URL =
SearchScopes: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001 -> {1F0C0E4A-72C8-4560-9612-27AD083921F1} URL = hxxp://webtip.ch/cgi-bin/amz_track/tracker_de.pl?loc=search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001 -> {47F43F50-68E2-4F28-B949-26EE0EC9C505} URL = hxxp://www.buyertools.net/cgi-bin/preispiraten_de/nph.fcgi?qry_str={searchTerms}&category=deutsch&how=and&searchtype=simple&Web=on&wiki_tab=on&wiki_tab_old=+CHECKED&ebay_tab=on&ebay_tab_old=+CHECKED&shoppingcom_tab=on&shoppingcom_tab_old=+CHECKED&pirat_tab=on&pirat_tab_old=+CHECKED&JavaScript=enabled&submit=SUCHEN
SearchScopes: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001 -> {8F065789-B230-4E17-BFBF-DCA335C4D982} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: amazon -> {84B94901-3645-4D80-A6B7-4D0050B19455} -> C:\Program Files (x86)\Preispiraten6\IEButtonAmazonInterface.dll [2009-08-20] ()
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Preispiraten -> {E9E027BF-C3F3-4022-8F6B-8F6D39A59684} -> C:\Program Files (x86)\Preispiraten6\IEButtonPPInterface.dll [2009-08-20] ()
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Jens\AppData\Roaming\Mozilla\Firefox\Profiles\m65fgiyz.default-1481793769120 [2017-01-13]
FF Homepage: Mozilla\Firefox\Profiles\m65fgiyz.default-1481793769120 -> www.google.de/
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20 => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [donottrackplus@abine.com] - C:\Program Files (x86)\CheckPoint\Install\dntme-firefox.xpi
FF Extension: (Blur) - C:\Program Files (x86)\CheckPoint\Install\dntme-firefox.xpi [2016-03-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
S3 CWUpdaterDaemon; C:\Program Files (x86)\CheckPoint\Parental Controls\bin\cwupdater.exe [9729368 2015-08-13] (ContentWatch, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
R2 IswSvc; C:\Program Files (x86)\CheckPoint\AKL\AkSVC.exe [1156728 2016-01-22] (Check Point Software Technologies LTD)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3746584 2016-03-24] (Check Point Software Technologies Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WPSHWPBC_DWA_140; C:\Program Files (x86)\D-Link Corporation\D-Link DWA-140\WPSHWPBC.exe [318624 2015-10-08] ()
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-10-19] (Check Point Software Technologies, Ltd.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [84784 2012-03-27] (Egis Technology Inc.)
R3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [130944 2014-11-10] (Gemalto)
R3 icsak; C:\Program Files (x86)\CheckPoint\AKL\ak\icsak.sys [48512 2014-07-17] (Check Point Software Technologies LTD)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\AKL\ISWKL.sys [54144 2014-07-17] (Check Point Software Technologies LTD)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-11-26] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [172920 2015-11-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [292176 2016-08-12] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [926584 2015-11-26] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-11-26] (Kaspersky Lab ZAO)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2254016 2015-09-15] (MediaTek Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-03-14] (STMicroelectronics)
S3 SunkFilt; C:\Windows\SysWOW64\Drivers\sunkfilt.sys [34568 2003-04-08] (Alcor Micro Corp.) [Datei ist nicht signiert]
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462296 2016-08-12] (Check Point Software Technologies Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-13 12:29 - 2017-01-13 12:31 - 00000000 ____D C:\FRST
2016-12-14 11:10 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 11:10 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 11:10 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 11:10 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 11:10 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 11:10 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 11:10 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 11:10 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 11:10 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 11:10 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 11:10 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 11:10 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 11:10 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 11:10 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 11:10 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 11:10 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 11:10 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 11:10 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 11:10 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 11:10 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 11:10 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 11:10 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 11:10 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 11:10 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 11:10 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 11:10 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 11:10 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 11:10 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 11:10 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 11:10 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 11:10 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 11:10 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 11:10 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 11:10 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 11:10 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 11:10 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 11:10 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 11:10 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 11:10 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 11:10 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 11:10 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 11:10 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 11:10 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 11:10 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 11:10 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 11:10 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 11:10 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 11:10 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 11:10 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 11:10 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 11:10 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 11:10 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 11:10 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 11:10 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 11:10 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 11:10 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 11:10 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 11:10 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 11:10 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 11:10 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 11:10 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 11:10 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 11:10 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 11:10 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 11:10 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 11:10 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 11:10 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 11:10 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 11:10 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 11:10 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 11:10 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 11:10 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 11:10 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 11:10 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 11:10 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 11:10 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 11:10 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 11:10 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 11:10 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 11:10 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 11:10 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 11:10 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 11:10 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 11:10 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 11:10 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 11:10 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 11:10 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 11:10 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 11:10 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 11:10 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 11:10 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 11:10 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 11:10 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 11:10 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 11:10 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 11:10 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 11:10 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 11:10 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 11:10 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 11:10 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 11:10 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 11:10 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 11:10 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 11:10 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 11:10 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 11:10 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 11:10 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 11:10 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 11:10 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 11:10 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 11:10 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 11:10 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 11:10 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 11:10 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 11:10 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 11:10 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 11:10 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 11:10 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 11:10 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 11:10 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 11:10 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 11:10 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 11:10 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 11:10 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 11:10 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 11:10 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 11:10 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 11:10 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 11:10 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 11:10 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 11:10 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 11:10 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 11:10 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 11:10 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 11:10 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 11:10 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 11:10 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 11:10 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 11:10 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 11:10 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 11:10 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 11:10 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 11:10 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-14 10:31 - 2016-12-14 10:31 - 00000000 ____D C:\Users\Jens\AppData\Roaming\Wave Systems Corp
2016-12-14 10:22 - 2016-12-14 10:22 - 00000000 ____D C:\Windows\system32\appmgmt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-13 12:31 - 2009-07-14 05:45 - 00016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-13 12:31 - 2009-07-14 05:45 - 00016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-13 12:23 - 2016-09-22 09:20 - 00000000 ____D C:\Users\Jens\AppData\Roaming\Skype
2017-01-12 11:30 - 2016-12-01 20:59 - 00000000 ____D C:\Users\Jens\AppData\LocalLow\Mozilla
2017-01-12 10:39 - 2015-10-29 14:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-12 10:36 - 2015-10-29 14:01 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-12 10:19 - 2015-10-06 01:45 - 00704784 _____ C:\Windows\system32\perfh007.dat
2017-01-12 10:19 - 2015-10-06 01:45 - 00151152 _____ C:\Windows\system32\perfc007.dat
2017-01-12 10:19 - 2009-07-14 06:13 - 01628108 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-12 10:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-12 10:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-12 10:10 - 2015-03-24 13:36 - 00000000 ____D C:\AdwCleaner
2017-01-10 19:10 - 2015-10-29 13:59 - 00000000 ____D C:\Users\Jens\AppData\Local\Adobe
2017-01-10 19:08 - 2013-06-21 17:32 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-10 19:08 - 2013-06-21 17:32 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-10 19:08 - 2013-06-21 17:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-10 19:08 - 2013-06-21 17:32 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-10 19:05 - 2016-11-18 12:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-10 19:05 - 2015-10-05 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 11:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-15 11:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Microsoft.NET
2016-12-15 11:10 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\assembly
2016-12-15 10:59 - 2016-04-06 15:30 - 00000000 ____D C:\Users\Jens\Documents\Outlook-Dateien
2016-12-15 10:22 - 2016-09-12 13:19 - 00000000 ____D C:\Users\Jens\Desktop\Alte Firefox-Daten
2016-12-15 10:14 - 2015-10-29 19:49 - 00002240 _____ C:\Windows\wininit.ini
2016-12-15 10:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\winsxs
2016-12-15 10:13 - 2009-07-14 03:34 - 00189440 ____H C:\Users\Default\NTUSER.DAT.LOG1
2016-12-15 10:12 - 2009-07-14 05:45 - 00415568 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-15 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\en-US
2016-12-15 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\de-DE
2016-12-15 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\en-US
2016-12-15 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\drivers
2016-12-15 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\de-DE
2016-12-15 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Boot
2016-12-15 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppPatch
2016-12-15 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-14 11:54 - 2016-04-07 11:39 - 00041826 _____ C:\Users\Jens\Desktop\tmp.dat
2016-12-14 11:20 - 2015-11-16 09:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-14 11:19 - 2015-10-12 22:11 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 11:16 - 2015-10-12 22:11 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 11:14 - 2015-11-06 22:58 - 01606132 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-14 11:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\catroot2
2016-12-14 10:34 - 2015-10-13 13:31 - 00000000 ____D C:\Users\Jens\AppData\Local\EgisTec
2016-12-14 10:34 - 2013-06-21 16:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-14 10:34 - 2013-06-21 16:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-12-14 10:34 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-14 10:34 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files
2016-12-14 10:34 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files
2016-12-14 10:33 - 2015-10-05 16:37 - 00000000 ____D C:\ProgramData\Wave Systems Corp
2016-12-14 10:33 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-12-14 10:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-14 10:31 - 2015-10-05 18:22 - 00000000 ____D C:\Users\Jens\AppData\Roaming
2016-12-14 10:27 - 2015-10-05 18:22 - 00000000 ____D C:\Users\Jens\AppData\Local
2016-12-14 09:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\migration
2016-12-14 09:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\migration
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-12 10:04 - 2015-11-12 10:04 - 0008917 _____ () C:\Users\Jens\AppData\Local\HWVendorDetection.log
Einige Dateien in TEMP:
====================
C:\Users\Jens\AppData\Local\Temp\xcs16E9.tmp.exe
C:\Users\Jens\AppData\Local\Temp\xcs2A0.tmp.exe
C:\Users\Jens\AppData\Local\Temp\xcs6E6B.tmp.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-13 09:01
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-01-2017
durchgeführt von Jens (13-01-2017 12:32:09)
Gestartet von D:\Eigene Dateien\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-10-05 17:22:11)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1114637928-2207284162-3558911400-500 - Administrator - Disabled)
Gast (S-1-5-21-1114637928-2207284162-3558911400-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1114637928-2207284162-3558911400-1002 - Limited - Enabled)
Jens (S-1-5-21-1114637928-2207284162-3558911400-1001 - Administrator - Enabled) => C:\Users\Jens
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: ZoneAlarm Internet Security Suite Antivirus (Disabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Internet Security Suite Anti-Spyware (Disabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Internet Security Suite Firewall (Disabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer 3G Connection Manager (HKLM-x32\...\{96F5085A-FAB3-40DA-BF1A-EABC37EA031C}) (Version: 3.00.3503 - Acer Incorporated)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3507 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Broadcom Gigabit Integrated Controller (HKLM\...\{394E442A-637D-43EF-B402-4CFD88263CF0}) (Version: 15.0.5.1 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-9332CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.30.0 - Conexant)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.381 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
D-Link DWA-140 (HKLM-x32\...\{09828F4D-CE2E-403A-8708-A02E53495F3D}) (Version: 4.04 - D-Link Corporation)
EgisTec ES603 WDM Driver (HKLM-x32\...\InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}) (Version: 3.1.14.0 - Egis Technology Inc.)
ES603 WDM Driver (x32 Version: 3.1.14.0 - Egis Technology Inc.) Hidden
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.1 - Gemalto)
HUAWEI DataCard Driver 4.25.00.03 (HKLM-x32\...\HUAWEI DataCard Driver) (Version: 4.25.00.03 - Huawei technologies Co., Ltd.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3503 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3062 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K.IM 3.5 - Kompakte Immobilienbewertung (HKLM-x32\...\K.IM_is1) (Version: - )
Launch Manager (HKLM-x32\...\LManager) (Version: 6.2.2 - Acer Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{13B97BA0-1765-4EBA-8902-C6E30291F67B}) (Version: 1.17 - Alcor Micro,Corp.)
Multimedia Card Reader (x32 Version: 1.17 - Alcor Micro,Corp.) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Outlook Backup Assistant 7 (Vollversion) (HKLM-x32\...\812A5AC8-50DA-43D8-B36E-30CDD7FCCAA1_is1) (Version: 7 - Priotecs IT GmbH)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Preispiraten (HKLM-x32\...\{5384EA8A-FECA-4D6E-B7B4-3D4D9D47E5DF}) (Version: 6 - metaspinner net GmbH)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
RSA SecurID Software Token (HKLM-x32\...\{1E7941DC-32F1-467D-8351-8955A038A76E}) (Version: 4.1.1 - RSA, The Security Division of EMC)
RSA Smart Card Middleware 3.5 (HKLM-x32\...\{AC2F9FCC-170E-4B0B-84AB-7307A373570F}) (Version: 3.5.3.36 - RSA, The Security Division of EMC)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.16.201611221058 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.06.0026 - ST Microelectronics)
Sweet Home 3D version 5.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.34 - Synaptics Incorporated)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel)
VHV RECOMAX (HKLM-x32\...\{53CFF9B1-4ED7-4114-8ECF-ADD13BC8AC57}) (Version: 8.06 - VHV Allgemeine Versicherung AG)
VHV-Tarifprogramm (HKLM-x32\...\{AC2E0432-9092-42F8-B4C2-E95DF8ADE82C}) (Version: 68.0.16 - VHV Allgemeine Versicherung AG)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - Microsoft (USBCCID) SmartCardReader (05/17/2005 5.2.3790.2444) (HKLM\...\E38B2136962D21A7BDE5AAC98CD1C6EA6B6D0687) (Version: 05/17/2005 5.2.3790.2444 - Microsoft)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wise Registry Cleaner 9.35 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 9.35 - WiseCleaner.com, Inc.)
ZoneAlarm Antivirus (x32 Version: 14.1.057.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 14.1.057.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Internet Security Suite (HKLM-x32\...\ZoneAlarm Internet Security Suite) (Version: 14.1.057.000 - Check Point)
ZoneAlarm Parental Controls (Version: 7.2.6.1 - ContentWatch) Hidden
ZoneAlarm Security (x32 Version: 14.1.057.000 - Check Point Software Technologies Ltd.) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001_Classes\CLSID\{6295A54D-BD2A-4CF7-A288-62B0D91F7879}\InprocServer32 -> C:\Program Files (x86)\Outlook Backup Assistant\AddIn\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001_Classes\CLSID\{743035C6-FA33-39DF-A741-34A81649705C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001_Classes\CLSID\{E3DF3DC0-3869-3CF6-9638-ACE5BFCF8341}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001_Classes\CLSID\{E444D266-68C3-4748-91FC-49A65C606776}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {30A6DF06-5AA1-42F1-96B5-6431E52A4A61} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2016-06-08] (Acer Incorporated)
Task: {77148A5F-ABCA-44CE-9370-E7E23395B1C2} - System32\Tasks\{0E0ED386-A2C9-4E10-A6FA-14604466EEF6} => pcalua.exe -a E:\setup.exe -d E:\
Task: {9DA6A8A6-4B61-4016-B645-5780D517D629} - System32\Tasks\{5EBC7A90-5ADA-4BD1-8FFC-0EF873343037} => pcalua.exe -a E:\WINDOWS\Setup.exe -d E:\WINDOWS
Task: {A2D99154-A902-4257-B70E-9B48B0012C08} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {B11793DE-7B37-46F8-AF29-70F5439D72DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-08 11:08 - 2005-04-22 05:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2016-05-10 14:49 - 2015-10-08 08:33 - 00318624 _____ () C:\Program Files (x86)\D-Link Corporation\D-Link DWA-140\WPSHWPBC.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-21 17:17 - 2013-03-09 03:06 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-05 16:20 - 2012-05-25 08:55 - 00250008 _____ () C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_DT.dll
2016-12-07 12:11 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-10-05 16:13 - 2012-03-06 23:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-12-07 12:11 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2016-12-07 12:11 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-09-07 16:01 - 2015-09-07 16:01 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-11-06 11:46 - 2015-11-06 11:46 - 02385280 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2016-12-07 12:11 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-11-13 11:52 - 2015-11-13 11:52 - 00824192 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00093568 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00143232 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00167296 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2015-09-07 16:02 - 2015-09-07 16:02 - 00212352 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-10-08 11:08 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\...\localhost -> localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A8B86D55-436F-4B8A-9C08-2CE2F329012C}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1AD7F496-B7B1-4690-B4CE-4B2AC33AD613}] => LPort=2869
FirewallRules: [{6E1E9FDF-6A90-4D10-A970-633290216A7A}] => LPort=1900
FirewallRules: [{1BEDF534-E19F-4914-8F41-08BC100194A5}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [VirtualPC-In-UDP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [{1CA191FD-0273-4AFC-8FF6-054A6F780889}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{70A4E17C-F568-4C91-A501-8A244D6FB77D}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{94EB4EF4-D103-41CD-B5DC-07B495C9F213}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{A0947616-3784-42FE-B2A4-A81E1776543C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{23889E0B-339C-43DF-83B3-5CAB49F5FED6}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB29684F-9E4C-43E6-9888-88745F5A902C}] => C:\Program Files (x86)\Brother\Brmfl12d\FAXRX.EXE
FirewallRules: [{9AF83614-49C8-4C1B-A1B6-0F097A2B0912}] => LPort=54925
FirewallRules: [{CF2C0872-C372-4736-8158-DBC255E92FD0}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{540E28C7-542B-42BE-8135-9B8ED5C9CA03}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{715F5069-DF20-4AAD-960E-F545442B0786}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C31833F-651B-42FD-B7F3-534A9E5E3F31}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{F86EC511-35C1-4A37-A1B6-B1D19AFD12B2}] => C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{8B4296B5-CAA7-40F7-9F3A-8EEA97CD934C}] => C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{08F3FFDB-6A15-4562-B931-93379F91C7BC}] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{26C405A2-7AEF-4E9A-877A-797025CC4C27}] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{B5ACD508-5145-4301-9B5A-52F928FD785F}] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{5FC43CE9-7DE8-4252-AAE6-8C72F0DFE763}] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{C4F41A42-BBBD-4E58-8506-2726F5D7A8EE}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\VHVKommunikationszentrale.exe
FirewallRules: [{5D6DA180-3C38-4350-8AE6-9827E299F5A8}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\VHVKommunikationszentrale.exe
FirewallRules: [{C96CAFF3-1CC6-45EC-9C11-51CF7C37FF96}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\VHVKommunikationszentrale.exe
FirewallRules: [{DC517760-6977-407C-88A0-28BF7EF0B8B1}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\VHVKommunikationszentrale.exe
FirewallRules: [{D9867E18-51A6-45DF-9DDA-D84F7FFFDC8C}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\jre\bin\javaw.exe
FirewallRules: [{94A2FA26-BACB-4091-AAD5-BE28C20D7A2C}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\jre\bin\javaw.exe
FirewallRules: [{0CD58F41-3324-4F0D-B132-9694DAC356E7}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\jre\bin\javaw.exe
FirewallRules: [{5DD39D5F-902C-4D45-B40D-03BCF4710D19}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\jre\bin\javaw.exe
FirewallRules: [{C6540EC5-167B-47AF-B725-F98BF120C7FE}] => C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{45C28462-6B89-4C1D-910E-0234D94FCF62}] => C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
==================== Wiederherstellungspunkte =========================
09-12-2016 11:25:48 Windows Update
14-12-2016 10:20:48 Removed Microsoft Silverlight
14-12-2016 10:31:42 Entfernt Acer ProShield
14-12-2016 11:11:03 Windows Update
22-12-2016 10:22:27 Geplanter Prüfpunkt
02-01-2017 16:44:52 Geplanter Prüfpunkt
10-01-2017 18:18:44 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/13/2017 09:52:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompatTelRunner.exe, Version: 10.0.14913.1002, Zeitstempel: 0x57d1070d
Name des fehlerhaften Moduls: devinv.dll, Version: 10.0.14913.1002, Zeitstempel: 0x57d10950
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002431e
ID des fehlerhaften Prozesses: 0x1550
Startzeit der fehlerhaften Anwendung: 0x01d26d7329a6aabf
Pfad der fehlerhaften Anwendung: C:\Windows\system32\CompatTelRunner.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\devinv.dll
Berichtskennung: acd12a6b-d96d-11e6-980d-001e101fb45e
Error: (12/15/2016 10:59:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7172.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 880
Startzeit: 01d256b9e10d5046
Endzeit: 6
Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
Berichts-ID: 248f133d-c2ad-11e6-9b93-001e101f36d9
Error: (12/15/2016 09:48:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompatTelRunner.exe, Version: 10.0.14913.1002, Zeitstempel: 0x57d1070d
Name des fehlerhaften Moduls: devinv.dll, Version: 10.0.14913.1002, Zeitstempel: 0x57d10950
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000023c00
ID des fehlerhaften Prozesses: 0x1024
Startzeit der fehlerhaften Anwendung: 0x01d256968baaea07
Pfad der fehlerhaften Anwendung: C:\Windows\system32\CompatTelRunner.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\devinv.dll
Berichtskennung: 4d424be6-c2a3-11e6-9c4e-001e101f7f74
Error: (12/09/2016 10:58:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IntelSmallBusinessAdvantage.exe, Version 1.0.17.2303 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2108
Startzeit: 01d250cad084dff3
Endzeit: 3
Anwendungspfad: C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
Berichts-ID:
Error: (12/07/2016 09:18:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 50.0.2.6177, Zeitstempel: 0x583e5197
Name des fehlerhaften Moduls: mozglue.dll, Version: 50.0.2.6177, Zeitstempel: 0x583e4b91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed43
ID des fehlerhaften Prozesses: 0x1eb8
Startzeit der fehlerhaften Anwendung: 0x01d250c65bc502eb
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: 3f651cdd-bcba-11e6-8e4a-001e101f2500
Error: (10/15/2016 09:23:41 AM) (Source: System Restore) (EventID: 8211) (User: )
Description: Der geplante Wiederherstellungspunkt konnte nicht erstellt werden. Zusätzliche Informationen: (0x81000101).
Error: (10/15/2016 09:23:39 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x81000101).
Error: (10/04/2016 10:10:07 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={CBF35F96-1CA4-4D02-83D8-0FD95B02997B}: Der Benutzer "Jens-PC\Jens" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.
Error: (09/25/2016 07:18:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IntelSmallBusinessAdvantage.exe, Version 1.0.17.2303 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ecc
Startzeit: 01d21404e0592b8c
Endzeit: 5
Anwendungspfad: C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
Berichts-ID:
Error: (09/23/2016 08:16:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 48.0.2.6079, Zeitstempel: 0x57bd3628
Name des fehlerhaften Moduls: mozglue.dll, Version: 48.0.2.6079, Zeitstempel: 0x57bd2857
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000efe5
ID des fehlerhaften Prozesses: 0x27ac
Startzeit der fehlerhaften Anwendung: 0x01d214fae4061f61
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: aa28dc45-815d-11e6-b8f7-001e101f1838
Systemfehler:
=============
Error: (01/13/2017 11:29:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.
Error: (01/13/2017 09:00:48 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.
Error: (01/12/2017 10:13:31 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/12/2017 10:13:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) für Benutzer NT-AUTORITÄT\LOKALER DIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/12/2017 10:12:15 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (01/12/2017 10:12:15 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (01/12/2017 10:11:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (01/12/2017 10:11:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (01/12/2017 10:11:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (01/12/2017 10:10:55 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 7971.6 MB
Verfügbarer physikalischer RAM: 5175.44 MB
Summe virtueller Speicher: 15941.38 MB
Verfügbarer virtueller Speicher: 13059.75 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:401.6 GB) (Free:238.04 GB) NTFS
Drive d: (Volume) (Fixed) (Total:50 GB) (Free:11.24 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4B5962B1)
Partition 1: (Not Active) - (Size=14.1 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=401.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=50 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
13.01.2017, 14:19
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall?Zitat:
Schutz gibt es nicht, indem du einfach nur ne Software draufknallst. Weitere Hinweise gibt es wenn wir hier durch sind.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.01.2017, 14:46
| #5 |
| | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? So ZA ist deinstalliert. Farbers Scan und Logfiles schicken jetzt noch mal machen, oder was sonst? |
|
13.01.2017, 14:50
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? |
|
13.01.2017, 16:48
| #7 |
| | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) 2x gescannt = jedes mal:no mailware found Aber trotzdem: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.01.13.09
rootkit: v2016.11.20.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Jens :: JENS-PC [administrator]
13.01.2017 15:05:30
mbar-log-2017-01-13 (15-05-30).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 295743
Time elapsed: 13 minute(s), 36 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.01.13.10
rootkit: v2016.11.20.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Jens :: JENS-PC [administrator]
13.01.2017 15:43:50
mbar-log-2017-01-13 (15-43-50).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 295745
Time elapsed: 12 minute(s), 24 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 16:36:35.0817 0x162c TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
16:36:42.0718 0x162c ============================================================
16:36:42.0718 0x162c Current date / time: 2017/01/13 16:36:42.0718
16:36:42.0718 0x162c SystemInfo:
16:36:42.0718 0x162c
16:36:42.0718 0x162c OS Version: 6.1.7601 ServicePack: 1.0
16:36:42.0718 0x162c Product type: Workstation
16:36:42.0719 0x162c ComputerName: JENS-PC
16:36:42.0719 0x162c UserName: Jens
16:36:42.0719 0x162c Windows directory: C:\Windows
16:36:42.0719 0x162c System windows directory: C:\Windows
16:36:42.0719 0x162c Running under WOW64
16:36:42.0719 0x162c Processor architecture: Intel x64
16:36:42.0719 0x162c Number of processors: 4
16:36:42.0719 0x162c Page size: 0x1000
16:36:42.0719 0x162c Boot type: Normal boot
16:36:42.0719 0x162c CodeIntegrityOptions = 0x00000001
16:36:42.0719 0x162c ============================================================
16:36:42.0815 0x162c KLMD registered as C:\Windows\system32\drivers\38717930.sys
16:36:42.0815 0x162c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
16:36:43.0146 0x162c System UUID: {D4760735-2E87-08F7-F0EE-806CC29DCDB9}
16:36:43.0465 0x162c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:36:43.0473 0x162c ============================================================
16:36:43.0473 0x162c \Device\Harddisk0\DR0:
16:36:43.0474 0x162c MBR partitions:
16:36:43.0474 0x162c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C21000, BlocksNum 0x32000
16:36:43.0474 0x162c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C53000, BlocksNum 0x32332800
16:36:43.0504 0x162c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x33F86000, BlocksNum 0x63FF800
16:36:43.0504 0x162c ============================================================
16:36:43.0536 0x162c C: <-> \Device\Harddisk0\DR0\Partition2
16:36:43.0576 0x162c D: <-> \Device\Harddisk0\DR0\Partition3
16:36:43.0577 0x162c ============================================================
16:36:43.0577 0x162c Initialize success
16:36:43.0577 0x162c ============================================================
16:39:43.0092 0x15c4 ============================================================
16:39:43.0092 0x15c4 Scan started
16:39:43.0092 0x15c4 Mode: Manual; SigCheck; TDLFS;
16:39:43.0092 0x15c4 ============================================================
16:39:43.0092 0x15c4 KSN ping started
16:39:43.0281 0x15c4 KSN ping finished: true
16:39:43.0843 0x15c4 ================ Scan system memory ========================
16:39:43.0843 0x15c4 System memory - ok
16:39:43.0844 0x15c4 ================ Scan services =============================
16:39:43.0976 0x15c4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:39:44.0037 0x15c4 1394ohci - ok
16:39:44.0066 0x15c4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:39:44.0078 0x15c4 ACPI - ok
16:39:44.0099 0x15c4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:39:44.0151 0x15c4 AcpiPmi - ok
16:39:44.0270 0x15c4 [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:39:44.0288 0x15c4 AdobeARMservice - ok
16:39:44.0329 0x15c4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:39:44.0349 0x15c4 adp94xx - ok
16:39:44.0404 0x15c4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:39:44.0422 0x15c4 adpahci - ok
16:39:44.0433 0x15c4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:39:44.0442 0x15c4 adpu320 - ok
16:39:44.0472 0x15c4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:39:44.0487 0x15c4 AeLookupSvc - ok
16:39:44.0535 0x15c4 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
16:39:44.0564 0x15c4 AFD - ok
16:39:44.0585 0x15c4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:39:44.0593 0x15c4 agp440 - ok
16:39:44.0614 0x15c4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:39:44.0653 0x15c4 ALG - ok
16:39:44.0700 0x15c4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:39:44.0712 0x15c4 aliide - ok
16:39:44.0723 0x15c4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:39:44.0732 0x15c4 amdide - ok
16:39:44.0771 0x15c4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:39:44.0796 0x15c4 AmdK8 - ok
16:39:44.0807 0x15c4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:39:44.0823 0x15c4 AmdPPM - ok
16:39:44.0854 0x15c4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:39:44.0864 0x15c4 amdsata - ok
16:39:44.0896 0x15c4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:39:44.0908 0x15c4 amdsbs - ok
16:39:44.0925 0x15c4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:39:44.0933 0x15c4 amdxata - ok
16:39:44.0971 0x15c4 [ 1C591C1A0CB8ABE215FF66F9A1D8E955, E0BE5D58A721A73DF5F643F9626B21720B2D2CD074B4646144AA788E0C48FAFC ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
16:39:45.0010 0x15c4 AMPPAL - ok
16:39:45.0039 0x15c4 [ 1C591C1A0CB8ABE215FF66F9A1D8E955, E0BE5D58A721A73DF5F643F9626B21720B2D2CD074B4646144AA788E0C48FAFC ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
16:39:45.0058 0x15c4 AMPPALP - ok
16:39:45.0145 0x15c4 [ E1841818278F2A9D66F834451D608AEA, 1773C8C97B8945232847364E27B47A0FA1837EF6D928005972B76B5A7CF6C59E ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
16:39:45.0165 0x15c4 AMPPALR3 - ok
16:39:45.0220 0x15c4 [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\Windows\system32\drivers\appid.sys
16:39:45.0248 0x15c4 AppID - ok
16:39:45.0287 0x15c4 [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:39:45.0318 0x15c4 AppIDSvc - ok
16:39:45.0381 0x15c4 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
16:39:45.0400 0x15c4 Appinfo - ok
16:39:45.0453 0x15c4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:39:45.0483 0x15c4 AppMgmt - ok
16:39:45.0524 0x15c4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:39:45.0536 0x15c4 arc - ok
16:39:45.0554 0x15c4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:39:45.0568 0x15c4 arcsas - ok
16:39:45.0661 0x15c4 [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:39:45.0681 0x15c4 aspnet_state - ok
16:39:45.0704 0x15c4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:39:45.0734 0x15c4 AsyncMac - ok
16:39:45.0772 0x15c4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:39:45.0778 0x15c4 atapi - ok
16:39:45.0820 0x15c4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:39:45.0846 0x15c4 AudioEndpointBuilder - ok
16:39:45.0861 0x15c4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:39:45.0878 0x15c4 AudioSrv - ok
16:39:45.0894 0x15c4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:39:45.0919 0x15c4 AxInstSV - ok
16:39:45.0973 0x15c4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:39:46.0015 0x15c4 b06bdrv - ok
16:39:46.0050 0x15c4 [ 087EE7E0CC7EB956D19D6FA0802552AE, 3B0E98030CECBA6523D4BFFA4D07B4553384BBDDFE44D2A20E7E4995E8527ECF ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:39:46.0067 0x15c4 b57nd60a - ok
16:39:46.0100 0x15c4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:39:46.0116 0x15c4 BDESVC - ok
16:39:46.0137 0x15c4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:39:46.0169 0x15c4 Beep - ok
16:39:46.0225 0x15c4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:39:46.0270 0x15c4 BFE - ok
16:39:46.0312 0x15c4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:39:46.0348 0x15c4 BITS - ok
16:39:46.0387 0x15c4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:39:46.0413 0x15c4 blbdrive - ok
16:39:46.0507 0x15c4 [ 6D625A18DDFCD0464B914B71293AD837, 716D6B971B5D615E239418F29403DA1259602F4990CF5A58001C5EC27CE579CE ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:39:46.0536 0x15c4 Bluetooth Device Monitor - ok
16:39:46.0577 0x15c4 [ 74B2BF80D966CFE8BC8005D19E40608D, AAC715D7CE5D123D90DE168F083FBCBB29E753A07A8C92D0966BAF3560C5F090 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
16:39:46.0604 0x15c4 Bluetooth Media Service - ok
16:39:46.0651 0x15c4 [ 707BF27D30ADAB7798C69D5BF41C7131, 5F31253052C4977753BA0F262BBF5157E1826C47C2AA0C0F84711C2342733B7A ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
16:39:46.0674 0x15c4 Bluetooth OBEX Service - ok
16:39:46.0711 0x15c4 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:39:46.0744 0x15c4 bowser - ok
16:39:46.0777 0x15c4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:39:46.0797 0x15c4 BrFiltLo - ok
16:39:46.0815 0x15c4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:39:46.0834 0x15c4 BrFiltUp - ok
16:39:46.0873 0x15c4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:39:46.0898 0x15c4 Browser - ok
16:39:46.0912 0x15c4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:39:46.0932 0x15c4 Brserid - ok
16:39:46.0951 0x15c4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:39:46.0961 0x15c4 BrSerWdm - ok
16:39:46.0983 0x15c4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:39:47.0006 0x15c4 BrUsbMdm - ok
16:39:47.0008 0x15c4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:39:47.0027 0x15c4 BrUsbSer - ok
16:39:47.0118 0x15c4 [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
16:39:47.0142 0x15c4 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
16:39:47.0582 0x15c4 Detect skipped due to KSN trusted
16:39:47.0582 0x15c4 BrYNSvc - ok
16:39:47.0620 0x15c4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
16:39:47.0649 0x15c4 BthEnum - ok
16:39:47.0669 0x15c4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:39:47.0698 0x15c4 BTHMODEM - ok
16:39:47.0715 0x15c4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:39:47.0732 0x15c4 BthPan - ok
16:39:47.0760 0x15c4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
16:39:47.0807 0x15c4 BTHPORT - ok
16:39:47.0833 0x15c4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:39:47.0870 0x15c4 bthserv - ok
16:39:47.0892 0x15c4 [ 618AFD0072F4A672977484BFF6FE4FE2, 0F234937C781718F6C7A7791D9BC4036F83F69D0E8BF21D1AFC0F799FE54742D ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
16:39:47.0899 0x15c4 BTHSSecurityMgr - ok
16:39:47.0918 0x15c4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
16:39:47.0938 0x15c4 BTHUSB - ok
16:39:47.0962 0x15c4 [ 3676BEAA7D842047D30E95D59B241F22, 615C42D93C8D2A682C067AB6894042C2BB6EC3F75CC2FF2C3A1E2BB7E8B327EA ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
16:39:47.0976 0x15c4 btmaux - ok
16:39:48.0021 0x15c4 [ FA0E7B5AFB8FD335234916764A2D6CF9, 6BEEB2130FD4B6A13870A0360D46173784F9E22E5A7A1F232FEBCE68B34B956F ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
16:39:48.0059 0x15c4 btmhsf - ok
16:39:48.0070 0x15c4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:39:48.0104 0x15c4 cdfs - ok
16:39:48.0142 0x15c4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:39:48.0163 0x15c4 cdrom - ok
16:39:48.0188 0x15c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:39:48.0253 0x15c4 CertPropSvc - ok
16:39:48.0307 0x15c4 [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
16:39:48.0323 0x15c4 chip1click - detected UnsignedFile.Multi.Generic ( 1 )
16:39:48.0649 0x15c4 Detect skipped due to KSN trusted
16:39:48.0649 0x15c4 chip1click - ok
16:39:48.0667 0x15c4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:39:48.0689 0x15c4 circlass - ok
16:39:48.0735 0x15c4 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
16:39:48.0773 0x15c4 CLFS - ok
16:39:48.0848 0x15c4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:39:48.0866 0x15c4 clr_optimization_v2.0.50727_32 - ok
16:39:48.0907 0x15c4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:39:48.0925 0x15c4 clr_optimization_v2.0.50727_64 - ok
16:39:48.0984 0x15c4 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:39:48.0997 0x15c4 clr_optimization_v4.0.30319_32 - ok
16:39:49.0015 0x15c4 [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:39:49.0038 0x15c4 clr_optimization_v4.0.30319_64 - ok
16:39:49.0071 0x15c4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:39:49.0091 0x15c4 CmBatt - ok
16:39:49.0103 0x15c4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:39:49.0113 0x15c4 cmdide - ok
16:39:49.0150 0x15c4 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
16:39:49.0173 0x15c4 CNG - ok
16:39:49.0241 0x15c4 [ 20C7E93B64235A7AAE47662531C27C32, 78F0203042BF3EF8A78E01F2FEE2F3A2A54D1772AD0C61A767F8EBB6CC8D3ADC ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
16:39:49.0295 0x15c4 CnxtHdAudService - ok
16:39:49.0324 0x15c4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:39:49.0331 0x15c4 Compbatt - ok
16:39:49.0349 0x15c4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:39:49.0367 0x15c4 CompositeBus - ok
16:39:49.0380 0x15c4 COMSysApp - ok
16:39:49.0454 0x15c4 [ 52FB12898C1A2AB00D378E52C9A5AD23, 135242B31BFFF931E99B6081FD1AC347676976A5C1E2AD50FC4C5D5802CA5626 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:39:49.0470 0x15c4 cphs - ok
16:39:49.0499 0x15c4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:39:49.0506 0x15c4 crcdisk - ok
16:39:49.0555 0x15c4 [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:39:49.0595 0x15c4 CryptSvc - ok
16:39:49.0638 0x15c4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:39:49.0686 0x15c4 CSC - ok
16:39:49.0724 0x15c4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:39:49.0763 0x15c4 CscService - ok
16:39:49.0823 0x15c4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
16:39:49.0852 0x15c4 DcomLaunch - ok
16:39:49.0875 0x15c4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:39:49.0933 0x15c4 defragsvc - ok
16:39:50.0074 0x15c4 [ 0B24043732807EE3AA25389356F4DE7C, 6A9A65B38968FF704C3938BEF5E6C1226447FF4F78997473B1694EA8D3D519DF ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
16:39:50.0152 0x15c4 DevoloNetworkService - ok
16:39:50.0185 0x15c4 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:39:50.0205 0x15c4 DfsC - ok
16:39:50.0258 0x15c4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:39:50.0303 0x15c4 Dhcp - ok
16:39:50.0399 0x15c4 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
16:39:50.0456 0x15c4 DiagTrack - ok
16:39:50.0492 0x15c4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:39:50.0524 0x15c4 discache - ok
16:39:50.0584 0x15c4 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
16:39:50.0603 0x15c4 Disk - ok
16:39:50.0618 0x15c4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:39:50.0650 0x15c4 dmvsc - ok
16:39:50.0690 0x15c4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:39:50.0713 0x15c4 Dnscache - ok
16:39:50.0738 0x15c4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:39:50.0775 0x15c4 dot3svc - ok
16:39:50.0803 0x15c4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:39:50.0836 0x15c4 DPS - ok
16:39:50.0879 0x15c4 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:39:50.0888 0x15c4 drmkaud - ok
16:39:50.0930 0x15c4 [ 7F08ECF01912BDE788C5C7081AF297D3, 7AAA22CEE85A94615DFB14953ED190E8042C183C02586371B47E4CA498E3536A ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
16:39:50.0944 0x15c4 DsiWMIService - ok
16:39:50.0992 0x15c4 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:39:51.0035 0x15c4 DXGKrnl - ok
16:39:51.0078 0x15c4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:39:51.0110 0x15c4 EapHost - ok
16:39:51.0227 0x15c4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:39:51.0340 0x15c4 ebdrv - ok
16:39:51.0368 0x15c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS C:\Windows\System32\lsass.exe
16:39:51.0376 0x15c4 EFS - ok
16:39:51.0446 0x15c4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:39:51.0489 0x15c4 ehRecvr - ok
16:39:51.0506 0x15c4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:39:51.0530 0x15c4 ehSched - ok
16:39:51.0588 0x15c4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:39:51.0624 0x15c4 elxstor - ok
16:39:51.0726 0x15c4 [ 76B978AD795A7E71C48390B000F6023F, 0A398C0FD9F72A0865343E2153F1F4CFA9EE375DC77E87FBDE38A1A8CA3061EB ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
16:39:51.0757 0x15c4 ePowerSvc - ok
16:39:51.0767 0x15c4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:39:51.0787 0x15c4 ErrDev - ok
16:39:51.0834 0x15c4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:39:51.0863 0x15c4 EventSystem - ok
16:39:51.0976 0x15c4 [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:39:51.0997 0x15c4 EvtEng - ok
16:39:52.0066 0x15c4 [ 17114BBC8BEC3CFB4193DC0E2BCA0685, 08B4EF5FC4D013C93B6C462A96E1907CAA6832F01D108E8F589D93C4459ADB51 ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys
16:39:52.0102 0x15c4 ewusbmbb - ok
16:39:52.0123 0x15c4 [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
16:39:52.0139 0x15c4 ew_usbenumfilter - ok
16:39:52.0171 0x15c4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:39:52.0195 0x15c4 exfat - ok
16:39:52.0208 0x15c4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:39:52.0246 0x15c4 fastfat - ok
16:39:52.0316 0x15c4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:39:52.0351 0x15c4 Fax - ok
16:39:52.0371 0x15c4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
16:39:52.0392 0x15c4 fdc - ok
16:39:52.0419 0x15c4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:39:52.0451 0x15c4 fdPHost - ok
16:39:52.0463 0x15c4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:39:52.0486 0x15c4 FDResPub - ok
16:39:52.0503 0x15c4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:39:52.0510 0x15c4 FileInfo - ok
16:39:52.0517 0x15c4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:39:52.0546 0x15c4 Filetrace - ok
16:39:52.0574 0x15c4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:39:52.0581 0x15c4 flpydisk - ok
16:39:52.0598 0x15c4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:39:52.0610 0x15c4 FltMgr - ok
16:39:52.0683 0x15c4 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
16:39:52.0738 0x15c4 FontCache - ok
16:39:52.0784 0x15c4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:39:52.0797 0x15c4 FontCache3.0.0.0 - ok
16:39:52.0830 0x15c4 [ D0DB8215A1508D367481783CBE196D5B, C4EEE2D078067859C4700DC1B4B5B613AFAF60401AB76CBDBB7D378579B357F5 ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys
16:39:52.0841 0x15c4 FPSensor - ok
16:39:52.0859 0x15c4 [ 493CD45496CE67446D6A42CBE9B60D4D, C8D8349B5FA35213E7392266B31428E3CEF10A15C90C82B7F773DEA2D7BB4D6B ] FPWinIo C:\Windows\system32\DRIVERS\FPWinIo.sys
16:39:52.0870 0x15c4 FPWinIo - ok
16:39:52.0896 0x15c4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:39:52.0908 0x15c4 FsDepends - ok
16:39:52.0923 0x15c4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:39:52.0934 0x15c4 Fs_Rec - ok
16:39:52.0965 0x15c4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:39:52.0985 0x15c4 fvevol - ok
16:39:53.0011 0x15c4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:39:53.0019 0x15c4 gagp30kx - ok
16:39:53.0051 0x15c4 [ A28F068F74FFB64B9DEA922D267801BE, F4C9904C3206DC039DD539B8B073EB85FAD47982C5455B7085E73D329B1F4221 ] GemCCID C:\Windows\system32\Drivers\GemCCID.sys
16:39:53.0074 0x15c4 GemCCID - ok
16:39:53.0132 0x15c4 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
16:39:53.0185 0x15c4 gpsvc - ok
16:39:53.0252 0x15c4 [ 32096F187020A54D29C95B3A1467D963, 2A50686C1FC921B02F6B7472AC09B2CFD9DE290D22DD0342A94AB8E95AC3DC6C ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
16:39:53.0264 0x15c4 GREGService - ok
16:39:53.0298 0x15c4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:39:53.0322 0x15c4 hcw85cir - ok
16:39:53.0345 0x15c4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:39:53.0374 0x15c4 HdAudAddService - ok
16:39:53.0409 0x15c4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:39:53.0425 0x15c4 HDAudBus - ok
16:39:53.0436 0x15c4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:39:53.0443 0x15c4 HidBatt - ok
16:39:53.0456 0x15c4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:39:53.0471 0x15c4 HidBth - ok
16:39:53.0498 0x15c4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:39:53.0518 0x15c4 HidIr - ok
16:39:53.0547 0x15c4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:39:53.0586 0x15c4 hidserv - ok
16:39:53.0638 0x15c4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:39:53.0654 0x15c4 HidUsb - ok
16:39:53.0678 0x15c4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:39:53.0727 0x15c4 hkmsvc - ok
16:39:53.0743 0x15c4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:39:53.0771 0x15c4 HomeGroupListener - ok
16:39:53.0799 0x15c4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:39:53.0824 0x15c4 HomeGroupProvider - ok
16:39:53.0862 0x15c4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:39:53.0870 0x15c4 HpSAMD - ok
16:39:53.0906 0x15c4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:39:53.0941 0x15c4 HTTP - ok
16:39:53.0971 0x15c4 [ 871DE49EFF65CEABF15415F93148DF5A, 8FD66237135BB2A405CA6F0BDFE9163161123F5AEE89A37A8C4ABFF1C9E20A91 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
16:39:53.0992 0x15c4 huawei_enumerator - ok
16:39:54.0010 0x15c4 [ 24FA6177FE55C4BC045EC87E39F90688, 14B6EF152CE5293BB549A8FA069BEBC34C8C6B9796A6AA94B0AB6ADBEC3819C1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:39:54.0030 0x15c4 hwdatacard - ok
16:39:54.0070 0x15c4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:39:54.0076 0x15c4 hwpolicy - ok
16:39:54.0087 0x15c4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:39:54.0096 0x15c4 i8042prt - ok
16:39:54.0135 0x15c4 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:39:54.0150 0x15c4 iaStor - ok
16:39:54.0190 0x15c4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:39:54.0204 0x15c4 iaStorV - ok
16:39:54.0233 0x15c4 [ 653A38B868A5F20BB506AB57AC41B936, 041DDE862826586CE30F28F4BAE43CCF2079375767B3BA77543FEC5772E5644A ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
16:39:54.0240 0x15c4 ibtfltcoex - ok
16:39:54.0302 0x15c4 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
16:39:54.0320 0x15c4 ICCS - ok
16:39:54.0359 0x15c4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:39:54.0389 0x15c4 idsvc - ok
16:39:54.0400 0x15c4 IEEtwCollectorService - ok
16:39:54.0561 0x15c4 [ 51D4A73F5262CBF3513933C6AB81AD64, 747E95A197ECFFCB9285BD2A65E0EE8108141F401ECDB51300277D8FFAAC07B1 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:39:54.0744 0x15c4 igfx - ok
16:39:54.0768 0x15c4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:39:54.0776 0x15c4 iirsp - ok
16:39:54.0809 0x15c4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:39:54.0860 0x15c4 IKEEXT - ok
16:39:54.0896 0x15c4 [ A387D6DE360C3B2284B23000B212910A, 1DEAFDB1C9A467E437714E753292313F58526B6D719C2B21BD23C6F2F0389251 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:39:54.0904 0x15c4 intaud_WaveExtensible - ok
16:39:54.0953 0x15c4 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:39:54.0989 0x15c4 IntcDAud - ok
16:39:55.0051 0x15c4 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:39:55.0071 0x15c4 Intel(R) Capability Licensing Service Interface - ok
16:39:55.0106 0x15c4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:39:55.0120 0x15c4 intelide - ok
16:39:55.0150 0x15c4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:39:55.0182 0x15c4 intelppm - ok
16:39:55.0223 0x15c4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:39:55.0258 0x15c4 IPBusEnum - ok
16:39:55.0277 0x15c4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:39:55.0305 0x15c4 IpFilterDriver - ok
16:39:55.0329 0x15c4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:39:55.0368 0x15c4 iphlpsvc - ok
16:39:55.0397 0x15c4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:39:55.0406 0x15c4 IPMIDRV - ok
16:39:55.0450 0x15c4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:39:55.0483 0x15c4 IPNAT - ok
16:39:55.0503 0x15c4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:39:55.0521 0x15c4 IRENUM - ok
16:39:55.0542 0x15c4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:39:55.0548 0x15c4 isapnp - ok
16:39:55.0581 0x15c4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:39:55.0593 0x15c4 iScsiPrt - ok
16:39:55.0627 0x15c4 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
16:39:55.0633 0x15c4 iusb3hcs - ok
16:39:55.0670 0x15c4 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
16:39:55.0682 0x15c4 iusb3hub - ok
16:39:55.0729 0x15c4 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
16:39:55.0756 0x15c4 iusb3xhc - ok
16:39:55.0816 0x15c4 [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
16:39:55.0831 0x15c4 IviRegMgr - ok
16:39:55.0858 0x15c4 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
16:39:55.0867 0x15c4 iwdbus - ok
16:39:55.0922 0x15c4 [ B443D3D1B6F21C2B424E49491B65C488, 1C868237247005E49EF6C38EC04C5D58E94DB03755310095CC56A85333BE3969 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:39:55.0940 0x15c4 jhi_service - ok
16:39:55.0956 0x15c4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:39:55.0964 0x15c4 kbdclass - ok
16:39:55.0988 0x15c4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:39:55.0996 0x15c4 kbdhid - ok
16:39:56.0006 0x15c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso C:\Windows\system32\lsass.exe
16:39:56.0014 0x15c4 KeyIso - ok
16:39:56.0044 0x15c4 [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:39:56.0051 0x15c4 KSecDD - ok
16:39:56.0063 0x15c4 [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:39:56.0071 0x15c4 KSecPkg - ok
16:39:56.0086 0x15c4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:39:56.0118 0x15c4 ksthunk - ok
16:39:56.0166 0x15c4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:39:56.0225 0x15c4 KtmRm - ok
16:39:56.0276 0x15c4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:39:56.0324 0x15c4 LanmanServer - ok
16:39:56.0362 0x15c4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:39:56.0386 0x15c4 LanmanWorkstation - ok
16:39:56.0430 0x15c4 [ C7020E0182EE86488E8C2CFBBBCBF502, 0EE1DCE28F62FEF27CA19194BB9D0E40275C86A97A15E8AF264560E4C4353EDD ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
16:39:56.0457 0x15c4 Live Updater Service - ok
16:39:56.0490 0x15c4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:39:56.0550 0x15c4 lltdio - ok
16:39:56.0587 0x15c4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:39:56.0631 0x15c4 lltdsvc - ok
16:39:56.0646 0x15c4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:39:56.0677 0x15c4 lmhosts - ok
16:39:56.0720 0x15c4 [ 9BE23DF9B1FC56F58DD0F28CC187E713, 1D9D95838A588B59A9553637DEC80CC2B6BD7FE68C053AA4EAA35061FEF47546 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:39:56.0730 0x15c4 LMS - ok
16:39:56.0777 0x15c4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:39:56.0785 0x15c4 LSI_FC - ok
16:39:56.0797 0x15c4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:39:56.0804 0x15c4 LSI_SAS - ok
16:39:56.0817 0x15c4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:39:56.0824 0x15c4 LSI_SAS2 - ok
16:39:56.0838 0x15c4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:39:56.0846 0x15c4 LSI_SCSI - ok
16:39:56.0864 0x15c4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:39:56.0899 0x15c4 luafv - ok
16:39:56.0929 0x15c4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:39:56.0938 0x15c4 Mcx2Svc - ok
16:39:56.0957 0x15c4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:39:56.0964 0x15c4 megasas - ok
16:39:56.0986 0x15c4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:39:56.0997 0x15c4 MegaSR - ok
16:39:57.0031 0x15c4 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:39:57.0039 0x15c4 MEIx64 - ok
16:39:57.0090 0x15c4 Microsoft SharePoint Workspace Audit Service - ok
16:39:57.0120 0x15c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:39:57.0183 0x15c4 MMCSS - ok
16:39:57.0209 0x15c4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:39:57.0239 0x15c4 Modem - ok
16:39:57.0258 0x15c4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:39:57.0267 0x15c4 monitor - ok
16:39:57.0290 0x15c4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:39:57.0297 0x15c4 mouclass - ok
16:39:57.0317 0x15c4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:39:57.0324 0x15c4 mouhid - ok
16:39:57.0352 0x15c4 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:39:57.0359 0x15c4 mountmgr - ok
16:39:57.0414 0x15c4 [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:39:57.0424 0x15c4 MozillaMaintenance - ok
16:39:57.0446 0x15c4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:39:57.0455 0x15c4 mpio - ok
16:39:57.0475 0x15c4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:39:57.0498 0x15c4 mpsdrv - ok
16:39:57.0540 0x15c4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:39:57.0591 0x15c4 MpsSvc - ok
16:39:57.0626 0x15c4 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:39:57.0670 0x15c4 MRxDAV - ok
16:39:57.0713 0x15c4 [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:39:57.0738 0x15c4 mrxsmb - ok
16:39:57.0788 0x15c4 [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:39:57.0829 0x15c4 mrxsmb10 - ok
16:39:57.0861 0x15c4 [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:39:57.0883 0x15c4 mrxsmb20 - ok
16:39:57.0913 0x15c4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:39:57.0928 0x15c4 msahci - ok
16:39:57.0957 0x15c4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:39:57.0976 0x15c4 msdsm - ok
16:39:57.0994 0x15c4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:39:58.0034 0x15c4 MSDTC - ok
16:39:58.0059 0x15c4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:39:58.0103 0x15c4 Msfs - ok
16:39:58.0106 0x15c4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:39:58.0128 0x15c4 mshidkmdf - ok
16:39:58.0139 0x15c4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:39:58.0145 0x15c4 msisadrv - ok
16:39:58.0174 0x15c4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:39:58.0212 0x15c4 MSiSCSI - ok
16:39:58.0215 0x15c4 msiserver - ok
16:39:58.0230 0x15c4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:39:58.0252 0x15c4 MSKSSRV - ok
16:39:58.0280 0x15c4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:39:58.0333 0x15c4 MSPCLOCK - ok
16:39:58.0346 0x15c4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:39:58.0369 0x15c4 MSPQM - ok
16:39:58.0388 0x15c4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:39:58.0400 0x15c4 MsRPC - ok
16:39:58.0412 0x15c4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:39:58.0418 0x15c4 mssmbios - ok
16:39:58.0445 0x15c4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:39:58.0476 0x15c4 MSTEE - ok
16:39:58.0486 0x15c4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:39:58.0502 0x15c4 MTConfig - ok
16:39:58.0516 0x15c4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:39:58.0523 0x15c4 Mup - ok
16:39:58.0574 0x15c4 [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:39:58.0592 0x15c4 MyWiFiDHCPDNS - ok
16:39:58.0619 0x15c4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:39:58.0663 0x15c4 napagent - ok
16:39:58.0703 0x15c4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:39:58.0731 0x15c4 NativeWifiP - ok
16:39:58.0809 0x15c4 [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
16:39:58.0836 0x15c4 NAUpdate - ok
16:39:58.0896 0x15c4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:39:58.0927 0x15c4 NDIS - ok
16:39:58.0960 0x15c4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:39:58.0991 0x15c4 NdisCap - ok
16:39:59.0011 0x15c4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:39:59.0047 0x15c4 NdisTapi - ok
16:39:59.0085 0x15c4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:39:59.0106 0x15c4 Ndisuio - ok
16:39:59.0133 0x15c4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:39:59.0171 0x15c4 NdisWan - ok
16:39:59.0192 0x15c4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:39:59.0213 0x15c4 NDProxy - ok
16:39:59.0229 0x15c4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:39:59.0262 0x15c4 NetBIOS - ok
16:39:59.0293 0x15c4 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:39:59.0319 0x15c4 NetBT - ok
16:39:59.0339 0x15c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon C:\Windows\system32\lsass.exe
16:39:59.0346 0x15c4 Netlogon - ok
16:39:59.0375 0x15c4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:39:59.0404 0x15c4 Netman - ok
16:39:59.0475 0x15c4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:39:59.0497 0x15c4 NetMsmqActivator - ok
16:39:59.0531 0x15c4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:39:59.0550 0x15c4 NetPipeActivator - ok
16:39:59.0583 0x15c4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:39:59.0617 0x15c4 netprofm - ok
16:39:59.0721 0x15c4 [ 48849194AB6108158913FFE4EEDB73A3, 442E253EF12310FCD8D8A75A300B7E23542076A81ECE51E898061F76A9898383 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
16:39:59.0824 0x15c4 netr28ux - ok
16:39:59.0860 0x15c4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:39:59.0869 0x15c4 NetTcpActivator - ok
16:39:59.0873 0x15c4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:39:59.0883 0x15c4 NetTcpPortSharing - ok
16:40:00.0183 0x15c4 [ 47DC062656EA661FE9175DBACAD00E9D, 508CD435420C0EA2E5943BFE1B4687ECBFB9602209A539B213C5197A16BFF816 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
16:40:00.0518 0x15c4 NETwNs64 - ok
16:40:00.0582 0x15c4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:40:00.0598 0x15c4 nfrd960 - ok
16:40:00.0634 0x15c4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:40:00.0660 0x15c4 NlaSvc - ok
16:40:00.0773 0x15c4 [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
16:40:00.0822 0x15c4 NOBU - ok
16:40:00.0840 0x15c4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:40:00.0862 0x15c4 Npfs - ok
16:40:00.0951 0x15c4 [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo C:\Windows\sysWOW64\drivers\npf_devolo.sys
16:40:00.0966 0x15c4 NPF_devolo - ok
16:40:00.0994 0x15c4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:40:01.0037 0x15c4 nsi - ok
16:40:01.0043 0x15c4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:40:01.0081 0x15c4 nsiproxy - ok
16:40:01.0133 0x15c4 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:40:01.0166 0x15c4 Ntfs - ok
16:40:01.0182 0x15c4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:40:01.0215 0x15c4 Null - ok
16:40:01.0235 0x15c4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:40:01.0244 0x15c4 nvraid - ok
16:40:01.0255 0x15c4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:40:01.0264 0x15c4 nvstor - ok
16:40:01.0293 0x15c4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:40:01.0302 0x15c4 nv_agp - ok
16:40:01.0312 0x15c4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:40:01.0333 0x15c4 ohci1394 - ok
16:40:01.0408 0x15c4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:40:01.0425 0x15c4 ose - ok
16:40:01.0606 0x15c4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:40:01.0757 0x15c4 osppsvc - ok
16:40:01.0787 0x15c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:40:01.0806 0x15c4 p2pimsvc - ok
16:40:01.0840 0x15c4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:40:01.0873 0x15c4 p2psvc - ok
16:40:01.0902 0x15c4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:40:01.0911 0x15c4 Parport - ok
16:40:01.0929 0x15c4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:40:01.0936 0x15c4 partmgr - ok
16:40:01.0978 0x15c4 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
16:40:02.0007 0x15c4 PcaSvc - ok
16:40:02.0018 0x15c4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:40:02.0029 0x15c4 pci - ok
16:40:02.0060 0x15c4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:40:02.0066 0x15c4 pciide - ok
16:40:02.0078 0x15c4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:40:02.0088 0x15c4 pcmcia - ok
16:40:02.0098 0x15c4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:40:02.0105 0x15c4 pcw - ok
16:40:02.0172 0x15c4 [ 7CADB4ABAE72390951886CF259791F5F, 9A0F4113F4E09911A44843F31E8C7047EEA39611AB490A4CF16FAE9D95310076 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
16:40:02.0207 0x15c4 PDFProFiltSrvPP - ok
16:40:02.0264 0x15c4 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:40:02.0312 0x15c4 PEAUTH - ok
16:40:02.0371 0x15c4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:40:02.0408 0x15c4 PeerDistSvc - ok
16:40:02.0431 0x15c4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:40:02.0453 0x15c4 PerfHost - ok
16:40:02.0497 0x15c4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:40:02.0556 0x15c4 pla - ok
16:40:02.0590 0x15c4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:40:02.0605 0x15c4 PlugPlay - ok
16:40:02.0636 0x15c4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:40:02.0650 0x15c4 PNRPAutoReg - ok
16:40:02.0673 0x15c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:40:02.0685 0x15c4 PNRPsvc - ok
16:40:02.0725 0x15c4 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:40:02.0746 0x15c4 PolicyAgent - ok
16:40:02.0761 0x15c4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:40:02.0797 0x15c4 Power - ok
16:40:02.0824 0x15c4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:40:02.0847 0x15c4 PptpMiniport - ok
16:40:02.0858 0x15c4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:40:02.0876 0x15c4 Processor - ok
16:40:02.0902 0x15c4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:40:02.0928 0x15c4 ProfSvc - ok
16:40:02.0948 0x15c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:40:02.0955 0x15c4 ProtectedStorage - ok
16:40:02.0985 0x15c4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:40:03.0024 0x15c4 Psched - ok
16:40:03.0071 0x15c4 [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:40:03.0088 0x15c4 PSI_SVC_2 - ok
16:40:03.0137 0x15c4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:40:03.0188 0x15c4 ql2300 - ok
16:40:03.0219 0x15c4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:40:03.0228 0x15c4 ql40xx - ok
16:40:03.0261 0x15c4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:40:03.0277 0x15c4 QWAVE - ok
16:40:03.0285 0x15c4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:40:03.0314 0x15c4 QWAVEdrv - ok
16:40:03.0324 0x15c4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:40:03.0353 0x15c4 RasAcd - ok
16:40:03.0390 0x15c4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:40:03.0431 0x15c4 RasAgileVpn - ok
16:40:03.0453 0x15c4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:40:03.0494 0x15c4 RasAuto - ok
16:40:03.0514 0x15c4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:40:03.0538 0x15c4 Rasl2tp - ok
16:40:03.0557 0x15c4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:40:03.0593 0x15c4 RasMan - ok
16:40:03.0609 0x15c4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:40:03.0632 0x15c4 RasPppoe - ok
16:40:03.0651 0x15c4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:40:03.0689 0x15c4 RasSstp - ok
16:40:03.0720 0x15c4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:40:03.0747 0x15c4 rdbss - ok
16:40:03.0762 0x15c4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:40:03.0786 0x15c4 rdpbus - ok
16:40:03.0808 0x15c4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:40:03.0840 0x15c4 RDPCDD - ok
16:40:03.0856 0x15c4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:40:03.0866 0x15c4 RDPDR - ok
16:40:03.0883 0x15c4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:40:03.0917 0x15c4 RDPENCDD - ok
16:40:03.0941 0x15c4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:40:03.0976 0x15c4 RDPREFMP - ok
16:40:04.0052 0x15c4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:40:04.0071 0x15c4 RdpVideoMiniport - ok
16:40:04.0104 0x15c4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:40:04.0136 0x15c4 RDPWD - ok
16:40:04.0176 0x15c4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:40:04.0195 0x15c4 rdyboost - ok
16:40:04.0241 0x15c4 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:40:04.0249 0x15c4 RegSrvc - ok
16:40:04.0277 0x15c4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:40:04.0308 0x15c4 RemoteAccess - ok
16:40:04.0335 0x15c4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:40:04.0381 0x15c4 RemoteRegistry - ok
16:40:04.0431 0x15c4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:40:04.0462 0x15c4 RFCOMM - ok
16:40:04.0476 0x15c4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:40:04.0523 0x15c4 RpcEptMapper - ok
16:40:04.0548 0x15c4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:40:04.0579 0x15c4 RpcLocator - ok
16:40:04.0645 0x15c4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
16:40:04.0678 0x15c4 RpcSs - ok
16:40:04.0719 0x15c4 [ 294CEFA27ED078654A310D167024EAE1, F0169C29A5B68EEE7AA84C09AB5121A515767C9E8C6659FAA990EE9380A61B46 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
16:40:04.0733 0x15c4 RSPCIESTOR - ok
16:40:04.0760 0x15c4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:40:04.0796 0x15c4 rspndr - ok
16:40:04.0820 0x15c4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:40:04.0827 0x15c4 s3cap - ok
16:40:04.0841 0x15c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs C:\Windows\system32\lsass.exe
16:40:04.0848 0x15c4 SamSs - ok
16:40:04.0867 0x15c4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:40:04.0875 0x15c4 sbp2port - ok
16:40:04.0910 0x15c4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:40:04.0949 0x15c4 SCardSvr - ok
16:40:04.0968 0x15c4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:40:04.0990 0x15c4 scfilter - ok
16:40:05.0032 0x15c4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
16:40:05.0091 0x15c4 Schedule - ok
16:40:05.0114 0x15c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:40:05.0136 0x15c4 SCPolicySvc - ok
16:40:05.0160 0x15c4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:40:05.0178 0x15c4 SDRSVC - ok
16:40:05.0212 0x15c4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:40:05.0228 0x15c4 secdrv - ok
16:40:05.0262 0x15c4 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
16:40:05.0291 0x15c4 seclogon - ok
16:40:05.0309 0x15c4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:40:05.0348 0x15c4 SENS - ok
16:40:05.0378 0x15c4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:40:05.0396 0x15c4 SensrSvc - ok
16:40:05.0421 0x15c4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:40:05.0429 0x15c4 Serenum - ok
16:40:05.0452 0x15c4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
16:40:05.0475 0x15c4 Serial - ok
16:40:05.0494 0x15c4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:40:05.0501 0x15c4 sermouse - ok
16:40:05.0524 0x15c4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:40:05.0548 0x15c4 SessionEnv - ok
16:40:05.0564 0x15c4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:40:05.0573 0x15c4 sffdisk - ok
16:40:05.0584 0x15c4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:40:05.0606 0x15c4 sffp_mmc - ok
16:40:05.0609 0x15c4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:40:05.0622 0x15c4 sffp_sd - ok
16:40:05.0630 0x15c4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:40:05.0645 0x15c4 sfloppy - ok
16:40:05.0683 0x15c4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:40:05.0726 0x15c4 SharedAccess - ok
16:40:05.0766 0x15c4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:40:05.0803 0x15c4 ShellHWDetection - ok
16:40:05.0823 0x15c4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:40:05.0829 0x15c4 SiSRaid2 - ok
16:40:05.0849 0x15c4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:40:05.0856 0x15c4 SiSRaid4 - ok
16:40:05.0903 0x15c4 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:40:05.0916 0x15c4 SkypeUpdate - ok
16:40:05.0938 0x15c4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:40:05.0961 0x15c4 Smb - ok
16:40:05.0983 0x15c4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:40:05.0991 0x15c4 SNMPTRAP - ok
16:40:06.0063 0x15c4 [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
16:40:06.0081 0x15c4 Sony PC Companion - ok
16:40:06.0101 0x15c4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:40:06.0109 0x15c4 spldr - ok
16:40:06.0131 0x15c4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:40:06.0159 0x15c4 Spooler - ok
16:40:06.0278 0x15c4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:40:06.0371 0x15c4 sppsvc - ok
16:40:06.0392 0x15c4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:40:06.0416 0x15c4 sppuinotify - ok
16:40:06.0458 0x15c4 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:40:06.0474 0x15c4 srv - ok
16:40:06.0512 0x15c4 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:40:06.0556 0x15c4 srv2 - ok
16:40:06.0596 0x15c4 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:40:06.0618 0x15c4 srvnet - ok
16:40:06.0636 0x15c4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:40:06.0676 0x15c4 SSDPSRV - ok
16:40:06.0691 0x15c4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:40:06.0714 0x15c4 SstpSvc - ok
16:40:06.0742 0x15c4 [ E4EA2412FB1B8AEE33667A9CC6D456A4, E553D07BBD98CB026033D7D10D859795682D1BFCB9D33D494177B2E747EA5064 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
16:40:06.0747 0x15c4 stdcfltn - ok
16:40:06.0765 0x15c4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:40:06.0772 0x15c4 stexstor - ok
16:40:06.0838 0x15c4 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:40:06.0863 0x15c4 StillCam - ok
16:40:06.0928 0x15c4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:40:07.0016 0x15c4 stisvc - ok
16:40:07.0050 0x15c4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:40:07.0061 0x15c4 storflt - ok
16:40:07.0084 0x15c4 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
16:40:07.0108 0x15c4 StorSvc - ok
16:40:07.0139 0x15c4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:40:07.0149 0x15c4 storvsc - ok
16:40:07.0186 0x15c4 [ 10D69C83513B50F34032F7F96E40019D, 8B941AB6867197FE219CB316E8566B7A2F122178561E9A1D88A4B19398EFAC2C ] ST_ACCEL C:\Windows\system32\DRIVERS\ST_ACCEL.sys
16:40:07.0195 0x15c4 ST_ACCEL - ok
16:40:07.0213 0x15c4 SunkFilt - ok
16:40:07.0222 0x15c4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:40:07.0232 0x15c4 swenum - ok
16:40:07.0266 0x15c4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:40:07.0310 0x15c4 swprv - ok
16:40:07.0372 0x15c4 [ 99F744352A574F6C4830F9F042B128E9, F592C9DE87E0B6F51ADAA4E496B644AD62398D50D9491E1ED899C2E17930A545 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:40:07.0391 0x15c4 SynTP - ok
16:40:07.0477 0x15c4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
16:40:07.0548 0x15c4 SysMain - ok
16:40:07.0574 0x15c4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:40:07.0614 0x15c4 TabletInputService - ok
16:40:07.0645 0x15c4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:40:07.0689 0x15c4 TapiSrv - ok
16:40:07.0779 0x15c4 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:40:07.0839 0x15c4 Tcpip - ok
16:40:07.0909 0x15c4 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:40:07.0946 0x15c4 TCPIP6 - ok
16:40:07.0984 0x15c4 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:40:08.0006 0x15c4 tcpipreg - ok
16:40:08.0030 0x15c4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:40:08.0037 0x15c4 TDPIPE - ok
16:40:08.0041 0x15c4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:40:08.0059 0x15c4 TDTCP - ok
16:40:08.0083 0x15c4 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:40:08.0114 0x15c4 tdx - ok
16:40:08.0142 0x15c4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:40:08.0155 0x15c4 TermDD - ok
16:40:08.0209 0x15c4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:40:08.0260 0x15c4 TermService - ok
16:40:08.0288 0x15c4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:40:08.0312 0x15c4 Themes - ok
16:40:08.0343 0x15c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:40:08.0366 0x15c4 THREADORDER - ok
16:40:08.0431 0x15c4 [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM C:\Windows\system32\drivers\tpm.sys
16:40:08.0452 0x15c4 TPM - ok
16:40:08.0470 0x15c4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:40:08.0502 0x15c4 TrkWks - ok
16:40:08.0550 0x15c4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:40:08.0612 0x15c4 TrustedInstaller - ok
16:40:08.0639 0x15c4 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:40:08.0653 0x15c4 tssecsrv - ok
16:40:08.0684 0x15c4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:40:08.0699 0x15c4 TsUsbFlt - ok
16:40:08.0718 0x15c4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:40:08.0733 0x15c4 TsUsbGD - ok
16:40:08.0762 0x15c4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:40:08.0786 0x15c4 tunnel - ok
16:40:08.0825 0x15c4 [ 20155CF5FB9F7902178D7D5CDC7C0F90, 151043D6F1D7D3419FB4AA8D76229CFF99ECAA89297421C2137DE609E5A2B368 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
16:40:08.0839 0x15c4 TurboB - ok
16:40:08.0882 0x15c4 [ E00FC2B80837C29817A3A082717B8C48, 8028C16FB0579EADAAA092B5F197125C716AF1C64C43F9FADF725D3E1109F1BD ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:40:08.0900 0x15c4 TurboBoost - ok
16:40:08.0915 0x15c4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:40:08.0923 0x15c4 uagp35 - ok
16:40:08.0954 0x15c4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:40:08.0996 0x15c4 udfs - ok
16:40:09.0023 0x15c4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:40:09.0033 0x15c4 UI0Detect - ok
16:40:09.0055 0x15c4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:40:09.0062 0x15c4 uliagpkx - ok
16:40:09.0088 0x15c4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:40:09.0104 0x15c4 umbus - ok
16:40:09.0113 0x15c4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:40:09.0137 0x15c4 UmPass - ok
16:40:09.0166 0x15c4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:40:09.0178 0x15c4 UmRdpService - ok
16:40:09.0255 0x15c4 [ 30FF46EABCA1BB18E4F357492A8F7FC9, 486CBF02CA089684F222FA52756C5442FE3F3AA5E89D814B6E7C4F411DECC86B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:40:09.0268 0x15c4 UNS - ok
16:40:09.0298 0x15c4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:40:09.0341 0x15c4 upnphost - ok
16:40:09.0363 0x15c4 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:40:09.0389 0x15c4 usbccgp - ok
16:40:09.0412 0x15c4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:40:09.0422 0x15c4 usbcir - ok
16:40:09.0449 0x15c4 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:40:09.0474 0x15c4 usbehci - ok
16:40:09.0499 0x15c4 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
16:40:09.0521 0x15c4 usbhub - ok
16:40:09.0552 0x15c4 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:40:09.0578 0x15c4 usbohci - ok
16:40:09.0617 0x15c4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:40:09.0652 0x15c4 usbprint - ok
16:40:09.0689 0x15c4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:40:09.0701 0x15c4 usbscan - ok
16:40:09.0727 0x15c4 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:40:09.0740 0x15c4 USBSTOR - ok
16:40:09.0765 0x15c4 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:40:09.0772 0x15c4 usbuhci - ok
16:40:09.0817 0x15c4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:40:09.0838 0x15c4 usbvideo - ok
16:40:09.0867 0x15c4 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
16:40:09.0884 0x15c4 usb_rndisx - ok
16:40:09.0906 0x15c4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:40:09.0930 0x15c4 UxSms - ok
16:40:09.0944 0x15c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc C:\Windows\system32\lsass.exe
16:40:09.0951 0x15c4 VaultSvc - ok
16:40:09.0976 0x15c4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:40:09.0983 0x15c4 vdrvroot - ok
16:40:10.0008 0x15c4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:40:10.0053 0x15c4 vds - ok
16:40:10.0070 0x15c4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:40:10.0079 0x15c4 vga - ok
16:40:10.0097 0x15c4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:40:10.0119 0x15c4 VgaSave - ok
16:40:10.0141 0x15c4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:40:10.0152 0x15c4 vhdmp - ok
16:40:10.0184 0x15c4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:40:10.0191 0x15c4 viaide - ok
16:40:10.0213 0x15c4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:40:10.0223 0x15c4 vmbus - ok
16:40:10.0232 0x15c4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:40:10.0239 0x15c4 VMBusHID - ok
16:40:10.0271 0x15c4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:40:10.0278 0x15c4 volmgr - ok
16:40:10.0300 0x15c4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:40:10.0313 0x15c4 volmgrx - ok
16:40:10.0331 0x15c4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:40:10.0343 0x15c4 volsnap - ok
16:40:10.0378 0x15c4 [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus C:\Windows\system32\drivers\vpchbus.sys
16:40:10.0427 0x15c4 vpcbus - ok
16:40:10.0438 0x15c4 [ 8ACDA395841538CE9713A67FE8B2A3EB, D74D6AF8059C1CD59A5DDB03095BC46FF7808DA358FB64D71B53940DEE6356D9 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
16:40:10.0456 0x15c4 vpcnfltr - ok
16:40:10.0494 0x15c4 [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
16:40:10.0531 0x15c4 vpcusb - ok
16:40:10.0557 0x15c4 [ 510D250A08C09850F5C78CA2011B3B62, 99A4FD465B721D6E262A4BB7F9476BBE154195C5666B9BDBC8BD769D51893A5C ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
16:40:10.0576 0x15c4 vpcvmm - ok
16:40:10.0605 0x15c4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:40:10.0614 0x15c4 vsmraid - ok
16:40:10.0693 0x15c4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:40:10.0793 0x15c4 VSS - ok
16:40:10.0822 0x15c4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:40:10.0847 0x15c4 vwifibus - ok
16:40:10.0869 0x15c4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:40:10.0883 0x15c4 vwififlt - ok
16:40:10.0892 0x15c4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:40:10.0905 0x15c4 vwifimp - ok
16:40:10.0923 0x15c4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:40:10.0964 0x15c4 W32Time - ok
16:40:10.0985 0x15c4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:40:10.0992 0x15c4 WacomPen - ok
16:40:11.0023 0x15c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:40:11.0046 0x15c4 WANARP - ok
16:40:11.0049 0x15c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:40:11.0071 0x15c4 Wanarpv6 - ok
16:40:11.0138 0x15c4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:40:11.0208 0x15c4 wbengine - ok
16:40:11.0240 0x15c4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:40:11.0263 0x15c4 WbioSrvc - ok
16:40:11.0290 0x15c4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:40:11.0323 0x15c4 wcncsvc - ok
16:40:11.0338 0x15c4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:40:11.0355 0x15c4 WcsPlugInService - ok
16:40:11.0374 0x15c4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:40:11.0380 0x15c4 Wd - ok
16:40:11.0418 0x15c4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:40:11.0447 0x15c4 Wdf01000 - ok
16:40:11.0479 0x15c4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:40:11.0489 0x15c4 WdiServiceHost - ok
16:40:11.0492 0x15c4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:40:11.0501 0x15c4 WdiSystemHost - ok
16:40:11.0535 0x15c4 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
16:40:11.0548 0x15c4 WebClient - ok
16:40:11.0571 0x15c4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:40:11.0598 0x15c4 Wecsvc - ok
16:40:11.0616 0x15c4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:40:11.0652 0x15c4 wercplsupport - ok
16:40:11.0677 0x15c4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:40:11.0718 0x15c4 WerSvc - ok
16:40:11.0733 0x15c4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:40:11.0754 0x15c4 WfpLwf - ok
16:40:11.0768 0x15c4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:40:11.0775 0x15c4 WIMMount - ok
16:40:11.0805 0x15c4 WinDefend - ok
16:40:11.0809 0x15c4 WinHttpAutoProxySvc - ok
16:40:11.0859 0x15c4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:40:11.0885 0x15c4 Winmgmt - ok
16:40:11.0954 0x15c4 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
16:40:12.0024 0x15c4 WinRM - ok
16:40:12.0061 0x15c4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:40:12.0072 0x15c4 WinUsb - ok
16:40:12.0115 0x15c4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:40:12.0159 0x15c4 Wlansvc - ok
16:40:12.0217 0x15c4 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:40:12.0232 0x15c4 wlcrasvc - ok
16:40:12.0360 0x15c4 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:40:12.0436 0x15c4 wlidsvc - ok
16:40:12.0473 0x15c4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:40:12.0481 0x15c4 WmiAcpi - ok
16:40:12.0510 0x15c4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:40:12.0537 0x15c4 wmiApSrv - ok
16:40:12.0563 0x15c4 WMPNetworkSvc - ok
16:40:12.0583 0x15c4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:40:12.0603 0x15c4 WPCSvc - ok
16:40:12.0625 0x15c4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:40:12.0640 0x15c4 WPDBusEnum - ok
16:40:12.0731 0x15c4 [ 78862000CEFDA89E3677DD6ED8C3BA0B, 06708193D705693B90E7E95B59C9455AEC1B19D1B7A760C73AE0AFBDEC8952C9 ] WPSHWPBC_DWA_140 C:\Program Files (x86)\D-Link Corporation\D-Link DWA-140\WPSHWPBC.exe
16:40:12.0750 0x15c4 WPSHWPBC_DWA_140 - ok
16:40:12.0765 0x15c4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:40:12.0805 0x15c4 ws2ifsl - ok
16:40:12.0816 0x15c4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:40:12.0830 0x15c4 wscsvc - ok
16:40:12.0850 0x15c4 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:40:12.0869 0x15c4 WSDPrintDevice - ok
16:40:12.0884 0x15c4 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\drivers\WSDScan.sys
16:40:12.0891 0x15c4 WSDScan - ok
16:40:12.0893 0x15c4 WSearch - ok
16:40:12.0989 0x15c4 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
16:40:13.0091 0x15c4 wuauserv - ok
16:40:13.0130 0x15c4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:40:13.0139 0x15c4 WudfPf - ok
16:40:13.0156 0x15c4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:40:13.0167 0x15c4 WUDFRd - ok
16:40:13.0203 0x15c4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:40:13.0239 0x15c4 wudfsvc - ok
16:40:13.0277 0x15c4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:40:13.0309 0x15c4 WwanSvc - ok
16:40:13.0384 0x15c4 [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
16:40:13.0411 0x15c4 ZeroConfigService - ok
16:40:13.0435 0x15c4 ================ Scan global ===============================
16:40:13.0464 0x15c4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
16:40:13.0503 0x15c4 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
16:40:13.0533 0x15c4 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
16:40:13.0564 0x15c4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:40:13.0602 0x15c4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:40:13.0610 0x15c4 [ Global ] - ok
16:40:13.0611 0x15c4 ================ Scan MBR ==================================
16:40:13.0623 0x15c4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:40:13.0975 0x15c4 \Device\Harddisk0\DR0 - ok
16:40:13.0975 0x15c4 ================ Scan VBR ==================================
16:40:13.0978 0x15c4 [ 589EB5EC2A841D09A47C9CE8AC15953B ] \Device\Harddisk0\DR0\Partition1
16:40:13.0980 0x15c4 \Device\Harddisk0\DR0\Partition1 - ok
16:40:13.0984 0x15c4 [ B131BE63E2A980FFC13C95680F180A5D ] \Device\Harddisk0\DR0\Partition2
16:40:13.0986 0x15c4 \Device\Harddisk0\DR0\Partition2 - ok
16:40:14.0009 0x15c4 [ 15E9976BFEED787D6DE64A9A4E22C5EF ] \Device\Harddisk0\DR0\Partition3
16:40:14.0012 0x15c4 \Device\Harddisk0\DR0\Partition3 - ok
16:40:14.0012 0x15c4 ================ Scan generic autorun ======================
16:40:14.0088 0x15c4 [ 12E304AA643F5D43F57BA65CBF90E684, 4D90DCD4012D5FA88FD28BC38F7D31E25B3A731FE10B44F7B9682330BCFEB4E8 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
16:40:14.0111 0x15c4 cAudioFilterAgent - ok
16:40:14.0133 0x15c4 [ AD79B2FFE532230AD10426412D170638, 8B3F4223C7B8F398F6676AC21DCDC41D34A70FD5C9F8FB850D13563A982123D9 ] C:\Windows\system32\igfxtray.exe
16:40:14.0145 0x15c4 IgfxTray - ok
16:40:14.0157 0x15c4 [ BE659C3364F82104855A664E10FAB3D7, 949F9C4E106C2B57C45668A4B2F546DFBE97973985B9EE23AA437978EA623768 ] C:\Windows\system32\hkcmd.exe
16:40:14.0169 0x15c4 HotKeysCmds - ok
16:40:14.0188 0x15c4 [ 8DCACAB03D6B6569E39CD7D0F495A63C, 1E7796BDFC7C6C161F748EF0306D83553BE7A9BB5EE15CA0F23B4F53F50C9255 ] C:\Windows\system32\igfxpers.exe
16:40:14.0201 0x15c4 Persistence - ok
16:40:14.0203 0x15c4 IntelTBRunOnce - ok
16:40:14.0236 0x15c4 [ 2D7CF7A1A4871FB7054306026DA49DAE, 011D17445ABBAEBB921015CF8D8C65CA8814BE3633668A0560BF947F4D0D3069 ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
16:40:14.0244 0x15c4 BLEServicesCtrl - ok
16:40:14.0245 0x15c4 BTMTrayAgent - ok
16:40:14.0280 0x15c4 [ 16AD491A41C1ECC8FCC087B23E3108D4, 39405A7E3A7F13608368DAA6142500B61A25F23B4ECA7039751A27F5DEB5ABC7 ] C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Token.exe
16:40:14.0299 0x15c4 Acer MotionProtect Tray Application - ok
16:40:14.0300 0x15c4 SynTPEnh - ok
16:40:14.0406 0x15c4 [ 9634F2078F66B901B171F7E75FFF3261, DF82CF522847F930A26A438096C32A34F448A89F28BA4C681F396F0C25B96E28 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
16:40:14.0438 0x15c4 Power Management - ok
16:40:14.0518 0x15c4 [ 5281CBFF8143A213CE0230A1B8E9161B, CAA9CF25D901599DFDEC949D4F61D235F111C7A54699DE3F36C57FF27991FA17 ] C:\Program Files\Acer\Acer Updater\ALU.exe
16:40:14.0622 0x15c4 ALU - ok
16:40:14.0694 0x15c4 [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
16:40:14.0716 0x15c4 USB3MON - ok
16:40:14.0763 0x15c4 [ 4F231954E4ED4DE7BF2DAB4E8D9BA8BB, D81E1FDABAEBD8B01C1109E71025D08FE284B912F6A307EE215BAC8D762E5B38 ] C:\Program Files (x86)\Launch Manager\LManager.exe
16:40:14.0791 0x15c4 LManager - ok
16:40:14.0819 0x15c4 [ 453C1D967E88AAC141182FE65F24291C, 5E811B0CF8A2DD01D183EAD7B67D3908E29555F70CA12E034A048B6BD2BD4096 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
16:40:14.0827 0x15c4 IMSS - ok
16:40:14.0896 0x15c4 [ 32AC3889C598A7314954CF515E716BDE, DE843C6B523C60776401F799C01948DDC383442B2CEAC2002A867DC860949AFE ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
16:40:14.0910 0x15c4 IndexSearch - ok
16:40:14.0935 0x15c4 [ 7D46CE32283158EB7F1D0C8E02D8DDD1, DF68039E55E90EFAB90E5FC8DE79E66CEDECB99EB353C4F349375732AAEF1BE1 ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
16:40:14.0947 0x15c4 PaperPort PTD - ok
16:40:15.0014 0x15c4 [ 9F0ACAA725CF5A391AF7E2067AE45746, CA7F3C2C9D4DCB135ECBFFEB3448D272552B5DB720E0A526B4AC07B1F5E8BC9E ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
16:40:15.0038 0x15c4 PDFHook - ok
16:40:15.0066 0x15c4 [ 154420A93E4F676AA33A055A116255D9, DF76577C22EBB439DF2B72D1B6B7A465F067CCEC886FC7A7FB337865DA1DB914 ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
16:40:15.0073 0x15c4 PDF5 Registry Controller - ok
16:40:15.0125 0x15c4 [ 25550E7DB114579EB50BC98A8DFD8B9F, 11F81387B6EE44FBE4DCF251A0D4AFF3E84C550BACCA39B71B41B452D512628B ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
16:40:15.0139 0x15c4 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
16:40:15.0433 0x15c4 Detect skipped due to KSN trusted
16:40:15.0433 0x15c4 ControlCenter4 - ok
16:40:15.0607 0x15c4 [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
16:40:15.0694 0x15c4 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
16:40:16.0050 0x15c4 Detect skipped due to KSN trusted
16:40:16.0050 0x15c4 BrStsMon00 - ok
16:40:16.0086 0x15c4 [ 31BB3E02E3716C0E64DA1B99F417F503, E3911EBDA8A9DD8721E23BC131D1AA45B50556A9098E9032AB28371E6959189B ] C:\Program Files (x86)\Multimedia Card Reader\shwicon2k.exe
16:40:16.0107 0x15c4 Sunkist2k - detected UnsignedFile.Multi.Generic ( 1 )
16:40:16.0656 0x15c4 Sunkist2k ( UnsignedFile.Multi.Generic ) - warning
16:40:16.0834 0x15c4 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
16:40:16.0852 0x15c4 BCSSync - ok
16:40:17.0020 0x15c4 [ 5C884B0C9BF0492C4D23B098B20254B4, 37445A6FC850F85E45A1D0C7729BC383153204F66B95481A220A6F3EC6775814 ] C:\Program Files (x86)\Common Files\RSA Shared\RSA Card Conversion Utility\RSACardConversionUtility.exe
16:40:17.0078 0x15c4 RSA Card Conversion Utility - ok
16:40:17.0161 0x15c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:40:17.0200 0x15c4 Sidebar - ok
16:40:17.0227 0x15c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:40:17.0254 0x15c4 mctadmin - ok
16:40:17.0276 0x15c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:40:17.0302 0x15c4 Sidebar - ok
16:40:17.0306 0x15c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:40:17.0318 0x15c4 mctadmin - ok
16:40:17.0388 0x15c4 [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
16:40:17.0396 0x15c4 ISUSPM - ok
16:40:17.0433 0x15c4 [ 89CACBC5A5D9F14AD11F09D1DE49294E, 5D9F810E57527ED9E95BB208DBA13D25AF64346B298C1C793335775F9AED21C7 ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
16:40:17.0446 0x15c4 Sony PC Companion - ok
16:40:17.0447 0x15c4 Waiting for KSN requests completion. In queue: 149
16:40:18.0471 0x15c4 Win FW state via NFP2: enabled ( trusted )
16:40:18.0613 0x15c4 ============================================================
16:40:18.0613 0x15c4 Scan finished
16:40:18.0613 0x15c4 ============================================================
16:40:18.0624 0x0cd8 Detected object count: 1
16:40:18.0624 0x0cd8 Actual detected object count: 1
16:41:56.0949 0x0cd8 Sunkist2k ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:56.0949 0x0cd8 Sunkist2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
13.01.2017, 18:53
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.01.2017, 21:20
| #9 |
| | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? 1. Schritt: adwCleaner Code:
ATTFilter # AdwCleaner v6.042 - Bericht erstellt am 13/01/2017 um 21:11:42
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-11.1 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Jens - JENS-PC
# Gestartet von : D:\Eigene Dateien\Downloads\AdwCleaner_6.042(1).exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6906 Bytes] - [12/01/2017 10:10:37]
C:\AdwCleaner\AdwCleaner[R0].txt - [11618 Bytes] - [24/03/2015 13:36:55]
C:\AdwCleaner\AdwCleaner[R1].txt - [1833 Bytes] - [08/06/2015 15:36:46]
C:\AdwCleaner\AdwCleaner[S0].txt - [9066 Bytes] - [24/03/2015 13:40:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [1743 Bytes] - [08/06/2015 15:51:57]
C:\AdwCleaner\AdwCleaner[S2].txt - [6523 Bytes] - [12/01/2017 10:09:03]
C:\AdwCleaner\AdwCleaner[S3].txt - [1652 Bytes] - [13/01/2017 21:11:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1725 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64
Ran by Jens (Administrator) on 13.01.2017 at 21:15:58,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 21
Successfully deleted: C:\ProgramData\Start Menu\Programs\wise registry cleaner (Folder)
Successfully deleted: C:\Users\Jens\AppData\Roaming\wise registry cleaner (Folder)
Successfully deleted: C:\Users\Jens\Documents\add-in express (Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Program Files (x86)\wise\wise registry cleaner (Folder)
Successfully deleted: C:\Users\Jens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DGJ2HSMI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDKKMGY7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LNFWY1F1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XWSYXVO1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DGJ2HSMI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IDKKMGY7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LNFWY1F1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XWSYXVO1 (Temporary Internet Files Folder)
Registry: 8
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8F065789-B230-4E17-BFBF-DCA335C4D982} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84B94901-3645-4D80-A6B7-4D0050B19455} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E9E027BF-C3F3-4022-8F6B-8F6D39A59684} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84B94901-3645-4D80-A6B7-4D0050B19455} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E9E027BF-C3F3-4022-8F6B-8F6D39A59684} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.01.2017 at 21:17:18,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
13.01.2017, 22:03
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.01.2017, 15:34
| #11 |
| | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? Sorry, Nachfrage: müsste das was der Kaspersky TDSS Killer gefunden hat nicht noch gelöscht werden oder ist das im Laufe des Scanprozesses bzw. anschließend schon passiert und ich habs in der Beschreibung nur übersehen??? |
|
16.01.2017, 15:41
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? nein, nicht jeder Fund ist malware
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.01.2017, 15:59
| #13 |
| | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? Frische FRST Logs Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
durchgeführt von Jens (Administrator) auf JENS-PC (16-01-2017 15:57:12)
Gestartet von D:\Eigene Dateien\Downloads
Geladene Profile: Jens (Verfügbare Profile: Jens)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\D-Link Corporation\D-Link DWA-140\WPSHWPBC.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Farbar) D:\Eigene Dateien\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [563840 2011-12-02] (Conexant Systems, Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Acer MotionProtect Tray Application] => C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Token.exe [211608 2012-05-25] (STMicroelectronics)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016944 2013-04-11] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [ALU] => C:\Program Files\Acer\Acer Updater\ALU.exe [2419104 2016-06-06] (Acer Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1144112 2013-01-16] (Dritek System Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-03-06] (Intel Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Sunkist2k] => C:\Program Files (x86)\Multimedia Card Reader\shwicon2k.exe [135168 2003-04-09] (Alcor Micro Corp)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [RSA Card Conversion Utility] => C:\Program Files (x86)\Common Files\RSA Shared\RSA Card Conversion Utility\RSACardConversionUtility.exe [3499728 2010-08-27] (RSA, The Security Division of EMC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\...\MountPoints2: {ab50c787-baff-11e6-8e44-001e101f1f81} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{DE4A5399-94CB-44B4-9351-194021FF4416}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.de/
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001 -> DefaultScope {8F065789-B230-4E17-BFBF-DCA335C4D982} URL =
SearchScopes: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001 -> {1F0C0E4A-72C8-4560-9612-27AD083921F1} URL = hxxp://webtip.ch/cgi-bin/amz_track/tracker_de.pl?loc=search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001 -> {47F43F50-68E2-4F28-B949-26EE0EC9C505} URL = hxxp://www.buyertools.net/cgi-bin/preispiraten_de/nph.fcgi?qry_str={searchTerms}&category=deutsch&how=and&searchtype=simple&Web=on&wiki_tab=on&wiki_tab_old=+CHECKED&ebay_tab=on&ebay_tab_old=+CHECKED&shoppingcom_tab=on&shoppingcom_tab_old=+CHECKED&pirat_tab=on&pirat_tab_old=+CHECKED&JavaScript=enabled&submit=SUCHEN
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Jens\AppData\Roaming\Mozilla\Firefox\Profiles\m65fgiyz.default-1481793769120 [2017-01-16]
FF Homepage: Mozilla\Firefox\Profiles\m65fgiyz.default-1481793769120 -> www.google.de/
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20 => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [donottrackplus@abine.com] - C:\Program Files (x86)\CheckPoint\Install\dntme-firefox.xpi => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WPSHWPBC_DWA_140; C:\Program Files (x86)\D-Link Corporation\D-Link DWA-140\WPSHWPBC.exe [318624 2015-10-08] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R0 FPWinIo; C:\Windows\System32\DRIVERS\FPWinIo.sys [84784 2012-03-27] (Egis Technology Inc.)
R3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [130944 2014-11-10] (Gemalto)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2254016 2015-09-15] (MediaTek Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-03-14] (STMicroelectronics)
S3 SunkFilt; C:\Windows\SysWOW64\Drivers\sunkfilt.sys [34568 2003-04-08] (Alcor Micro Corp.) [Datei ist nicht signiert]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-13 21:17 - 2017-01-13 21:17 - 00004742 _____ C:\Users\Jens\Desktop\JRT.txt
2017-01-13 16:36 - 2017-01-13 21:07 - 00229186 _____ C:\TDSSKiller.3.1.0.12_13.01.2017_16.36.35_log.txt
2017-01-13 15:05 - 2017-01-13 16:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-13 15:05 - 2017-01-13 15:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-13 15:05 - 2017-01-13 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-13 15:04 - 2017-01-13 16:25 - 00000000 ____D C:\Users\Jens\Desktop\mbar
2017-01-13 15:04 - 2017-01-13 15:43 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-13 12:29 - 2017-01-16 15:57 - 00000000 ____D C:\FRST
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-16 12:38 - 2016-04-07 11:39 - 00041826 _____ C:\Users\Jens\Desktop\tmp.dat
2017-01-16 09:47 - 2009-07-14 05:45 - 00016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-16 09:47 - 2009-07-14 05:45 - 00016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-14 18:40 - 2015-10-06 01:45 - 00704784 _____ C:\Windows\system32\perfh007.dat
2017-01-14 18:40 - 2015-10-06 01:45 - 00151152 _____ C:\Windows\system32\perfc007.dat
2017-01-14 18:40 - 2009-07-14 06:13 - 01628108 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-14 18:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-13 21:17 - 2016-12-01 20:59 - 00000000 ____D C:\Users\Jens\AppData\LocalLow\Mozilla
2017-01-13 21:16 - 2016-12-07 21:17 - 00000000 ____D C:\Program Files (x86)\Wise
2017-01-13 21:11 - 2015-03-24 13:36 - 00000000 ____D C:\AdwCleaner
2017-01-13 14:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-13 14:41 - 2015-11-14 10:29 - 00000000 ____D C:\Users\Jens\AppData\Local\ContentWatch
2017-01-13 14:40 - 2016-09-22 09:20 - 00000000 ____D C:\Users\Jens\AppData\Roaming\Skype
2017-01-12 10:39 - 2015-10-29 14:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-12 10:36 - 2015-10-29 14:01 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 19:10 - 2015-10-29 13:59 - 00000000 ____D C:\Users\Jens\AppData\Local\Adobe
2017-01-10 19:08 - 2013-06-21 17:32 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-10 19:08 - 2013-06-21 17:32 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-10 19:08 - 2013-06-21 17:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-10 19:08 - 2013-06-21 17:32 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-10 19:05 - 2016-11-18 12:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-10 19:05 - 2015-10-05 18:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-12 10:04 - 2015-11-12 10:04 - 0008917 _____ () C:\Users\Jens\AppData\Local\HWVendorDetection.log
Einige Dateien in TEMP:
====================
C:\Users\Jens\AppData\Local\Temp\xcs16E9.tmp.exe
C:\Users\Jens\AppData\Local\Temp\xcs2A0.tmp.exe
C:\Users\Jens\AppData\Local\Temp\xcs6E6B.tmp.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-13 09:01
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017
durchgeführt von Jens (16-01-2017 15:57:38)
Gestartet von D:\Eigene Dateien\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-10-05 17:22:11)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1114637928-2207284162-3558911400-500 - Administrator - Disabled)
Gast (S-1-5-21-1114637928-2207284162-3558911400-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1114637928-2207284162-3558911400-1002 - Limited - Enabled)
Jens (S-1-5-21-1114637928-2207284162-3558911400-1001 - Administrator - Enabled) => C:\Users\Jens
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer 3G Connection Manager (HKLM-x32\...\{96F5085A-FAB3-40DA-BF1A-EABC37EA031C}) (Version: 3.00.3503 - Acer Incorporated)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3507 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Broadcom Gigabit Integrated Controller (HKLM\...\{394E442A-637D-43EF-B402-4CFD88263CF0}) (Version: 15.0.5.1 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-9332CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.30.0 - Conexant)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.381 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
D-Link DWA-140 (HKLM-x32\...\{09828F4D-CE2E-403A-8708-A02E53495F3D}) (Version: 4.04 - D-Link Corporation)
EgisTec ES603 WDM Driver (HKLM-x32\...\InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}) (Version: 3.1.14.0 - Egis Technology Inc.)
ES603 WDM Driver (x32 Version: 3.1.14.0 - Egis Technology Inc.) Hidden
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.1 - Gemalto)
HUAWEI DataCard Driver 4.25.00.03 (HKLM-x32\...\HUAWEI DataCard Driver) (Version: 4.25.00.03 - Huawei technologies Co., Ltd.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3503 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3062 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K.IM 3.5 - Kompakte Immobilienbewertung (HKLM-x32\...\K.IM_is1) (Version: - )
Launch Manager (HKLM-x32\...\LManager) (Version: 6.2.2 - Acer Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{13B97BA0-1765-4EBA-8902-C6E30291F67B}) (Version: 1.17 - Alcor Micro,Corp.)
Multimedia Card Reader (x32 Version: 1.17 - Alcor Micro,Corp.) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Outlook Backup Assistant 7 (Vollversion) (HKLM-x32\...\812A5AC8-50DA-43D8-B36E-30CDD7FCCAA1_is1) (Version: 7 - Priotecs IT GmbH)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Preispiraten (HKLM-x32\...\{5384EA8A-FECA-4D6E-B7B4-3D4D9D47E5DF}) (Version: 6 - metaspinner net GmbH)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
RSA SecurID Software Token (HKLM-x32\...\{1E7941DC-32F1-467D-8351-8955A038A76E}) (Version: 4.1.1 - RSA, The Security Division of EMC)
RSA Smart Card Middleware 3.5 (HKLM-x32\...\{AC2F9FCC-170E-4B0B-84AB-7307A373570F}) (Version: 3.5.3.36 - RSA, The Security Division of EMC)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.16.201611221058 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.06.0026 - ST Microelectronics)
Sweet Home 3D version 5.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.34 - Synaptics Incorporated)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel)
VHV RECOMAX (HKLM-x32\...\{53CFF9B1-4ED7-4114-8ECF-ADD13BC8AC57}) (Version: 8.06 - VHV Allgemeine Versicherung AG)
VHV-Tarifprogramm (HKLM-x32\...\{AC2E0432-9092-42F8-B4C2-E95DF8ADE82C}) (Version: 68.0.16 - VHV Allgemeine Versicherung AG)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - Microsoft (USBCCID) SmartCardReader (05/17/2005 5.2.3790.2444) (HKLM\...\E38B2136962D21A7BDE5AAC98CD1C6EA6B6D0687) (Version: 05/17/2005 5.2.3790.2444 - Microsoft)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Wise Registry Cleaner 9.35 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 9.35 - WiseCleaner.com, Inc.)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001_Classes\CLSID\{6295A54D-BD2A-4CF7-A288-62B0D91F7879}\InprocServer32 -> C:\Program Files (x86)\Outlook Backup Assistant\AddIn\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001_Classes\CLSID\{743035C6-FA33-39DF-A741-34A81649705C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001_Classes\CLSID\{E3DF3DC0-3869-3CF6-9638-ACE5BFCF8341}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001_Classes\CLSID\{E444D266-68C3-4748-91FC-49A65C606776}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {30A6DF06-5AA1-42F1-96B5-6431E52A4A61} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2016-06-08] (Acer Incorporated)
Task: {77148A5F-ABCA-44CE-9370-E7E23395B1C2} - System32\Tasks\{0E0ED386-A2C9-4E10-A6FA-14604466EEF6} => pcalua.exe -a E:\setup.exe -d E:\
Task: {9DA6A8A6-4B61-4016-B645-5780D517D629} - System32\Tasks\{5EBC7A90-5ADA-4BD1-8FFC-0EF873343037} => pcalua.exe -a E:\WINDOWS\Setup.exe -d E:\WINDOWS
Task: {A2D99154-A902-4257-B70E-9B48B0012C08} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {B11793DE-7B37-46F8-AF29-70F5439D72DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-08 11:08 - 2005-04-22 05:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2016-05-10 14:49 - 2015-10-08 08:33 - 00318624 _____ () C:\Program Files (x86)\D-Link Corporation\D-Link DWA-140\WPSHWPBC.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-10-08 11:08 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-10-05 16:13 - 2012-03-06 23:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\...\localhost -> localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1114637928-2207284162-3558911400-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A8B86D55-436F-4B8A-9C08-2CE2F329012C}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1AD7F496-B7B1-4690-B4CE-4B2AC33AD613}] => LPort=2869
FirewallRules: [{6E1E9FDF-6A90-4D10-A970-633290216A7A}] => LPort=1900
FirewallRules: [{1BEDF534-E19F-4914-8F41-08BC100194A5}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [VirtualPC-In-UDP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [{1CA191FD-0273-4AFC-8FF6-054A6F780889}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{70A4E17C-F568-4C91-A501-8A244D6FB77D}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{94EB4EF4-D103-41CD-B5DC-07B495C9F213}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{A0947616-3784-42FE-B2A4-A81E1776543C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{23889E0B-339C-43DF-83B3-5CAB49F5FED6}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB29684F-9E4C-43E6-9888-88745F5A902C}] => C:\Program Files (x86)\Brother\Brmfl12d\FAXRX.EXE
FirewallRules: [{9AF83614-49C8-4C1B-A1B6-0F097A2B0912}] => LPort=54925
FirewallRules: [{CF2C0872-C372-4736-8158-DBC255E92FD0}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{540E28C7-542B-42BE-8135-9B8ED5C9CA03}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{715F5069-DF20-4AAD-960E-F545442B0786}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C31833F-651B-42FD-B7F3-534A9E5E3F31}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{F86EC511-35C1-4A37-A1B6-B1D19AFD12B2}] => C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{8B4296B5-CAA7-40F7-9F3A-8EEA97CD934C}] => C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{08F3FFDB-6A15-4562-B931-93379F91C7BC}] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{26C405A2-7AEF-4E9A-877A-797025CC4C27}] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{B5ACD508-5145-4301-9B5A-52F928FD785F}] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{5FC43CE9-7DE8-4252-AAE6-8C72F0DFE763}] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{C4F41A42-BBBD-4E58-8506-2726F5D7A8EE}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\VHVKommunikationszentrale.exe
FirewallRules: [{5D6DA180-3C38-4350-8AE6-9827E299F5A8}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\VHVKommunikationszentrale.exe
FirewallRules: [{C96CAFF3-1CC6-45EC-9C11-51CF7C37FF96}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\VHVKommunikationszentrale.exe
FirewallRules: [{DC517760-6977-407C-88A0-28BF7EF0B8B1}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\VHVKommunikationszentrale.exe
FirewallRules: [{D9867E18-51A6-45DF-9DDA-D84F7FFFDC8C}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\jre\bin\javaw.exe
FirewallRules: [{94A2FA26-BACB-4091-AAD5-BE28C20D7A2C}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\jre\bin\javaw.exe
FirewallRules: [{0CD58F41-3324-4F0D-B132-9694DAC356E7}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\jre\bin\javaw.exe
FirewallRules: [{5DD39D5F-902C-4D45-B40D-03BCF4710D19}] => C:\VHV\VHV Tarifprogramm\VPL_APPS\Versandzentrale\jre\bin\javaw.exe
FirewallRules: [{C6540EC5-167B-47AF-B725-F98BF120C7FE}] => C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{45C28462-6B89-4C1D-910E-0234D94FCF62}] => C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
==================== Wiederherstellungspunkte =========================
22-12-2016 10:22:27 Geplanter Prüfpunkt
02-01-2017 16:44:52 Geplanter Prüfpunkt
10-01-2017 18:18:44 Windows Update
13-01-2017 21:15:59 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/14/2017 09:52:13 AM) (Source: chip 1-click download service) (EventID: 0) (User: )
Description: |ERORRS=;(380) error at getOrdersForVersion:The remote name could not be resolved: 'service.chip-secured-download.de'
;(460) could not DownloadFileAsync: Invalid URI: The URI is empty.
Error: (01/13/2017 02:41:11 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Jens-PC)
Description: Die Anwendung oder der Dienst "ZoneAlarm Privacy Service" konnte nicht heruntergefahren werden.
Error: (01/13/2017 02:41:11 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Jens-PC)
Description: Die Anwendung oder der Dienst "ZoneAlarm Privacy Service" konnte nicht heruntergefahren werden.
Error: (01/13/2017 02:41:04 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Jens-PC)
Description: Die Anwendung oder der Dienst "ZoneAlarm" konnte nicht heruntergefahren werden.
Error: (01/13/2017 09:52:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompatTelRunner.exe, Version: 10.0.14913.1002, Zeitstempel: 0x57d1070d
Name des fehlerhaften Moduls: devinv.dll, Version: 10.0.14913.1002, Zeitstempel: 0x57d10950
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002431e
ID des fehlerhaften Prozesses: 0x1550
Startzeit der fehlerhaften Anwendung: 0x01d26d7329a6aabf
Pfad der fehlerhaften Anwendung: C:\Windows\system32\CompatTelRunner.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\devinv.dll
Berichtskennung: acd12a6b-d96d-11e6-980d-001e101fb45e
Error: (12/15/2016 10:59:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7172.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 880
Startzeit: 01d256b9e10d5046
Endzeit: 6
Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
Berichts-ID: 248f133d-c2ad-11e6-9b93-001e101f36d9
Error: (12/15/2016 09:48:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CompatTelRunner.exe, Version: 10.0.14913.1002, Zeitstempel: 0x57d1070d
Name des fehlerhaften Moduls: devinv.dll, Version: 10.0.14913.1002, Zeitstempel: 0x57d10950
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000023c00
ID des fehlerhaften Prozesses: 0x1024
Startzeit der fehlerhaften Anwendung: 0x01d256968baaea07
Pfad der fehlerhaften Anwendung: C:\Windows\system32\CompatTelRunner.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\devinv.dll
Berichtskennung: 4d424be6-c2a3-11e6-9c4e-001e101f7f74
Error: (12/09/2016 10:58:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IntelSmallBusinessAdvantage.exe, Version 1.0.17.2303 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2108
Startzeit: 01d250cad084dff3
Endzeit: 3
Anwendungspfad: C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
Berichts-ID:
Error: (12/07/2016 09:18:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 50.0.2.6177, Zeitstempel: 0x583e5197
Name des fehlerhaften Moduls: mozglue.dll, Version: 50.0.2.6177, Zeitstempel: 0x583e4b91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed43
ID des fehlerhaften Prozesses: 0x1eb8
Startzeit der fehlerhaften Anwendung: 0x01d250c65bc502eb
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: 3f651cdd-bcba-11e6-8e4a-001e101f2500
Error: (10/15/2016 09:23:41 AM) (Source: System Restore) (EventID: 8211) (User: )
Description: Der geplante Wiederherstellungspunkt konnte nicht erstellt werden. Zusätzliche Informationen: (0x81000101).
Systemfehler:
=============
Error: (01/13/2017 02:43:38 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/13/2017 02:43:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) für Benutzer NT-AUTORITÄT\LOKALER DIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/13/2017 02:42:31 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (01/13/2017 02:42:31 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (01/13/2017 02:41:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/13/2017 11:29:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.
Error: (01/13/2017 09:00:48 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.
Error: (01/12/2017 10:13:31 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/12/2017 10:13:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-19) für Benutzer NT-AUTORITÄT\LOKALER DIENST von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/12/2017 10:12:15 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 7971.6 MB
Verfügbarer physikalischer RAM: 5723.48 MB
Summe virtueller Speicher: 15941.38 MB
Verfügbarer virtueller Speicher: 13448.4 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:401.6 GB) (Free:246.24 GB) NTFS
Drive d: (Volume) (Fixed) (Total:50 GB) (Free:11.22 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4B5962B1)
Partition 1: (Not Active) - (Size=14.1 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=401.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=50 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
16.01.2017, 21:29
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.01.2017, 10:29
| #15 |
| | Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? Bei Adobe Flash Player sind nach reste löschen noch " verbliebene Dateien und Ordner aufgeführt" - von Macromedia Flash Player, diese auch löschen oder belassen??? |
|
| Themen zu Windows 7 Professional 64bit SP1 - Tastatur hängt in firefox sehr oft fest, Trojaner bzw. Malwarebefall? |
| blinkt, browser, dateien, einstellungen, explorer, fehler, firefox, google, hängt, internet explorer, maus, microsoft, neu, neustart, ordner, problem, registry, seiten, server, software, taskmanager, tastatur, trojaner, windows, wmi |
dann auf 
und dann auf 
. 
Linear-Darstellung
