| |
| |||||||
Log-Analyse und Auswertung: Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe:Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.01.2017, 22:31
| #16 |
 |  Code tags und genau das habe ich gemacht .. egal - ich mach's halt noch mal und Danke für das 'wtf' Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017
durchgeführt von W (Administrator) auf ASUS-KLEIN (14-01-2017 18:42:33)
Gestartet von C:\Users\W\Downloads
Geladene Profile: W (Verfügbare Profile: W & WalburgaA & WalburgaA_2)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvWsc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111488 2015-11-15] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [911576 2013-10-30] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26287016 2017-01-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [26832 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup Tray] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [159568 2016-12-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] (Atheros Communications)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1475320 2015-03-19] (Research In Motion)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [3023136 2016-12-16] (IObit)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\MountPoints2: {d9a05da4-94cf-11e5-829d-6c71d9ffbf53} - "E:\setup.exe" AUTORUN=1
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\MountPoints2: {f2ea754b-1321-11e5-8269-6c71d9ffbf53} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\Start.exe
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Tcpip\..\Interfaces\{DBD4E8A9-652A-4633-A57C-4B610E4BB4B8}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tageswoche.ch/
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.washingtonpost.com/
hxxp://www.huffingtonpost.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4242665128-3801008343-3756527368-1001 -> DefaultScope {81DDAEC8-19B8-466D-AF59-34C382FB834F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-4242665128-3801008343-3756527368-1001 -> {81DDAEC8-19B8-466D-AF59-34C382FB834F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default [2015-09-01]
FF user.js: detected! => C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default\user.js [2015-11-23]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mPyt7swg.default -> Google
FF Extension: (Avira Browser Safety) - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default\Extensions\abs@avira.com [2017-01-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-16] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-03-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.washingtonpost.com/
CHR StartupUrls: Default -> "hxxps://www.washingtonpost.com/?reload=true","hxxp://www.tageswoche.ch/","hxxp://www.huffingtonpost.com/politics/","hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxps://search.avira.net/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.net/suggestions?q={searchTerms}&li=ff&hl=de
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\Default [2017-01-14]
CHR Extension: (Google Präsentationen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Poper Blocker) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-01-11]
CHR Extension: (YouTube) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (TV) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2017-01-12]
CHR Extension: (Genius Web Annotator) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccaokncpmmjiakalbcfdbfmpcaiddjdn [2017-01-11]
CHR Extension: (Google-Suche) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-03-13]
CHR Extension: (Google Tabellen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Avira Browserschutz) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-29]
CHR Extension: („Pin it“-Button) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-11-03]
CHR Extension: (Awiedno) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkddnpkbopdohfcjcjalflagcmcnpmm [2017-01-12]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2017-01-03]
CHR Extension: (OldNewsFeed) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\jacjkeodiliklmpildjkfaciknopckaa [2015-03-13]
CHR Extension: (Cisco WebEx Extension) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-03-17]
CHR Extension: (CHIP Best Deal) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnbfipnegfmpbggccokgcmkokibpkdc [2016-12-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (True URL) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoeonoajkbigbemkbpklihoggklhblg [2017-01-09]
CHR Extension: (Adblock Pro) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-05-17]
CHR Extension: (Check My Links) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2015-11-10]
CHR Extension: (This Is Fake) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\peeibjiaceaafioopngfaneonhcdbmhb [2016-12-17]
CHR Extension: (Google Mail) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [1013024 2016-11-10] (IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1936672 2016-12-16] (IObit)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [299968 2017-01-04] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51504 2017-01-06] (Dropbox, Inc.)
S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2015-11-15] (Intel Corporation)
S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2015-11-15] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2015-11-15] (Intel Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2016-03-13] (Intel Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (Apple Inc.)
R3 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Limited)
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1077536 2016-12-05] (IObit)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35416 2016-12-13] (Avira Operations GmbH & Co. KG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4307192 2016-11-18] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2016-01-25] (ASUS Corporation)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
S3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2015-11-15] (Intel Corporation)
S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2015-11-15] (Intel Corporation)
S3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2015-11-15] (Intel Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [55784 2016-03-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2016-03-13] (Intel Corporation)
S3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50664 2016-03-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [260072 2016-03-13] (Intel Corporation)
R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [183576 2016-10-27] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited) [Datei ist nicht signiert]
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-03-13] (Synaptics Incorporated)
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-11-02] (BitDefender S.R.L.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-10-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 HWiNFO32; \??\C:\Users\W\AppData\Local\Temp\HWiNFO64A.SYS [X]
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]
S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-14 18:36 - 2017-01-14 18:36 - 02419200 _____ (Farbar) C:\Users\W\Downloads\FRST64.exe
2017-01-14 18:36 - 2017-01-14 18:36 - 00000000 ____D C:\Users\W\Downloads\FRST-OlderVersion
2017-01-14 18:34 - 2017-01-14 18:34 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-01-14 18:34 - 2017-01-14 18:34 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-01-14 01:01 - 2016-10-27 13:54 - 00183576 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2017-01-13 23:59 - 2017-01-13 23:59 - 00152354 _____ C:\Users\W\Downloads\quarantaene.txt
2017-01-13 22:23 - 2017-01-14 18:42 - 00032629 _____ C:\Users\W\Downloads\FRST.txt
2017-01-13 22:23 - 2017-01-14 18:37 - 00050030 _____ C:\Users\W\Downloads\Addition.txt
2017-01-13 16:53 - 2017-01-13 16:53 - 00000000 ____D C:\Users\W\AppData\Local\AviraSpeedup
2017-01-12 17:54 - 2017-01-12 17:54 - 00000890 _____ C:\Users\W\Downloads\170112 Avira log Events.txt
2017-01-12 17:08 - 2017-01-12 17:08 - 00051001 _____ C:\Users\W\Downloads\170112 scan log malware Addition.txt
2017-01-12 17:06 - 2017-01-12 17:06 - 00051001 _____ C:\Users\W\Desktop\Addition.txt
2017-01-12 17:05 - 2017-01-12 17:06 - 00056683 _____ C:\Users\W\Desktop\FRST.txt
2017-01-12 17:04 - 2017-01-14 18:42 - 00000000 ____D C:\FRST
2017-01-12 17:04 - 2017-01-12 17:04 - 02193920 _____ (Farbar) C:\Users\W\Desktop\FRST64.exe
2017-01-12 16:49 - 2017-01-12 16:49 - 00001066 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-01-12 16:44 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-01-12 16:44 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-01-12 16:43 - 2017-01-14 01:00 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-01-12 16:43 - 2017-01-12 16:43 - 00001230 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-12 16:43 - 2017-01-12 16:43 - 00001179 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2017-01-12 16:43 - 2017-01-12 16:43 - 00000000 ____D C:\Users\W\AppData\Local\Avira
2017-01-12 16:42 - 2017-01-12 16:42 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\W\Downloads\avira_en_fass0_5877a2f1825c4__ws.exe
2017-01-12 14:13 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2017-01-12 14:05 - 2017-01-12 14:05 - 00003156 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-01-12 14:05 - 2017-01-12 14:05 - 00001180 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-01-12 14:04 - 2017-01-12 14:05 - 00002318 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-01-12 14:04 - 2017-01-12 14:04 - 00003250 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2017-01-12 14:04 - 2017-01-12 14:04 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (W)
2017-01-12 09:05 - 2017-01-12 13:16 - 00000338 _____ C:\Windows\Tasks\HPCeeScheduleForW.job
2017-01-11 12:53 - 2017-01-14 01:01 - 00000062 _____ C:\Users\W\AppData\Roaming\sp_data.sys
2017-01-11 12:50 - 2017-01-14 00:43 - 00000240 _____ C:\Windows\Tasks\StartMenu8_Start.job
2017-01-11 12:50 - 2017-01-11 12:50 - 00002272 _____ C:\Windows\System32\Tasks\StartMenu8_Start
2017-01-11 12:50 - 2017-01-11 12:50 - 00001220 _____ C:\Users\Public\Desktop\Start Menu 8.lnk
2017-01-11 12:35 - 2017-01-11 12:37 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2017-01-11 12:35 - 2017-01-11 12:35 - 00000000 ____D C:\Users\W\AppData\Roaming\SuperBoost
2017-01-11 12:35 - 2017-01-11 12:35 - 00000000 ____D C:\ProgramData\SuperBoost
2017-01-11 12:27 - 2017-01-11 12:27 - 00000000 ____D C:\ProgramData\{EAAB5A83-3809-4B0E-83A6-E4B0DBF2157E}
2017-01-11 12:27 - 2016-03-22 11:02 - 00021360 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2017-01-11 12:25 - 2017-01-11 12:25 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-11 12:25 - 2017-01-11 12:25 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-11 12:20 - 2017-01-11 12:20 - 04964352 _____ C:\Windows\system32\config\drivers.iobit
2017-01-11 12:19 - 2017-01-11 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-01-08 12:27 - 2017-01-08 12:27 - 00466653 _____ C:\Users\W\Documents\Scan0006.pdf
2017-01-08 12:26 - 2017-01-08 12:26 - 00434838 _____ C:\Users\W\Documents\Scan0005.pdf
2017-01-08 12:25 - 2017-01-08 12:25 - 00385621 _____ C:\Users\W\Documents\Scan0004.pdf
2017-01-08 12:24 - 2017-01-08 12:24 - 00350924 _____ C:\Users\W\Documents\Scan0003.pdf
2017-01-08 12:24 - 2017-01-08 12:24 - 00318462 _____ C:\Users\W\Documents\Scan0002.pdf
2017-01-08 12:23 - 2017-01-08 12:23 - 00328248 _____ C:\Users\W\Documents\Scan0001.pdf
2017-01-06 01:04 - 2017-01-06 01:04 - 00051504 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-01-03 13:19 - 2017-01-12 14:04 - 00268800 ___SH C:\Users\W\Desktop\Thumbs.db
2016-12-28 13:08 - 2016-12-28 13:09 - 95503176 _____ (IObit ) C:\Users\W\Downloads\asc-ultimate-setup-cnet.exe
2016-12-28 12:55 - 2017-01-12 13:55 - 00000000 ____D C:\Program Files (x86)\Dashlane
2016-12-28 12:50 - 2016-12-28 12:50 - 00040960 _____ C:\Windows\system32\config\SAM.iobit
2016-12-28 12:50 - 2016-12-28 12:50 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2016-12-28 12:49 - 2016-12-28 12:49 - 98074624 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-12-28 12:49 - 2016-12-28 12:49 - 00339968 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-12-28 11:59 - 2016-12-28 11:59 - 00000000 ____D C:\ProgramData\BDLogging
2016-12-28 11:59 - 2016-11-02 19:11 - 00520032 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2016-12-28 11:58 - 2017-01-14 18:42 - 00002383 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate 10.lnk
2016-12-28 11:58 - 2017-01-14 00:40 - 00000270 _____ C:\Windows\Tasks\ASCU10_SkipUac_W.job
2016-12-28 11:58 - 2016-12-28 11:59 - 00003022 _____ C:\Windows\System32\Tasks\ASCU10_PerformanceMonitor
2016-12-28 11:58 - 2016-12-28 11:58 - 00002362 _____ C:\Windows\System32\Tasks\ASCU10_SkipUac_W
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2016-12-25 19:57 - 2016-12-25 19:57 - 00157123 _____ C:\Users\W\Desktop\15724685_1227749577273428_7927209070533867513_o.jpg
2016-12-25 10:13 - 2016-12-25 10:13 - 02964472 _____ (Google) C:\Users\W\Downloads\chrome_cleanup_tool.exe
2016-12-20 13:53 - 2016-12-20 13:53 - 00587805 _____ C:\Users\W\Documents\Scan.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-14 18:31 - 2015-05-15 14:32 - 00000000 ____D C:\Users\W\Documents\Outlook-Dateien
2017-01-14 09:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-01-14 09:42 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-01-14 01:26 - 2015-11-13 15:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-14 01:25 - 2015-03-13 18:15 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-01-14 01:24 - 2016-09-14 11:03 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-01-14 01:16 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-14 01:15 - 2015-03-16 21:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-14 01:10 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-14 01:09 - 2015-05-25 10:02 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4242665128-3801008343-3756527368-1001
2017-01-14 01:06 - 2014-05-16 00:55 - 00817442 _____ C:\Windows\system32\perfh00C.dat
2017-01-14 01:06 - 2014-05-16 00:55 - 00167144 _____ C:\Windows\system32\perfc00C.dat
2017-01-14 01:06 - 2014-05-16 00:45 - 00793698 _____ C:\Windows\system32\perfh007.dat
2017-01-14 01:06 - 2014-05-16 00:45 - 00168368 _____ C:\Windows\system32\perfc007.dat
2017-01-14 01:06 - 2014-03-18 16:26 - 02820038 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-14 01:00 - 2016-09-14 11:05 - 00000000 ___RD C:\Users\W\Dropbox
2017-01-14 00:59 - 2016-09-14 11:03 - 00001222 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-01-14 00:59 - 2015-03-13 18:10 - 00000000 ___DO C:\Users\W\OneDrive
2017-01-14 00:59 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-14 00:58 - 2015-06-14 08:14 - 00000000 ____D C:\Program Files (x86)\Avira
2017-01-14 00:55 - 2015-04-10 14:54 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-14 00:55 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-01-14 00:51 - 2015-06-14 08:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-13 07:15 - 2013-08-22 15:44 - 00488000 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-12 16:51 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-12 16:49 - 2015-06-14 08:14 - 00000000 ____D C:\ProgramData\Avira
2017-01-12 16:43 - 2014-10-15 20:48 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-12 14:05 - 2016-05-17 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-01-12 14:05 - 2015-05-25 22:26 - 00000000 ____D C:\ProgramData\ProductData
2017-01-12 14:04 - 2016-11-17 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-01-12 13:51 - 2015-03-14 19:09 - 00000000 ____D C:\Users\W\AppData\Local\ElevatedDiagnostics
2017-01-12 09:05 - 2016-07-14 18:29 - 00003144 _____ C:\Windows\System32\Tasks\HPCeeScheduleForW
2017-01-12 08:37 - 2015-03-29 15:41 - 00000000 ____D C:\Users\W\Desktop\klondike how tos
2017-01-12 08:30 - 2015-03-13 19:33 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 08:28 - 2015-03-13 19:33 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-12 07:43 - 2015-04-13 11:54 - 00000000 ____D C:\Users\W\Documents\Dies & Das
2017-01-11 20:32 - 2014-10-15 20:39 - 00000000 ____D C:\Windows\softwaredistribution.bak
2017-01-11 12:55 - 2015-04-10 14:54 - 00000000 ____D C:\ProgramData\IObit
2017-01-11 12:50 - 2015-04-10 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2017-01-11 12:24 - 2015-11-08 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2017-01-11 12:19 - 2016-09-14 11:03 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-01-11 07:26 - 2015-11-13 15:34 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 07:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 07:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-09 13:34 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W\AppData\Local\Packages
2017-01-08 23:00 - 2015-05-25 06:44 - 00000000 ____D C:\Users\W\Desktop\dies und das
2017-01-05 00:49 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W
2017-01-05 00:48 - 2016-07-06 14:00 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2017-01-05 00:48 - 2015-05-28 00:15 - 00000000 ____D C:\Users\W\AppData\Roaming\ProductData
2017-01-05 00:48 - 2015-04-10 14:56 - 00000000 ____D C:\Users\W\AppData\LocalLow\IObit
2017-01-05 00:48 - 2015-04-10 14:54 - 00000000 ____D C:\Users\W\AppData\Roaming\IObit
2017-01-05 00:48 - 2015-03-16 21:46 - 00000000 ____D C:\Users\WalburgaA_2
2017-01-05 00:48 - 2015-03-16 21:44 - 00000000 ____D C:\Users\WalburgaA
2017-01-05 00:48 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W\AppData\Local\ASUS
2017-01-05 00:48 - 2014-10-15 20:50 - 00000000 ____D C:\ProgramData\P4G
2017-01-05 00:48 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2017-01-05 00:48 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe
2017-01-05 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration
2017-01-03 13:19 - 2015-11-02 13:00 - 00000000 ____D C:\Users\W\Desktop\basel sell & buy
2016-12-29 08:28 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\catroot
2016-12-29 08:26 - 2015-04-27 14:39 - 00000000 ____D C:\Users\W\AppData\Roaming\Skype
2016-12-28 12:56 - 2015-04-27 14:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-28 12:56 - 2015-04-27 14:39 - 00000000 ____D C:\ProgramData\Skype
2016-12-28 12:56 - 2013-08-22 14:36 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-28 12:55 - 2016-11-17 09:22 - 00000389 _____ C:\Windows\Backup.ini
2016-12-28 12:48 - 2014-10-15 20:51 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-12-28 12:48 - 2014-10-15 20:51 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-28 12:48 - 2014-10-15 20:50 - 00000000 ____D C:\AsusVibeData
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Media Player
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Media Player
2016-12-28 12:46 - 2015-12-20 13:23 - 00000000 ___RD C:\Users\W\Documents\Scanned Documents
2016-12-28 12:46 - 2015-10-12 22:30 - 00000000 ____D C:\Users\W\AppData\Local\Viber
2016-12-28 12:46 - 2015-09-07 14:30 - 00000000 ____D C:\Users\W\AppData\Local\Information Factory
2016-12-28 12:46 - 2015-06-18 22:44 - 00000000 ____D C:\Users\W\Downloads\BLACKBERRY-827B
2016-12-28 12:46 - 2015-06-09 04:40 - 00000000 ____D C:\Users\WalburgaA\AppData\Local\CrashDumps
2016-12-28 12:46 - 2015-05-04 15:46 - 00000000 ____D C:\Users\W\AppData\Local\PDFCreator
2016-12-28 12:46 - 2015-04-13 15:24 - 00000000 ____D C:\Users\W\Documents\Jobs
2016-12-28 12:46 - 2015-04-13 15:23 - 00000000 ____D C:\Users\W\Documents\IT & Technik
2016-12-28 12:46 - 2015-04-13 14:51 - 00000000 ____D C:\Users\W\Documents\Global Health
2016-12-28 12:46 - 2015-04-13 11:56 - 00000000 ____D C:\Users\W\Documents\Finanzen alles
2016-12-28 12:46 - 2015-04-13 11:21 - 00000000 ____D C:\Users\W\Documents\WM privat
2016-12-28 12:46 - 2015-04-13 11:20 - 00000000 ____D C:\Users\W\Documents\ViberDownloads
2016-12-28 12:46 - 2015-04-13 10:18 - 00000000 ____D C:\Users\W\Documents\Travel
2016-12-28 12:46 - 2015-04-13 10:15 - 00000000 ____D C:\Users\W\Documents\Shopping
2016-12-28 12:46 - 2015-04-13 10:14 - 00000000 ____D C:\Users\W\Documents\pass & dokumente
2016-12-28 12:46 - 2015-04-13 10:11 - 00000000 ____D C:\Users\W\Documents\Küche & Keller
2016-12-28 12:46 - 2015-04-13 10:11 - 00000000 ____D C:\Users\W\Documents\Korrespondenz
2016-12-28 12:46 - 2015-03-16 21:46 - 00000000 ____D C:\Users\WalburgaA_2\AppData\Local\Temp
2016-12-28 12:46 - 2015-03-16 21:44 - 00000000 ____D C:\Users\WalburgaA\AppData\Local\Temp
2016-12-28 12:46 - 2015-03-13 19:51 - 00000000 ____D C:\Users\W\AppData\Local\CrashDumps
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Videos
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Music
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Links
2016-12-28 12:46 - 2014-10-15 20:42 - 00000000 ____D C:\ProgramData\Qualcomm Atheros
2016-12-28 08:12 - 2015-09-07 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BalTax
2016-12-20 03:47 - 2015-05-25 06:52 - 00262144 _____ C:\Users\Public\NTUSER.DAT
2016-12-17 14:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-12-16 22:25 - 2015-05-15 17:20 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d08f2b911076e
2016-12-16 22:25 - 2015-03-13 18:15 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 16:25 - 2015-03-13 18:15 - 00002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 16:25 - 2015-03-13 18:15 - 00002197 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-22 20:37 - 2017-01-05 00:27 - 0001001 _____ () C:\Users\W\AppData\Roaming\Rim.Desktop.Exception.log
2015-05-22 20:36 - 2015-05-22 20:36 - 0001111 _____ () C:\Users\W\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-05-22 20:37 - 2017-01-05 00:26 - 0001001 _____ () C:\Users\W\AppData\Roaming\Rim.DesktopHelper.Exception.log
2017-01-11 12:53 - 2017-01-14 01:01 - 0000062 _____ () C:\Users\W\AppData\Roaming\sp_data.sys
2015-08-01 15:11 - 2015-08-01 15:11 - 0005632 _____ () C:\Users\W\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-05 07:36 - 2016-12-05 07:37 - 0000000 _____ () C:\Users\W\AppData\Local\{AA28E808-D671-4703-8CEF-BBE7E3053563}
2016-07-06 14:05 - 2016-07-06 14:05 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-05-15 16:58 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-15 16:58 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-15 16:58 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Einige Dateien in TEMP:
====================
C:\Users\WalburgaA_2\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-09 05:29
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-01-2017
durchgeführt von W (14-01-2017 18:42:52)
Gestartet von C:\Users\W\Downloads
Windows 8.1 (Update) (X64) (2015-03-13 17:07:21)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4242665128-3801008343-3756527368-500 - Administrator - Disabled)
Gast (S-1-5-21-4242665128-3801008343-3756527368-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4242665128-3801008343-3756527368-1003 - Limited - Enabled)
W (S-1-5-21-4242665128-3801008343-3756527368-1001 - Administrator - Enabled) => C:\Users\W
WalburgaA (S-1-5-21-4242665128-3801008343-3756527368-1004 - Limited - Enabled) => C:\Users\WalburgaA
WalburgaA_2 (S-1-5-21-4242665128-3801008343-3756527368-1005 - Limited - Enabled) => C:\Users\WalburgaA_2
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Advanced SystemCare Ultimate (Disabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 9 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 7.0.3 - IObit)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.145.43581 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.145.43581 - Alcor Micro Corp.) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.2.3.19655 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.1.0.4242 - Avira Operations GmbH & Co. KG)
BalTax 2014 10.3.0 (HKLM-x32\...\6456-0709-2578-5305) (Version: 10.3.0 - Information Factory AG)
BlackBerry 10 Desktop Software (HKLM-x32\...\{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (x32 Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
BlackBerry Link (x32 Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.3.0 - Conexant)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 17.4.33 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{56F91CE8-0168-4619-8FEC-13F5087E40F8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Graphics Driver 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Spotify (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.1.2 - IObit)
Viber (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0342BFFA-1607-4B26-A43C-C4AA152AA97C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {0FEE4DC3-3CAA-479F-9417-6AF1D462FAEF} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-11-21] (IObit)
Task: {10C22233-22D1-4985-83D7-26EA6DCDBCEA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {1401C5ED-FB6B-4CC7-ACA4-1B63F7BE8D66} - System32\Tasks\ASCU10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [2016-12-14] (IObit)
Task: {160B2967-201E-4798-AF01-110AA11799C4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: {1B188FBC-CBE6-45C3-A213-D566E6BBCFB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {1E8610D1-DAAD-45EE-AEF9-60CF36C57CF4} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {246C0A6B-6A80-442C-A94D-5FBCCBD34064} - \Optimize Start Menu Cache Files-S-1-5-21-4242665128-3801008343-3756527368-500 -> Keine Datei <==== ACHTUNG
Task: {2910A9B7-00AD-4EEB-B6C9-927B25E7E0E9} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [2016-11-15] ()
Task: {2C3EBB37-E372-47BF-AA9B-7344DB5F624D} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {2D3F43BE-DB01-43CC-B9FF-47575B2433F1} - System32\Tasks\ASCU8_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: {2EA02241-0B03-408F-B83B-7C902900B8FF} - System32\Tasks\Uninstaller_SkipUac_W => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-04] (IObit)
Task: {364E78CB-8F52-46BE-B238-EC7BF0F7960C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {39608701-DBEC-4F19-8A9F-2B3FD009FCF3} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {3DBB24AE-FDCE-4666-BC02-9FDB77BFF611} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f2b911076e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {3DD3B6F9-E321-4828-A255-7D7F6CECE88D} - System32\Tasks\HPCeeScheduleForW => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {40831A6D-1DBD-4094-8BDC-DB6537DF6ACC} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {4695E224-12EF-44AD-AE15-C75A4DB9C1D6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {4845DFF6-45BE-4901-A88B-766B40B6C531} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {48DFFBFB-C1E4-43FB-AAB0-772F322E9EE4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-12] (Microsoft Corporation)
Task: {4C904833-F10F-42DD-B018-9099D51B5A86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5110E657-D3DD-416A-96ED-FB9A4021657D} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()
Task: {54FD2185-D0BC-4F2D-9568-029537E6B572} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {550A1FE6-D5EF-4F39-9559-B9ED09BA2F7B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {5A608E78-575C-41FA-ABFD-339F9A1A1EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5CA7B546-0C0E-41B5-A83C-61A8B2F9FE8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {5EA0F6CA-D44B-47E5-A977-C631BE9750D4} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {6B06E695-1468-45F2-8107-2002312A5B8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {7A92A124-AB57-4689-BDC1-D338DCAF4A61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {83CA6AC7-F7C8-4DC2-8F60-BBC037B4AA48} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {855DE6AB-33A8-400D-939E-7BE1F1AE7654} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {86178183-17F5-4BA7-BC6E-4E390CF63EDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {8644FDE7-79EA-43C5-97D6-934D3EBD2566} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {89E5B5A1-C55F-4BE2-9370-A2CD7CA15B12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {AC1AE724-565B-440F-9D99-64BD1870B476} - System32\Tasks\{C899D39E-45DD-45B2-A29B-4C51F80917CF} => pcalua.exe -a E:\setup.exe -d E:\
Task: {B1808870-E8C8-4B57-98C3-8D4B26BE2E01} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {B7B5D5D0-1713-4348-B0A7-E98675483F7C} - System32\Tasks\Driver Booster SkipUAC (W) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {B80C527B-82B1-4B34-B2ED-109A7D3EA85B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {C733BA11-DEE8-44A5-BF13-A08E1F4ACD3A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {D3B1AE45-944C-42A6-A96E-EC986892BE4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {D4211F9A-2116-4A21-8804-557BCD1141BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {DAD6039A-7170-48A1-8431-23477DAF2D3E} - System32\Tasks\ASCU10_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [2016-12-16] (IObit)
Task: {E8068A8A-1B36-4C21-B476-11564C67DC2C} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {F5AE5400-C680-4B8E-AFEE-ADC6CA9BA7C7} - \LaunchPreSignup -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASCU10_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe
Task: C:\Windows\Tasks\ASCU8_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForW.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_W.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-10-15 20:39 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2013-11-28 22:35 - 2013-11-28 22:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-28 22:32 - 2013-11-28 22:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-28 22:38 - 2013-11-28 22:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-03-19 12:01 - 2015-03-19 12:01 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2014-02-24 11:59 - 2014-02-24 11:59 - 00109056 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSHomeCloudAPI.dll
2017-01-14 01:14 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-12-04 10:19 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madExcept_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madBasic_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madDisAsm_.bpl
2016-12-28 11:58 - 2016-11-01 10:11 - 00078624 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\GetProcessDLL.dll
2017-01-12 14:05 - 2016-01-11 17:03 - 00899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2017-01-12 14:05 - 2016-01-11 17:02 - 00630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2013-09-09 18:23 - 2013-09-09 18:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-10-08 20:41 - 2013-10-08 20:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2017-01-11 12:50 - 2015-12-29 11:30 - 00355616 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl
2017-01-11 12:50 - 2015-12-29 11:29 - 00190240 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl
2017-01-11 12:50 - 2015-12-29 11:30 - 00057632 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl
2017-01-11 12:50 - 2015-12-29 11:30 - 00275576 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll
2017-01-11 12:50 - 2015-12-29 11:30 - 00059680 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll
2017-01-11 12:50 - 2016-10-20 09:59 - 00631072 _____ () C:\Program Files (x86)\IObit\Classic Start\ProductStatistics.dll
2017-01-11 12:50 - 2015-12-29 11:31 - 00047904 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll
2015-03-19 15:29 - 2015-03-19 15:29 - 00055032 _____ () C:\Program Files (x86)\Common Files\XCPCSync.OEM\SyncSDK.209.604\Translators\MSOl\rMSOLDE.dll
2015-03-19 11:22 - 2015-03-19 11:22 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-09-14 11:04 - 2016-12-08 02:00 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-01-11 12:19 - 2016-12-08 02:01 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-14 11:04 - 2016-12-08 02:04 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-14 11:04 - 2016-12-08 02:01 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00021328 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00052032 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-01-11 12:19 - 2016-12-08 02:04 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00026464 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-14 11:04 - 2016-12-08 02:02 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00023384 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00019792 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00022360 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00024400 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-01-11 12:19 - 2016-12-08 01:57 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-01-11 12:19 - 2017-01-06 01:03 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-01-11 12:19 - 2017-01-06 01:04 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-14 11:04 - 2016-12-08 02:01 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020296 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2017-01-11 12:19 - 2016-12-08 02:08 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-01-11 12:19 - 2016-12-08 02:08 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-01-11 12:19 - 2017-01-06 01:04 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00024920 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-12-28 11:58 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\webres.dll
2016-12-28 11:58 - 2016-11-09 14:35 - 00631072 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ProductStatistics.dll
2014-10-15 20:35 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-11 18:59 - 2017-01-11 18:59 - 17835096 _____ () C:\Users\W\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
2016-12-04 10:19 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2016-12-04 10:19 - 2016-09-26 13:59 - 00631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2016-09-20 02:23 - 2016-09-20 02:23 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-05-03 03:28 - 2015-05-03 03:28 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2017-01-14 01:15 - 2017-01-14 01:15 - 01041608 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\W\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dc 2009 cherry blossom.jpg
DNS Servers: 62.2.24.162 - 62.2.17.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Swiss Media Research =>
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Swiss Media Research"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{691CF345-DD69-404F-AF5D-6F4559782239}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{20468303-425B-4EEF-9CF2-CB9B667877CF}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A36E65A0-12AE-401F-B4EB-772BF0F8E1E9}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{77F93656-1433-4630-BD7C-E720231F1DC5}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{1DE267D5-A1AF-46D6-BB84-678F68CC5E84}] => LPort=4481
FirewallRules: [{22584053-CCF2-48FA-B4DB-17B85D4A4D99}] => LPort=4481
FirewallRules: [{FE52E7C5-DA41-41EA-BA15-E3AAEA4110AD}] => LPort=4482
FirewallRules: [{AD828279-8620-49EF-8955-492B1B2F638B}] => LPort=4482
FirewallRules: [TCP Query User{82BDC133-2312-4BAF-8D46-7D68548E2438}C:\users\w\appdata\roaming\spotify\spotify.exe] => C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{25AB6BF8-A186-488E-B239-C6FB6BFECC7C}C:\users\w\appdata\roaming\spotify\spotify.exe] => C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4CF7D7C9-3290-48FB-8336-CC4EDBF77924}] => C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{DA5E6717-0863-4AD6-8CB4-E350F6941D2F}] => C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{94312F5D-797E-4DD8-B3BB-540277322EA7}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{6C4FBF2E-085C-47B2-B693-E39F9920408B}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{A32968A8-76A3-4228-AF59-4C0EEA8FB02C}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{29C75D54-A4F9-4459-9812-1936D981D03F}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{C1E0DF48-FF76-4E7B-8FC9-AB3F0FC95967}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3601AE15-869E-48B2-AFCE-55E105C11061}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C3620875-5C70-4145-B20F-5293F40C2FF0}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BC0F178A-5676-4D57-BE7F-50804D499185}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6EB504D7-AA49-4638-A3A0-50F3D0ADB71F}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A125D56A-2E3C-458F-A69C-9E4B14FAF15B}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{AA9B8A09-581B-4167-8AEB-FA3B89625855}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{B1EEAC93-F801-48D6-AC66-3C2B14074556}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A41AF319-88AA-4D4D-B37C-DC812E678C7E}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{D6E05F4F-52FC-433B-B3AA-5E933AA99D67}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{FC01E046-1852-4524-A703-D2116F68448B}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{98587A68-0360-4057-8319-C1793D3D52A3}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{E05D331A-6921-4271-9622-AD1F1B469ADA}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{294EE63A-E5AB-4C08-ACB0-5EFC9B0A1A25}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{A285D6A6-BA0F-4E71-A956-C798412A53E3}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3510B7E4-F0DA-4328-9444-37B49694C78D}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{885CCE20-D2D0-418E-A684-D7183BE6F03A}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{EA57B3A8-6643-4EC8-9958-191B7015BA39}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{63D24422-F0BD-417D-B1E8-CF6972A5B421}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{785E03D9-876A-4504-8699-B3C88F6788A2}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{77F70256-B007-40A4-81B2-A97C00F0F506}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{B98762E4-1E97-46D9-88C6-D42B3DB4BF78}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{1EAD28E8-83F0-4031-A147-39D05CC7FC11}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{5B288256-58A1-446F-A369-83F9BA1276F0}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7CF04991-30DC-4C5A-8CCA-7CA75906989E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{0FC51FDA-052A-480A-BBE0-FCE7DCD3416E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{D7590519-D3F1-49B2-8B6E-E9166910CB7B}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{BFD1D46B-0E6D-49C2-BA07-DB5EC992DD4E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{5E6FAF82-21B1-4AD6-A48C-E341ABA90A39}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{716992DF-C895-43E7-A1CA-E3FB78C59ACA}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
==================== Wiederherstellungspunkte =========================
14-01-2017 09:55:29 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/14/2017 09:42:49 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv.
Kontext: Windows Anwendung
Details:
Das Datenträgeränderungsjournal wird gelöscht. (HRESULT : 0x8007049a) (0x8007049a)
Error: (01/14/2017 01:16:34 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung Fehler in der Wiederherstellungsphase. beendet.
Kontext: Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
Error: (01/14/2017 01:16:34 AM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Fehler-ID 1邐10 in der Wiederherstellungsphase von Windows Search. Bitte starten Sie den Dienst erneut. Wenn dieser Fehler weiterhin besteht, führen Sie eine Neuerstellung des Index aus.
Kontext: Anwendung, SystemIndex Katalog
Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)
Error: (01/14/2017 01:05:00 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain: CreateSharedMemory() failed.
Session ID = 1
Error: (01/14/2017 01:05:00 AM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 1
Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyLpmService
CreateApplicationList: dptfFrameworkHandle is NULL.
Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmService
ConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]
Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceMain: ServiceStart() failed.
Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceStart: ConnectToDptfFrameworkDriver() failed.
Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyCriticalService
ConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]
Systemfehler:
=============
Error: (01/14/2017 01:15:43 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (01/14/2017 12:59:31 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/14/2017 12:52:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/13/2017 11:29:30 PM) (Source: BROWSER) (EventID: 8019) (User: )
Description: Der Suchdienst konnte sich nicht selbst zum Hauptsuchdienst heraufstufen. Der Suchdienst wird weiterhin
versuchen, sich selbst heraufzustufen, wird aber keine Ereignisse mehr protokollieren.
Error: (01/13/2017 10:23:39 PM) (Source: BROWSER) (EventID: 8020) (User: )
Description: Der Suchdienst konnte sich nicht selbst zur Funktion als Hauptsuchdienst heraufstufen.
Der Computer, der zurzeit die Funktion als Hauptsuchdienst erfüllt, ist unbekannt.
Error: (01/13/2017 04:56:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/12/2017 02:10:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/11/2017 12:50:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/11/2017 12:28:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/11/2017 12:27:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "StartMenu8 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-01-11 14:21:55.135
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-10 08:10:01.950
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-07 09:28:52.157
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-05 00:58:49.397
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-05 00:50:20.220
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-05 00:32:12.912
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-05 00:02:49.162
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 23:56:35.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 23:53:40.418
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-08 22:44:46.179
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 8075.11 MB
Verfügbarer physikalischer RAM: 3624.53 MB
Summe virtueller Speicher: 19851.11 MB
Verfügbarer virtueller Speicher: 14706.99 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:8.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:121.98 GB) (Free:107.24 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FDF0BB21)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
14.01.2017, 23:06
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: Siehst du den Unterschied
__________________ Und fürs editieren hast du genau 1h nach Absetzen des Postings Zeit. 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
16.01.2017, 17:25
| #18 |
| | Win32 / Trojan Hallo Cosinus,
__________________haben Sie meine letzten Dateien / Nachrichten mit den logs (mbar & Tdss) von Samstag spätabends noch bekommen? Was sind jetzt die nächsten Schritte? so langsam 'brennts' bei mir - ich benutze derzeit meinen alten /Backup - Laptop - und der ist ziemlich langsam ;( wäre für eine Nachricht äusserst dankbar... WM |
|
17.01.2017, 11:13
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: Beiträge mal richtig lesen? Hier sind keine Logs.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.01.2017, 14:34
| #20 |
| | Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: das habe ich fast befürchtet, weil ich den Eintrag nicht mehr finden konnte, wollte Sie aber am Wochenende nicht stören ... hier der mbar log von heute; den TDSS schicke ich separat... seltsam ist , dass angeblich nichts gefunden wurde, die Probleme mit Chrome aber weiterhin bestehen. Welche Optionen gäbe es denn sonst noch? Würde es eventuell Sinn machen, Chrome neu zu installieren? mfg WM Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.01.17.05
rootkit: v2016.11.20.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18538
W :: ASUS-KLEIN [administrator]
17.01.2017 13:46:29
mbar-log-2017-01-17 (13-46-29).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 369652
Time elapsed: 8 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 14:08:29.0342 0x0284 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
14:08:29.0342 0x0284 UEFI system
14:08:32.0872 0x0284 ============================================================
14:08:32.0872 0x0284 Current date / time: 2017/01/17 14:08:32.0872
14:08:32.0872 0x0284 SystemInfo:
14:08:32.0872 0x0284
14:08:32.0872 0x0284 OS Version: 6.3.9600 ServicePack: 0.0
14:08:32.0872 0x0284 Product type: Workstation
14:08:32.0872 0x0284 ComputerName: ASUS-KLEIN
14:08:32.0872 0x0284 UserName: W
14:08:32.0872 0x0284 Windows directory: C:\Windows
14:08:32.0872 0x0284 System windows directory: C:\Windows
14:08:32.0872 0x0284 Running under WOW64
14:08:32.0872 0x0284 Processor architecture: Intel x64
14:08:32.0872 0x0284 Number of processors: 4
14:08:32.0872 0x0284 Page size: 0x1000
14:08:32.0872 0x0284 Boot type: Normal boot
14:08:32.0872 0x0284 CodeIntegrityOptions = 0x00000001
14:08:32.0872 0x0284 ============================================================
14:08:32.0935 0x0284 KLMD registered as C:\Windows\system32\drivers\02584371.sys
14:08:32.0935 0x0284 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19
14:08:32.0950 0x0284 System UUID: {12401B71-730B-1793-59F6-61D511ED73A2}
14:08:33.0172 0x0284 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:08:33.0172 0x0284 ============================================================
14:08:33.0172 0x0284 \Device\Harddisk0\DR0:
14:08:33.0172 0x0284 GPT partitions:
14:08:33.0172 0x0284 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3F0D67E8-FC7A-49DF-B993-9BAC6A9AF7C4}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
14:08:33.0172 0x0284 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7C070AA1-E4DB-44B3-9A2A-DA5CDD6398F5}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000
14:08:33.0172 0x0284 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {32BF6E5A-2483-43BB-9F1C-FD86F5108506}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000
14:08:33.0172 0x0284 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {50BE3E63-ADC8-4554-95BD-94B861C8138E}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0xBEC6000
14:08:33.0172 0x0284 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {97CCD68D-D3FC-404B-A657-A5A5803C6962}, Name: Basic data partition, StartLBA 0xC0FA800, BlocksNum 0xF3F3800
14:08:33.0172 0x0284 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5D4A90FD-D59B-455E-B79E-29951747350A}, Name: Basic data partition, StartLBA 0x1B4EE000, BlocksNum 0x2805000
14:08:33.0172 0x0284 MBR partitions:
14:08:33.0172 0x0284 ============================================================
14:08:33.0172 0x0284 C: <-> \Device\Harddisk0\DR0\Partition4
14:08:33.0187 0x0284 D: <-> \Device\Harddisk0\DR0\Partition5
14:08:33.0187 0x0284 ============================================================
14:08:33.0187 0x0284 Initialize success
14:08:33.0187 0x0284 ============================================================
14:08:42.0581 0x0a58 ============================================================
14:08:42.0581 0x0a58 Scan started
14:08:42.0581 0x0a58 Mode: Manual;
14:08:42.0581 0x0a58 ============================================================
14:08:42.0581 0x0a58 KSN ping started
14:08:42.0768 0x0a58 KSN ping finished: true
14:08:43.0112 0x0a58 ================ Scan system memory ========================
14:08:43.0112 0x0a58 System memory - ok
14:08:43.0112 0x0a58 ================ Scan services =============================
14:08:43.0159 0x0a58 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
14:08:43.0159 0x0a58 1394ohci - ok
14:08:43.0159 0x0a58 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
14:08:43.0174 0x0a58 3ware - ok
14:08:43.0190 0x0a58 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:08:43.0190 0x0a58 ACPI - ok
14:08:43.0206 0x0a58 [ CFA8E06DEFA40BA2702FA92A98BDAA86, CDAD728F6E65026C6B8F348FE09312D024674FB4FDE08749D836EF4FFCF99F0F ] acpials C:\Windows\System32\drivers\acpials.sys
14:08:43.0206 0x0a58 acpials - ok
14:08:43.0206 0x0a58 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
14:08:43.0206 0x0a58 acpiex - ok
14:08:43.0206 0x0a58 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
14:08:43.0206 0x0a58 acpipagr - ok
14:08:43.0221 0x0a58 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
14:08:43.0221 0x0a58 AcpiPmi - ok
14:08:43.0221 0x0a58 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
14:08:43.0221 0x0a58 acpitime - ok
14:08:43.0237 0x0a58 [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:08:43.0237 0x0a58 AdobeFlashPlayerUpdateSvc - ok
14:08:43.0268 0x0a58 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
14:08:43.0284 0x0a58 ADP80XX - ok
14:08:43.0315 0x0a58 [ 63DC0BD8A9C216F91BC07130AFD993D1, 4C3E0623B3709BBB87256964AC460DE399496387819CCD8C9C9DD77C3B2C6C4E ] AdvancedSystemCareService10 C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
14:08:43.0331 0x0a58 AdvancedSystemCareService10 - ok
14:08:43.0331 0x0a58 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:08:43.0331 0x0a58 AeLookupSvc - ok
14:08:43.0346 0x0a58 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys
14:08:43.0362 0x0a58 AFD - ok
14:08:43.0393 0x0a58 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
14:08:43.0409 0x0a58 AgereSoftModem - ok
14:08:43.0409 0x0a58 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:08:43.0424 0x0a58 agp440 - ok
14:08:43.0424 0x0a58 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
14:08:43.0424 0x0a58 ahcache - ok
14:08:43.0424 0x0a58 [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
14:08:43.0424 0x0a58 AiCharger - ok
14:08:43.0440 0x0a58 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
14:08:43.0440 0x0a58 ALG - ok
14:08:43.0440 0x0a58 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
14:08:43.0440 0x0a58 AmdK8 - ok
14:08:43.0456 0x0a58 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
14:08:43.0456 0x0a58 AmdPPM - ok
14:08:43.0456 0x0a58 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:08:43.0456 0x0a58 amdsata - ok
14:08:43.0471 0x0a58 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:08:43.0471 0x0a58 amdsbs - ok
14:08:43.0471 0x0a58 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:08:43.0471 0x0a58 amdxata - ok
14:08:43.0487 0x0a58 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
14:08:43.0487 0x0a58 AppID - ok
14:08:43.0487 0x0a58 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:08:43.0487 0x0a58 AppIDSvc - ok
14:08:43.0487 0x0a58 [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\Windows\System32\appinfo.dll
14:08:43.0502 0x0a58 Appinfo - ok
14:08:43.0518 0x0a58 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
14:08:43.0518 0x0a58 AppReadiness - ok
14:08:43.0549 0x0a58 [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
14:08:43.0565 0x0a58 AppXSvc - ok
14:08:43.0565 0x0a58 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:08:43.0581 0x0a58 arcsas - ok
14:08:43.0612 0x0a58 [ 91E80C706DAEACEA99623E288F4E04B2, E4F4C2F33D87BD4CC3AE8A6DC3AE43C5A9C61D9D4C967F54DC35FE7B4F4B49D4 ] ASCAntivirusSrv C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
14:08:43.0643 0x0a58 ASCAntivirusSrv - ok
14:08:43.0643 0x0a58 [ 28C27484043BDE86B91D1428673B7D2A, 137CDC07F269BEDD5767921CC9D98F13294BEAA2B18C7C3696F106D31835DAB3 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
14:08:43.0643 0x0a58 ASLDRService - ok
14:08:43.0659 0x0a58 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
14:08:43.0659 0x0a58 ASMMAP64 - ok
14:08:43.0659 0x0a58 [ 591C1205CD75D271A4828869AC54EEEF, 2E34690DDC1A935ACEA9CD36DB2904B1895E7BFDFF54B5AF93241892B655B090 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
14:08:43.0659 0x0a58 Asus WebStorage Windows Service - ok
14:08:43.0659 0x0a58 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:08:43.0659 0x0a58 AsyncMac - ok
14:08:43.0659 0x0a58 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
14:08:43.0674 0x0a58 atapi - ok
14:08:43.0674 0x0a58 [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
14:08:43.0674 0x0a58 AthBTPort - ok
14:08:43.0690 0x0a58 [ CA1CD9F83AA4FD17447315814525DA59, 37B09E792B78D915D1198D776D85939D5DE96AC2F602500D5CAC358CDF30D1B7 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
14:08:43.0690 0x0a58 AtherosSvc - ok
14:08:43.0768 0x0a58 [ A4310206B7063D85BAEBED03A6580FE4, B4E42525C63F419877785F57E36DD6D9D8FE39540BB1780487A0C14E24B63DB9 ] athr C:\Windows\system32\DRIVERS\athwbx.sys
14:08:43.0815 0x0a58 athr - ok
14:08:43.0831 0x0a58 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
14:08:43.0831 0x0a58 ATKGFNEXSrv - ok
14:08:43.0831 0x0a58 [ C435191FAD19B43E5C3082E4275DCE75, 12D8AF471CA89FE59790092EF3274D638B4B978F1F061423F8D70F270121CF7A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
14:08:43.0831 0x0a58 ATKWMIACPIIO - ok
14:08:43.0831 0x0a58 [ F727580DF1577C471738A53E570B5B1C, 03B562AB3E7BF95FB8387F6F86A27F9520B19FE80EDF483727D5DE567A2C5F21 ] ATP C:\Windows\System32\drivers\AsusTP.sys
14:08:43.0831 0x0a58 ATP - ok
14:08:43.0846 0x0a58 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
14:08:43.0846 0x0a58 AudioEndpointBuilder - ok
14:08:43.0862 0x0a58 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:08:43.0877 0x0a58 Audiosrv - ok
14:08:43.0893 0x0a58 [ 2AEE4D1D7E668F1CCF97EDE93509B0EE, B082B3BBB27D3C8B26A754508C3B98BA803FEA707898FF18A120D6A2679098DF ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
14:08:43.0893 0x0a58 Avira.ServiceHost - ok
14:08:43.0909 0x0a58 [ 34B4B43C1F313C834A9639DB7742D8AA, AC890CE8CB1ADC0A1DBFABA7B4327FADE0B66C1E171BD2611B12EC638F1313EC ] AviraPhantomVPN C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
14:08:43.0909 0x0a58 AviraPhantomVPN - ok
14:08:43.0909 0x0a58 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:08:43.0909 0x0a58 AxInstSV - ok
14:08:43.0924 0x0a58 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:08:43.0940 0x0a58 b06bdrv - ok
14:08:43.0940 0x0a58 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
14:08:43.0940 0x0a58 BasicDisplay - ok
14:08:43.0940 0x0a58 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
14:08:43.0940 0x0a58 BasicRender - ok
14:08:43.0956 0x0a58 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
14:08:43.0956 0x0a58 bcmfn2 - ok
14:08:43.0956 0x0a58 [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\Windows\System32\bdesvc.dll
14:08:43.0971 0x0a58 BDESVC - ok
14:08:43.0971 0x0a58 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
14:08:43.0971 0x0a58 Beep - ok
14:08:43.0987 0x0a58 [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\Windows\System32\bfe.dll
14:08:44.0007 0x0a58 BFE - ok
14:08:44.0025 0x0a58 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
14:08:44.0040 0x0a58 BITS - ok
14:08:44.0056 0x0a58 [ FBCF6C6B5FF25AFC7A9CBE485ABFCF6E, 858D5435D167FF8AD6552C6151F62DFD273740B7F1E98147DD5A527D6DA350D6 ] BlackBerry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
14:08:44.0056 0x0a58 BlackBerry Device Manager - ok
14:08:44.0056 0x0a58 [ D0C542D44800D6600ED04755F5106DE9, FDFCD904C449F3F22FEF5114037E74C092A6F08F93705C79E5AC4DA5BA3486EE ] blackberryncm C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys
14:08:44.0056 0x0a58 blackberryncm - ok
14:08:44.0072 0x0a58 [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:08:44.0072 0x0a58 bowser - ok
14:08:44.0072 0x0a58 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
14:08:44.0087 0x0a58 BrokerInfrastructure - ok
14:08:44.0087 0x0a58 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
14:08:44.0087 0x0a58 Browser - ok
14:08:44.0103 0x0a58 [ 15BE0FCECAE5BC00FB3D339D3D1CF4E4, 7F77C73404044270AA0A4C9D6BD838564B5356ACA935982390A6EA11FA653AE0 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
14:08:44.0103 0x0a58 BTATH_A2DP - ok
14:08:44.0103 0x0a58 [ 1FFA5E05F2DE32D9E65CFDA4B33D50FD, 9EC578F563A90C60F893817548195781893405AC8ED7F87C3B5F94F9842161A5 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
14:08:44.0103 0x0a58 btath_avdt - ok
14:08:44.0118 0x0a58 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\Windows\System32\drivers\btath_bus.sys
14:08:44.0118 0x0a58 BTATH_BUS - ok
14:08:44.0118 0x0a58 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\Windows\System32\drivers\btath_hcrp.sys
14:08:44.0118 0x0a58 BTATH_HCRP - ok
14:08:44.0134 0x0a58 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
14:08:44.0134 0x0a58 BTATH_LWFLT - ok
14:08:44.0134 0x0a58 [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys
14:08:44.0134 0x0a58 BTATH_RCP - ok
14:08:44.0150 0x0a58 [ 84F2F018A18A0516A895BE2F8F7C02B2, FD96A4D0C64ED81BFDF0C4C295E99E107F7DD15B3CAF975825C0A95B192974FB ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
14:08:44.0165 0x0a58 BtFilter - ok
14:08:44.0165 0x0a58 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
14:08:44.0165 0x0a58 BthAvrcpTg - ok
14:08:44.0165 0x0a58 [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
14:08:44.0165 0x0a58 BthEnum - ok
14:08:44.0181 0x0a58 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
14:08:44.0181 0x0a58 BthHFEnum - ok
14:08:44.0181 0x0a58 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
14:08:44.0181 0x0a58 bthhfhid - ok
14:08:44.0197 0x0a58 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
14:08:44.0197 0x0a58 BthHFSrv - ok
14:08:44.0197 0x0a58 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
14:08:44.0212 0x0a58 BthLEEnum - ok
14:08:44.0212 0x0a58 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
14:08:44.0212 0x0a58 BTHMODEM - ok
14:08:44.0212 0x0a58 [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys
14:08:44.0212 0x0a58 BthPan - ok
14:08:44.0243 0x0a58 [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:08:44.0259 0x0a58 BTHPORT - ok
14:08:44.0275 0x0a58 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
14:08:44.0275 0x0a58 bthserv - ok
14:08:44.0275 0x0a58 [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:08:44.0275 0x0a58 BTHUSB - ok
14:08:44.0290 0x0a58 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:08:44.0290 0x0a58 cdfs - ok
14:08:44.0290 0x0a58 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
14:08:44.0290 0x0a58 cdrom - ok
14:08:44.0306 0x0a58 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
14:08:44.0306 0x0a58 CertPropSvc - ok
14:08:44.0306 0x0a58 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
14:08:44.0306 0x0a58 circlass - ok
14:08:44.0322 0x0a58 [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS C:\Windows\system32\drivers\CLFS.sys
14:08:44.0322 0x0a58 CLFS - ok
14:08:44.0384 0x0a58 [ 45AF5F89D707C3F64AC59B627AE34A30, 3E0D50463133FD7D57419258C88D80FF47F2729636D7836EE2567F94B0BA0358 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
14:08:44.0431 0x0a58 ClickToRunSvc - ok
14:08:44.0447 0x0a58 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
14:08:44.0447 0x0a58 CmBatt - ok
14:08:44.0462 0x0a58 [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG C:\Windows\system32\Drivers\cng.sys
14:08:44.0462 0x0a58 CNG - ok
14:08:44.0509 0x0a58 [ 10ED504420FC97A09E194B1868A47B5D, 2F16DFD2629A7F90A2BBCE79416F6814673596BAE66337881D2DE65621145B58 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:08:44.0525 0x0a58 CnxtHdAudService - ok
14:08:44.0540 0x0a58 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
14:08:44.0540 0x0a58 CompositeBus - ok
14:08:44.0540 0x0a58 COMSysApp - ok
14:08:44.0540 0x0a58 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
14:08:44.0540 0x0a58 condrv - ok
14:08:44.0572 0x0a58 [ D5F868A46AED8E7CAD6C30E0599DD100, F016C3BAC207B5A513CB28E78F93D1347398B9BEEF8D1A32339D034AFB74CF6C ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:08:44.0572 0x0a58 cphs - ok
14:08:44.0572 0x0a58 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:08:44.0572 0x0a58 CryptSvc - ok
14:08:44.0587 0x0a58 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\Windows\system32\drivers\dam.sys
14:08:44.0587 0x0a58 dam - ok
14:08:44.0587 0x0a58 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
14:08:44.0603 0x0a58 dbupdate - ok
14:08:44.0603 0x0a58 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
14:08:44.0603 0x0a58 dbupdatem - ok
14:08:44.0603 0x0a58 dbx - ok
14:08:44.0618 0x0a58 [ 92DC74466983762D0976DCA6CF3183B1, 982F4F0572E0EAB824E3098E17AB79ACF845CBBB23416F4FFB5DB999F5F57AFF ] DbxSvc C:\Windows\system32\DbxSvc.exe
14:08:44.0618 0x0a58 DbxSvc - ok
14:08:44.0634 0x0a58 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:08:44.0650 0x0a58 DcomLaunch - ok
14:08:44.0665 0x0a58 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
14:08:44.0665 0x0a58 defragsvc - ok
14:08:44.0681 0x0a58 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
14:08:44.0681 0x0a58 DeviceAssociationService - ok
14:08:44.0697 0x0a58 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
14:08:44.0697 0x0a58 DeviceInstall - ok
14:08:44.0697 0x0a58 [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
14:08:44.0697 0x0a58 Dfsc - ok
14:08:44.0712 0x0a58 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
14:08:44.0712 0x0a58 Dhcp - ok
14:08:44.0743 0x0a58 [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\Windows\system32\diagtrack.dll
14:08:44.0775 0x0a58 DiagTrack - ok
14:08:44.0775 0x0a58 [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\Windows\system32\drivers\disk.sys
14:08:44.0775 0x0a58 disk - ok
14:08:44.0775 0x0a58 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
14:08:44.0790 0x0a58 dmvsc - ok
14:08:44.0790 0x0a58 [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:08:44.0790 0x0a58 Dnscache - ok
14:08:44.0806 0x0a58 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
14:08:44.0806 0x0a58 dot3svc - ok
14:08:44.0806 0x0a58 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
14:08:44.0822 0x0a58 DPS - ok
14:08:44.0822 0x0a58 [ FA85C4CAC394AAD4844C87583BDCAB17, 46935A96CCC942341E9FD67AE0F702764DF5101FA45ED8B9EDCF388D7079F547 ] DptfDevDram C:\Windows\system32\DRIVERS\DptfDevDram.sys
14:08:44.0822 0x0a58 DptfDevDram - ok
14:08:44.0822 0x0a58 [ 75CAC5AF0073D7CE230DDD89C27255DA, 8C45EB1068A3C22D3522F6CDEA6A055185C77E5A24D827EC4F4E9A09F766F136 ] DptfDevPch C:\Windows\system32\DRIVERS\DptfDevPch.sys
14:08:44.0837 0x0a58 DptfDevPch - ok
14:08:44.0837 0x0a58 [ 3E8D052C6DB66F9CCCB74BD2745122C4, 0B73E18778228F749B8265C0EAF76BD8F40286CD09DAFEE14E19E1533E66F2F4 ] DptfDevProc C:\Windows\system32\DRIVERS\DptfDevProc.sys
14:08:44.0837 0x0a58 DptfDevProc - ok
14:08:44.0853 0x0a58 [ FCDFFC19F40C5869D4A54B6C86C89297, 36EF08966D88078B5A5505CB9530890DCB05E51912C14AC91E79EC860A2DBBBA ] DptfManager C:\Windows\system32\DRIVERS\DptfManager.sys
14:08:44.0868 0x0a58 DptfManager - ok
14:08:44.0868 0x0a58 [ 6E467BC0B40D7479516BA330DDA97B1D, 5AB59CF6B4E739A7040B03DE7009986501344BF6F13DBBB96CAF5BC0FB6CB46B ] DptfParticipantProcessorService C:\Windows\system32\DptfParticipantProcessorService.exe
14:08:44.0868 0x0a58 DptfParticipantProcessorService - ok
14:08:44.0868 0x0a58 [ EFEE54FE58CDA1A735CDF7E735BEC2B5, F2859BFF10474D8681D22173DA7A5F2358A1B8AFE666B41F9721D896D2EB41BD ] DptfPolicyConfigTDPService C:\Windows\system32\DptfPolicyConfigTDPService.exe
14:08:44.0884 0x0a58 DptfPolicyConfigTDPService - ok
14:08:44.0884 0x0a58 [ BBBDF36952D6D49AEEEC4025E23FB197, 3DCF516A755D571B62BFA5B7A5264F5000D414F94A5707A4C09C7FC43487A893 ] DptfPolicyCriticalService C:\Windows\system32\DptfPolicyCriticalService.exe
14:08:44.0884 0x0a58 DptfPolicyCriticalService - ok
14:08:44.0884 0x0a58 [ 375412AE7C2137E862BF2D8E4DCC0563, 40AD96681FB3DDD166D9F35D5314441E64894DE3C641894E0453ABE68AA24FDC ] DptfPolicyLpmService C:\Windows\system32\DptfPolicyLpmService.exe
14:08:44.0900 0x0a58 DptfPolicyLpmService - ok
14:08:44.0900 0x0a58 [ 225C4E9280B2AE38DCAA5E2FEFC437C2, DB52CEE6D99478B9858F41C440DE2856CC7A5A7E95F7CA7C2F2EED266DB4BDB1 ] dptf_acpi C:\Windows\System32\drivers\dptf_acpi.sys
14:08:44.0900 0x0a58 dptf_acpi - ok
14:08:44.0900 0x0a58 [ 4DD17AA07FA0A75E79B47E5B7F18964D, 157983BEAD4C8F7218E46392F8672E7052C8E81CF842A9E82DAA8AE8CC4020C9 ] dptf_cpu C:\Windows\System32\drivers\dptf_cpu.sys
14:08:44.0900 0x0a58 dptf_cpu - ok
14:08:44.0915 0x0a58 [ 285C138043A4DE3A5E11FCE19FD75914, DB64D8A97BFE1D381920C739A4E90392823AF88609C59F5226EFAF5BEB5CC5A5 ] dptf_pch C:\Windows\System32\drivers\dptf_pch.sys
14:08:44.0915 0x0a58 dptf_pch - ok
14:08:44.0915 0x0a58 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:08:44.0915 0x0a58 drmkaud - ok
14:08:44.0915 0x0a58 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
14:08:44.0915 0x0a58 DsmSvc - ok
14:08:44.0947 0x0a58 [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:08:44.0978 0x0a58 DXGKrnl - ok
14:08:44.0994 0x0a58 [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\Windows\system32\DRIVERS\e1i63x64.sys
14:08:45.0001 0x0a58 e1iexpress - ok
14:08:45.0001 0x0a58 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
14:08:45.0001 0x0a58 Eaphost - ok
14:08:45.0063 0x0a58 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:08:45.0110 0x0a58 ebdrv - ok
14:08:45.0110 0x0a58 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
14:08:45.0110 0x0a58 EFS - ok
14:08:45.0110 0x0a58 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
14:08:45.0126 0x0a58 EhStorClass - ok
14:08:45.0126 0x0a58 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
14:08:45.0126 0x0a58 EhStorTcgDrv - ok
14:08:45.0126 0x0a58 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
14:08:45.0126 0x0a58 ErrDev - ok
14:08:45.0173 0x0a58 [ 49EDBE0603232013F7247413407F713E, D834CD05D759B0A0CCFDACF56819C3A6A51E8B61CF2B355472A43B87E31CD9FD ] esifsvc C:\Windows\SysWOW64\esif_uf.exe
14:08:45.0188 0x0a58 esifsvc - ok
14:08:45.0204 0x0a58 [ A63C10A6A6B09FED00046DDD313C2CC1, 7DEC320019698CE8122FD02F39127E003895E2351F7C35F3D73D97030C34CAB2 ] esif_lf C:\Windows\system32\DRIVERS\esif_lf.sys
14:08:45.0204 0x0a58 esif_lf - ok
14:08:45.0220 0x0a58 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
14:08:45.0220 0x0a58 EventSystem - ok
14:08:45.0235 0x0a58 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
14:08:45.0235 0x0a58 exfat - ok
14:08:45.0235 0x0a58 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:08:45.0251 0x0a58 fastfat - ok
14:08:45.0267 0x0a58 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
14:08:45.0267 0x0a58 Fax - ok
14:08:45.0267 0x0a58 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
14:08:45.0282 0x0a58 fdc - ok
14:08:45.0282 0x0a58 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
14:08:45.0282 0x0a58 fdPHost - ok
14:08:45.0282 0x0a58 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
14:08:45.0282 0x0a58 FDResPub - ok
14:08:45.0282 0x0a58 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
14:08:45.0298 0x0a58 fhsvc - ok
14:08:45.0298 0x0a58 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:08:45.0298 0x0a58 FileInfo - ok
14:08:45.0298 0x0a58 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:08:45.0298 0x0a58 Filetrace - ok
14:08:45.0313 0x0a58 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
14:08:45.0313 0x0a58 flpydisk - ok
14:08:45.0313 0x0a58 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:08:45.0329 0x0a58 FltMgr - ok
14:08:45.0360 0x0a58 [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache C:\Windows\system32\FntCache.dll
14:08:45.0376 0x0a58 FontCache - ok
14:08:45.0376 0x0a58 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:08:45.0376 0x0a58 FontCache3.0.0.0 - ok
14:08:45.0376 0x0a58 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:08:45.0376 0x0a58 FsDepends - ok
14:08:45.0392 0x0a58 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:08:45.0392 0x0a58 Fs_Rec - ok
14:08:45.0407 0x0a58 [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:08:45.0407 0x0a58 fvevol - ok
14:08:45.0423 0x0a58 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
14:08:45.0423 0x0a58 FxPPM - ok
14:08:45.0423 0x0a58 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:08:45.0423 0x0a58 gagp30kx - ok
14:08:45.0423 0x0a58 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
14:08:45.0423 0x0a58 gencounter - ok
14:08:45.0438 0x0a58 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
14:08:45.0438 0x0a58 GPIOClx0101 - ok
14:08:45.0470 0x0a58 [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\Windows\System32\gpsvc.dll
14:08:45.0485 0x0a58 gpsvc - ok
14:08:45.0485 0x0a58 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:08:45.0485 0x0a58 gupdate - ok
14:08:45.0501 0x0a58 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:08:45.0501 0x0a58 gupdatem - ok
14:08:45.0501 0x0a58 [ C99CA01B960FF380A388CAAB846B8962, B34F7082A75DB94D7379793B42A6D15006AD416E58E69331BB3261BDD609ACE9 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
14:08:45.0501 0x0a58 gzflt - ok
14:08:45.0517 0x0a58 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:08:45.0517 0x0a58 HdAudAddService - ok
14:08:45.0532 0x0a58 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
14:08:45.0532 0x0a58 HDAudBus - ok
14:08:45.0532 0x0a58 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
14:08:45.0532 0x0a58 HidBatt - ok
14:08:45.0548 0x0a58 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
14:08:45.0548 0x0a58 HidBth - ok
14:08:45.0548 0x0a58 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
14:08:45.0548 0x0a58 hidi2c - ok
14:08:45.0548 0x0a58 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
14:08:45.0548 0x0a58 HidIr - ok
14:08:45.0563 0x0a58 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
14:08:45.0563 0x0a58 hidserv - ok
14:08:45.0563 0x0a58 [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch C:\Windows\System32\drivers\AsHIDSwitch64.sys
14:08:45.0563 0x0a58 HIDSwitch - ok
14:08:45.0563 0x0a58 [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\Windows\System32\drivers\hidusb.sys
14:08:45.0563 0x0a58 HidUsb - ok
14:08:45.0579 0x0a58 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
14:08:45.0579 0x0a58 hkmsvc - ok
14:08:45.0579 0x0a58 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:08:45.0595 0x0a58 HomeGroupListener - ok
14:08:45.0595 0x0a58 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:08:45.0610 0x0a58 HomeGroupProvider - ok
14:08:45.0610 0x0a58 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:08:45.0610 0x0a58 HpSAMD - ok
14:08:45.0610 0x0a58 [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
14:08:45.0610 0x0a58 HPSupportSolutionsFrameworkService - ok
14:08:45.0642 0x0a58 [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:08:45.0657 0x0a58 HTTP - ok
14:08:45.0657 0x0a58 HWiNFO32 - ok
14:08:45.0657 0x0a58 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:08:45.0657 0x0a58 hwpolicy - ok
14:08:45.0673 0x0a58 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
14:08:45.0673 0x0a58 hyperkbd - ok
14:08:45.0673 0x0a58 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
14:08:45.0673 0x0a58 HyperVideo - ok
14:08:45.0673 0x0a58 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
14:08:45.0688 0x0a58 i8042prt - ok
14:08:45.0688 0x0a58 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
14:08:45.0688 0x0a58 iaLPSSi_GPIO - ok
14:08:45.0688 0x0a58 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
14:08:45.0688 0x0a58 iaLPSSi_I2C - ok
14:08:45.0720 0x0a58 [ 5F6CA62BE8ECC4D0E1F5D4D4A02B456B, F720A1F14C9053D24C5B42827E5F9578A27F3E62A6C65A3CFA068E580F02F072 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
14:08:45.0751 0x0a58 iaStorA - ok
14:08:45.0767 0x0a58 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
14:08:45.0767 0x0a58 iaStorAV - ok
14:08:45.0782 0x0a58 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:08:45.0782 0x0a58 iaStorV - ok
14:08:45.0782 0x0a58 IEEtwCollectorService - ok
14:08:45.0860 0x0a58 [ 4F6363C26B4A3DDBC9FAFCBA68602B01, 0920551F9312D967AAA68003BD8C4A312AA8F1E8B826DDE8BF59B9B639AB5F3B ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:08:45.0923 0x0a58 igfx - ok
14:08:45.0954 0x0a58 [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT C:\Windows\System32\ikeext.dll
14:08:45.0970 0x0a58 IKEEXT - ok
14:08:45.0970 0x0a58 IMFFilter - ok
14:08:45.0970 0x0a58 [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
14:08:45.0970 0x0a58 intaud_WaveExtensible - ok
14:08:45.0998 0x0a58 [ C8D2B9B619E5A1E33C0A5CA8F0870298, F61941F2B6C65BDEF17514F0D991EA11D8F3D4B959DAA47C483277C63E910733 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:08:45.0998 0x0a58 IntcDAud - ok
14:08:46.0014 0x0a58 [ C7BB17877A0F2BF70ABD5AF2FEDFA580, 4238FED3BBF94EE29DEC05A55D65023BAD7407F5B53E411E434D839E6E187256 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:08:46.0030 0x0a58 Intel(R) Capability Licensing Service TCP IP Interface - ok
14:08:46.0030 0x0a58 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
14:08:46.0030 0x0a58 Intel(R) ME Service - ok
14:08:46.0045 0x0a58 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
14:08:46.0045 0x0a58 intelide - ok
14:08:46.0045 0x0a58 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\Windows\system32\drivers\intelpep.sys
14:08:46.0045 0x0a58 intelpep - ok
14:08:46.0045 0x0a58 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
14:08:46.0045 0x0a58 intelppm - ok
14:08:46.0061 0x0a58 [ CD6FE4D2E29D70D9E2AA587DE5978A15, 03BA3338E0178FCB6FC7792FE4BB2B836CEA8B791D53DD4E273AB48621397DC5 ] IObitUnSvr C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
14:08:46.0061 0x0a58 IObitUnSvr - ok
14:08:46.0076 0x0a58 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:08:46.0076 0x0a58 IpFilterDriver - ok
14:08:46.0092 0x0a58 [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:08:46.0108 0x0a58 iphlpsvc - ok
14:08:46.0108 0x0a58 [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
14:08:46.0108 0x0a58 IPMIDRV - ok
14:08:46.0123 0x0a58 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:08:46.0123 0x0a58 IPNAT - ok
14:08:46.0123 0x0a58 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:08:46.0123 0x0a58 IRENUM - ok
14:08:46.0123 0x0a58 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:08:46.0139 0x0a58 isapnp - ok
14:08:46.0139 0x0a58 [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
14:08:46.0139 0x0a58 iScsiPrt - ok
14:08:46.0155 0x0a58 [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
14:08:46.0155 0x0a58 iwdbus - ok
14:08:46.0155 0x0a58 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:08:46.0155 0x0a58 jhi_service - ok
14:08:46.0170 0x0a58 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
14:08:46.0170 0x0a58 kbdclass - ok
14:08:46.0170 0x0a58 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
14:08:46.0170 0x0a58 kbdhid - ok
14:08:46.0170 0x0a58 [ 6C6F4A5FC5A2343995D1B0F111D5CF06, 62282992D3B1634C7BBDD1BCFC13F77FC806AD85B2C667FA09D73355825D19A8 ] kbfiltr C:\Windows\System32\drivers\kbfiltr.sys
14:08:46.0170 0x0a58 kbfiltr - ok
14:08:46.0170 0x0a58 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
14:08:46.0186 0x0a58 kdnic - ok
14:08:46.0186 0x0a58 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
14:08:46.0186 0x0a58 KeyIso - ok
14:08:46.0186 0x0a58 [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:08:46.0186 0x0a58 KSecDD - ok
14:08:46.0201 0x0a58 [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:08:46.0201 0x0a58 KSecPkg - ok
14:08:46.0201 0x0a58 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:08:46.0201 0x0a58 ksthunk - ok
14:08:46.0217 0x0a58 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:08:46.0217 0x0a58 KtmRm - ok
14:08:46.0233 0x0a58 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
14:08:46.0233 0x0a58 LanmanServer - ok
14:08:46.0248 0x0a58 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:08:46.0248 0x0a58 LanmanWorkstation - ok
14:08:46.0264 0x0a58 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
14:08:46.0264 0x0a58 lfsvc - ok
14:08:46.0279 0x0a58 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:08:46.0279 0x0a58 lltdio - ok
14:08:46.0279 0x0a58 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:08:46.0279 0x0a58 lltdsvc - ok
14:08:46.0295 0x0a58 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:08:46.0295 0x0a58 lmhosts - ok
14:08:46.0295 0x0a58 [ 3714AC47F8675E7B67DDC0D6625406FD, 7467197EDD43CAAF9557625C1A6E5AC11ADA7C02D87196E367385CBB76606359 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:08:46.0311 0x0a58 LMS - ok
14:08:46.0311 0x0a58 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:08:46.0311 0x0a58 LSI_SAS - ok
14:08:46.0326 0x0a58 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:08:46.0326 0x0a58 LSI_SAS2 - ok
14:08:46.0326 0x0a58 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
14:08:46.0326 0x0a58 LSI_SAS3 - ok
14:08:46.0326 0x0a58 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
14:08:46.0342 0x0a58 LSI_SSS - ok
14:08:46.0358 0x0a58 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
14:08:46.0358 0x0a58 LSM - ok
14:08:46.0373 0x0a58 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
14:08:46.0373 0x0a58 luafv - ok
14:08:46.0373 0x0a58 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
14:08:46.0373 0x0a58 megasas - ok
14:08:46.0389 0x0a58 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
14:08:46.0405 0x0a58 megasr - ok
14:08:46.0405 0x0a58 [ 220B49994DCFAC3BB242A8C3047E58A2, B01EA1751CE80E357DB643938F603DAE11A7F88B7B1187D769C5A3209A932E64 ] MEIx64 C:\Windows\System32\drivers\TeeDriverW8x64.sys
14:08:46.0405 0x0a58 MEIx64 - ok
14:08:46.0420 0x0a58 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
14:08:46.0420 0x0a58 MMCSS - ok
14:08:46.0420 0x0a58 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
14:08:46.0420 0x0a58 Modem - ok
14:08:46.0420 0x0a58 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
14:08:46.0420 0x0a58 monitor - ok
14:08:46.0436 0x0a58 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
14:08:46.0436 0x0a58 mouclass - ok
14:08:46.0436 0x0a58 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
14:08:46.0436 0x0a58 mouhid - ok
14:08:46.0436 0x0a58 [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:08:46.0436 0x0a58 mountmgr - ok
14:08:46.0451 0x0a58 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:08:46.0451 0x0a58 mpsdrv - ok
14:08:46.0467 0x0a58 [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:08:46.0483 0x0a58 MpsSvc - ok
14:08:46.0483 0x0a58 [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:08:46.0483 0x0a58 MRxDAV - ok
14:08:46.0498 0x0a58 [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:08:46.0498 0x0a58 mrxsmb - ok
14:08:46.0514 0x0a58 [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:08:46.0514 0x0a58 mrxsmb10 - ok
14:08:46.0530 0x0a58 [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:08:46.0530 0x0a58 mrxsmb20 - ok
14:08:46.0530 0x0a58 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
14:08:46.0530 0x0a58 MsBridge - ok
14:08:46.0545 0x0a58 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
14:08:46.0545 0x0a58 MSDTC - ok
14:08:46.0545 0x0a58 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:08:46.0545 0x0a58 Msfs - ok
14:08:46.0561 0x0a58 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
14:08:46.0561 0x0a58 msgpiowin32 - ok
14:08:46.0561 0x0a58 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:08:46.0561 0x0a58 mshidkmdf - ok
14:08:46.0561 0x0a58 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
14:08:46.0561 0x0a58 mshidumdf - ok
14:08:46.0561 0x0a58 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:08:46.0561 0x0a58 msisadrv - ok
14:08:46.0576 0x0a58 [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:08:46.0576 0x0a58 MSiSCSI - ok
14:08:46.0576 0x0a58 msiserver - ok
14:08:46.0576 0x0a58 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:08:46.0576 0x0a58 MSKSSRV - ok
14:08:46.0592 0x0a58 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
14:08:46.0592 0x0a58 MsLldp - ok
14:08:46.0592 0x0a58 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:08:46.0592 0x0a58 MSPCLOCK - ok
14:08:46.0592 0x0a58 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:08:46.0592 0x0a58 MSPQM - ok
14:08:46.0608 0x0a58 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:08:46.0608 0x0a58 MsRPC - ok
14:08:46.0608 0x0a58 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
14:08:46.0623 0x0a58 mssmbios - ok
14:08:46.0623 0x0a58 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:08:46.0623 0x0a58 MSTEE - ok
14:08:46.0623 0x0a58 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
14:08:46.0623 0x0a58 MTConfig - ok
14:08:46.0623 0x0a58 [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\Windows\system32\Drivers\mup.sys
14:08:46.0623 0x0a58 Mup - ok
14:08:46.0639 0x0a58 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
14:08:46.0639 0x0a58 mvumis - ok
14:08:46.0639 0x0a58 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
14:08:46.0655 0x0a58 napagent - ok
14:08:46.0670 0x0a58 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:08:46.0670 0x0a58 NativeWifiP - ok
14:08:46.0670 0x0a58 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
14:08:46.0686 0x0a58 NcaSvc - ok
14:08:46.0686 0x0a58 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
14:08:46.0686 0x0a58 NcbService - ok
14:08:46.0701 0x0a58 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
14:08:46.0701 0x0a58 NcdAutoSetup - ok
14:08:46.0717 0x0a58 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:08:46.0733 0x0a58 NDIS - ok
14:08:46.0733 0x0a58 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:08:46.0748 0x0a58 NdisCap - ok
14:08:46.0748 0x0a58 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
14:08:46.0748 0x0a58 NdisImPlatform - ok
14:08:46.0748 0x0a58 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:08:46.0748 0x0a58 NdisTapi - ok
14:08:46.0764 0x0a58 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:08:46.0764 0x0a58 Ndisuio - ok
14:08:46.0764 0x0a58 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
14:08:46.0764 0x0a58 NdisVirtualBus - ok
14:08:46.0764 0x0a58 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:08:46.0764 0x0a58 NdisWan - ok
14:08:46.0779 0x0a58 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
14:08:46.0779 0x0a58 NdisWanLegacy - ok
14:08:46.0779 0x0a58 [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1, 913AEC8A5F735C2EFDCB417E4077AB5A15457C601E6E88A1F4FA52C91E6E0BBF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:08:46.0779 0x0a58 NDProxy - ok
14:08:46.0795 0x0a58 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
14:08:46.0795 0x0a58 Ndu - ok
14:08:46.0795 0x0a58 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:08:46.0795 0x0a58 NetBIOS - ok
14:08:46.0811 0x0a58 [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:08:46.0811 0x0a58 NetBT - ok
14:08:46.0811 0x0a58 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
14:08:46.0811 0x0a58 Netlogon - ok
14:08:46.0826 0x0a58 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
14:08:46.0826 0x0a58 Netman - ok
14:08:46.0842 0x0a58 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
14:08:46.0842 0x0a58 netprofm - ok
14:08:46.0858 0x0a58 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:08:46.0858 0x0a58 NetTcpPortSharing - ok
14:08:46.0858 0x0a58 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
14:08:46.0858 0x0a58 netvsc - ok
14:08:47.0062 0x0a58 [ 272BB8C52BE106B5CC69171AF1D281D4, 3D65A772C15440DF5895843185241D890CCDECA0E02DD6CF32CCB9B5849E31A4 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
14:08:47.0202 0x0a58 NETwNs64 - ok
14:08:47.0218 0x0a58 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
14:08:47.0234 0x0a58 NlaSvc - ok
14:08:47.0234 0x0a58 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:08:47.0234 0x0a58 Npfs - ok
14:08:47.0234 0x0a58 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
14:08:47.0234 0x0a58 npsvctrig - ok
14:08:47.0249 0x0a58 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
14:08:47.0249 0x0a58 nsi - ok
14:08:47.0249 0x0a58 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:08:47.0249 0x0a58 nsiproxy - ok
14:08:47.0296 0x0a58 [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:08:47.0312 0x0a58 Ntfs - ok
14:08:47.0327 0x0a58 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
14:08:47.0327 0x0a58 Null - ok
14:08:47.0515 0x0a58 [ A6ED9DACE68E83B6F79FEC5799799FB6, 9CB41236E73B8435364B3133A7EF1A286E5E92C4832ADC4B54F86BB13C6B44A9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:08:47.0687 0x0a58 nvlddmkm - ok
14:08:47.0702 0x0a58 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:08:47.0702 0x0a58 nvraid - ok
14:08:47.0718 0x0a58 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:08:47.0718 0x0a58 nvstor - ok
14:08:47.0734 0x0a58 [ 9D67B25C69B684139169C18C9F1DFDE1, 90A4F1920EB3F071BD32BA70F998E2040BAC2ABD1B22BDF43E71455B88DAEA4D ] nvsvc C:\Windows\system32\nvvsvc.exe
14:08:47.0749 0x0a58 nvsvc - ok
14:08:47.0749 0x0a58 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:08:47.0765 0x0a58 nv_agp - ok
14:08:47.0765 0x0a58 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:08:47.0765 0x0a58 ose - ok
14:08:47.0781 0x0a58 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:08:47.0781 0x0a58 p2pimsvc - ok
14:08:47.0796 0x0a58 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
14:08:47.0796 0x0a58 p2psvc - ok
14:08:47.0812 0x0a58 [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\Windows\System32\drivers\parport.sys
14:08:47.0812 0x0a58 Parport - ok
14:08:47.0812 0x0a58 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:08:47.0812 0x0a58 partmgr - ok
14:08:47.0827 0x0a58 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:08:47.0827 0x0a58 PcaSvc - ok
14:08:47.0843 0x0a58 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
14:08:47.0843 0x0a58 pci - ok
14:08:47.0843 0x0a58 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
14:08:47.0843 0x0a58 pciide - ok
14:08:47.0859 0x0a58 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:08:47.0859 0x0a58 pcmcia - ok
14:08:47.0859 0x0a58 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
14:08:47.0859 0x0a58 pcw - ok
14:08:47.0859 0x0a58 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\Windows\system32\drivers\pdc.sys
14:08:47.0874 0x0a58 pdc - ok
14:08:47.0890 0x0a58 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:08:47.0890 0x0a58 PEAUTH - ok
14:08:47.0905 0x0a58 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:08:47.0905 0x0a58 PerfHost - ok
14:08:47.0937 0x0a58 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
14:08:47.0968 0x0a58 pla - ok
14:08:47.0968 0x0a58 [ 650A060D264FDDB365513A31B0BF31B7, E5EE292D486063F70119013FE89C15953BD46795E001C8A71D612351BC26DF33 ] plctrl C:\Program Files\ASUS\P4G\plctrl.sys
14:08:47.0968 0x0a58 plctrl - ok
14:08:47.0968 0x0a58 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:08:47.0984 0x0a58 PlugPlay - ok
14:08:47.0984 0x0a58 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:08:47.0984 0x0a58 PNRPAutoReg - ok
14:08:47.0999 0x0a58 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:08:47.0999 0x0a58 PNRPsvc - ok
14:08:48.0015 0x0a58 [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:08:48.0015 0x0a58 PolicyAgent - ok
14:08:48.0015 0x0a58 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
14:08:48.0031 0x0a58 Power - ok
14:08:48.0031 0x0a58 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:08:48.0031 0x0a58 PptpMiniport - ok
14:08:48.0077 0x0a58 [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
14:08:48.0124 0x0a58 PrintNotify - ok
14:08:48.0140 0x0a58 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
14:08:48.0140 0x0a58 Processor - ok
14:08:48.0140 0x0a58 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
14:08:48.0140 0x0a58 ProfSvc - ok
14:08:48.0155 0x0a58 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:08:48.0155 0x0a58 Psched - ok
14:08:48.0171 0x0a58 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
14:08:48.0171 0x0a58 QWAVE - ok
14:08:48.0171 0x0a58 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:08:48.0171 0x0a58 QWAVEdrv - ok
14:08:48.0171 0x0a58 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:08:48.0171 0x0a58 RasAcd - ok
14:08:48.0187 0x0a58 [ D5ECE7E7F349EB3C4B152AFF3577280D, 3A5D3E440D1ED72D654BBFE30A73667F055C0AD04375C22C202F21BF75B612B2 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:08:48.0187 0x0a58 RasAgileVpn - ok
14:08:48.0187 0x0a58 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
14:08:48.0187 0x0a58 RasAuto - ok
14:08:48.0202 0x0a58 [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:08:48.0202 0x0a58 Rasl2tp - ok
14:08:48.0218 0x0a58 [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan C:\Windows\System32\rasmans.dll
14:08:48.0218 0x0a58 RasMan - ok
14:08:48.0218 0x0a58 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:08:48.0218 0x0a58 RasPppoe - ok
14:08:48.0234 0x0a58 [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:08:48.0234 0x0a58 RasSstp - ok
14:08:48.0249 0x0a58 [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:08:48.0249 0x0a58 rdbss - ok
14:08:48.0249 0x0a58 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
14:08:48.0249 0x0a58 rdpbus - ok
14:08:48.0265 0x0a58 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:08:48.0265 0x0a58 RDPDR - ok
14:08:48.0265 0x0a58 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:08:48.0265 0x0a58 RdpVideoMiniport - ok
14:08:48.0280 0x0a58 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:08:48.0280 0x0a58 rdyboost - ok
14:08:48.0296 0x0a58 [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS C:\Windows\system32\drivers\ReFS.sys
14:08:48.0312 0x0a58 ReFS - ok
14:08:48.0327 0x0a58 RegFilter - ok
14:08:48.0327 0x0a58 [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:08:48.0327 0x0a58 RemoteAccess - ok
14:08:48.0343 0x0a58 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:08:48.0343 0x0a58 RemoteRegistry - ok
14:08:48.0343 0x0a58 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
14:08:48.0343 0x0a58 RFCOMM - ok
14:08:48.0359 0x0a58 [ CDE50CCF163E98887704DAF1BC86633C, 38F6DD2BD01231A030743A20FB4C8AFC0EBED498505755B6CBC5FC3102122EF7 ] RIM MDNS C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
14:08:48.0359 0x0a58 RIM MDNS - ok
14:08:48.0390 0x0a58 [ BBD221E385125672590D5C0C7AE34469, E25D13F80889B7183DC822C59B046BF3AC73750B52E848D8557E2869A9A8617C ] RIM Tunnel Service C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
14:08:48.0406 0x0a58 RIM Tunnel Service - ok
14:08:48.0421 0x0a58 [ 968897C7F8184E2534F14B9B10BCFB72, 102E3F2C3AEA16BCD53848C5F6FC52FAB44EC357B7B38A9967AF4B903F0B5E39 ] RimUsb C:\Windows\System32\Drivers\RimUsb_AMD64.sys
14:08:48.0421 0x0a58 RimUsb - ok
14:08:48.0421 0x0a58 [ 8D5E629E39FD2A36ADF963BBAECC15D2, 63C857DEC2A28D94519392412CAD1DFAA84FA5BE84AB8EA4862872CA8EE55A92 ] rimvndis C:\Windows\System32\Drivers\rimvndis6_AMD64.sys
14:08:48.0421 0x0a58 rimvndis - ok
14:08:48.0421 0x0a58 [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
14:08:48.0421 0x0a58 RimVSerPort - ok
14:08:48.0437 0x0a58 [ 9746BA79DE0CA5EB5104406A9ED62D01, 8B597117CA53B9827209B97332DDA1F9EADD812367A0A6152963DA03ABC2C4C4 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
14:08:48.0437 0x0a58 ROOTMODEM - ok
14:08:48.0437 0x0a58 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:08:48.0437 0x0a58 RpcEptMapper - ok
14:08:48.0437 0x0a58 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
14:08:48.0437 0x0a58 RpcLocator - ok
14:08:48.0468 0x0a58 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\Windows\system32\rpcss.dll
14:08:48.0468 0x0a58 RpcSs - ok
14:08:48.0484 0x0a58 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:08:48.0484 0x0a58 rspndr - ok
14:08:48.0484 0x0a58 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
14:08:48.0484 0x0a58 s3cap - ok
14:08:48.0484 0x0a58 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
14:08:48.0484 0x0a58 SamSs - ok
14:08:48.0499 0x0a58 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:08:48.0499 0x0a58 sbp2port - ok
14:08:48.0499 0x0a58 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:08:48.0499 0x0a58 SCardSvr - ok
14:08:48.0515 0x0a58 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
14:08:48.0515 0x0a58 ScDeviceEnum - ok
14:08:48.0515 0x0a58 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:08:48.0515 0x0a58 scfilter - ok
14:08:48.0546 0x0a58 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
14:08:48.0562 0x0a58 Schedule - ok
14:08:48.0577 0x0a58 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:08:48.0577 0x0a58 SCPolicySvc - ok
14:08:48.0593 0x0a58 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
14:08:48.0593 0x0a58 sdbus - ok
14:08:48.0609 0x0a58 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
14:08:48.0609 0x0a58 sdstor - ok
14:08:48.0609 0x0a58 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:08:48.0609 0x0a58 secdrv - ok
14:08:48.0609 0x0a58 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\Windows\system32\seclogon.dll
14:08:48.0609 0x0a58 seclogon - ok
14:08:48.0624 0x0a58 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
14:08:48.0624 0x0a58 SENS - ok
14:08:48.0624 0x0a58 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsAlsDriver C:\Windows\System32\drivers\WUDFRd.sys
14:08:48.0640 0x0a58 SensorsAlsDriver - ok
14:08:48.0640 0x0a58 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:08:48.0640 0x0a58 SensrSvc - ok
14:08:48.0655 0x0a58 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
14:08:48.0655 0x0a58 SerCx - ok
14:08:48.0655 0x0a58 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
14:08:48.0655 0x0a58 SerCx2 - ok
14:08:48.0655 0x0a58 [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\Windows\System32\drivers\serenum.sys
14:08:48.0655 0x0a58 Serenum - ok
14:08:48.0671 0x0a58 [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\Windows\System32\drivers\serial.sys
14:08:48.0671 0x0a58 Serial - ok
14:08:48.0671 0x0a58 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
14:08:48.0671 0x0a58 sermouse - ok
14:08:48.0687 0x0a58 [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv C:\Windows\system32\sessenv.dll
14:08:48.0687 0x0a58 SessionEnv - ok
14:08:48.0687 0x0a58 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
14:08:48.0702 0x0a58 sfloppy - ok
14:08:48.0702 0x0a58 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:08:48.0718 0x0a58 SharedAccess - ok
14:08:48.0734 0x0a58 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:08:48.0734 0x0a58 ShellHWDetection - ok
14:08:48.0749 0x0a58 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:08:48.0749 0x0a58 SiSRaid2 - ok
14:08:48.0749 0x0a58 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:08:48.0749 0x0a58 SiSRaid4 - ok
14:08:48.0765 0x0a58 [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:08:48.0765 0x0a58 SkypeUpdate - ok
14:08:48.0765 0x0a58 [ 306EE29C824E85BB28D4579B23EFA55A, 0F60C3625482410EE0F5C7FE08E116B97BDE2ACB4C594A57276F4DB2A628A7EB ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
14:08:48.0765 0x0a58 SmartDefragDriver - ok
14:08:48.0780 0x0a58 [ 306B85DED59949398718220157856A42, A3D0DF322E3E1ED70E2DC5F744191D7F54779C76877437FB04DA4F1FCD1D27E1 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
14:08:48.0780 0x0a58 SmbDrvI - ok
14:08:48.0780 0x0a58 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
14:08:48.0780 0x0a58 smphost - ok
14:08:48.0796 0x0a58 [ 452F8DE7ECC68B0BEC2D478BBA526F14, 3A7DBFF8BC140C7D5D22775B072E55AF58DE2A41AF5280010F2E7B6232C26BD6 ] SMService C:\Program Files (x86)\IObit\Classic Start\SMService.exe
14:08:48.0812 0x0a58 SMService - ok
14:08:48.0827 0x0a58 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:08:48.0827 0x0a58 SNMPTRAP - ok
14:08:48.0843 0x0a58 [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
14:08:48.0843 0x0a58 spaceport - ok
14:08:48.0843 0x0a58 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
14:08:48.0843 0x0a58 SpbCx - ok
14:08:48.0859 0x0a58 [ 97F08F8E5CB913E3DF467A35767866B6, F75C1D157D7AF5C2B691D8495D38C5A65944C93F5D4A3EA9813B07E4AF3E3E68 ] SpeedupService C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
14:08:48.0859 0x0a58 SpeedupService - ok
14:08:48.0874 0x0a58 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\Windows\System32\spoolsv.exe
14:08:48.0890 0x0a58 Spooler - ok
14:08:49.0006 0x0a58 [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\Windows\system32\sppsvc.exe
14:08:49.0084 0x0a58 sppsvc - ok
14:08:49.0100 0x0a58 [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv C:\Windows\system32\DRIVERS\srv.sys
14:08:49.0115 0x0a58 srv - ok
14:08:49.0131 0x0a58 [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:08:49.0131 0x0a58 srv2 - ok
14:08:49.0147 0x0a58 [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:08:49.0147 0x0a58 srvnet - ok
14:08:49.0147 0x0a58 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:08:49.0162 0x0a58 SSDPSRV - ok
14:08:49.0162 0x0a58 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:08:49.0162 0x0a58 SstpSvc - ok
14:08:49.0162 0x0a58 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:08:49.0178 0x0a58 stexstor - ok
14:08:49.0178 0x0a58 [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:08:49.0178 0x0a58 StillCam - ok
14:08:49.0193 0x0a58 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
14:08:49.0193 0x0a58 stisvc - ok
14:08:49.0209 0x0a58 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
14:08:49.0209 0x0a58 storahci - ok
14:08:49.0209 0x0a58 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:08:49.0209 0x0a58 storflt - ok
14:08:49.0209 0x0a58 [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme C:\Windows\system32\drivers\stornvme.sys
14:08:49.0225 0x0a58 stornvme - ok
14:08:49.0225 0x0a58 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
14:08:49.0225 0x0a58 StorSvc - ok
14:08:49.0225 0x0a58 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:08:49.0225 0x0a58 storvsc - ok
14:08:49.0225 0x0a58 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
14:08:49.0225 0x0a58 svsvc - ok
14:08:49.0240 0x0a58 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
14:08:49.0240 0x0a58 swenum - ok
14:08:49.0256 0x0a58 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
14:08:49.0256 0x0a58 swprv - ok
14:08:49.0287 0x0a58 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
14:08:49.0303 0x0a58 SysMain - ok
14:08:49.0318 0x0a58 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
14:08:49.0318 0x0a58 SystemEventsBroker - ok
14:08:49.0318 0x0a58 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:08:49.0334 0x0a58 TabletInputService - ok
14:08:49.0334 0x0a58 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
14:08:49.0350 0x0a58 TapiSrv - ok
14:08:49.0381 0x0a58 [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:08:49.0412 0x0a58 Tcpip - ok
14:08:49.0475 0x0a58 [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:08:49.0506 0x0a58 TCPIP6 - ok
14:08:49.0506 0x0a58 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:08:49.0506 0x0a58 tcpipreg - ok
14:08:49.0522 0x0a58 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:08:49.0522 0x0a58 tdx - ok
14:08:49.0522 0x0a58 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
14:08:49.0522 0x0a58 terminpt - ok
14:08:49.0553 0x0a58 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
14:08:49.0568 0x0a58 TermService - ok
14:08:49.0568 0x0a58 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
14:08:49.0568 0x0a58 Themes - ok
14:08:49.0568 0x0a58 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
14:08:49.0584 0x0a58 THREADORDER - ok
14:08:49.0584 0x0a58 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
14:08:49.0584 0x0a58 TimeBroker - ok
14:08:49.0600 0x0a58 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
14:08:49.0600 0x0a58 TPM - ok
14:08:49.0600 0x0a58 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
14:08:49.0615 0x0a58 TrkWks - ok
14:08:49.0631 0x0a58 [ 7C6A3C53F6412013465D253DBB0916D6, 83742C57E1DAA5916358E1FE88922A96691BC0B9ED2684C05F85F5F810FF0777 ] Trufos C:\Windows\system32\DRIVERS\TRUFOS.sys
14:08:49.0631 0x0a58 Trufos - ok
14:08:49.0631 0x0a58 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:08:49.0631 0x0a58 TrustedInstaller - ok
14:08:49.0647 0x0a58 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:08:49.0647 0x0a58 TsUsbFlt - ok
14:08:49.0647 0x0a58 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
14:08:49.0647 0x0a58 TsUsbGD - ok
14:08:49.0662 0x0a58 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:08:49.0662 0x0a58 tunnel - ok
14:08:49.0662 0x0a58 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:08:49.0662 0x0a58 uagp35 - ok
14:08:49.0678 0x0a58 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
14:08:49.0678 0x0a58 UASPStor - ok
14:08:49.0678 0x0a58 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
14:08:49.0678 0x0a58 UCX01000 - ok
14:08:49.0693 0x0a58 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:08:49.0693 0x0a58 udfs - ok
14:08:49.0693 0x0a58 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
14:08:49.0693 0x0a58 UEFI - ok
14:08:49.0709 0x0a58 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:08:49.0709 0x0a58 UI0Detect - ok
14:08:49.0709 0x0a58 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:08:49.0709 0x0a58 uliagpkx - ok
14:08:49.0725 0x0a58 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
14:08:49.0725 0x0a58 umbus - ok
14:08:49.0725 0x0a58 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
14:08:49.0725 0x0a58 UmPass - ok
14:08:49.0725 0x0a58 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
14:08:49.0740 0x0a58 UmRdpService - ok
14:08:49.0740 0x0a58 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
14:08:49.0756 0x0a58 upnphost - ok
14:08:49.0756 0x0a58 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
14:08:49.0756 0x0a58 usbccgp - ok
14:08:49.0772 0x0a58 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
14:08:49.0772 0x0a58 usbcir - ok
14:08:49.0772 0x0a58 [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\Windows\System32\drivers\usbehci.sys
14:08:49.0772 0x0a58 usbehci - ok
14:08:49.0787 0x0a58 [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\Windows\System32\drivers\usbhub.sys
14:08:49.0803 0x0a58 usbhub - ok
14:08:49.0818 0x0a58 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
14:08:49.0818 0x0a58 USBHUB3 - ok
14:08:49.0818 0x0a58 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys
14:08:49.0818 0x0a58 usbohci - ok
14:08:49.0834 0x0a58 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
14:08:49.0834 0x0a58 usbprint - ok
14:08:49.0834 0x0a58 [ 9EAA9AEE921DDBC96557BD0ABCA90829, 9263F1855118A9B769E01055B09FC527A18BC6C9A524566B5CE7EEC9A82F749B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
14:08:49.0834 0x0a58 usbrndis6 - ok
14:08:49.0834 0x0a58 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
14:08:49.0850 0x0a58 USBSTOR - ok
14:08:49.0850 0x0a58 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
14:08:49.0850 0x0a58 usbuhci - ok
14:08:49.0850 0x0a58 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:08:49.0865 0x0a58 usbvideo - ok
14:08:49.0865 0x0a58 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
14:08:49.0881 0x0a58 USBXHCI - ok
14:08:49.0881 0x0a58 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
14:08:49.0881 0x0a58 VaultSvc - ok
14:08:49.0881 0x0a58 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:08:49.0881 0x0a58 vdrvroot - ok
14:08:49.0912 0x0a58 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
14:08:49.0928 0x0a58 vds - ok
14:08:49.0943 0x0a58 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
14:08:49.0943 0x0a58 VerifierExt - ok
14:08:49.0959 0x0a58 [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
14:08:49.0959 0x0a58 vhdmp - ok
14:08:49.0975 0x0a58 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
14:08:49.0975 0x0a58 viaide - ok
14:08:49.0975 0x0a58 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:08:49.0975 0x0a58 vmbus - ok
14:08:49.0975 0x0a58 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
14:08:49.0975 0x0a58 VMBusHID - ok
14:08:49.0990 0x0a58 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
14:08:50.0006 0x0a58 vmicguestinterface - ok
14:08:50.0013 0x0a58 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
14:08:50.0013 0x0a58 vmicheartbeat - ok
14:08:50.0029 0x0a58 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
14:08:50.0044 0x0a58 vmickvpexchange - ok
14:08:50.0044 0x0a58 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
14:08:50.0060 0x0a58 vmicrdv - ok
14:08:50.0076 0x0a58 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
14:08:50.0076 0x0a58 vmicshutdown - ok
14:08:50.0091 0x0a58 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
14:08:50.0091 0x0a58 vmictimesync - ok
14:08:50.0107 0x0a58 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
14:08:50.0122 0x0a58 vmicvss - ok
14:08:50.0122 0x0a58 [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:08:50.0122 0x0a58 volmgr - ok
14:08:50.0138 0x0a58 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:08:50.0138 0x0a58 volmgrx - ok
14:08:50.0154 0x0a58 [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:08:50.0154 0x0a58 volsnap - ok
14:08:50.0154 0x0a58 [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\Windows\System32\drivers\vpci.sys
14:08:50.0154 0x0a58 vpci - ok
14:08:50.0169 0x0a58 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:08:50.0169 0x0a58 vsmraid - ok
14:08:50.0201 0x0a58 [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\Windows\system32\vssvc.exe
14:08:50.0216 0x0a58 VSS - ok
14:08:50.0232 0x0a58 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
14:08:50.0232 0x0a58 VSTXRAID - ok
14:08:50.0232 0x0a58 [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:08:50.0232 0x0a58 vwifibus - ok
14:08:50.0247 0x0a58 [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:08:50.0247 0x0a58 vwififlt - ok
14:08:50.0247 0x0a58 [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:08:50.0247 0x0a58 vwifimp - ok
14:08:50.0263 0x0a58 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
14:08:50.0263 0x0a58 W32Time - ok
14:08:50.0263 0x0a58 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
14:08:50.0263 0x0a58 WacomPen - ok
14:08:50.0279 0x0a58 [ B41F3E5780D97CFD44A717153AD9CF2C, 6133104D9E5BCFDCDF55E3C52AA701766102A8F86D3F2667BBBF7168E3B3E2AB ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:08:50.0279 0x0a58 Wanarp - ok
14:08:50.0279 0x0a58 [ B41F3E5780D97CFD44A717153AD9CF2C, 6133104D9E5BCFDCDF55E3C52AA701766102A8F86D3F2667BBBF7168E3B3E2AB ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:08:50.0279 0x0a58 Wanarpv6 - ok
14:08:50.0310 0x0a58 [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\Windows\system32\wbengine.exe
14:08:50.0341 0x0a58 wbengine - ok
14:08:50.0341 0x0a58 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:08:50.0357 0x0a58 WbioSrvc - ok
14:08:50.0357 0x0a58 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
14:08:50.0372 0x0a58 Wcmsvc - ok
14:08:50.0388 0x0a58 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:08:50.0388 0x0a58 wcncsvc - ok
14:08:50.0388 0x0a58 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:08:50.0388 0x0a58 WcsPlugInService - ok
14:08:50.0404 0x0a58 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
14:08:50.0404 0x0a58 WdBoot - ok
14:08:50.0419 0x0a58 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:08:50.0435 0x0a58 Wdf01000 - ok
14:08:50.0435 0x0a58 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
14:08:50.0435 0x0a58 WdFilter - ok
14:08:50.0451 0x0a58 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:08:50.0451 0x0a58 WdiServiceHost - ok
14:08:50.0451 0x0a58 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:08:50.0451 0x0a58 WdiSystemHost - ok
14:08:50.0466 0x0a58 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
14:08:50.0466 0x0a58 WdNisDrv - ok
14:08:50.0466 0x0a58 WdNisSvc - ok
14:08:50.0482 0x0a58 [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\Windows\System32\webclnt.dll
14:08:50.0482 0x0a58 WebClient - ok
14:08:50.0482 0x0a58 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:08:50.0482 0x0a58 Wecsvc - ok
14:08:50.0497 0x0a58 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
14:08:50.0497 0x0a58 WEPHOSTSVC - ok
14:08:50.0497 0x0a58 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:08:50.0497 0x0a58 wercplsupport - ok
14:08:50.0513 0x0a58 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
14:08:50.0513 0x0a58 WerSvc - ok
14:08:50.0513 0x0a58 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
14:08:50.0513 0x0a58 WFPLWFS - ok
14:08:50.0513 0x0a58 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
14:08:50.0529 0x0a58 WiaRpc - ok
14:08:50.0529 0x0a58 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:08:50.0529 0x0a58 WIMMount - ok
14:08:50.0529 0x0a58 WinDefend - ok
14:08:50.0560 0x0a58 [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
14:08:50.0560 0x0a58 WinHttpAutoProxySvc - ok
14:08:50.0576 0x0a58 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:08:50.0576 0x0a58 Winmgmt - ok
14:08:50.0622 0x0a58 [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\Windows\system32\WsmSvc.dll
14:08:50.0669 0x0a58 WinRM - ok
14:08:50.0685 0x0a58 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\System32\drivers\WinUSB.sys
14:08:50.0685 0x0a58 WinUsb - ok
14:08:50.0716 0x0a58 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
14:08:50.0732 0x0a58 WlanSvc - ok
14:08:50.0763 0x0a58 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
14:08:50.0794 0x0a58 wlidsvc - ok
14:08:50.0794 0x0a58 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
14:08:50.0794 0x0a58 WmiAcpi - ok
14:08:50.0810 0x0a58 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:08:50.0810 0x0a58 wmiApSrv - ok
14:08:50.0810 0x0a58 WMPNetworkSvc - ok
14:08:50.0810 0x0a58 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
14:08:50.0826 0x0a58 Wof - ok
14:08:50.0857 0x0a58 [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
14:08:50.0872 0x0a58 workfolderssvc - ok
14:08:50.0888 0x0a58 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
14:08:50.0888 0x0a58 wpcfltr - ok
14:08:50.0888 0x0a58 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:08:50.0888 0x0a58 WPCSvc - ok
14:08:50.0888 0x0a58 [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:08:50.0888 0x0a58 WPDBusEnum - ok
14:08:50.0904 0x0a58 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
14:08:50.0904 0x0a58 WpdUpFltr - ok
14:08:50.0904 0x0a58 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:08:50.0904 0x0a58 ws2ifsl - ok
14:08:50.0904 0x0a58 [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\Windows\System32\wscsvc.dll
14:08:50.0919 0x0a58 wscsvc - ok
14:08:50.0919 0x0a58 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
14:08:50.0919 0x0a58 WSDPrintDevice - ok
14:08:50.0919 0x0a58 [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
14:08:50.0919 0x0a58 WSDScan - ok
14:08:50.0919 0x0a58 WSearch - ok
14:08:50.0982 0x0a58 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
14:08:51.0029 0x0a58 WSService - ok
14:08:51.0107 0x0a58 [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv C:\Windows\system32\wuaueng.dll
14:08:51.0154 0x0a58 wuauserv - ok
14:08:51.0169 0x0a58 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:08:51.0169 0x0a58 WudfPf - ok
14:08:51.0169 0x0a58 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
14:08:51.0185 0x0a58 WUDFRd - ok
14:08:51.0185 0x0a58 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:08:51.0185 0x0a58 wudfsvc - ok
14:08:51.0185 0x0a58 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
14:08:51.0201 0x0a58 WUDFWpdFs - ok
14:08:51.0201 0x0a58 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:08:51.0216 0x0a58 WwanSvc - ok
14:08:51.0232 0x0a58 [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
14:08:51.0232 0x0a58 ZAtheros Bt and Wlan Coex Agent - ok
14:08:51.0247 0x0a58 ================ Scan global
|
|
17.01.2017, 14:42
| #21 |
| | TDSS Teil 2Code:
ATTFilter 14:08:51.0247 0x0a58 [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
14:08:51.0247 0x0a58 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
14:08:51.0263 0x0a58 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
14:08:51.0263 0x0a58 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
14:08:51.0279 0x0a58 [ Global ] - ok
14:08:51.0279 0x0a58 ================ Scan MBR ==================================
14:08:51.0279 0x0a58 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:08:51.0279 0x0a58 \Device\Harddisk0\DR0 - ok
14:08:51.0279 0x0a58 ================ Scan VBR ==================================
14:08:51.0294 0x0a58 [ 0F6B313A251E60B732D8FE35CF5BEE78 ] \Device\Harddisk0\DR0\Partition1
14:08:51.0294 0x0a58 \Device\Harddisk0\DR0\Partition1 - ok
14:08:51.0294 0x0a58 [ B796F7E62490E26E1566A04F748B8F7A ] \Device\Harddisk0\DR0\Partition2
14:08:51.0294 0x0a58 \Device\Harddisk0\DR0\Partition2 - ok
14:08:51.0294 0x0a58 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
14:08:51.0294 0x0a58 \Device\Harddisk0\DR0\Partition3 - ok
14:08:51.0294 0x0a58 [ AA0E56815788185FBFEF8E6FAB6AC637 ] \Device\Harddisk0\DR0\Partition4
14:08:51.0294 0x0a58 \Device\Harddisk0\DR0\Partition4 - ok
14:08:51.0294 0x0a58 [ 6E49AE072396876562BC83AD510DCDAE ] \Device\Harddisk0\DR0\Partition5
14:08:51.0294 0x0a58 \Device\Harddisk0\DR0\Partition5 - ok
14:08:51.0294 0x0a58 [ 2CE5E892AD830F4C7FF331A46627BCD3 ] \Device\Harddisk0\DR0\Partition6
14:08:51.0310 0x0a58 \Device\Harddisk0\DR0\Partition6 - ok
14:08:51.0310 0x0a58 ================ Scan generic autorun ======================
14:08:51.0310 0x0a58 [ 2FA26C993349B4D2016CBE21A49E5432, 9AD05224E1E2306271D1E2D74B63253F3807D4C60F8B94B661527B311D7E892A ] C:\Windows\system32\igfxtray.exe
14:08:51.0326 0x0a58 IgfxTray - ok
14:08:51.0326 0x0a58 [ 9227DB2B65256AB3DB9BFD1CE1E3E332, B8CCB8656842DC0232B76B1439E78598A25F4188DA94A08F4D1CDF22DAAD642A ] C:\Windows\system32\DptfPolicyLpmServiceHelper.exe
14:08:51.0326 0x0a58 DptfPolicyLpmServiceHelper - ok
14:08:51.0341 0x0a58 [ 8802D3239441C08BF1F8A20E3457AE25, 277F1DBBC907F0E69C6FDB494D1D084FE9C18DE77E1C5E52395A964B0AA85EA1 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
14:08:51.0357 0x0a58 cAudioFilterAgent - ok
14:08:51.0388 0x0a58 [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
14:08:51.0404 0x0a58 SmartAudio - ok
14:08:51.0435 0x0a58 [ 232390232619AD98E0D070704303E50D, 1D3582E582B2BC19DF30ED7A038684099727DA82350B1EC61A87F2F94195E5B0 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
14:08:51.0451 0x0a58 ASUSPRP - ok
14:08:51.0451 0x0a58 [ 18C6EB33C4392AFFAC81D5FF9F7EBF86, 456ACF6ABD8C86C564683BEC9CB29160E59F1F8A19E48AAC429E3F8540E0CB24 ] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
14:08:51.0451 0x0a58 WebStorage - ok
14:08:51.0466 0x0a58 [ 96AA8ECA99C90C07F64AB0FE60B6F7F1, 4822F43292EE300981BB809501B8B2BEB290D86F3D2CEBFA3BF05D6B2D1D09EB ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
14:08:51.0466 0x0a58 RIMBBLaunchAgent.exe - ok
14:08:51.0466 0x0a58 [ 258E2CD2C4984A977106C9EF7CA8AF69, D8F6409D5F5782CC27D159D18E914A3DB59D8644D7017CA6F84F0CF30E95174C ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
14:08:51.0466 0x0a58 Avira SystrayStartTrigger - ok
14:08:51.0482 0x0a58 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
14:08:51.0482 0x0a58 HP Software Update - ok
14:08:51.0513 0x0a58 [ D9E8ACB60681E60DD19A3BED0A9BD8CE, 2C48AF7EACC5357D9D74A43699C0FB88870327230F425EDBB59F70C16E6AA798 ] C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe
14:08:51.0529 0x0a58 BlackBerryLink.exe - ok
14:08:51.0529 0x0a58 Skype - ok
14:08:51.0576 0x0a58 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
14:08:51.0607 0x0a58 HP Officejet 6500 E710n-z (NET) - ok
14:08:51.0669 0x0a58 [ 90F22F4AD3CC9EFD1D812AFB5A844F09, EF72B37FC966A6B3DE0C1A2D1488AF6B25F95E65219EEF71715C9D09ADF7630F ] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
14:08:51.0701 0x0a58 Advanced SystemCare Ultimate - ok
14:08:51.0732 0x0a58 [ 92B29E6BE97F5B2C5894904D1447BBFE, C8BF1ABDC9EDE0264ED7A818F61BB84BA2D42F160FDEA45DE6ED6EF816A6425E ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
14:08:51.0732 0x0a58 GoogleChromeAutoLaunch_B617000C970A075E6ED2C480E317E1FD - ok
14:08:51.0747 0x0a58 Waiting for KSN requests completion. In queue: 186
14:08:51.0841 0x1f78 Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
14:08:52.0045 0x1f78 Object send P2P result: true
14:08:52.0755 0x0a58 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60110 ( disabled : outofdate )
14:08:52.0755 0x0a58 AV detected via SS2: Advanced SystemCare Ultimate, C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAntivirusFix.exe ( 10.0.0.76 ), 0x70000 ( disabled : updated )
14:08:52.0755 0x0a58 Win FW state via NFP2: enabled ( trusted )
14:08:52.0880 0x0a58 ============================================================
14:08:52.0880 0x0a58 Scan finished
14:08:52.0880 0x0a58 ============================================================
14:08:52.0880 0x0f14 Detected object count: 0
14:08:52.0880 0x0f14 Actual detected object count: 0
14:09:01.0863 0x0fd0 Deinitialize success
|
|
17.01.2017, 16:05
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.01.2017, 18:05
| #23 |
| | adwCleaner & JRT log habe aber immer noch die 'üblichen' popup internetseiten: gambling / de-reimagerepair etc ;( Code:
ATTFilter # AdwCleaner v6.042 - Bericht erstellt am 17/01/2017 um 17:34:50
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-17.1 [Server]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : W - ASUS-KLEIN
# Gestartet von : C:\Users\W\Desktop\AdwCleaner_6.042.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\WalburgaA_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof
[-] Ordner gelöscht: C:\Users\WalburgaA_2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlcphjankhppgohedpkjonpadimhaoof
[-] Ordner gelöscht: C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipmkfpcnmccejididiaagpgchgjfajgp_0.localstorage
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: LaunchPreSignup
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
[-] [C:\Users\W\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: ipmkfpcnmccejididiaagpgchgjfajgp
[-] [C:\Users\WalburgaA_2\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: nlcphjankhppgohedpkjonpadimhaoof
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1770 Bytes] - [17/01/2017 17:34:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [2010 Bytes] - [17/01/2017 17:33:54]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1916 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 8.1 x64
Ran by W (Administrator) on 17.01.2017 at 17:40:44,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 10
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default\user.js (File)
Successfully deleted: C:\Users\W\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (W) (Task)
Successfully deleted: C:\Windows\system32\Tasks\SmartDefrag_Startup (Task)
Successfully deleted: C:\Windows\system32\Tasks\StartMenu8_Start (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_W (Task)
Successfully deleted: C:\Windows\Tasks\StartMenu8_Start.job (Task)
Successfully deleted: C:\Windows\Tasks\Uninstaller_SkipUac_W.job (Task)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.01.2017 at 17:41:52,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
https:\\www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/ könnte mir passiert sein ;( |
|
18.01.2017, 10:03
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: Wi rhaben leider noch ne ältere Anleitung vomadwCleaner, bitte nochmal ausführen und so einstellen: 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2017, 13:38
| #25 |
| | AdwCleaner & JRT log neu danke für den Hinweis leider war ihre letzte Nachricht von gestern früh im Spamordner gelandet (keine ahnung, warum ... *scratchhead* ); deshalb habe ich beide Programme noch mal komplett durchlaufen lassen ... die unerwünschten websites poppen aber weiterhin auf, wie schon vorgestern abend beim ersten Durchlauf ;( und schon mal vorab danke für's nächste feedback, WM Code:
ATTFilter # AdwCleaner v6.042 - Bericht erstellt am 19/01/2017 um 13:08:35
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-18.1 [Server]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : W - ASUS-KLEIN
# Gestartet von : C:\Users\W\Desktop\AdwCleaner_6.042.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
[-] [C:\Users\W\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: ipmkfpcnmccejididiaagpgchgjfajgp
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1995 Bytes] - [17/01/2017 17:34:50]
C:\AdwCleaner\AdwCleaner[C2].txt - [1266 Bytes] - [19/01/2017 13:08:35]
C:\AdwCleaner\AdwCleaner[S0].txt - [2010 Bytes] - [17/01/2017 17:33:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [1626 Bytes] - [19/01/2017 13:06:11]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1485 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 8.1 x64
Ran by W (Administrator) on 19.01.2017 at 13:16:11,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\ProgramData\productdata (Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.01.2017 at 13:17:15,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
19.01.2017, 14:55
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2017, 15:07
| #27 |
| | FRST update ? soll ich FRST sicherheitshalber neu downloaden, bevor ich den log erstelle oder lass ich den von letzter Woche noch mal durchlaufen? nur um sicher zu sein ... |
|
19.01.2017, 15:13
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: neu runterladen ist nicht verkehrt, kann man machen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2017, 15:29
| #29 |
| | FRST addition.txt neuCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-01-2017
durchgeführt von W (19-01-2017 15:23:31)
Gestartet von C:\Users\W\Downloads
Windows 8.1 (Update) (X64) (2015-03-13 17:07:21)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4242665128-3801008343-3756527368-500 - Administrator - Disabled)
Gast (S-1-5-21-4242665128-3801008343-3756527368-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4242665128-3801008343-3756527368-1003 - Limited - Enabled)
W (S-1-5-21-4242665128-3801008343-3756527368-1001 - Administrator - Enabled) => C:\Users\W
WalburgaA (S-1-5-21-4242665128-3801008343-3756527368-1004 - Limited - Enabled) => C:\Users\WalburgaA
WalburgaA_2 (S-1-5-21-4242665128-3801008343-3756527368-1005 - Limited - Enabled) => C:\Users\WalburgaA_2
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Advanced SystemCare Ultimate (Disabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 9 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 7.0.3 - IObit)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.145.43581 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.145.43581 - Alcor Micro Corp.) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.2.3.19655 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.1.1.4250 - Avira Operations GmbH & Co. KG)
BalTax 2014 10.3.0 (HKLM-x32\...\6456-0709-2578-5305) (Version: 10.3.0 - Information Factory AG)
BlackBerry 10 Desktop Software (HKLM-x32\...\{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (x32 Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
BlackBerry Link (x32 Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.3.0 - Conexant)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 17.4.33 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{56F91CE8-0168-4619-8FEC-13F5087E40F8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Graphics Driver 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Spotify (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.2.1 - IObit)
Viber (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0342BFFA-1607-4B26-A43C-C4AA152AA97C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {10C22233-22D1-4985-83D7-26EA6DCDBCEA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {1401C5ED-FB6B-4CC7-ACA4-1B63F7BE8D66} - System32\Tasks\ASCU10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [2016-12-14] (IObit)
Task: {160B2967-201E-4798-AF01-110AA11799C4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: {1B188FBC-CBE6-45C3-A213-D566E6BBCFB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {1E8610D1-DAAD-45EE-AEF9-60CF36C57CF4} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {246C0A6B-6A80-442C-A94D-5FBCCBD34064} - \Optimize Start Menu Cache Files-S-1-5-21-4242665128-3801008343-3756527368-500 -> Keine Datei <==== ACHTUNG
Task: {2C3EBB37-E372-47BF-AA9B-7344DB5F624D} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {2D3F43BE-DB01-43CC-B9FF-47575B2433F1} - System32\Tasks\ASCU8_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: {364E78CB-8F52-46BE-B238-EC7BF0F7960C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {39608701-DBEC-4F19-8A9F-2B3FD009FCF3} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {3DBB24AE-FDCE-4666-BC02-9FDB77BFF611} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f2b911076e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {3DD3B6F9-E321-4828-A255-7D7F6CECE88D} - System32\Tasks\HPCeeScheduleForW => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {4695E224-12EF-44AD-AE15-C75A4DB9C1D6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {4845DFF6-45BE-4901-A88B-766B40B6C531} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {48DFFBFB-C1E4-43FB-AAB0-772F322E9EE4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-12] (Microsoft Corporation)
Task: {4C904833-F10F-42DD-B018-9099D51B5A86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5110E657-D3DD-416A-96ED-FB9A4021657D} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()
Task: {550A1FE6-D5EF-4F39-9559-B9ED09BA2F7B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {5A608E78-575C-41FA-ABFD-339F9A1A1EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5CA7B546-0C0E-41B5-A83C-61A8B2F9FE8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {6B06E695-1468-45F2-8107-2002312A5B8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {77A54A59-8A56-4FBE-AEDA-7EE628D2CD25} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {7A92A124-AB57-4689-BDC1-D338DCAF4A61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {83CA6AC7-F7C8-4DC2-8F60-BBC037B4AA48} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {855DE6AB-33A8-400D-939E-7BE1F1AE7654} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {86178183-17F5-4BA7-BC6E-4E390CF63EDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {8644FDE7-79EA-43C5-97D6-934D3EBD2566} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {89E5B5A1-C55F-4BE2-9370-A2CD7CA15B12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {AC1AE724-565B-440F-9D99-64BD1870B476} - System32\Tasks\{C899D39E-45DD-45B2-A29B-4C51F80917CF} => pcalua.exe -a E:\setup.exe -d E:\
Task: {B04FF86E-ADEE-4828-BEE0-65F3FA78D627} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {B80C527B-82B1-4B34-B2ED-109A7D3EA85B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {BC2BB775-8451-4CD2-80FA-3D964C3135F4} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [2016-11-15] ()
Task: {C733BA11-DEE8-44A5-BF13-A08E1F4ACD3A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {CE49FD9A-54FE-4FDB-9BA7-B490DE39C848} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {D3B1AE45-944C-42A6-A96E-EC986892BE4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {D4211F9A-2116-4A21-8804-557BCD1141BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {DAD6039A-7170-48A1-8431-23477DAF2D3E} - System32\Tasks\ASCU10_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [2016-12-16] (IObit)
Task: {E8068A8A-1B36-4C21-B476-11564C67DC2C} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASCU10_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe
Task: C:\Windows\Tasks\ASCU8_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForW.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-01-14 01:14 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-12-04 10:19 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-03-19 11:22 - 2015-03-19 11:22 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2014-10-15 20:35 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-09-20 02:23 - 2016-09-20 02:23 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-05-03 03:28 - 2015-05-03 03:28 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2017-01-14 01:15 - 2017-01-14 01:15 - 01041608 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2017-01-11 18:59 - 2017-01-11 18:59 - 17835096 _____ () C:\Users\W\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
2016-12-04 10:19 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2016-12-04 10:19 - 2016-09-26 13:59 - 00631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2017-01-19 15:13 - 2015-12-29 11:30 - 00355616 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl
2017-01-19 15:13 - 2015-12-29 11:29 - 00190240 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl
2017-01-19 15:13 - 2015-12-29 11:30 - 00057632 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl
2017-01-19 15:13 - 2015-12-29 11:30 - 00275576 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll
2017-01-19 15:13 - 2015-12-29 11:30 - 00059680 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll
2017-01-19 15:13 - 2016-10-20 09:59 - 00631072 _____ () C:\Program Files (x86)\IObit\Classic Start\ProductStatistics.dll
2017-01-19 15:13 - 2015-12-29 11:31 - 00047904 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll
2016-05-30 07:01 - 2016-05-30 07:01 - 00131264 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll
2016-09-20 02:23 - 2016-09-20 02:23 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\W\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dc 2009 cherry blossom.jpg
DNS Servers: 62.2.24.162 - 62.2.17.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Swiss Media Research =>
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Swiss Media Research"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{691CF345-DD69-404F-AF5D-6F4559782239}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{20468303-425B-4EEF-9CF2-CB9B667877CF}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A36E65A0-12AE-401F-B4EB-772BF0F8E1E9}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{77F93656-1433-4630-BD7C-E720231F1DC5}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{1DE267D5-A1AF-46D6-BB84-678F68CC5E84}] => LPort=4481
FirewallRules: [{22584053-CCF2-48FA-B4DB-17B85D4A4D99}] => LPort=4481
FirewallRules: [{FE52E7C5-DA41-41EA-BA15-E3AAEA4110AD}] => LPort=4482
FirewallRules: [{AD828279-8620-49EF-8955-492B1B2F638B}] => LPort=4482
FirewallRules: [TCP Query User{82BDC133-2312-4BAF-8D46-7D68548E2438}C:\users\w\appdata\roaming\spotify\spotify.exe] => C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{25AB6BF8-A186-488E-B239-C6FB6BFECC7C}C:\users\w\appdata\roaming\spotify\spotify.exe] => C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4CF7D7C9-3290-48FB-8336-CC4EDBF77924}] => C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{DA5E6717-0863-4AD6-8CB4-E350F6941D2F}] => C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{94312F5D-797E-4DD8-B3BB-540277322EA7}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{6C4FBF2E-085C-47B2-B693-E39F9920408B}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{A32968A8-76A3-4228-AF59-4C0EEA8FB02C}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{29C75D54-A4F9-4459-9812-1936D981D03F}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{C1E0DF48-FF76-4E7B-8FC9-AB3F0FC95967}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3601AE15-869E-48B2-AFCE-55E105C11061}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C3620875-5C70-4145-B20F-5293F40C2FF0}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BC0F178A-5676-4D57-BE7F-50804D499185}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6EB504D7-AA49-4638-A3A0-50F3D0ADB71F}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A125D56A-2E3C-458F-A69C-9E4B14FAF15B}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{AA9B8A09-581B-4167-8AEB-FA3B89625855}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{B1EEAC93-F801-48D6-AC66-3C2B14074556}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A41AF319-88AA-4D4D-B37C-DC812E678C7E}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{D6E05F4F-52FC-433B-B3AA-5E933AA99D67}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{FC01E046-1852-4524-A703-D2116F68448B}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{98587A68-0360-4057-8319-C1793D3D52A3}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{E05D331A-6921-4271-9622-AD1F1B469ADA}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{294EE63A-E5AB-4C08-ACB0-5EFC9B0A1A25}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{A285D6A6-BA0F-4E71-A956-C798412A53E3}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3510B7E4-F0DA-4328-9444-37B49694C78D}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{885CCE20-D2D0-418E-A684-D7183BE6F03A}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{EA57B3A8-6643-4EC8-9958-191B7015BA39}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{63D24422-F0BD-417D-B1E8-CF6972A5B421}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{785E03D9-876A-4504-8699-B3C88F6788A2}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{77F70256-B007-40A4-81B2-A97C00F0F506}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{B98762E4-1E97-46D9-88C6-D42B3DB4BF78}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{1EAD28E8-83F0-4031-A147-39D05CC7FC11}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{5B288256-58A1-446F-A369-83F9BA1276F0}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7CF04991-30DC-4C5A-8CCA-7CA75906989E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{0FC51FDA-052A-480A-BBE0-FCE7DCD3416E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{D7590519-D3F1-49B2-8B6E-E9166910CB7B}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{BFD1D46B-0E6D-49C2-BA07-DB5EC992DD4E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{5E6FAF82-21B1-4AD6-A48C-E341ABA90A39}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{716992DF-C895-43E7-A1CA-E3FB78C59ACA}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
==================== Wiederherstellungspunkte =========================
17-01-2017 17:40:45 JRT Pre-Junkware Removal
19-01-2017 13:15:36 Avira System Speedup 1.0.0
19-01-2017 13:16:11 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/19/2017 03:13:07 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv.
Kontext: Windows Anwendung
Details:
Falscher Parameter. (HRESULT : 0x80070057) (0x80070057)
Error: (01/19/2017 01:15:57 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain: CreateSharedMemory() failed.
Session ID = 1
Error: (01/19/2017 01:15:57 PM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 1
Error: (01/19/2017 01:11:02 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (01/19/2017 01:10:00 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyLpmService
CreateApplicationList: dptfFrameworkHandle is NULL.
Error: (01/19/2017 01:10:00 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmService
ConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]
Error: (01/19/2017 01:10:00 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceMain: ServiceStart() failed.
Error: (01/19/2017 01:10:00 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceStart: ConnectToDptfFrameworkDriver() failed.
Error: (01/19/2017 01:10:00 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyCriticalService
ConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]
Error: (01/19/2017 01:10:00 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyConfigTDPService
ServiceMain: ServiceStart() failed.
Systemfehler:
=============
Error: (01/19/2017 03:12:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/19/2017 01:16:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/19/2017 01:08:46 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (01/19/2017 01:08:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/19/2017 01:08:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/19/2017 01:08:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/19/2017 01:08:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "BlackBerry Link Communication Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/19/2017 01:08:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BlackBerry Device Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/19/2017 01:08:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/19/2017 01:08:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-01-11 14:21:55.135
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-10 08:10:01.950
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-07 09:28:52.157
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-05 00:58:49.397
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-05 00:50:20.220
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-05 00:32:12.912
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-05 00:02:49.162
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 23:56:35.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-04 23:53:40.418
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-08 22:44:46.179
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 8075.11 MB
Verfügbarer physikalischer RAM: 4184.48 MB
Summe virtueller Speicher: 19851.11 MB
Verfügbarer virtueller Speicher: 15151.39 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:7.67 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:121.98 GB) (Free:107.23 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FDF0BB21)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
19.01.2017, 15:40
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: Es gibt keinen Editor. Einfach das machen was in der Anleitung steht.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: |
| avira, data, gelöscht, gen, horse, laptop, log, microsoft, neu, neue, neues, recovery, seite, seiten, sekunden, spy, tool, trojan, trojan horse, trojaner, trojaner nymaim.ba, update, version, win, win32/trojandownloader.nymaim.ba, your privacy, öffnen |
Linear-Darstellung
